Hallo,
ich hab mir da was eingefangen, von dem ich nicht genau weiss was es sein soll.
Kaspersky meldet ständig, dass es xy.dll Datei desinfiziert hat.
Objektname: not-a-virus:AdWare.Win32.Linkury.a
Jemand anderes hat schon heute nachmittag anscheinend ähnliches gepostet, weshalb ich gleich mal FRST runtergeladen habe und einen Scan damit vollzog.

Über ein wenig Hilfe würde ich mich natürlch sehr freuen.

Vielen Dank und liebe Grüße.

Jürgen


FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-02-2015
Ran by jurge_000 (administrator) on DOC on 05-02-2015 20:34:05
Running from C:\Users\jurge_000\Desktop
Loaded Profiles: jurge_000 (Available profiles: jurge_000 & Administrator)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
() C:\Program Files (x86)\LPT\srpts.exe
() C:\Users\jurge_000\AppData\Local\RGMService\RGMUpdater.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Users\jurge_000\AppData\Local\RGMService\RGMLoader.exe
() C:\Program Files (x86)\LPT\srptsl.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Pokki) C:\Users\jurge_000\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe
(Smartbar) C:\Users\jurge_000\AppData\Local\Smartbar\Application\Smartbar.exe
() C:\Users\jurge_000\AppData\Roaming\Search Protection\SP.exe
() C:\Program Files (x86)\hide.me VPN\Hide.me.exe
() C:\Program Files (x86)\ProgDVB\ProgLauncher.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Pokki) C:\Users\jurge_000\AppData\Local\Pokki\Engine\HostAppService.exe
(Pokki) C:\Users\jurge_000\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe
(Pokki) C:\Users\jurge_000\AppData\Local\Pokki\Engine\HostAppService.exe
(Zhorn Software) C:\Program Files (x86)\Stickies\stickies.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
() C:\Users\jurge_000\AppData\Roaming\Mozilla\Firefox\Profiles\2ngs26er.default\extensions\adbhelper@mozilla.org\win32\adb.exe
(Pokki) C:\Users\jurge_000\AppData\Local\Pokki\Engine\StartMenuIndexer.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
() C:\Users\jurge_000\AppData\Local\LPT\srptm.exe
() C:\Users\jurge_000\AppData\Local\Smartbar\Application\Lrcnta.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7546072 2014-03-10] (Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3957816 2014-03-01] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-01] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-01] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2811120 2014-03-13] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-03-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-02-13] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [475448 2014-03-04] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [IR_SERVER] => C:\Program Files (x86)\Realtek\REALTEK DTV USB DEVICE\IR_SERVER.exe
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2015-01-28] (Hewlett-Packard)
HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\...\Run: [Pokki] => "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\...\Run: [Browser Infrastructure Helper] => C:\Users\jurge_000\AppData\Local\Smartbar\Application\Smartbar.exe [29696 2014-08-27] (Smartbar)
HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\...\Run: [Search Protection] => C:\Users\jurge_000\AppData\Roaming\Search Protection\SP.EXE [1128760 2015-01-16] ()
HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\...\Run: [Browser Extensions] => C:\Users\jurge_000\AppData\Roaming\BrowserExtensions\BEHelper.exe [544720 2015-01-06] ()
HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\...\Run: [Hide.me] => C:\Program Files (x86)\hide.me VPN\Hide.me.exe [1071768 2014-11-26] ()
HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\...\Run: [ProgLauncher] => C:\Program Files (x86)\ProgDVB\ProgLauncher.exe [381888 2014-12-14] ()
HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\...\RunOnce: [Application Restart #3] => C:\Users\jurge_000\AppData\Local\Pokki\Engine\HostAppService.exe [7846216 2015-01-31] (Pokki)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Stickies.lnk
ShortcutTarget: Stickies.lnk -> C:\Program Files (x86)\Stickies\stickies.exe (Zhorn Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT14/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT14/4
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4
HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage-web.com/?s=online&m=start
HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4
HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxjFxd-cizaAI2jzB21nZsMHDaQL65QqL22G-LRbfOUv-5ocZEeQ41DWLCioPtn85ySygYCG9-VvHDd_eLqLg44BrSH1cmfNlqO0BH-ecbOUyeb1QtqA7ksKdOmNETbzZrkOKkoD5UGjMYG_3Q70trDdj21vWRfyhfhoSA,,&q={searchTerms}
HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxjFxd-cizaAI2jzB21nZsMHDaQL65QqL22G-LRbfOUv-5ocZEeQ41DWLCioPtn85ySygYCG9-VvHDd_eLqLg44BrSH1cmfNlqO0BH-ecbOUyeb1QtqA7ksKdOmNETbzZrkOKkoD5UGjMYG_3Q70trDdj21vWRfyhfhoSA,,&q={searchTerms}
SearchScopes: HKLM -> {F6305024-E578-4006-A05F-6B1A66BAE870} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxjFxd-cizaAI2jzB21nZsMHDaQL65QqL22G-LRbfOUv-5ocZEeQ41DWLCioPtn85ySygYCG9-VvHDd_eLqLg44BrSH1cmfNlqO0BH-ecbOUyeb1QtqA7ksKdOmNETbzZrkOKkoD5UGjMYG_3Q7xqIh4b2TTenZoGX3PHQ,,&q={searchTerms}
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxjFxd-cizaAI2jzB21nZsMHDaQL65QqL22G-LRbfOUv-5ocZEeQ41DWLCioPtn85ySygYCG9-VvHDd_eLqLg44BrSH1cmfNlqO0BH-ecbOUyeb1QtqA7ksKdOmNETbzZrkOKkoD5UGjMYG_3Q7xqIh4b2TTenZoGX3PHQ,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3178874078-4208927294-2124628208-1002 -> DefaultScope {2CC11A78-ABFC-11E4-829C-A02BB859D734} URL = hxxp://search.homepage-web.com/?src=omnibox&partner=online&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3178874078-4208927294-2124628208-1002 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxjFxd-cizaAI2jzB21nZsMHDaQL65QqL22G-LRbfOUv-5ocZEeQ41DWLCioPtn85ySygYCG9-VvHDd_eLqLg44BrSH1cmfNlqO0BH-ecbOUyeb1QtqA7ksKdOmNETbzZrkOKkoD5UGjMYG_3Q70trDdj21vWRfyhfhoSA,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3178874078-4208927294-2124628208-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3178874078-4208927294-2124628208-1002 -> {2CC11A78-ABFC-11E4-829C-A02BB859D734} URL = hxxp://search.homepage-web.com/?src=omnibox&partner=online&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3178874078-4208927294-2124628208-1002 -> {C5BA03B4-C5FB-47A7-A541-30A1C674009A} URL = https://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=386496&p={searchTerms}
BHO: Yahoo Community Smartbar (by Linkury)Engine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
BHO: Browser Extensions -> {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} -> C:\Users\jurge_000\AppData\Roaming\BrowserExtensions\Coupons64.dll ()
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: Yahoo Community Smartbar (by Linkury)Engine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Browser Extensions -> {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} -> C:\Users\jurge_000\AppData\Roaming\BrowserExtensions\Coupons.dll ()
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Toolbar: HKLM - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.99.99

FireFox:
========
FF ProfilePath: C:\Users\jurge_000\AppData\Roaming\Mozilla\Firefox\Profiles\2ngs26er.default
FF SelectedSearchEngine: Web Search
FF Homepage: google.de
FF Keyword.URL: https://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=386496&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3178874078-4208927294-2124628208-1002: pokki.com/PokkiDownloadHelper -> C:\Users\jurge_000\AppData\Local\Pokki\Download Helper\npPokkiDownloadHelper.1.2.0.78.dll (Pokki)
FF SearchPlugin: C:\Users\jurge_000\AppData\Roaming\Mozilla\Firefox\Profiles\2ngs26er.default\searchplugins\yahoo_ff.xml
FF Extension: ADB Helper - C:\Users\jurge_000\AppData\Roaming\Mozilla\Firefox\Profiles\2ngs26er.default\Extensions\adbhelper@mozilla.org [2014-12-22]
FF Extension: Adblock Plus - C:\Users\jurge_000\AppData\Roaming\Mozilla\Firefox\Profiles\2ngs26er.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-30]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [140288 2014-03-15] () [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-03-15] (Advanced Micro Devices, Inc.) [File not signed]
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [88064 2014-03-05] () [File not signed]
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-28] (WildTangent)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-01-13] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [469304 2014-03-04] (Hewlett-Packard Development Company, L.P.)
R2 LPTSystemUpdater; C:\Program Files (x86)\LPT\srpts.exe [34304 2014-08-27] () <==== ATTENTION
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-01] (Softex Inc.) [File not signed]
R2 RGMUpdater; C:\Users\jurge_000\AppData\Local\RGMService\RGMUpdater.exe [28160 2014-10-27] () [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [190704 2014-03-13] (Synaptics Incorporated)
R2 tbaseprovisioning; C:\Windows\SysWOW64\tbaseprovisioning.exe [51712 2014-02-25] (Advanced Micro Devices, Inc.)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-08-26] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17640 2013-10-24] (Advanced Micro Devices, INC.)
S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [85704 2014-02-25] (Advanced Micro Devices, Inc. )
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-14] (Advanced Micro Devices, Inc.)
R0 amdpsp; C:\Windows\System32\DRIVERS\amdpsp.sys [230088 2014-02-25] (Advanced Micro Devices, Inc. )
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2013-12-20] (Advanced Micro Devices)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [131584 2013-08-22] (Microsoft Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-04-21] (Microsoft Corporation)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [113280 2010-02-03] (ITE                      )
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-09-13] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29792 2014-09-13] (Kaspersky Lab)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [115296 2014-09-13] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625760 2014-09-13] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2014-09-13] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [65120 2014-09-13] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178272 2014-09-13] (Kaspersky Lab ZAO)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [291544 2014-01-04] (Realtek Semiconductor Corp.)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [558296 2014-01-06] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3379416 2014-03-22] (Realtek Semiconductor Corporation                           )
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [30448 2014-03-13] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [31472 2014-03-13] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
S3 GENERICDRV; \??\C:\swsetup\sp67235\amifldrv64.sys [X]
U3 McAPExe; No ImagePath
U3 McMPFSvc; No ImagePath
U3 McNaiAnn; No ImagePath
U3 mcpltsvc; No ImagePath
U3 McProxy; No ImagePath
U3 mfecore; No ImagePath
U3 MSK80Service; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-05 20:34 - 2015-02-05 20:34 - 00023278 _____ () C:\Users\jurge_000\Desktop\FRST.txt
2015-02-05 20:33 - 2015-02-05 20:34 - 00000000 ____D () C:\FRST
2015-02-05 20:31 - 2015-02-05 20:31 - 02131968 _____ (Farbar) C:\Users\jurge_000\Desktop\FRST64.exe
2015-02-05 13:40 - 2015-02-05 13:40 - 00326104 _____ () C:\WINDOWS\Minidump\020515-26484-01.dmp
2015-02-03 20:40 - 2015-02-03 20:41 - 00326104 _____ () C:\WINDOWS\Minidump\020315-27343-01.dmp
2015-02-03 17:42 - 2015-02-03 17:42 - 00326048 _____ () C:\WINDOWS\Minidump\020315-29312-01.dmp
2015-01-29 22:50 - 2015-01-29 22:50 - 00001014 _____ () C:\Users\jurge_000\Desktop\TinyPic.lnk
2015-01-29 22:50 - 2015-01-29 22:50 - 00000000 ____D () C:\Program Files (x86)\Tinypic
2015-01-28 22:01 - 2015-01-28 22:01 - 00000000 ____D () C:\Program Files (x86)\Lame For Audacity
2015-01-27 23:05 - 2015-01-28 22:03 - 00000000 ____D () C:\Users\jurge_000\AppData\Roaming\Audacity
2015-01-27 23:04 - 2015-01-27 23:04 - 00001042 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2015-01-27 23:04 - 2015-01-27 23:04 - 00001030 _____ () C:\Users\Public\Desktop\Audacity.lnk
2015-01-27 23:04 - 2015-01-27 23:04 - 00000000 ____D () C:\Program Files (x86)\Audacity
2015-01-27 14:19 - 2015-01-27 14:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-27 00:19 - 2014-12-06 07:43 - 14489797 _____ () C:\Users\jurge_000\Desktop\Wie Sie mehr fotografieren und weniger knipsen - Thomas Stephan.epub
2015-01-25 21:10 - 2015-01-25 21:10 - 00326048 _____ () C:\WINDOWS\Minidump\012515-24062-01.dmp
2015-01-24 23:07 - 2015-01-24 23:07 - 00326104 _____ () C:\WINDOWS\Minidump\012415-21953-01.dmp
2015-01-24 21:47 - 2015-01-24 21:48 - 00326048 _____ () C:\WINDOWS\Minidump\012415-26687-01.dmp
2015-01-22 10:19 - 2015-01-22 10:19 - 00000000 ____D () C:\Users\jurge_000\Desktop\HUK
2015-01-22 10:16 - 2015-01-22 10:16 - 00000472 _____ () C:\Users\jurge_000\Desktop\Volume (F) - Verknüpfung.lnk
2015-01-21 00:39 - 2015-01-21 00:39 - 00326160 _____ () C:\WINDOWS\Minidump\012115-29281-01.dmp
2015-01-18 11:36 - 2015-01-18 11:36 - 00001110 _____ () C:\Users\Public\Desktop\Terminplaner .Net.lnk
2015-01-18 11:36 - 2015-01-18 11:36 - 00000000 ____D () C:\Users\jurge_000\AppData\Roaming\RDecke
2015-01-18 11:36 - 2015-01-18 11:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Terminplaner.NET
2015-01-18 11:36 - 2015-01-18 11:36 - 00000000 ____D () C:\Program Files (x86)\Terminplaner.NET
2015-01-18 11:35 - 2015-01-18 11:34 - 04718515 _____ (Ronny Decke ) C:\Users\jurge_000\Downloads\setup_CB-DL-Manager [1].exe
2015-01-16 21:45 - 2015-02-04 00:27 - 00000000 ____D () C:\Users\jurge_000\AppData\Roaming\stickies
2015-01-16 21:45 - 2015-01-16 21:45 - 00000667 _____ () C:\WINDOWS\uninstallstickies.bat
2015-01-16 21:45 - 2015-01-16 21:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stickies
2015-01-16 21:45 - 2015-01-16 21:45 - 00000000 ____D () C:\Program Files (x86)\Stickies
2015-01-15 22:02 - 2015-01-15 22:02 - 00460040 _____ () C:\Users\jurge_000\Desktop\Unbenannt 1.odt
2015-01-15 09:54 - 2015-01-15 09:54 - 00000000 ___HD () C:\Users\jurge_000\Desktop\.picasaoriginals
2015-01-14 22:32 - 2015-01-15 11:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-01-14 22:00 - 2015-01-14 22:00 - 00001429 _____ () C:\Users\jurge_000\Desktop\bp - Verknüpfung.lnk
2015-01-14 11:47 - 2015-01-14 11:47 - 00001860 _____ () C:\Users\jurge_000\Desktop\PTEditor - Verknüpfung.lnk
2015-01-14 11:42 - 2015-01-14 11:42 - 00000000 ____D () C:\Users\jurge_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Power Tab Software
2015-01-14 11:42 - 2015-01-14 11:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Power Tab Software
2015-01-14 11:42 - 2015-01-14 11:42 - 00000000 ____D () C:\Program Files (x86)\Power Tab Software
2015-01-14 11:39 - 2015-01-14 11:39 - 05917258 _____ () C:\Users\jurge_000\Downloads\powertab1.7.zip
2015-01-14 08:53 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-01-14 08:53 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-01-14 08:53 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-01-14 08:53 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-01-14 08:53 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-01-14 08:53 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-01-14 08:53 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-01-14 08:53 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-01-14 08:53 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-01-14 08:53 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-01-14 08:53 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-01-14 08:53 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-01-14 08:53 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-01-14 08:53 - 2014-10-29 05:00 - 00465320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2015-01-14 08:53 - 2014-10-29 05:00 - 00139984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2015-01-14 08:53 - 2014-10-29 04:52 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-01-14 08:53 - 2014-10-29 04:52 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-01-14 08:53 - 2014-10-29 04:52 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-01-14 08:53 - 2014-10-29 04:52 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-01-14 08:53 - 2014-10-29 04:12 - 00413136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2015-01-14 08:53 - 2014-10-29 04:12 - 00136296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2015-01-14 08:53 - 2014-10-29 04:07 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-01-14 08:53 - 2014-10-29 04:07 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-01-14 08:53 - 2014-10-29 04:07 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-01-14 08:53 - 2014-10-29 03:44 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2015-01-14 08:53 - 2014-10-29 02:59 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2015-01-14 08:53 - 2014-10-29 02:02 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-01-14 08:52 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-01-14 08:52 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-01-14 08:52 - 2014-10-29 02:24 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2015-01-14 08:52 - 2014-10-29 02:01 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2015-01-07 23:38 - 2015-01-07 23:38 - 00326160 _____ () C:\WINDOWS\Minidump\010715-23000-01.dmp
2015-01-07 23:01 - 2015-01-07 23:01 - 00326160 _____ () C:\WINDOWS\Minidump\010715-28203-01.dmp
2015-01-07 11:21 - 2015-01-07 11:21 - 00000000 ____D () C:\Users\jurge_000\AppData\Roaming\Guitar Pro 6
2015-01-07 11:21 - 2015-01-07 11:21 - 00000000 ____D () C:\ProgramData\Guitar Pro 6
2015-01-07 11:20 - 2015-01-07 11:20 - 00000991 _____ () C:\Users\Public\Desktop\Guitar Pro 6.lnk
2015-01-07 11:20 - 2015-01-07 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guitar Pro 6
2015-01-07 11:19 - 2015-01-07 11:20 - 00000000 ____D () C:\Program Files (x86)\Guitar Pro 6
2015-01-07 09:21 - 2015-01-07 09:21 - 00309776 _____ () C:\WINDOWS\Minidump\010715-24203-01.dmp
2015-01-07 08:59 - 2015-01-07 08:59 - 00305680 _____ () C:\WINDOWS\Minidump\010715-23218-01.dmp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-05 20:32 - 2014-09-04 22:35 - 00000000 ____D () C:\Users\jurge_000\AppData\Local\Pokki
2015-02-05 20:29 - 2014-09-27 08:01 - 00003178 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForjurge_000
2015-02-05 20:29 - 2014-09-27 08:01 - 00000356 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForjurge_000.job
2015-02-05 20:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-02-05 20:23 - 2014-12-30 09:22 - 01693278 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-05 20:17 - 2014-09-12 21:44 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-02-05 20:08 - 2013-08-22 16:20 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-02-05 20:06 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-05 13:54 - 2014-09-04 22:49 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3178874078-4208927294-2124628208-1002
2015-02-05 13:42 - 2014-09-04 23:07 - 00002305 _____ () C:\Users\jurge_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-02-05 13:42 - 2014-08-28 11:52 - 00000000 ___DO () C:\Users\jurge_000\OneDrive
2015-02-05 13:41 - 2014-12-23 21:19 - 00000000 ____D () C:\Users\jurge_000\AppData\Local\RGMService
2015-02-05 13:41 - 2014-11-29 22:43 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-02-05 13:41 - 2014-05-12 12:05 - 02200258 _____ () C:\WINDOWS\SysWOW64\rootpa.e2e
2015-02-05 13:40 - 2014-12-30 09:23 - 00013853 _____ () C:\WINDOWS\setupact.log
2015-02-05 13:40 - 2014-12-29 23:52 - 534231311 _____ () C:\WINDOWS\MEMORY.DMP
2015-02-05 13:40 - 2014-10-06 21:27 - 00000000 ____D () C:\WINDOWS\Minidump
2015-02-05 13:40 - 2014-09-04 22:35 - 00000000 ____D () C:\Users\jurge_000
2015-02-05 13:40 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-04 22:41 - 2014-11-29 22:43 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-02-03 17:43 - 2014-12-28 22:36 - 00000000 ____D () C:\Users\jurge_000\AppData\Roaming\BrowserExtensions
2015-02-03 17:41 - 2014-09-04 23:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-03 09:45 - 2014-04-22 00:14 - 00800954 _____ () C:\WINDOWS\system32\perfh007.dat
2015-02-03 09:45 - 2014-04-22 00:14 - 00174458 _____ () C:\WINDOWS\system32\perfc007.dat
2015-02-03 09:45 - 2013-08-26 07:09 - 01921090 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-02 01:04 - 2014-09-05 21:03 - 00000000 ____D () C:\Users\jurge_000\AppData\Roaming\vlc
2015-01-30 19:24 - 2014-10-03 19:18 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2015-01-30 19:24 - 2014-09-26 21:01 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2015-01-28 01:31 - 2014-08-28 16:23 - 00000000 ____D () C:\Users\jurge_000\Documents\Calibre-Bibliothek
2015-01-27 18:43 - 2014-05-12 11:51 - 00065536 _____ () C:\WINDOWS\system32\spu_storage.bin
2015-01-27 18:43 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-26 20:35 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2015-01-24 21:20 - 2014-09-08 10:46 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-01-24 21:20 - 2014-09-08 10:46 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-24 20:42 - 2014-12-23 21:25 - 00000000 ____D () C:\Users\jurge_000\AppData\Local\Windows Live
2015-01-17 20:56 - 2013-08-22 15:44 - 00379016 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-01-17 20:55 - 2014-12-23 23:09 - 00000000 ____D () C:\Program Files (x86)\DivX
2015-01-16 22:39 - 2014-09-07 23:34 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-16 21:56 - 2014-09-07 23:34 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-01-15 09:28 - 2014-12-23 21:02 - 00000000 ____D () C:\Users\jurge_000\AppData\Roaming\DVD Flick
2015-01-14 22:08 - 2014-12-23 23:08 - 00000000 ____D () C:\ProgramData\DivX
2015-01-14 11:44 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help
2015-01-07 23:07 - 2014-09-16 22:19 - 00000000 ____D () C:\Users\jurge_000\AppData\Local\Adobe

