Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Neuer Laptop und unmengen an Popups! Surfen fast nicht mehr möglich!

Neuer Laptop und unmengen an Popups! Surfen fast nicht mehr möglich!


Plagegeister aller Art und deren Bekämpfung: Neuer Laptop und unmengen an Popups! Surfen fast nicht mehr möglich!

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 19.05.2015, 11:16   #8
MartiMcFly
 
Neuer Laptop und unmengen an Popups! Surfen fast nicht mehr möglich! - Standard

Teil 6


Code:
ATTFilter
2015-04-27 18:02 - 2015-04-27 23:23 - 00000000 ____D () C:\Users\Martin\Documents\StarCraft II
2015-04-27 18:01 - 2015-04-27 21:18 - 00000000 ____D () C:\Program Files (x86)\StarCraft II
2015-04-27 17:58 - 2015-05-01 15:49 - 00000000 ____D () C:\Users\Martin\AppData\Local\Battle.net
2015-04-27 17:58 - 2015-04-27 20:43 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Battle.net
2015-04-27 17:58 - 2015-04-27 18:02 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2015-04-27 17:58 - 2015-04-27 17:58 - 00000000 ____D () C:\Users\Martin\AppData\Local\Blizzard Entertainment
2015-04-27 17:58 - 2015-04-27 17:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2015-04-27 17:58 - 2015-04-27 17:58 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-04-27 17:56 - 2015-04-27 21:47 - 00000000 ____D () C:\Users\Martin\Desktop\StarCraft
2015-04-27 17:56 - 2015-04-27 17:56 - 00000000 ____D () C:\ProgramData\Battle.net
2015-04-27 17:37 - 2015-04-27 17:37 - 00000000 __SHD () C:\Users\Martin\AppData\Local\EmieBrowserModeList

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-19 11:27 - 2015-02-22 10:27 - 00000322 _____ () C:\Windows\Tasks\Taplika.job
2015-05-19 11:18 - 2015-02-22 10:27 - 00000000 ____D () C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce
2015-05-19 11:18 - 2015-02-21 14:47 - 01893573 _____ () C:\Windows\WindowsUpdate.log
2015-05-19 11:03 - 2015-02-21 15:03 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2997078297-680790206-3901310365-1001
2015-05-19 11:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2015-05-19 10:59 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-05-19 10:50 - 2015-02-21 14:59 - 00000000 ____D () C:\Users\Martin\Documents\Youcam
2015-05-19 10:49 - 2015-02-22 11:27 - 00000121 _____ () C:\Users\Martin\AppData\Roaming\WB.CFG
2015-05-19 10:49 - 2015-02-21 19:23 - 00000000 ___RD () C:\Users\Martin\Dropbox
2015-05-19 10:49 - 2015-02-21 19:21 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Dropbox
2015-05-19 10:48 - 2015-02-21 15:02 - 00000000 ____D () C:\Users\Martin\OneDrive
2015-05-19 10:48 - 2014-10-31 12:03 - 00022234 _____ () C:\Windows\SysWOW64\Gms.log
2015-05-18 21:26 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-05-18 13:28 - 2014-10-31 10:37 - 00801992 _____ () C:\Windows\system32\perfh007.dat
2015-05-18 13:28 - 2014-10-31 10:37 - 00174994 _____ () C:\Windows\system32\perfc007.dat
2015-05-18 13:28 - 2014-03-18 11:53 - 01924576 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-18 13:22 - 2013-08-22 17:37 - 00006055 _____ () C:\Windows\DtcInstall.log
2015-05-18 13:21 - 2014-10-31 12:21 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-05-18 13:21 - 2013-08-22 16:46 - 00027505 _____ () C:\Windows\setupact.log
2015-05-18 13:21 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-18 13:20 - 2014-03-18 11:44 - 00009266 _____ () C:\Windows\PFRO.log
2015-05-18 13:18 - 2013-08-22 15:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2015-05-18 13:13 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2015-05-18 13:13 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-18 13:13 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-18 13:13 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-18 13:13 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-18 13:13 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-18 13:13 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-18 13:13 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-18 13:13 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-18 13:13 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-18 13:13 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\MediaViewer
2015-05-18 13:13 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\FileManager
2015-05-18 13:13 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Camera
2015-05-18 13:12 - 2014-03-18 11:38 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-18 13:12 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2015-05-18 13:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore
2015-05-18 13:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\sppui
2015-05-18 13:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
2