==================== Files in the root of some directories =======

2014-12-23 21:07 - 2014-12-23 21:07 - 0092702 _____ () C:\Users\jurge_000\AppData\Local\349311A3_stp.CIS
2014-12-23 21:07 - 2014-12-23 21:07 - 0000289 _____ () C:\Users\jurge_000\AppData\Local\349311A3_stp.CIS.part
2014-12-23 21:07 - 2014-12-23 21:07 - 0000000 _____ () C:\Users\jurge_000\AppData\Local\5BFEE0EB_stp.EXE
2014-12-23 21:08 - 2014-12-23 21:08 - 0000203 _____ () C:\Users\jurge_000\AppData\Local\5BFEE0EB_stp.EXE.part
2014-12-23 21:07 - 2014-12-23 21:08 - 0178814 _____ () C:\Users\jurge_000\AppData\Local\6AD0D82B_stp.CIS
2014-12-23 21:08 - 2014-12-23 21:08 - 0000238 _____ () C:\Users\jurge_000\AppData\Local\6AD0D82B_stp.CIS.part
2014-12-23 23:22 - 2014-12-23 23:22 - 0007680 _____ () C:\Users\jurge_000\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-28 22:59 - 2014-09-28 22:59 - 0002063 _____ () C:\Users\jurge_000\AppData\Local\recently-used.xbel
2014-09-18 08:32 - 2014-09-18 08:32 - 0001534 _____ () C:\ProgramData\ss.ini

Some content of TEMP:
====================
C:\Users\jurge_000\AppData\Local\Temp\-meblazn.dll
C:\Users\jurge_000\AppData\Local\Temp\0hgn9bp4.dll
C:\Users\jurge_000\AppData\Local\Temp\2cvjg2ui.dll
C:\Users\jurge_000\AppData\Local\Temp\6utolcnp.dll
C:\Users\jurge_000\AppData\Local\Temp\73celdui.dll
C:\Users\jurge_000\AppData\Local\Temp\75crf8bq.dll
C:\Users\jurge_000\AppData\Local\Temp\bfntpetm.dll
C:\Users\jurge_000\AppData\Local\Temp\bswjrtpw.dll
C:\Users\jurge_000\AppData\Local\Temp\ceaqyslu.dll
C:\Users\jurge_000\AppData\Local\Temp\e-mlvuyr.dll
C:\Users\jurge_000\AppData\Local\Temp\e6jz9of_.dll
C:\Users\jurge_000\AppData\Local\Temp\f0hameyt.dll
C:\Users\jurge_000\AppData\Local\Temp\fddto3ya.dll
C:\Users\jurge_000\AppData\Local\Temp\kgltleq3.dll
C:\Users\jurge_000\AppData\Local\Temp\kszb4xaf.dll
C:\Users\jurge_000\AppData\Local\Temp\lnztk08r.dll
C:\Users\jurge_000\AppData\Local\Temp\mkbvhnur.dll
C:\Users\jurge_000\AppData\Local\Temp\ndpkfgcn.dll
C:\Users\jurge_000\AppData\Local\Temp\nywbxm0o.dll
C:\Users\jurge_000\AppData\Local\Temp\o3sbkbok.dll
C:\Users\jurge_000\AppData\Local\Temp\oct7F93.tmp.exe
C:\Users\jurge_000\AppData\Local\Temp\octA4B3.tmp.exe
C:\Users\jurge_000\AppData\Local\Temp\octBDA5.tmp.exe
C:\Users\jurge_000\AppData\Local\Temp\p077xjfc.dll
C:\Users\jurge_000\AppData\Local\Temp\pg93yw8i.dll
C:\Users\jurge_000\AppData\Local\Temp\qj-iiie1.dll
C:\Users\jurge_000\AppData\Local\Temp\SearchProtectionSetup.exe
C:\Users\jurge_000\AppData\Local\Temp\sltr_ugu.dll
C:\Users\jurge_000\AppData\Local\Temp\uadakbsc.dll
C:\Users\jurge_000\AppData\Local\Temp\ule4l8cl.dll
C:\Users\jurge_000\AppData\Local\Temp\upkx7dkr.dll
C:\Users\jurge_000\AppData\Local\Temp\v53idcfd.dll
C:\Users\jurge_000\AppData\Local\Temp\xk9w7_gr.dll
C:\Users\jurge_000\AppData\Local\Temp\yntr8xkm.dll
C:\Users\jurge_000\AppData\Local\Temp\zna2d3-v.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-29 23:32

==================== End Of Log ============================
         

--- --- ---

--- --- ---

--- --- ---

--- --- ---

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-02-2015
Ran by jurge_000 at 2015-02-05 20:35:54
Running from C:\Users\jurge_000\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Anti-Virus (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adblock Plus für IE (32-Bit- und 64-Bit) (HKLM\...\{123A22CB-6D84-4135-A71F-886C9119E996}) (Version: 99.9 - Eyeo GmbH)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{C3E5B3AF-12F2-9E42-B493-9490DC745953}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
BestPractice (remove only) (HKLM-x32\...\BestPractice) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Browser Extensions (HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\...\{3A787631-66A2-4634-B928-A37E73B58FB6}) (Version: 2.6 - Spigot, Inc.) <==== ATTENTION
Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden
Building the Great Wall of China Collector's Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden
calibre (HKLM-x32\...\{AB116F72-C91A-40F2-A25A-949B5D065EBB}) (Version: 2.3.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
ClearProg 1.6.1 Beta 7 (HKLM-x32\...\ClearProg) (Version: 1.6.1 Beta 7 - Sven Hoffman)
Crazy Chicken Soccer (x32 Version: 2.2.0.110 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Drakensang Online (HKLM-x32\...\Drakensang Online) (Version:  - )
DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
DVDStyler v2.8 (HKLM-x32\...\DVDStyler_is1) (Version:  - )
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
FreeRIP MP3 Converter 4.5.3 (HKLM-x32\...\{501451DE-5808-4599-B544-8BD0915B6B24}_is1) (Version: 4.5.3 - GreenTree Applications SRL)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Guitar Pro 6 (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version:  - Arobas Music)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
hide.me VPN Version 1.0.5 (HKLM-x32\...\{0E00BDA5-7998-4889-BE4B-39A4BBD2EDFB}_is1) (Version: 1.0.5 - eVenture Limited)
Host App Service (HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\...\Pokki) (Version: 0.269.5.460 - Pokki)
HP 3D DriveGuard (HKLM-x32\...\{F90A86C9-7779-47DD-AC06-8EE832C55F55}) (Version: 6.0.18.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{E2C8D0C2-1C97-4C05-939A-5B13A0FE655C}) (Version: 2.20.31 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{082B1425-0F24-43FA-9B64-E8F617B0AD3B}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7493.4758 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.08 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{8C696B4B-6AB1-44BC-9416-96EAC474CABE}) (Version: 7.5.2.12 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{E9FA2CA2-B7B2-43E6-8449-A1618B042EAE}) (Version: 1.1.3 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{B7B82520-8ECE-4743-BFD7-93B16C64B277}) (Version: 2.4.2 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Inst5675 (Version: 8.01.08 - Softex Inc.) Hidden
Inst5676 (Version: 8.01.08 - Softex Inc.) Hidden
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LPT System Updater Service (x32 Version: 1.0.0.0 - LPT) Hidden <==== ATTENTION
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.2 - Mozilla)
Mozilla Thunderbird 31.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.4.0 (x86 de)) (Version: 31.4.0 - Mozilla)
MuseScore 1.3 (HKLM-x32\...\MuseScore) (Version: 1.3.0 - Werner Schweer and Others)
Naviextras Toolbox Prerequesities (HKLM-x32\...\{537575D6-3B96-474C-BD8F-DFF667363DBD}) (Version: 1.0.0 - NNG Llc.)
OEM Application Profile (HKLM-x32\...\{315F1A48-D883-B234-7C79-15873574ACC1}) (Version: 1.00.0000 - Ihr Firmenname)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.51 - WildTangent) Hidden
Pokki Download Helper (HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\...\PokkiDownloadHelper) (Version: 1.3.1.282 - Pokki)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Power Tab Editor 1.7 (HKLM-x32\...\{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}) (Version: 1.7.0 - Power Tab Software)
ProgDVB (HKLM-x32\...\ProgDVB) (Version: 7.x - Prog)
Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.6 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.)
REALTEK DTV USB DEVICE (HKLM-x32\...\{DDBB7C89-1A09-441E-AA0F-6AA465755C17}) (Version: 1.00.0000 - Realtek)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7195 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.00.13.1216 - REALTEK Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung Universal Print Driver 2 (HKLM-x32\...\Samsung Universal Print Driver 2) (Version: 2.50.05.00 - Samsung Electronics Co., Ltd.)
Search Protection (HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\...\Search Protection) (Version: 10.8.0.1 - Spigot, Inc.) <==== ATTENTION
Startmenü (HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\...\Pokki_Start_Menu) (Version: 0.269.5.460 - Pokki)
Stickies 8.0b (HKLM-x32\...\ZhornStickies) (Version:  - Zhorn Software)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.5.2 - Synaptics Incorporated)
Terminplaner .Net (HKLM-x32\...\{AFC4FEEE-6E08-4CC9-815E-5CEDF2C15E2E}_is1) (Version:  - Ronny Decke)
Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
Torchlight 2 (HKLM-x32\...\{049FF5E4-EB02-4c42-8DB0-226E2F7A9E53}) (Version: 1.9.2.1 - )
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
UnderCoverXP 1.23 (HKLM-x32\...\UnderCoverXP_is1) (Version:  - Wicked & Wild Inc.)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden
VirtualDJ 8 (HKLM-x32\...\{9ADBBA93-4625-4898-BB0D-BCE7EA9F8B4A}) (Version: 8.0.0 - Atomix Productions)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Warhammer 40,000: Dawn Of War - Gold Edition (HKLM-x32\...\{D0B36BAF-3E9D-423E-8821-ED238C18DB0A}) (Version: 1.51 - THQ)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App für HP (x32 Version: 4.0.11.2 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Youda Jewel Shop (x32 Version: 3.0.2.51 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

28-01-2015 23:14:09 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1E5F545C-3E53-4CA6-B6DD-F9468D990F15} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {2595D899-3540-46DF-9B78-8F72E3C1BB4A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)
Task: {366065F9-548E-4649-A41D-CE201FCA2E2A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-01-16] (Microsoft Corporation)
Task: {5E9E3CCA-3E56-426D-869F-2887A3F1CFBF} - System32\Tasks\arp_flush => C:\Program Files (x86)\hide.me VPN\FlushArpCache.exe [2014-11-26] ()
Task: {72535254-1F4B-4441-8985-5D973E0A9A7C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {748AFF38-E65C-433E-ABBF-1B96A97DE684} - System32\Tasks\HPCeeScheduleForjurge_000 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {7605FDD8-C91D-46F6-B3D4-B8B886B65688} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-01-21] (Hewlett-Packard)
Task: {783FB339-C2A9-4C97-9225-8886277D380D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)
Task: {7BFA62DA-E2B5-4499-BDE4-6596E6DBB0AA} - System32\Tasks\Chrome => C:\Users\jurge_000\AppData\Local\Temp\Rau\PackerV2.exe <==== ATTENTION
Task: {7DC3868F-F8C4-48C3-BBE6-712B4ACFBBC1} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-11-01] (Hewlett-Packard Development Company, L.P.)
Task: {AE65EE86-DE40-4F81-9EF9-97F606D399EB} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
Task: {CBCBF33A-327C-4E89-9654-A454F3F17EC2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {D61F64F2-D634-494C-8ADB-4A8DB675B301} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-01-21] (Hewlett-Packard)
Task: {E8AD23A2-1FC5-4477-8255-3438445694AD} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForjurge_000.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) ==============

2014-03-01 17:38 - 2014-03-01 17:38 - 02110464 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-03-01 17:34 - 2014-03-01 17:34 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-03-01 17:34 - 2014-03-01 17:34 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2014-03-01 17:34 - 2014-03-01 17:34 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-03-01 17:52 - 2014-03-01 17:52 - 00367504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-03-01 17:52 - 2014-03-01 17:52 - 00712592 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2008-09-09 10:22 - 2008-09-09 10:22 - 00022016 _____ () C:\WINDOWS\System32\sst1cl6.dll
2014-09-09 20:46 - 2014-04-16 09:22 - 00029184 _____ () C:\WINDOWS\System32\usp01l.dll
2014-03-15 01:21 - 2014-03-15 01:21 - 00140288 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2014-03-15 01:20 - 2014-03-15 01:20 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-05-12 12:00 - 2014-03-05 17:09 - 00088064 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2014-08-27 15:24 - 2014-08-27 15:24 - 00034304 _____ () C:\Program Files (x86)\LPT\srpts.exe
2014-10-27 16:04 - 2014-10-27 16:04 - 00028160 _____ () C:\Users\jurge_000\AppData\Local\RGMService\RGMUpdater.exe
2014-12-01 17:01 - 2014-12-01 17:01 - 00974848 _____ () C:\Users\jurge_000\AppData\Local\RGMService\RGMLoader.exe
2014-08-27 15:24 - 2014-08-27 15:29 - 00036352 _____ () C:\Program Files (x86)\LPT\srptsl.exe
2014-03-01 17:41 - 2014-03-01 17:41 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2015-01-16 10:30 - 2015-01-16 10:30 - 01128760 _____ () C:\Users\jurge_000\AppData\Roaming\Search Protection\SP.exe
2014-12-30 00:07 - 2014-11-26 11:40 - 01071768 _____ () C:\Program Files (x86)\hide.me VPN\Hide.me.exe
2014-12-14 12:07 - 2014-12-14 12:07 - 00381888 _____ () C:\Program Files (x86)\ProgDVB\ProgLauncher.exe
2014-09-25 19:44 - 2014-09-25 19:44 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-12-22 08:18 - 2014-12-22 08:18 - 00818176 _____ () C:\Users\jurge_000\AppData\Roaming\Mozilla\Firefox\Profiles\2ngs26er.default\extensions\adbhelper@mozilla.org\win32\adb.exe
2014-08-27 15:29 - 2014-08-27 15:29 - 00024576 _____ () C:\Users\jurge_000\AppData\Local\LPT\srptm.exe
2014-08-27 15:28 - 2014-08-27 15:28 - 00025088 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\Lrcnta.exe
2013-06-17 11:35 - 2013-06-17 11:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\dblite.dll
2013-05-08 13:52 - 2013-05-08 13:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\kpcengine.2.3.dll
2014-08-27 15:24 - 2014-08-27 15:29 - 00044032 _____ () C:\Program Files (x86)\LPT\srptc.dll
2014-08-27 15:23 - 2014-08-27 15:28 - 00018944 _____ () C:\Program Files (x86)\LPT\Smartbar.Common.dll
2014-12-01 17:01 - 2014-12-01 17:01 - 01686016 _____ () C:\Users\jurge_000\AppData\Local\RGMService\RGMHost.dll
2014-12-01 17:01 - 2014-12-01 17:01 - 02745856 _____ () C:\Users\jurge_000\AppData\Local\RGMService\MonetizationToolsManager.dll
2014-12-01 17:02 - 2014-12-01 17:02 - 01592832 _____ () C:\Users\jurge_000\AppData\Local\RGMService\ProtectorsManager.dll
2014-08-27 15:24 - 2014-08-27 15:29 - 00071680 _____ () C:\Program Files (x86)\LPT\srut.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00052224 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00087552 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\srau.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00167424 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 02426880 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00068608 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\spbl.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00160256 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-08-27 15:28 - 2014-08-27 15:28 - 00015872 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\siem.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00069120 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\sppsm.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00698368 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00016384 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00080384 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00028672 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00071680 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\srut.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00031232 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\srsbs.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00075264 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\smsp.dll
2014-08-27 15:28 - 2014-08-27 15:28 - 00011776 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\sidc.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00032256 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\smtu.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00040448 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\smta.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00032768 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\srom.dll
2014-08-27 15:28 - 2014-08-27 15:28 - 00025600 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\sgml.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00152064 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\smti.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00063488 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00026624 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\srpdm.dll
2014-08-27 15:28 - 2014-08-27 15:28 - 00045056 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2014-08-27 15:24 - 2014-08-27 15:24 - 00026624 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00036864 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00257024 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\srns.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00049152 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\srbu.dll
2014-12-30 00:07 - 2014-11-26 11:34 - 00102400 _____ () C:\Program Files (x86)\hide.me VPN\de-DE\Hide.me.resources.dll
2015-01-27 14:19 - 2015-01-27 14:19 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2015-01-04 05:06 - 2015-01-04 05:06 - 00569856 _____ () C:\Users\jurge_000\AppData\Local\Pokki\Engine\ppGoogleNaClPluginChrome.dll
2015-01-04 05:06 - 2015-01-04 05:06 - 01400846 _____ () C:\Users\jurge_000\AppData\Local\Pokki\Engine\avcodec-54.dll
2015-01-04 05:06 - 2015-01-04 05:06 - 00151054 _____ () C:\Users\jurge_000\AppData\Local\Pokki\Engine\avutil-51.dll
2015-01-04 05:06 - 2015-01-04 05:06 - 00222734 _____ () C:\Users\jurge_000\AppData\Local\Pokki\Engine\avformat-54.dll
2015-01-14 22:32 - 2015-01-14 22:32 - 03347056 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2015-01-14 22:32 - 2015-01-14 22:32 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-01-14 22:32 - 2015-01-14 22:32 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00083968 _____ () C:\Users\jurge_000\AppData\Local\LPT\srpt.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00044032 _____ () C:\Users\jurge_000\AppData\Local\LPT\srptc.dll
2014-08-27 15:28 - 2014-08-27 15:28 - 00018944 _____ () C:\Users\jurge_000\AppData\Local\LPT\Smartbar.Common.dll
2014-08-27 15:28 - 2014-08-27 15:28 - 00034816 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\lrcnt.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData:gs5sys
AlternateDataStreams: C:\Users\jurge_000:gs5sys
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\ProgramData\Temp:10894A2E
AlternateDataStreams: C:\ProgramData\Vorlagen:gs5sys
AlternateDataStreams: C:\Users\jurge_000\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\Users\jurge_000\Cookies:gs5sys
AlternateDataStreams: C:\Users\jurge_000\Lokale Einstellungen:gs5sys
AlternateDataStreams: C:\Users\jurge_000\OneDrive:ms-properties
AlternateDataStreams: C:\Users\jurge_000\Vorlagen:gs5sys
AlternateDataStreams: C:\Users\jurge_000\Desktop\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\jurge_000\AppData\Local:gs5sys
AlternateDataStreams: C:\Users\jurge_000\AppData\Roaming:gs5sys
AlternateDataStreams: C:\Users\jurge_000\AppData\Local\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\Users\jurge_000\AppData\Local\Verlauf:gs5sys
AlternateDataStreams: C:\Users\jurge_000\Documents\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Registry Areas =====================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\jurge_000\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-3178874078-4208927294-2124628208-500 - Administrator - Disabled) => C:\Users\Administrator
Gast (S-1-5-21-3178874078-4208927294-2124628208-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3178874078-4208927294-2124628208-1004 - Limited - Enabled)
jurge_000 (S-1-5-21-3178874078-4208927294-2124628208-1002 - Administrator - Enabled) => C:\Users\jurge_000

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/05/2015 08:31:49 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Error: (02/05/2015 08:06:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 20605250

Error: (02/05/2015 08:06:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 20605250

Error: (02/05/2015 08:06:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/05/2015 08:06:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 20603562

Error: (02/05/2015 08:06:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 20603562

Error: (02/05/2015 08:06:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/05/2015 02:22:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4781

Error: (02/05/2015 02:22:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4781

Error: (02/05/2015 02:22:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (02/05/2015 01:39:58 PM) (Source: Microsoft-Windows-HAL) (EventID: 13) (User: NT-AUTORITÄT)
Description: Der Systemüberwachungszeitgeber wurde ausgelöst.

Error: (02/05/2015 01:40:27 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000007e (0xffffffffc0000005, 0xfffff80134999efb, 0xffffd000203e4128, 0xffffd000203e3930)C:\WINDOWS\MEMORY.DMP020515-26484-01

Error: (02/05/2015 01:40:26 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎05.‎02.‎2015 um 11:57:32 unerwartet heruntergefahren.

Error: (02/04/2015 00:24:50 AM) (Source: DCOM) (EventID: 10010) (User: DOC)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (02/04/2015 00:24:50 AM) (Source: DCOM) (EventID: 10010) (User: DOC)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (02/04/2015 00:24:46 AM) (Source: DCOM) (EventID: 10010) (User: DOC)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (02/03/2015 08:41:03 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000007e (0xffffffffc0000005, 0xfffff8008dd6cefb, 0xffffd0006c4aa128, 0xffffd0006c4a9930)C:\WINDOWS\MEMORY.DMP020315-27343-01

Error: (02/03/2015 08:41:02 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎03.‎02.‎2015 um 19:49:48 unerwartet heruntergefahren.

Error: (02/03/2015 05:41:39 PM) (Source: Microsoft-Windows-HAL) (EventID: 13) (User: NT-AUTORITÄT)
Description: Der Systemüberwachungszeitgeber wurde ausgelöst.

Error: (02/03/2015 05:42:11 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000019 (0x000000000000000d, 0xffffe000341f9e5f, 0xd08d195661e3f769, 0x91d08d195661e3c8)C:\WINDOWS\MEMORY.DMP020315-29312-01


Microsoft Office Sessions:
=========================
Error: (02/05/2015 08:31:49 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Users\jurge_000\AppData\Local\Pokki\Engine\HostAppService.exe

Error: (02/05/2015 08:06:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 20605250

Error: (02/05/2015 08:06:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 20605250

Error: (02/05/2015 08:06:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/05/2015 08:06:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 20603562

Error: (02/05/2015 08:06:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 20603562

Error: (02/05/2015 08:06:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/05/2015 02:22:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4781

Error: (02/05/2015 02:22:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4781

Error: (02/05/2015 02:22:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


==================== Memory info =========================== 

Processor: AMD A8-6410 APU with AMD Radeon R5 Graphics 
Percentage of memory in use: 67%
Total physical RAM: 3519.68 MB
Available physical RAM: 1133.63 MB
Total Pagefile: 7103.68 MB
Available Pagefile: 3975.96 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:71.31 GB) (Free:27.95 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:22.33 GB) (Free:2.2 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (Volume) (Fixed) (Total:346.68 GB) (Free:143.64 GB) NTFS
Drive g: (Volume) (Fixed) (Total:24.41 GB) (Free:20.02 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 55152BDD)

Partition: GPT Partition Type.

==================== End Of Log ============================
         

Hallo und

(edit: thx to Jürgen )

Lade Dir bitte von hier Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

• Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
• Klicke auf Optionen und wähle als Sprache Deutsch.
• Suche im Uninstallerfeld nach den Programmen:
  
  Browser Extensions
  LPT System Updater Service
  Search Protection
  
  
• Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
• Wähle anschließend den Modus "Moderat" aus.
  
• Reste löschen:
  Klicke auf dann auf und dann auf .

 

Danach:


Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!

1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner auf deinen Desktop.

• Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
• Starte die AdwCleaner.exe mit einem Doppelklick.
• Stimme den Nutzungsbedingungen zu.
• Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
  • "Tracing" Schlüssel löschen
  • Winsock Einstellungen zurücksetzen
  • Proxy Einstellungen zurücksetzen
  • Internet Explorer Richtlinien zurücksetzen
  • Chrome Richtlinien zurücksetzen
  • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
• Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
• Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
• Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
• Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

• Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
• Drücke eine beliebige Taste, um das Tool zu starten.
• Je nach System kann der Scan eine Weile dauern.
• Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
• Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

• Starte jetzt FRST.
• Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
• Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
• Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Oh, vielen lieben Dank, des geht ja schnell!

Code: Alles auswählenAufklappen

ATTFilter

# AdwCleaner v4.110 - Bericht erstellt 06/02/2015 um 09:18:22
# Aktualisiert 05/02/2015 von Xplode
# Datenbank : 2015-02-05.2 [Server]
# Betriebssystem : Windows 8.1  (x64)
# Benutzername : jurge_000 - DOC
# Gestarted von : C:\Users\jurge_000\Desktop\AdwCleaner_4.110.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : LPTSystemUpdater
Dienst Gelöscht : RGMUpdater

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Program Files (x86)\LPT
Ordner Gelöscht : C:\Users\jurge_000\AppData\Local\LPT
Ordner Gelöscht : C:\Users\jurge_000\AppData\Local\Smartbar
Ordner Gelöscht : C:\Users\jurge_000\AppData\Local\RGMService
Ordner Gelöscht : C:\Users\jurge_000\AppData\LocalLow\Smartbar
Datei Gelöscht : C:\Users\jurge_000\AppData\Roaming\Mozilla\Firefox\Profiles\2ngs26er.default\searchplugins\yahoo_ff.xml

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\Classes\pokki
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Schlüssel Gelöscht : HKCU\Software\MozillaPlugins\pokki.com/PokkiDownloadHelper
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{22848257-6A2D-4D2A-8D56-C886D25B8B58}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{22848257-6A2D-4D2A-8D56-C886D25B8B58}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Pokki
Schlüssel Gelöscht : HKCU\Software\smartbarbackup
Schlüssel Gelöscht : HKCU\Software\smartbarlog
Schlüssel Gelöscht : HKCU\Software\RGMService
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17416

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]

-\\ Mozilla Firefox v35.0.1 (x86 de)

[2ngs26er.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.selectedEngine", "Web Search");
[2ngs26er.default\prefs.js] - Zeile Gelöscht : user_pref("startpage.ntsearch_url", "hxxps://de.search.yahoo.com/search?fr=spigot-nt-ff&ei=utf-8&ilc=12&type=386496&p={searchTerms}");

*************************

AdwCleaner[R0].txt - [8674 Bytes] - [06/02/2015 09:06:00]
AdwCleaner[R1].txt - [8733 Bytes] - [06/02/2015 09:13:06]
AdwCleaner[S0].txt - [6551 Bytes] - [06/02/2015 09:18:22]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6610  Bytes] ##########
         

Code: Alles auswählenAufklappen

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 8.1 x64
Ran by jurge_000 on 06.02.2015 at  9:23:43,74
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2CC11A78-ABFC-11E4-829C-A02BB859D734}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\freerip"



~~~ FireFox

Emptied folder: C:\Users\jurge_000\AppData\Roaming\mozilla\firefox\profiles\2ngs26er.default\minidumps [9 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 06.02.2015 at  9:27:36,61
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-02-2015
Ran by jurge_000 (administrator) on DOC on 06-02-2015 09:35:39
Running from C:\Users\jurge_000\Desktop
Loaded Profiles: jurge_000 (Available profiles: jurge_000 & Administrator)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
() C:\Program Files (x86)\hide.me VPN\Hide.me.exe
() C:\Program Files (x86)\ProgDVB\ProgLauncher.exe
(Zhorn Software) C:\Program Files (x86)\Stickies\stickies.exe
(Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\swriter.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7546072 2014-03-10] (Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3957816 2014-03-01] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-01] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-01] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2811120 2014-03-13] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-03-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-02-13] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [475448 2014-03-04] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [IR_SERVER] => C:\Program Files (x86)\Realtek\REALTEK DTV USB DEVICE\IR_SERVER.exe
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2015-01-28] (Hewlett-Packard)
HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\...\Run: [Hide.me] => C:\Program Files (x86)\hide.me VPN\Hide.me.exe [1071768 2014-11-26] ()
HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\...\Run: [ProgLauncher] => C:\Program Files (x86)\ProgDVB\ProgLauncher.exe [381888 2014-12-14] ()
HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\...\RunOnce: [Application Restart #3] => C:\Users\jurge_000\AppData\Local\Pokki\Engine\HostAppService.exe [7846216 2015-01-31] (Pokki)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Stickies.lnk
ShortcutTarget: Stickies.lnk -> C:\Program Files (x86)\Stickies\stickies.exe (Zhorn Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT14/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT14/4
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4
HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage-web.com/?s=online&m=start
HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4
SearchScopes: HKLM -> {F6305024-E578-4006-A05F-6B1A66BAE870} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3178874078-4208927294-2124628208-1002 -> {C5BA03B4-C5FB-47A7-A541-30A1C674009A} URL = https://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=386496&p={searchTerms}
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Tcpip\Parameters: [DhcpNameServer] 192.168.99.99

FireFox:
========
FF ProfilePath: C:\Users\jurge_000\AppData\Roaming\Mozilla\Firefox\Profiles\2ngs26er.default
FF Homepage: google.de
FF Keyword.URL: https://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=386496&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: ADB Helper - C:\Users\jurge_000\AppData\Roaming\Mozilla\Firefox\Profiles\2ngs26er.default\Extensions\adbhelper@mozilla.org [2014-12-22]
FF Extension: Adblock Plus - C:\Users\jurge_000\AppData\Roaming\Mozilla\Firefox\Profiles\2ngs26er.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-30]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [140288 2014-03-15] () [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-03-15] (Advanced Micro Devices, Inc.) [File not signed]
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [88064 2014-03-05] () [File not signed]
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-28] (WildTangent)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-01-13] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [469304 2014-03-04] (Hewlett-Packard Development Company, L.P.)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-01] (Softex Inc.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [190704 2014-03-13] (Synaptics Incorporated)
R2 tbaseprovisioning; C:\Windows\SysWOW64\tbaseprovisioning.exe [51712 2014-02-25] (Advanced Micro Devices, Inc.)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-08-26] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17640 2013-10-24] (Advanced Micro Devices, INC.)
S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [85704 2014-02-25] (Advanced Micro Devices, Inc. )
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-14] (Advanced Micro Devices, Inc.)
R0 amdpsp; C:\Windows\System32\DRIVERS\amdpsp.sys [230088 2014-02-25] (Advanced Micro Devices, Inc. )
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2013-12-20] (Advanced Micro Devices)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [131584 2013-08-22] (Microsoft Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-04-21] (Microsoft Corporation)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [113280 2010-02-03] (ITE                      )
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-09-13] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29792 2014-09-13] (Kaspersky Lab)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [115296 2014-09-13] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625760 2014-09-13] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2014-09-13] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [65120 2014-09-13] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178272 2014-09-13] (Kaspersky Lab ZAO)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [291544 2014-01-04] (Realtek Semiconductor Corp.)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [558296 2014-01-06] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3379416 2014-03-22] (Realtek Semiconductor Corporation                           )
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [30448 2014-03-13] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [31472 2014-03-13] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
S3 GENERICDRV; \??\C:\swsetup\sp67235\amifldrv64.sys [X]
U3 McAPExe; No ImagePath
U3 McMPFSvc; No ImagePath
U3 McNaiAnn; No ImagePath
U3 mcpltsvc; No ImagePath
U3 McProxy; No ImagePath
U3 mfecore; No ImagePath
U3 MSK80Service; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-06 09:35 - 2015-02-06 09:36 - 00018140 _____ () C:\Users\jurge_000\Desktop\FRST.txt
2015-02-06 09:27 - 2015-02-06 09:27 - 00000967 _____ () C:\Users\jurge_000\Desktop\JRT.txt
2015-02-06 09:23 - 2015-02-06 09:23 - 01388274 _____ (Thisisu) C:\Users\jurge_000\Desktop\JRT.exe
2015-02-06 09:21 - 2015-02-06 09:21 - 00000101 ____H () C:\Users\jurge_000\Desktop\.~lock.Spam.odt#
2015-02-06 09:12 - 2015-02-06 09:12 - 00024589 _____ () C:\Users\jurge_000\Desktop\Spam.odt
2015-02-06 09:05 - 2015-02-06 09:18 - 00000000 ____D () C:\AdwCleaner
2015-02-06 09:02 - 2015-02-06 09:02 - 02112512 _____ () C:\Users\jurge_000\Desktop\AdwCleaner_4.110.exe
2015-02-05 20:33 - 2015-02-06 09:35 - 00000000 ____D () C:\FRST
2015-02-05 20:31 - 2015-02-05 20:31 - 02131968 _____ (Farbar) C:\Users\jurge_000\Desktop\FRST64.exe
2015-02-05 13:40 - 2015-02-05 13:40 - 00326104 _____ () C:\WINDOWS\Minidump\020515-26484-01.dmp
2015-02-03 20:40 - 2015-02-03 20:41 - 00326104 _____ () C:\WINDOWS\Minidump\020315-27343-01.dmp
2015-02-03 17:42 - 2015-02-03 17:42 - 00326048 _____ () C:\WINDOWS\Minidump\020315-29312-01.dmp
2015-01-29 22:50 - 2015-01-29 22:50 - 00001014 _____ () C:\Users\jurge_000\Desktop\TinyPic.lnk
2015-01-29 22:50 - 2015-01-29 22:50 - 00000000 ____D () C:\Program Files (x86)\Tinypic
2015-01-28 22:01 - 2015-01-28 22:01 - 00000000 ____D () C:\Program Files (x86)\Lame For Audacity
2015-01-27 23:05 - 2015-01-28 22:03 - 00000000 ____D () C:\Users\jurge_000\AppData\Roaming\Audacity
2015-01-27 23:04 - 2015-01-27 23:04 - 00001042 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2015-01-27 23:04 - 2015-01-27 23:04 - 00001030 _____ () C:\Users\Public\Desktop\Audacity.lnk
2015-01-27 23:04 - 2015-01-27 23:04 - 00000000 ____D () C:\Program Files (x86)\Audacity
2015-01-27 14:19 - 2015-01-27 14:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-27 00:19 - 2014-12-06 07:43 - 14489797 _____ () C:\Users\jurge_000\Desktop\Wie Sie mehr fotografieren und weniger knipsen - Thomas Stephan.epub
2015-01-25 21:10 - 2015-01-25 21:10 - 00326048 _____ () C:\WINDOWS\Minidump\012515-24062-01.dmp
2015-01-24 23:07 - 2015-01-24 23:07 - 00326104 _____ () C:\WINDOWS\Minidump\012415-21953-01.dmp
2015-01-24 21:47 - 2015-01-24 21:48 - 00326048 _____ () C:\WINDOWS\Minidump\012415-26687-01.dmp
2015-01-22 10:19 - 2015-01-22 10:19 - 00000000 ____D () C:\Users\jurge_000\Desktop\HUK
2015-01-22 10:16 - 2015-01-22 10:16 - 00000472 _____ () C:\Users\jurge_000\Desktop\Volume (F) - Verknüpfung.lnk
2015-01-21 00:39 - 2015-01-21 00:39 - 00326160 _____ () C:\WINDOWS\Minidump\012115-29281-01.dmp
2015-01-18 11:36 - 2015-01-18 11:36 - 00001110 _____ () C:\Users\Public\Desktop\Terminplaner .Net.lnk
2015-01-18 11:36 - 2015-01-18 11:36 - 00000000 ____D () C:\Users\jurge_000\AppData\Roaming\RDecke
2015-01-18 11:36 - 2015-01-18 11:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Terminplaner.NET
2015-01-18 11:36 - 2015-01-18 11:36 - 00000000 ____D () C:\Program Files (x86)\Terminplaner.NET
2015-01-18 11:35 - 2015-01-18 11:34 - 04718515 _____ (Ronny Decke ) C:\Users\jurge_000\Downloads\setup_CB-DL-Manager [1].exe
2015-01-16 21:45 - 2015-02-04 00:27 - 00000000 ____D () C:\Users\jurge_000\AppData\Roaming\stickies
2015-01-16 21:45 - 2015-01-16 21:45 - 00000667 _____ () C:\WINDOWS\uninstallstickies.bat
2015-01-16 21:45 - 2015-01-16 21:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stickies
2015-01-16 21:45 - 2015-01-16 21:45 - 00000000 ____D () C:\Program Files (x86)\Stickies
2015-01-15 22:02 - 2015-01-15 22:02 - 00460040 _____ () C:\Users\jurge_000\Desktop\Unbenannt 1.odt
2015-01-15 09:54 - 2015-01-15 09:54 - 00000000 ___HD () C:\Users\jurge_000\Desktop\.picasaoriginals
2015-01-14 22:32 - 2015-01-15 11:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-01-14 22:00 - 2015-01-14 22:00 - 00001429 _____ () C:\Users\jurge_000\Desktop\bp - Verknüpfung.lnk
2015-01-14 11:47 - 2015-01-14 11:47 - 00001860 _____ () C:\Users\jurge_000\Desktop\PTEditor - Verknüpfung.lnk
2015-01-14 11:42 - 2015-01-14 11:42 - 00000000 ____D () C:\Users\jurge_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Power Tab Software
2015-01-14 11:42 - 2015-01-14 11:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Power Tab Software
2015-01-14 11:42 - 2015-01-14 11:42 - 00000000 ____D () C:\Program Files (x86)\Power Tab Software
2015-01-14 11:39 - 2015-01-14 11:39 - 05917258 _____ () C:\Users\jurge_000\Downloads\powertab1.7.zip
2015-01-14 08:53 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-01-14 08:53 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-01-14 08:53 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-01-14 08:53 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-01-14 08:53 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-01-14 08:53 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-01-14 08:53 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-01-14 08:53 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-01-14 08:53 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-01-14 08:53 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-01-14 08:53 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-01-14 08:53 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-01-14 08:53 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-01-14 08:53 - 2014-10-29 05:00 - 00465320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2015-01-14 08:53 - 2014-10-29 05:00 - 00139984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2015-01-14 08:53 - 2014-10-29 04:52 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-01-14 08:53 - 2014-10-29 04:52 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-01-14 08:53 - 2014-10-29 04:52 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-01-14 08:53 - 2014-10-29 04:52 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-01-14 08:53 - 2014-10-29 04:12 - 00413136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2015-01-14 08:53 - 2014-10-29 04:12 - 00136296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2015-01-14 08:53 - 2014-10-29 04:07 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-01-14 08:53 - 2014-10-29 04:07 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-01-14 08:53 - 2014-10-29 04:07 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-01-14 08:53 - 2014-10-29 03:44 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2015-01-14 08:53 - 2014-10-29 02:59 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2015-01-14 08:53 - 2014-10-29 02:02 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-01-14 08:52 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-01-14 08:52 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-01-14 08:52 - 2014-10-29 02:24 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2015-01-14 08:52 - 2014-10-29 02:01 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2015-01-07 23:38 - 2015-01-07 23:38 - 00326160 _____ () C:\WINDOWS\Minidump\010715-23000-01.dmp
2015-01-07 23:01 - 2015-01-07 23:01 - 00326160 _____ () C:\WINDOWS\Minidump\010715-28203-01.dmp
2015-01-07 11:21 - 2015-01-07 11:21 - 00000000 ____D () C:\Users\jurge_000\AppData\Roaming\Guitar Pro 6
2015-01-07 11:21 - 2015-01-07 11:21 - 00000000 ____D () C:\ProgramData\Guitar Pro 6
2015-01-07 11:20 - 2015-01-07 11:20 - 00000991 _____ () C:\Users\Public\Desktop\Guitar Pro 6.lnk
2015-01-07 11:20 - 2015-01-07 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guitar Pro 6
2015-01-07 11:19 - 2015-01-07 11:20 - 00000000 ____D () C:\Program Files (x86)\Guitar Pro 6
2015-01-07 09:21 - 2015-01-07 09:21 - 00309776 _____ () C:\WINDOWS\Minidump\010715-24203-01.dmp
2015-01-07 08:59 - 2015-01-07 08:59 - 00305680 _____ () C:\WINDOWS\Minidump\010715-23218-01.dmp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-06 09:29 - 2014-12-30 09:22 - 01867478 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-06 09:21 - 2014-08-28 11:52 - 00000000 ___DO () C:\Users\jurge_000\OneDrive
2015-02-06 09:20 - 2014-12-30 09:23 - 00013969 _____ () C:\WINDOWS\setupact.log
2015-02-06 09:20 - 2014-09-12 21:44 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-02-06 09:20 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-06 09:19 - 2014-12-29 23:52 - 00000872 _____ () C:\WINDOWS\PFRO.log
2015-02-06 09:19 - 2014-05-12 11:51 - 00065536 _____ () C:\WINDOWS\system32\spu_storage.bin
2015-02-06 09:19 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-02-06 09:18 - 2014-09-04 22:35 - 00000000 ____D () C:\Users\jurge_000
2015-02-06 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-06 08:52 - 2014-09-04 22:35 - 00000000 ____D () C:\Users\jurge_000\AppData\Local\Pokki
2015-02-05 23:41 - 2014-11-29 22:43 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-02-05 21:31 - 2014-09-04 22:49 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3178874078-4208927294-2124628208-1002
2015-02-05 20:48 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-02-05 20:48 - 2013-08-22 16:20 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-02-05 20:29 - 2014-09-27 08:01 - 00003178 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForjurge_000
2015-02-05 20:29 - 2014-09-27 08:01 - 00000356 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForjurge_000.job
2015-02-05 13:42 - 2014-09-04 23:07 - 00002305 _____ () C:\Users\jurge_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-02-05 13:41 - 2014-05-12 12:05 - 02231725 _____ () C:\WINDOWS\SysWOW64\rootpa.e2e
2015-02-05 13:40 - 2014-12-29 23:52 - 534231311 _____ () C:\WINDOWS\MEMORY.DMP
2015-02-05 13:40 - 2014-10-06 21:27 - 00000000 ____D () C:\WINDOWS\Minidump
2015-02-04 22:41 - 2014-11-29 22:43 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-02-03 20:31 - 2014-09-08 10:46 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-02-03 20:31 - 2014-09-08 10:46 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-03 17:41 - 2014-09-04 23:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-03 09:45 - 2014-04-22 00:14 - 00800954 _____ () C:\WINDOWS\system32\perfh007.dat
2015-02-03 09:45 - 2014-04-22 00:14 - 00174458 _____ () C:\WINDOWS\system32\perfc007.dat
2015-02-03 09:45 - 2013-08-26 07:09 - 01921090 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-02 01:04 - 2014-09-05 21:03 - 00000000 ____D () C:\Users\jurge_000\AppData\Roaming\vlc
2015-01-30 19:24 - 2014-10-03 19:18 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2015-01-30 19:24 - 2014-09-26 21:01 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2015-01-28 01:31 - 2014-08-28 16:23 - 00000000 ____D () C:\Users\jurge_000\Documents\Calibre-Bibliothek
2015-01-26 20:35 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2015-01-24 20:42 - 2014-12-23 21:25 - 00000000 ____D () C:\Users\jurge_000\AppData\Local\Windows Live
2015-01-17 20:56 - 2013-08-22 15:44 - 00379016 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-01-17 20:55 - 2014-12-23 23:09 - 00000000 ____D () C:\Program Files (x86)\DivX
2015-01-16 22:39 - 2014-09-07 23:34 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-16 21:56 - 2014-09-07 23:34 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-01-15 09:28 - 2014-12-23 21:02 - 00000000 ____D () C:\Users\jurge_000\AppData\Roaming\DVD Flick
2015-01-14 22:08 - 2014-12-23 23:08 - 00000000 ____D () C:\ProgramData\DivX
2015-01-14 11:44 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help
2015-01-07 23:07 - 2014-09-16 22:19 - 00000000 ____D () C:\Users\jurge_000\AppData\Local\Adobe

==================== Files in the root of some directories =======

2014-12-23 21:07 - 2014-12-23 21:07 - 0092702 _____ () C:\Users\jurge_000\AppData\Local\349311A3_stp.CIS
2014-12-23 21:07 - 2014-12-23 21:07 - 0000289 _____ () C:\Users\jurge_000\AppData\Local\349311A3_stp.CIS.part
2014-12-23 21:07 - 2014-12-23 21:07 - 0000000 _____ () C:\Users\jurge_000\AppData\Local\5BFEE0EB_stp.EXE
2014-12-23 21:08 - 2014-12-23 21:08 - 0000203 _____ () C:\Users\jurge_000\AppData\Local\5BFEE0EB_stp.EXE.part
2014-12-23 21:07 - 2014-12-23 21:08 - 0178814 _____ () C:\Users\jurge_000\AppData\Local\6AD0D82B_stp.CIS
2014-12-23 21:08 - 2014-12-23 21:08 - 0000238 _____ () C:\Users\jurge_000\AppData\Local\6AD0D82B_stp.CIS.part
2014-12-23 23:22 - 2014-12-23 23:22 - 0007680 _____ () C:\Users\jurge_000\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-28 22:59 - 2014-09-28 22:59 - 0002063 _____ () C:\Users\jurge_000\AppData\Local\recently-used.xbel
2014-09-18 08:32 - 2014-09-18 08:32 - 0001534 _____ () C:\ProgramData\ss.ini

Some content of TEMP:
====================
C:\Users\jurge_000\AppData\Local\Temp\-meblazn.dll
C:\Users\jurge_000\AppData\Local\Temp\0hgn9bp4.dll
C:\Users\jurge_000\AppData\Local\Temp\2cvjg2ui.dll
C:\Users\jurge_000\AppData\Local\Temp\6utolcnp.dll
C:\Users\jurge_000\AppData\Local\Temp\73celdui.dll
C:\Users\jurge_000\AppData\Local\Temp\75crf8bq.dll
C:\Users\jurge_000\AppData\Local\Temp\bfntpetm.dll
C:\Users\jurge_000\AppData\Local\Temp\bswjrtpw.dll
C:\Users\jurge_000\AppData\Local\Temp\ceaqyslu.dll
C:\Users\jurge_000\AppData\Local\Temp\e-mlvuyr.dll
C:\Users\jurge_000\AppData\Local\Temp\e6jz9of_.dll
C:\Users\jurge_000\AppData\Local\Temp\f0hameyt.dll
C:\Users\jurge_000\AppData\Local\Temp\fddto3ya.dll
C:\Users\jurge_000\AppData\Local\Temp\kgltleq3.dll
C:\Users\jurge_000\AppData\Local\Temp\kszb4xaf.dll
C:\Users\jurge_000\AppData\Local\Temp\lnztk08r.dll
C:\Users\jurge_000\AppData\Local\Temp\mkbvhnur.dll
C:\Users\jurge_000\AppData\Local\Temp\ndpkfgcn.dll
C:\Users\jurge_000\AppData\Local\Temp\nywbxm0o.dll
C:\Users\jurge_000\AppData\Local\Temp\o3sbkbok.dll
C:\Users\jurge_000\AppData\Local\Temp\oct7F93.tmp.exe
C:\Users\jurge_000\AppData\Local\Temp\octA4B3.tmp.exe
C:\Users\jurge_000\AppData\Local\Temp\octBDA5.tmp.exe
C:\Users\jurge_000\AppData\Local\Temp\p077xjfc.dll
C:\Users\jurge_000\AppData\Local\Temp\pg93yw8i.dll
C:\Users\jurge_000\AppData\Local\Temp\qj-iiie1.dll
C:\Users\jurge_000\AppData\Local\Temp\Quarantine.exe
C:\Users\jurge_000\AppData\Local\Temp\SearchProtectionSetup.exe
C:\Users\jurge_000\AppData\Local\Temp\sltr_ugu.dll
C:\Users\jurge_000\AppData\Local\Temp\sqlite3.dll
C:\Users\jurge_000\AppData\Local\Temp\uadakbsc.dll
C:\Users\jurge_000\AppData\Local\Temp\ule4l8cl.dll
C:\Users\jurge_000\AppData\Local\Temp\upkx7dkr.dll
C:\Users\jurge_000\AppData\Local\Temp\v53idcfd.dll
C:\Users\jurge_000\AppData\Local\Temp\xk9w7_gr.dll
C:\Users\jurge_000\AppData\Local\Temp\yntr8xkm.dll
C:\Users\jurge_000\AppData\Local\Temp\zna2d3-v.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-29 23:32

==================== End Of Log ============================
         

--- --- ---

--- --- ---

--- --- ---

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-02-2015
Ran by jurge_000 at 2015-02-06 09:36:39
Running from C:\Users\jurge_000\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Anti-Virus (Disabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Anti-Virus (Disabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adblock Plus für IE (32-Bit- und 64-Bit) (HKLM\...\{123A22CB-6D84-4135-A71F-886C9119E996}) (Version: 99.9 - Eyeo GmbH)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{C3E5B3AF-12F2-9E42-B493-9490DC745953}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
BestPractice (remove only) (HKLM-x32\...\BestPractice) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden
Building the Great Wall of China Collector's Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden
calibre (HKLM-x32\...\{AB116F72-C91A-40F2-A25A-949B5D065EBB}) (Version: 2.3.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
ClearProg 1.6.1 Beta 7 (HKLM-x32\...\ClearProg) (Version: 1.6.1 Beta 7 - Sven Hoffman)
Crazy Chicken Soccer (x32 Version: 2.2.0.110 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Drakensang Online (HKLM-x32\...\Drakensang Online) (Version:  - )
DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
DVDStyler v2.8 (HKLM-x32\...\DVDStyler_is1) (Version:  - )
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
FreeRIP MP3 Converter 4.5.3 (HKLM-x32\...\{501451DE-5808-4599-B544-8BD0915B6B24}_is1) (Version: 4.5.3 - GreenTree Applications SRL)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Guitar Pro 6 (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version:  - Arobas Music)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
hide.me VPN Version 1.0.5 (HKLM-x32\...\{0E00BDA5-7998-4889-BE4B-39A4BBD2EDFB}_is1) (Version: 1.0.5 - eVenture Limited)
HP 3D DriveGuard (HKLM-x32\...\{F90A86C9-7779-47DD-AC06-8EE832C55F55}) (Version: 6.0.18.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{E2C8D0C2-1C97-4C05-939A-5B13A0FE655C}) (Version: 2.20.31 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{082B1425-0F24-43FA-9B64-E8F617B0AD3B}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7493.4758 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.08 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{8C696B4B-6AB1-44BC-9416-96EAC474CABE}) (Version: 7.5.2.12 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{E9FA2CA2-B7B2-43E6-8449-A1618B042EAE}) (Version: 1.1.3 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{B7B82520-8ECE-4743-BFD7-93B16C64B277}) (Version: 2.4.2 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Inst5675 (Version: 8.01.08 - Softex Inc.) Hidden
Inst5676 (Version: 8.01.08 - Softex Inc.) Hidden
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.2 - Mozilla)
Mozilla Thunderbird 31.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.4.0 (x86 de)) (Version: 31.4.0 - Mozilla)
MuseScore 1.3 (HKLM-x32\...\MuseScore) (Version: 1.3.0 - Werner Schweer and Others)
Naviextras Toolbox Prerequesities (HKLM-x32\...\{537575D6-3B96-474C-BD8F-DFF667363DBD}) (Version: 1.0.0 - NNG Llc.)
OEM Application Profile (HKLM-x32\...\{315F1A48-D883-B234-7C79-15873574ACC1}) (Version: 1.00.0000 - Ihr Firmenname)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.51 - WildTangent) Hidden
Pokki Download Helper (HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\...\PokkiDownloadHelper) (Version: 1.3.1.282 - Pokki)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Power Tab Editor 1.7 (HKLM-x32\...\{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}) (Version: 1.7.0 - Power Tab Software)
ProgDVB (HKLM-x32\...\ProgDVB) (Version: 7.x - Prog)
Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.6 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.)
REALTEK DTV USB DEVICE (HKLM-x32\...\{DDBB7C89-1A09-441E-AA0F-6AA465755C17}) (Version: 1.00.0000 - Realtek)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7195 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.00.13.1216 - REALTEK Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung Universal Print Driver 2 (HKLM-x32\...\Samsung Universal Print Driver 2) (Version: 2.50.05.00 - Samsung Electronics Co., Ltd.)
Startmenü (HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\...\Pokki_Start_Menu) (Version: 0.269.5.460 - Pokki)
Stickies 8.0b (HKLM-x32\...\ZhornStickies) (Version:  - Zhorn Software)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.5.2 - Synaptics Incorporated)
Terminplaner .Net (HKLM-x32\...\{AFC4FEEE-6E08-4CC9-815E-5CEDF2C15E2E}_is1) (Version:  - Ronny Decke)
Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
Torchlight 2 (HKLM-x32\...\{049FF5E4-EB02-4c42-8DB0-226E2F7A9E53}) (Version: 1.9.2.1 - )
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
UnderCoverXP 1.23 (HKLM-x32\...\UnderCoverXP_is1) (Version:  - Wicked & Wild Inc.)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden
VirtualDJ 8 (HKLM-x32\...\{9ADBBA93-4625-4898-BB0D-BCE7EA9F8B4A}) (Version: 8.0.0 - Atomix Productions)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Warhammer 40,000: Dawn Of War - Gold Edition (HKLM-x32\...\{D0B36BAF-3E9D-423E-8821-ED238C18DB0A}) (Version: 1.51 - THQ)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App für HP (x32 Version: 4.0.11.2 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Youda Jewel Shop (x32 Version: 3.0.2.51 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

28-01-2015 23:14:09 Windows Update
05-02-2015 20:46:30 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1E5F545C-3E53-4CA6-B6DD-F9468D990F15} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {1FCE01D1-1F20-491A-826D-FC2FEDABDE89} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-01-16] (Microsoft Corporation)
Task: {2595D899-3540-46DF-9B78-8F72E3C1BB4A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)
Task: {5E9E3CCA-3E56-426D-869F-2887A3F1CFBF} - System32\Tasks\arp_flush => C:\Program Files (x86)\hide.me VPN\FlushArpCache.exe [2014-11-26] ()
Task: {72535254-1F4B-4441-8985-5D973E0A9A7C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {748AFF38-E65C-433E-ABBF-1B96A97DE684} - System32\Tasks\HPCeeScheduleForjurge_000 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {7605FDD8-C91D-46F6-B3D4-B8B886B65688} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-01-21] (Hewlett-Packard)
Task: {783FB339-C2A9-4C97-9225-8886277D380D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)
Task: {7BFA62DA-E2B5-4499-BDE4-6596E6DBB0AA} - System32\Tasks\Chrome => C:\Users\jurge_000\AppData\Local\Temp\Rau\PackerV2.exe <==== ATTENTION
Task: {7DC3868F-F8C4-48C3-BBE6-712B4ACFBBC1} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-11-01] (Hewlett-Packard Development Company, L.P.)
Task: {AE65EE86-DE40-4F81-9EF9-97F606D399EB} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
Task: {CBCBF33A-327C-4E89-9654-A454F3F17EC2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {D61F64F2-D634-494C-8ADB-4A8DB675B301} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-01-21] (Hewlett-Packard)
Task: {E8AD23A2-1FC5-4477-8255-3438445694AD} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForjurge_000.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) ==============

2014-03-01 17:38 - 2014-03-01 17:38 - 02110464 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-03-01 17:34 - 2014-03-01 17:34 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-03-01 17:34 - 2014-03-01 17:34 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2014-03-01 17:34 - 2014-03-01 17:34 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-03-01 17:52 - 2014-03-01 17:52 - 00367504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-03-01 17:52 - 2014-03-01 17:52 - 00712592 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2008-09-09 10:22 - 2008-09-09 10:22 - 00022016 _____ () C:\WINDOWS\System32\sst1cl6.dll
2014-09-09 20:46 - 2014-04-16 09:22 - 00029184 _____ () C:\WINDOWS\System32\usp01l.dll
2014-03-15 01:21 - 2014-03-15 01:21 - 00140288 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2014-03-15 01:20 - 2014-03-15 01:20 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-05-12 12:00 - 2014-03-05 17:09 - 00088064 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2014-03-01 17:41 - 2014-03-01 17:41 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2014-12-30 00:07 - 2014-11-26 11:40 - 01071768 _____ () C:\Program Files (x86)\hide.me VPN\Hide.me.exe
2014-12-14 12:07 - 2014-12-14 12:07 - 00381888 _____ () C:\Program Files (x86)\ProgDVB\ProgLauncher.exe
2014-09-25 19:44 - 2014-09-25 19:44 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2013-05-08 13:52 - 2013-05-08 13:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\kpcengine.2.3.dll
2013-06-17 11:35 - 2013-06-17 11:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\dblite.dll
2014-12-30 00:07 - 2014-11-26 11:34 - 00102400 _____ () C:\Program Files (x86)\hide.me VPN\de-DE\Hide.me.resources.dll
2014-08-13 08:27 - 2014-08-13 08:27 - 00988160 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxml2.dll
2014-07-29 12:34 - 2014-07-29 12:34 - 00170496 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxslt.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData:gs5sys
AlternateDataStreams: C:\Users\jurge_000:gs5sys
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\ProgramData\Temp:10894A2E
AlternateDataStreams: C:\ProgramData\Vorlagen:gs5sys
AlternateDataStreams: C:\Users\jurge_000\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\Users\jurge_000\Cookies:gs5sys
AlternateDataStreams: C:\Users\jurge_000\Lokale Einstellungen:gs5sys
AlternateDataStreams: C:\Users\jurge_000\OneDrive:ms-properties
AlternateDataStreams: C:\Users\jurge_000\Vorlagen:gs5sys
AlternateDataStreams: C:\Users\jurge_000\Desktop\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\jurge_000\AppData\Local:gs5sys
AlternateDataStreams: C:\Users\jurge_000\AppData\Roaming:gs5sys
AlternateDataStreams: C:\Users\jurge_000\AppData\Local\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\Users\jurge_000\AppData\Local\Verlauf:gs5sys
AlternateDataStreams: C:\Users\jurge_000\Documents\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Registry Areas =====================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\jurge_000\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-3178874078-4208927294-2124628208-500 - Administrator - Disabled) => C:\Users\Administrator
Gast (S-1-5-21-3178874078-4208927294-2124628208-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3178874078-4208927294-2124628208-1004 - Limited - Enabled)
jurge_000 (S-1-5-21-3178874078-4208927294-2124628208-1002 - Administrator - Enabled) => C:\Users\jurge_000

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Processor: AMD A8-6410 APU with AMD Radeon R5 Graphics 
Percentage of memory in use: 37%
Total physical RAM: 3519.68 MB
Available physical RAM: 2195.52 MB
Total Pagefile: 7103.68 MB
Available Pagefile: 5642.46 MB
Total Virtual: 131072 MB
Available Virtual: 131071.82 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:71.31 GB) (Free:27.78 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:22.33 GB) (Free:2.2 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (Volume) (Fixed) (Total:346.68 GB) (Free:143.64 GB) NTFS
Drive g: (Volume) (Fixed) (Total:24.41 GB) (Free:20.02 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 55152BDD)

Partition: GPT Partition Type.

==================== End Of Log ============================
         

FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code: Alles auswählenAufklappen

ATTFilter

HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Task: {7BFA62DA-E2B5-4499-BDE4-6596E6DBB0AA} - System32\Tasks\Chrome => C:\Users\jurge_000\AppData\Local\Temp\Rau\PackerV2.exe <==== ATTENTION
C:\Users\jurge_000\AppData\Local\Temp\Rau
C:\Users\jurge_000\AppData\Local\Temp\-meblazn.dll
C:\Users\jurge_000\AppData\Local\Temp\0hgn9bp4.dll
C:\Users\jurge_000\AppData\Local\Temp\2cvjg2ui.dll
C:\Users\jurge_000\AppData\Local\Temp\6utolcnp.dll
C:\Users\jurge_000\AppData\Local\Temp\73celdui.dll
C:\Users\jurge_000\AppData\Local\Temp\75crf8bq.dll
C:\Users\jurge_000\AppData\Local\Temp\bfntpetm.dll
C:\Users\jurge_000\AppData\Local\Temp\bswjrtpw.dll
C:\Users\jurge_000\AppData\Local\Temp\ceaqyslu.dll
C:\Users\jurge_000\AppData\Local\Temp\e-mlvuyr.dll
C:\Users\jurge_000\AppData\Local\Temp\e6jz9of_.dll
C:\Users\jurge_000\AppData\Local\Temp\f0hameyt.dll
C:\Users\jurge_000\AppData\Local\Temp\fddto3ya.dll
C:\Users\jurge_000\AppData\Local\Temp\kgltleq3.dll
C:\Users\jurge_000\AppData\Local\Temp\kszb4xaf.dll
C:\Users\jurge_000\AppData\Local\Temp\lnztk08r.dll
C:\Users\jurge_000\AppData\Local\Temp\mkbvhnur.dll
C:\Users\jurge_000\AppData\Local\Temp\ndpkfgcn.dll
C:\Users\jurge_000\AppData\Local\Temp\nywbxm0o.dll
C:\Users\jurge_000\AppData\Local\Temp\o3sbkbok.dll
C:\Users\jurge_000\AppData\Local\Temp\oct7F93.tmp.exe
C:\Users\jurge_000\AppData\Local\Temp\octA4B3.tmp.exe
C:\Users\jurge_000\AppData\Local\Temp\octBDA5.tmp.exe
C:\Users\jurge_000\AppData\Local\Temp\p077xjfc.dll
C:\Users\jurge_000\AppData\Local\Temp\pg93yw8i.dll
C:\Users\jurge_000\AppData\Local\Temp\qj-iiie1.dll
C:\Users\jurge_000\AppData\Local\Temp\Quarantine.exe
C:\Users\jurge_000\AppData\Local\Temp\SearchProtectionSetup.exe
C:\Users\jurge_000\AppData\Local\Temp\sltr_ugu.dll
C:\Users\jurge_000\AppData\Local\Temp\sqlite3.dll
C:\Users\jurge_000\AppData\Local\Temp\uadakbsc.dll
C:\Users\jurge_000\AppData\Local\Temp\ule4l8cl.dll
C:\Users\jurge_000\AppData\Local\Temp\upkx7dkr.dll
C:\Users\jurge_000\AppData\Local\Temp\v53idcfd.dll
C:\Users\jurge_000\AppData\Local\Temp\xk9w7_gr.dll
C:\Users\jurge_000\AppData\Local\Temp\yntr8xkm.dll
C:\Users\jurge_000\AppData\Local\Temp\zna2d3-v.dll
cmd: type C:\ProgramData\ss.ini
EmptyTemp:
Hosts:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

• Starte nun FRST erneut und klicke den Entfernen Button.
• Das Tool erstellt eine Fixlog.txt.
• Poste mir deren Inhalt.

OK!

Code: Alles auswählenAufklappen

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 05-02-2015
Ran by jurge_000 at 2015-02-06 22:38:53 Run:3
Running from C:\Users\jurge_000\Desktop\Putze
Loaded Profiles: jurge_000 (Available profiles: jurge_000 & Administrator)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Task: {7BFA62DA-E2B5-4499-BDE4-6596E6DBB0AA} - System32\Tasks\Chrome => C:\Users\jurge_000\AppData\Local\Temp\Rau\PackerV2.exe <==== ATTENTION
C:\Users\jurge_000\AppData\Local\Temp\Rau
C:\Users\jurge_000\AppData\Local\Temp\-meblazn.dll
C:\Users\jurge_000\AppData\Local\Temp\0hgn9bp4.dll
C:\Users\jurge_000\AppData\Local\Temp\2cvjg2ui.dll
C:\Users\jurge_000\AppData\Local\Temp\6utolcnp.dll
C:\Users\jurge_000\AppData\Local\Temp\73celdui.dll
C:\Users\jurge_000\AppData\Local\Temp\75crf8bq.dll
C:\Users\jurge_000\AppData\Local\Temp\bfntpetm.dll
C:\Users\jurge_000\AppData\Local\Temp\bswjrtpw.dll
C:\Users\jurge_000\AppData\Local\Temp\ceaqyslu.dll
C:\Users\jurge_000\AppData\Local\Temp\e-mlvuyr.dll
C:\Users\jurge_000\AppData\Local\Temp\e6jz9of_.dll
C:\Users\jurge_000\AppData\Local\Temp\f0hameyt.dll
C:\Users\jurge_000\AppData\Local\Temp\fddto3ya.dll
C:\Users\jurge_000\AppData\Local\Temp\kgltleq3.dll
C:\Users\jurge_000\AppData\Local\Temp\kszb4xaf.dll
C:\Users\jurge_000\AppData\Local\Temp\lnztk08r.dll
C:\Users\jurge_000\AppData\Local\Temp\mkbvhnur.dll
C:\Users\jurge_000\AppData\Local\Temp\ndpkfgcn.dll
C:\Users\jurge_000\AppData\Local\Temp\nywbxm0o.dll
C:\Users\jurge_000\AppData\Local\Temp\o3sbkbok.dll
C:\Users\jurge_000\AppData\Local\Temp\oct7F93.tmp.exe
C:\Users\jurge_000\AppData\Local\Temp\octA4B3.tmp.exe
C:\Users\jurge_000\AppData\Local\Temp\octBDA5.tmp.exe
C:\Users\jurge_000\AppData\Local\Temp\p077xjfc.dll
C:\Users\jurge_000\AppData\Local\Temp\pg93yw8i.dll
C:\Users\jurge_000\AppData\Local\Temp\qj-iiie1.dll
C:\Users\jurge_000\AppData\Local\Temp\Quarantine.exe
C:\Users\jurge_000\AppData\Local\Temp\SearchProtectionSetup.exe
C:\Users\jurge_000\AppData\Local\Temp\sltr_ugu.dll
C:\Users\jurge_000\AppData\Local\Temp\sqlite3.dll
C:\Users\jurge_000\AppData\Local\Temp\uadakbsc.dll
C:\Users\jurge_000\AppData\Local\Temp\ule4l8cl.dll
C:\Users\jurge_000\AppData\Local\Temp\upkx7dkr.dll
C:\Users\jurge_000\AppData\Local\Temp\v53idcfd.dll
C:\Users\jurge_000\AppData\Local\Temp\xk9w7_gr.dll
C:\Users\jurge_000\AppData\Local\Temp\yntr8xkm.dll
C:\Users\jurge_000\AppData\Local\Temp\zna2d3-v.dll
cmd: type C:\ProgramData\ss.ini
EmptyTemp:
Hosts:
*****************

HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\SOFTWARE\Policies\Microsoft\Internet Explorer => Key not found. 
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BFA62DA-E2B5-4499-BDE4-6596E6DBB0AA} => Key not found. 
C:\Windows\System32\Tasks\Chrome not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Chrome => Key not found. 
"C:\Users\jurge_000\AppData\Local\Temp\Rau" => File/Directory not found.
"C:\Users\jurge_000\AppData\Local\Temp\-meblazn.dll" => File/Directory not found.
"C:\Users\jurge_000\AppData\Local\Temp\0hgn9bp4.dll" => File/Directory not found.
"C:\Users\jurge_000\AppData\Local\Temp\2cvjg2ui.dll" => File/Directory not found.
"C:\Users\jurge_000\AppData\Local\Temp\6utolcnp.dll" => File/Directory not found.
"C:\Users\jurge_000\AppData\Local\Temp\73celdui.dll" => File/Directory not found.
"C:\Users\jurge_000\AppData\Local\Temp\75crf8bq.dll" => File/Directory not found.
"C:\Users\jurge_000\AppData\Local\Temp\bfntpetm.dll" => File/Directory not found.
"C:\Users\jurge_000\AppData\Local\Temp\bswjrtpw.dll" => File/Directory not found.
"C:\Users\jurge_000\AppData\Local\Temp\ceaqyslu.dll" => File/Directory not found.
"C:\Users\jurge_000\AppData\Local\Temp\e-mlvuyr.dll" => File/Directory not found.
"C:\Users\jurge_000\AppData\Local\Temp\e6jz9of_.dll" => File/Directory not found.
"C:\Users\jurge_000\AppData\Local\Temp\f0hameyt.dll" => File/Directory not found.
"C:\Users\jurge_000\AppData\Local\Temp\fddto3ya.dll" => File/Directory not found.
"C:\Users\jurge_000\AppData\Local\Temp\kgltleq3.dll" => File/Directory not found.
"C:\Users\jurge_000\AppData\Local\Temp\kszb4xaf.dll" => File/Directory not found.
"C:\Users\jurge_000\AppData\Local\Temp\lnztk08r.dll" => File/Directory not found.
"C:\Users\jurge_000\AppData\Local\Temp\mkbvhnur.dll" => File/Directory not found.
"C:\Users\jurge_000\AppData\Local\Temp\ndpkfgcn.dll" => File/Directory not found.
"C:\Users\jurge_000\AppData\Local\Temp\nywbxm0o.dll" => File/Directory not found.
"C:\Users\jurge_000\AppData\Local\Temp\o3sbkbok.dll" => File/Directory not found.
"C:\Users\jurge_000\AppData\Local\Temp\oct7F93.tmp.exe" => File/Directory not found.
"C:\Users\jurge_000\AppData\Local\Temp\octA4B3.tmp.exe" => File/Directory not found.
"C:\Users\jurge_000\AppData\Local\Temp\octBDA5.tmp.exe" => File/Directory not found.
"C:\Users\jurge_000\AppData\Local\Temp\p077xjfc.dll" => File/Directory not found.
"C:\Users\jurge_000\AppData\Local\Temp\pg93yw8i.dll" => File/Directory not found.
"C:\Users\jurge_000\AppData\Local\Temp\qj-iiie1.dll" => File/Directory not found.
"C:\Users\jurge_000\AppData\Local\Temp\Quarantine.exe" => File/Directory not found.
"C:\Users\jurge_000\AppData\Local\Temp\SearchProtectionSetup.exe" => File/Directory not found.
"C:\Users\jurge_000\AppData\Local\Temp\sltr_ugu.dll" => File/Directory not found.
"C:\Users\jurge_000\AppData\Local\Temp\sqlite3.dll" => File/Directory not found.
"C:\Users\jurge_000\AppData\Local\Temp\uadakbsc.dll" => File/Directory not found.
"C:\Users\jurge_000\AppData\Local\Temp\ule4l8cl.dll" => File/Directory not found.
"C:\Users\jurge_000\AppData\Local\Temp\upkx7dkr.dll" => File/Directory not found.
"C:\Users\jurge_000\AppData\Local\Temp\v53idcfd.dll" => File/Directory not found.
"C:\Users\jurge_000\AppData\Local\Temp\xk9w7_gr.dll" => File/Directory not found.
"C:\Users\jurge_000\AppData\Local\Temp\yntr8xkm.dll" => File/Directory not found.
"C:\Users\jurge_000\AppData\Local\Temp\zna2d3-v.dll" => File/Directory not found.

=========  type C:\ProgramData\ss.ini =========

[ss]3-fb002485eaf16e49b0ddff28b1b63300=13-fa86a96e840fabd0de6e972f917b2288=13-f7b1623c15f264e6d3c8ffe011f5ca3d=13-f21a29e39be1c11bc97814b8496e6798=13-e706cab3051a7f0663bc8bc77c7c2bcd=13-e68878d4b1194179dd86f4bdea78b821=13-d07fc6c535cc527178e0431fdf4e295d=13-cc5c0e2c5855d6e906f549d87fa5f5e1=13-cb1f63e5fd1072474ef882bea1cb4122=13-c82067eb79f3eff34bad44872c57f7ae=13-c1bdc356121231463c8e1eb7dae33bce=13-be8cb0f354fbdeb9adbc636f3085ea09=13-b8756211afb0148c9d4e34af3d0777d5=13-b804eb77c2cca25b83acfdca20caa4c0=13-b75069d28571cc0f652b9c07e83b433e=13-b52464a9ad58439f5682061929deafea=13-b06a0a52410e4e794c426d97ad94a712=13-a63c5966819e09092ba817fbc0a39760=13-9e8ac6ed29e7352a9cd185311077099c=13-9cff4ef280142d01f99824e880d73e6b=13-88087115dadbcba984f1ca140f276309=13-8720f518ef756f3a69475d0335c91e78=13-7551b01f3e97da05f4f9f153e973c8ad=13-74ab7846dcd5448269cca74e07e20a8b=13-6a38658ddd69f99832c6738f92286919=13-6026ea040f525d4d740721d9a20141af=13-5ff1ca790db2da0f75014d0df8e99f2d=13-50c5a8ed93d877a2ef54231d61641276=13-49fcbf9dc6a3d8c16e69089bf0f42672=13-409cf7b35835f1faa55c43407bf6f554=13-3fc144869ef7a47edc425422e471edc2=13-35a052c29d1214d8f9f7215b75473736=13-34f5f189a7c8f27d18b292f6de73d39c=13-24c547e371deee78ecab53c6c0180c30=13-2128e206206b0f56003a969745889969=13-1cd7353eb46ac4b7f800a8f4bb87451f=13-19c83f7d698439b20074c1b2c8a05f89=13-1855c601bb04ee5430ebd69b2d1f7ae8=13-11b46a42825c4a3082ba3e51b84f8907=1
========= End of CMD: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 389.1 MB temporary data.


The system needed a reboot. 

==== End of Fixlog 22:39:26 ====
         

Okay, dann Kontrollscans mit MBAM und ESET bitte:

Downloade Dir bitte Malwarebytes Anti-Malware

• Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
• Starte Malwarebytes' Anti-Malware (MBAM).
• Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
• Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
• Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
• Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
• Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
• Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

ESET Online Scanner

• Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
• Lade und starte Eset Online Scanner
• Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
• Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
• Klicke auf Starten.
• Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
• Klicke am Ende des Suchlaufs auf Fertig stellen.
• Schließe das Fenster von ESET.
• Explorer öffnen.
• C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
• Logfile hier posten.
• Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
• Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Hi, leider funktioniert seit dem Malwarebytes Anti-Malware-Bedrohungssuchlauf-Schritt,
bei dem ich 4 "Dinger" in Quanantäne geschickt habe mein Internet nicht mehr.
"GelbesDreieck" Alle Netzwerkadapter sind deaktiviert. Möchten Sie diese aktivieren?
Was soll man in diesem Fall machen? Vielen lieben Dank für Eure Hilfe schon im vorraus!

Schöne Grüße.

Jürgen

OK. Hab jetzt den Malwarebytes-Bericht.

Code: Alles auswählenAufklappen

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 08.02.2015
Suchlauf-Zeit: 00:28:55
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.02.06.08
Rootkit Datenbank: v2015.02.03.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: jurge_000

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 384865
Verstrichene Zeit: 30 Min, 30 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 0
(Keine schädliche Elemente erkannt)

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
         

Hi, ESET online Scannere fukt leider nicht, weil ja am leidenden Rechner kein Internetz aktiv ist .
Schlaft gut. Vielen lieben Dank einstweilen.

Jürgen

Dann bitte auch das richtige Log posten und nicht eins ohne Funde.

Sorry, musste mich dringend um die Steuer kümmern.
Ich hoffe dies ist das richtige Log.
Schöne Grüße.

Jürgen

Code: Alles auswählenAufklappen

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 06.02.2015
Suchlauf-Zeit: 23:35:45
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.02.06.08
Rootkit Datenbank: v2015.02.03.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: jurge_000

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 385153
Verstrichene Zeit: 35 Min, 39 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 1
PUP.Optional.Linkury.A, HKU\S-1-5-21-3178874078-4208927294-2124628208-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SMARTBAR, In Quarantäne, [5ee2d645305a5bdb98d10b96996af40c], 

Registrierungswerte: 1
PUP.Optional.Linkury.A, HKU\S-1-5-21-3178874078-4208927294-2124628208-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SMARTBAR|Publisher, YahooCV, In Quarantäne, [5ee2d645305a5bdb98d10b96996af40c]

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 2
PUP.Optional.SnapDo.A, C:\Windows\Installer\746672a.msi, In Quarantäne, [6bd5ef2c553546f067e5367459a8b749], 
PUP.Optional.VeriStaff, C:\Windows\Installer\7466730.msi, In Quarantäne, [e759dc3f3b4fe74fc0cc58054bb56c94], 

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
         

Da wurde nur Werbekacke entfernt. Check mal die Proxysettings, dann ESET wiederholen.




Falsche Proxy Einstellungen entfernen

• Klicke im Start-Menü unter "Einstellungen" auf "Systemsteuerung" -> "Internetoptionen".
• Wähle die Karteikarte "Verbindungen->Lan-Einstellungen“ und überprüfe ob bei Proxyserver ein Häkchen steht,
  wenn ja -> Entfernen, dann -> OK (sofern nicht richtige Eintragung)

Hi, hier, bitteschön.

Code: Alles auswählenAufklappen

ATTFilter

ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=b03a7844b395a34eae047084f2290347
# engine=22407
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-02-11 12:38:33
# local_time=2015-02-11 01:38:33 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Kaspersky Anti-Virus'
# compatibility_mode=1293 16777213 100 100 272060 55093135 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 7006386 15022491 0 0
# scanned=225308
# found=76
# cleaned=0
# scan_time=7910
sh=28B1091D6D02EC40B4FA9D3B43E3274519500CC2 ft=1 fh=dc3dd842225a5598 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LPT\Smartbar.Resources.HistoryAndStatsWrapper.dll.vir"
sh=FFE23BDD6346E7C5D29C42177F20155CC9F46D54 ft=1 fh=7a155473475e5bcb vn="Variante von MSIL/Toolbar.Linkury.M.gen evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LPT\smia.exe.vir"
sh=FA6AF80E753D92E2CDEAB92813DEDBD8424A8E09 ft=1 fh=c3a50bcc4f306f01 vn="Variante von MSIL/Toolbar.Linkury.M.gen evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LPT\smia64.exe.vir"
sh=0A97E76D470BDF2FEC3210A9481458F73FA11FC5 ft=1 fh=0a1e00ceb507ee08 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LPT\sppsm.dll.vir"
sh=5203FC48184140370D77A233D2B87E38789D1FAE ft=1 fh=4a7e921095e7b713 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LPT\spusm.dll.vir"
sh=F942C2DDD83B52C19800599A1EDC41CF4DD4B85B ft=1 fh=08056106f4cd783d vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LPT\srbs.dll.vir"
sh=BDA09511E34B5B402029090624B8C16B2740EFBB ft=1 fh=4cddddbd6f60add9 vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LPT\srbu.dll.vir"
sh=FFB6DEEA914EDB830A2065A83CC43B06952DCDFB ft=1 fh=bbcfb579c6e9abfa vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LPT\srptc.dll.vir"
sh=B18AD571FCE903550FFBF758EAF2C042266690AD ft=1 fh=eef0b21cf141f89e vn="Variante von MSIL/Toolbar.Linkury.M.gen evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LPT\srut.dll.vir"
sh=1FC6D13E860C374F82E7ED794D90F2FFF76BF452 ft=1 fh=6c14e3e167a49ab7 vn="Variante von Win32/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LPT\Resources\ntdis_32.dll.vir"
sh=A41A407346118B661CEC513AD36A4482033251C6 ft=1 fh=13b93acb53fc915a vn="Variante von Win64/Toolbar.Linkury.A.gen evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LPT\Resources\ntdis_64.dll.vir"
sh=28B1091D6D02EC40B4FA9D3B43E3274519500CC2 ft=1 fh=dc3dd842225a5598 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\LPT\Smartbar.Resources.HistoryAndStatsWrapper.dll.vir"
sh=FFE23BDD6346E7C5D29C42177F20155CC9F46D54 ft=1 fh=7a155473475e5bcb vn="Variante von MSIL/Toolbar.Linkury.M.gen evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\LPT\smia.exe.vir"
sh=FA6AF80E753D92E2CDEAB92813DEDBD8424A8E09 ft=1 fh=c3a50bcc4f306f01 vn="Variante von MSIL/Toolbar.Linkury.M.gen evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\LPT\smia64.exe.vir"
sh=0A97E76D470BDF2FEC3210A9481458F73FA11FC5 ft=1 fh=0a1e00ceb507ee08 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\LPT\sppsm.dll.vir"
sh=5203FC48184140370D77A233D2B87E38789D1FAE ft=1 fh=4a7e921095e7b713 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\LPT\spusm.dll.vir"
sh=F942C2DDD83B52C19800599A1EDC41CF4DD4B85B ft=1 fh=08056106f4cd783d vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\LPT\srbs.dll.vir"
sh=BDA09511E34B5B402029090624B8C16B2740EFBB ft=1 fh=4cddddbd6f60add9 vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\LPT\srbu.dll.vir"
sh=FFB6DEEA914EDB830A2065A83CC43B06952DCDFB ft=1 fh=bbcfb579c6e9abfa vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\LPT\srptc.dll.vir"
sh=B18AD571FCE903550FFBF758EAF2C042266690AD ft=1 fh=eef0b21cf141f89e vn="Variante von MSIL/Toolbar.Linkury.M.gen evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\LPT\srut.dll.vir"
sh=1FC6D13E860C374F82E7ED794D90F2FFF76BF452 ft=1 fh=6c14e3e167a49ab7 vn="Variante von Win32/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\LPT\Resources\ntdis_32.dll.vir"
sh=A41A407346118B661CEC513AD36A4482033251C6 ft=1 fh=13b93acb53fc915a vn="Variante von Win64/Toolbar.Linkury.A.gen evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\LPT\Resources\ntdis_64.dll.vir"
sh=35648CFDB3F4BAE6E276BDCB69A7A02D4DD50A14 ft=1 fh=c71c001115670a5f vn="Variante von MSIL/Toolbar.Linkury.M.gen evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\RGMService\MonetizationToolsManager.dll.vir"
sh=DEF493B414D196E9819ED83C771DCB9F292B3D20 ft=1 fh=6bafd9f7d982dd86 vn="Variante von MSIL/Toolbar.Linkury.O evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\RGMService\RBS\ResetBrowserSettings.exe.vir"
sh=CF5AA05A6E333AA9885344A74206B0A4E75759EB ft=1 fh=7082011e713b1fc7 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\Smartbar\Application\Lrcnta.exe.vir"
sh=8DB951F086E31E6D73AE7F3A7016C48E549B0523 ft=1 fh=983755a175bf1f76 vn="Variante von MSIL/Toolbar.Linkury.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\Smartbar\Application\Smartbar.exe.vir"
sh=4C685D9DCC2D144D70ED50B918660F8C86A71BAF ft=1 fh=c4739051513afd1d vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll.vir"
sh=24B15C15E9C1B13854A6C30CB9DE35B422AE6A4B ft=1 fh=11858545bf819d27 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.ChromeLocalPlugin.dll.vir"
sh=5B47B8E46C04FA3CE610CD1C583F2A77C8768BED ft=1 fh=b022a1896b0948ba vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.FireFoxLocalPlugin.dll.vir"
sh=64E541FF22567CC88631E1B5B21DCE0A68A01436 ft=1 fh=2295c923ac6e9738 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll.vir"
sh=28B1091D6D02EC40B4FA9D3B43E3274519500CC2 ft=1 fh=dc3dd842225a5598 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll.vir"
sh=78D9E0411C1526954C2CBE6323DEEB2785DDEE4A ft=1 fh=fdb7dcf1b7f59c67 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll.vir"
sh=78D9E0411C1526954C2CBE6323DEEB2785DDEE4A ft=1 fh=fdb7dcf1b7f59c67 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO2.dll.vir"
sh=1FF9AF16D449C2BFB1EF1E7FA06BCDAA583F30A3 ft=1 fh=149a39831ca470ca vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll.vir"
sh=1FF9AF16D449C2BFB1EF1E7FA06BCDAA583F30A3 ft=1 fh=149a39831ca470ca vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension2.dll.vir"
sh=FA6AF80E753D92E2CDEAB92813DEDBD8424A8E09 ft=1 fh=c3a50bcc4f306f01 vn="Variante von MSIL/Toolbar.Linkury.M.gen evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\Smartbar\Application\smia64.exe.vir"
sh=618D7CCD8FC26B9DD182002D94FDE0EC2412A339 ft=1 fh=6cae1c096c687eea vn="Variante von MSIL/Toolbar.Linkury.M.gen evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\Smartbar\Application\smsp.dll.vir"
sh=7AB836645400B6C93597C98F01344925B26ECB34 ft=1 fh=ccaa2072c2336201 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\Smartbar\Application\smta.dll.vir"
sh=EB25F2FC448AACEAA3E5CB017E712369E42C9747 ft=1 fh=6f92e9d9af0788c8 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\Smartbar\Application\smtu.dll.vir"
sh=202B30E1DE95B9E2326E84C56125C4332788EDA8 ft=1 fh=85a07bdf5b422be2 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\Smartbar\Application\spbe.dll.vir"
sh=911497C3842999564F201A892883380B0DDC0F6D ft=1 fh=6071f30fc8aea719 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\Smartbar\Application\spbl.dll.vir"
sh=0A97E76D470BDF2FEC3210A9481458F73FA11FC5 ft=1 fh=0a1e00ceb507ee08 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\Smartbar\Application\sppsm.dll.vir"
sh=5203FC48184140370D77A233D2B87E38789D1FAE ft=1 fh=4a7e921095e7b713 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\Smartbar\Application\spusm.dll.vir"
sh=F942C2DDD83B52C19800599A1EDC41CF4DD4B85B ft=1 fh=08056106f4cd783d vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\Smartbar\Application\srbs.dll.vir"
sh=BDA09511E34B5B402029090624B8C16B2740EFBB ft=1 fh=4cddddbd6f60add9 vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\Smartbar\Application\srbu.dll.vir"
sh=F3EB186AE221978925BDF95B9EBD7110B7B29361 ft=1 fh=5ffd94704bbd93ac vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\Smartbar\Application\srpu.dll.vir"
sh=B18AD571FCE903550FFBF758EAF2C042266690AD ft=1 fh=eef0b21cf141f89e vn="Variante von MSIL/Toolbar.Linkury.M.gen evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\Smartbar\Application\srut.dll.vir"
sh=C017F422723F95B2F7A57B0EAED2615F60C0A233 ft=1 fh=0d7aa04b8ca04d08 vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\GoogleChromeRemotePlugin.dll.vir"
sh=00E358003E82516A33E3D834CDA66362E1CE113D ft=1 fh=bed6c6187d6e6527 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_26.dll.vir"
sh=3A3E33010480F28C82F13F9B82A8A8250A4E24C9 ft=1 fh=dac6c464e5f8caf3 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_27.dll.vir"
sh=E924ACC7D0ADA5E9DCD9BF470F43C111DA7DCAC0 ft=1 fh=f7ce5c0d4777c675 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_28.dll.vir"
sh=3104A4AF7EE939C3A72311EEFC655D9E90C84E6D ft=1 fh=20179e17001b2b68 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_29.dll.vir"
sh=4BEC847ED8A9161B730C7FC3CE8BF88B459AFC26 ft=1 fh=64a2134b5fbfb573 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_30.dll.vir"
sh=188BCFB0653F0BBCE88A1E22BC3CC8FD0C433134 ft=1 fh=96d9225e06f9ddbf vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\jurge_000\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_31.dll.vir"
sh=30457F7CFBCDA8749B9CD92F573741C817F1503F ft=1 fh=28278fd3183d6da2 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\jurge_000\AppData\Local\Temp\DMR\dmr_72.exe"
sh=DEDA45C63E1185FA1592665EB9D5965BE5749E00 ft=1 fh=4bfbfda47151cc12 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="F:\Internetzprogramme\Audacity - CHIP-Installer.exe"
sh=7196657FB634AE0DC1E74F63BFF7084AAE65BD86 ft=1 fh=c975c3b39b62b337 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="F:\Internetzprogramme\Audiograbber - CHIP-Installer.exe"
sh=28991B8026FBF8404B46DC0FB0585F654D61009C ft=1 fh=c74cf65e17d5d4b4 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="F:\Internetzprogramme\BestPractice - CHIP-Installer.exe"
sh=56E5C4295F4F639243F6086ED2DB584B7E4D5A56 ft=1 fh=e905bfd3951424d5 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="F:\Internetzprogramme\Calibre 32 Bit - CHIP-Installer.exe"
sh=2300ED701C93D7BDEB274F1E47A334B24E238A1E ft=1 fh=b81dc851f8eec9d0 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="F:\Internetzprogramme\Classic Shell - CHIP-Installer.exe"
sh=AC942B0A61EACA353897F166F618F9C5441AB92E ft=1 fh=062f43bd9151abbd vn="Variante von Win32/WinloadSDA.I evtl. unerwünschte Anwendung" ac=I fn="F:\Internetzprogramme\DLL-Scan-lnstall.exe"
sh=560CAE6057E9408879E60DAA3D1B77795BA5BBDE ft=1 fh=1e42801ea709b553 vn="Variante von Win32/DownloadGuide.A evtl. unerwünschte Anwendung" ac=I fn="F:\Internetzprogramme\download_audiograbber.exe"
sh=88A1B3AFC247CF6D677F3E3B7B1D14E95D3014FA ft=1 fh=e67153d6eb8236a0 vn="Variante von Win32/Toolbar.Widgi.B evtl. unerwünschte Anwendung" ac=I fn="F:\Internetzprogramme\freerip_28679.exe"
sh=4E16F7E771678A8961EB5F35AB9B2FE87A32ED05 ft=1 fh=a89b724694bc1742 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="F:\Internetzprogramme\Guitar Pro - CHIP-Installer.exe"
sh=564857EDB83A2563C4F2FE8A1B4E3A12554CB0AC ft=1 fh=2be3d3591cf15d4a vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="F:\Internetzprogramme\Pokki - CHIP-Installer.exe"
sh=B74703565BBB7BB15A2453EC3CE627F7BE47BF26 ft=1 fh=848c040bfa9f2d3f vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="F:\Internetzprogramme\Power Tab Editor - CHIP-Installer.exe"
sh=AEA24587313A0D357078A505F8D645A665C2CF70 ft=1 fh=79689d6713b702e8 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="F:\Internetzprogramme\ProgDVB 32 Bit - CHIP-Installer.exe"
sh=C7ADEB1FC76EFFE0A13B7E26A73D724593DF331F ft=1 fh=d2bdee2b383f015e vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="F:\Internetzprogramme\Rainlendar Lite 32 Bit - CHIP-Installer.exe"
sh=1BADDE6C3DDC4489AD71C2243FAFC25339F43CB9 ft=1 fh=90d54effddae10df vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="F:\Internetzprogramme\Revo Uninstaller - CHIP-Installer.exe"
sh=E43CCAB381745545028EF3B372CDA8216BCAE71D ft=1 fh=de54c13196eabda7 vn="Variante von Win32/InstallCore.UF evtl. unerwünschte Anwendung" ac=I fn="F:\Internetzprogramme\setup_CB-DL-Manager.exe"
sh=24760C86F95B9761CB459A7740C4BC4EDCC2F575 ft=1 fh=65ac3099ea6f49a1 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="F:\Internetzprogramme\SketchUp Make 2014 - CHIP-Installer.exe"
sh=3A9AC064905B6EB0F85517E10377A06522014AD3 ft=1 fh=8aeae87312c18e47 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="F:\Internetzprogramme\Stickies - CHIP-Installer.exe"
sh=3EFD5813E3B932C0534BD66CAADA50A747196116 ft=1 fh=168194423fb4f146 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="F:\Internetzprogramme\TinyPic - CHIP-Installer.exe"
sh=C5FDE1295804B47CC17E5214D683C2F7C6988EC9 ft=1 fh=f32f6f2e6997b83e vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="F:\Internetzprogramme\UnderCoverXP - CHIP-Installer.exe"
sh=9FEDDA5E2FBD7A1C43BA2D924AB1475AE96690C3 ft=1 fh=3daaad025b8f03d2 vn="NSIS/StartPage.CC Trojaner" ac=I fn="F:\Internetzprogramme\vlc-2.1.5-win32.exe"
sh=D866D5178F53F81B17F8296ABB1B9AE3E9409B9A ft=1 fh=026e6c489309c3a3 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="F:\Internetzprogramme\Windows 7 USB DVD Download Tool - CHIP-Installer.exe"
         

FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code: Alles auswählenAufklappen

ATTFilter

C:\Windows.old\Users\jurge_000\AppData\Local\Temp
F:\Internetzprogramme\Audacity - CHIP-Installer.exe
F:\Internetzprogramme\Audiograbber - CHIP-Installer.exe
F:\Internetzprogramme\BestPractice - CHIP-Installer.exe
F:\Internetzprogramme\Calibre 32 Bit - CHIP-Installer.exe
F:\Internetzprogramme\Classic Shell - CHIP-Installer.exe
F:\Internetzprogramme\DLL-Scan-lnstall.exe
F:\Internetzprogramme\download_audiograbber.exe
F:\Internetzprogramme\freerip_28679.exe
F:\Internetzprogramme\Guitar Pro - CHIP-Installer.exe
F:\Internetzprogramme\Pokki - CHIP-Installer.exe
F:\Internetzprogramme\Power Tab Editor - CHIP-Installer.exe
F:\Internetzprogramme\ProgDVB 32 Bit - CHIP-Installer.exe
F:\Internetzprogramme\Rainlendar Lite 32 Bit - CHIP-Installer.exe
F:\Internetzprogramme\Revo Uninstaller - CHIP-Installer.exe
F:\Internetzprogramme\setup_CB-DL-Manager.exe
F:\Internetzprogramme\SketchUp Make 2014 - CHIP-Installer.exe
F:\Internetzprogramme\Stickies - CHIP-Installer.exe
F:\Internetzprogramme\TinyPic - CHIP-Installer.exe
F:\Internetzprogramme\UnderCoverXP - CHIP-Installer.exe
F:\Internetzprogramme\vlc-2.1.5-win32.exe
F:\Internetzprogramme\Windows 7 USB DVD Download Tool - CHIP-Installer.exe
EmptyTemp:
Hosts:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

• Starte nun FRST erneut und klicke den Entfernen Button.
• Das Tool erstellt eine Fixlog.txt.
• Poste mir deren Inhalt.

Code: Alles auswählenAufklappen

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-02-2015 02
Ran by jurge_000 at 2015-02-12 00:10:07 Run:4
Running from C:\Users\jurge_000\Desktop\Putze
Loaded Profiles: jurge_000 (Available profiles: jurge_000 & Administrator)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Windows.old\Users\jurge_000\AppData\Local\Temp
F:\Internetzprogramme\Audacity - CHIP-Installer.exe
F:\Internetzprogramme\Audiograbber - CHIP-Installer.exe
F:\Internetzprogramme\BestPractice - CHIP-Installer.exe
F:\Internetzprogramme\Calibre 32 Bit - CHIP-Installer.exe
F:\Internetzprogramme\Classic Shell - CHIP-Installer.exe
F:\Internetzprogramme\DLL-Scan-lnstall.exe
F:\Internetzprogramme\download_audiograbber.exe
F:\Internetzprogramme\freerip_28679.exe
F:\Internetzprogramme\Guitar Pro - CHIP-Installer.exe
F:\Internetzprogramme\Pokki - CHIP-Installer.exe
F:\Internetzprogramme\Power Tab Editor - CHIP-Installer.exe
F:\Internetzprogramme\ProgDVB 32 Bit - CHIP-Installer.exe
F:\Internetzprogramme\Rainlendar Lite 32 Bit - CHIP-Installer.exe
F:\Internetzprogramme\Revo Uninstaller - CHIP-Installer.exe
F:\Internetzprogramme\setup_CB-DL-Manager.exe
F:\Internetzprogramme\SketchUp Make 2014 - CHIP-Installer.exe
F:\Internetzprogramme\Stickies - CHIP-Installer.exe
F:\Internetzprogramme\TinyPic - CHIP-Installer.exe
F:\Internetzprogramme\UnderCoverXP - CHIP-Installer.exe
F:\Internetzprogramme\vlc-2.1.5-win32.exe
F:\Internetzprogramme\Windows 7 USB DVD Download Tool - CHIP-Installer.exe
EmptyTemp:
Hosts:
*****************

C:\Windows.old\Users\jurge_000\AppData\Local\Temp => Moved successfully.
F:\Internetzprogramme\Audacity - CHIP-Installer.exe => Moved successfully.
F:\Internetzprogramme\Audiograbber - CHIP-Installer.exe => Moved successfully.
F:\Internetzprogramme\BestPractice - CHIP-Installer.exe => Moved successfully.
F:\Internetzprogramme\Calibre 32 Bit - CHIP-Installer.exe => Moved successfully.
F:\Internetzprogramme\Classic Shell - CHIP-Installer.exe => Moved successfully.
F:\Internetzprogramme\DLL-Scan-lnstall.exe => Moved successfully.
F:\Internetzprogramme\download_audiograbber.exe => Moved successfully.
F:\Internetzprogramme\freerip_28679.exe => Moved successfully.
F:\Internetzprogramme\Guitar Pro - CHIP-Installer.exe => Moved successfully.
F:\Internetzprogramme\Pokki - CHIP-Installer.exe => Moved successfully.
F:\Internetzprogramme\Power Tab Editor - CHIP-Installer.exe => Moved successfully.
F:\Internetzprogramme\ProgDVB 32 Bit - CHIP-Installer.exe => Moved successfully.
F:\Internetzprogramme\Rainlendar Lite 32 Bit - CHIP-Installer.exe => Moved successfully.
F:\Internetzprogramme\Revo Uninstaller - CHIP-Installer.exe => Moved successfully.
F:\Internetzprogramme\setup_CB-DL-Manager.exe => Moved successfully.
F:\Internetzprogramme\SketchUp Make 2014 - CHIP-Installer.exe => Moved successfully.
F:\Internetzprogramme\Stickies - CHIP-Installer.exe => Moved successfully.
F:\Internetzprogramme\TinyPic - CHIP-Installer.exe => Moved successfully.
F:\Internetzprogramme\UnderCoverXP - CHIP-Installer.exe => Moved successfully.
F:\Internetzprogramme\vlc-2.1.5-win32.exe => Moved successfully.
F:\Internetzprogramme\Windows 7 USB DVD Download Tool - CHIP-Installer.exe => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 384.1 MB temporary data.


The system needed a reboot. 

==== End of Fixlog 00:10:29 ====
         

Sieht soweit ok aus

Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) empfehle ich die Erweiterung Ghostery, diese verhindert weitgehend Usertracking bzw. das Anzeigen von Werbebannern.

Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?

Hi Cosinus.
Ja, scheint keine Probleme mehr zu geben. Vielen lieben Dank!
Wie kann ich mich erkenntlich zeigen?

Schöne Grüße

Jürgen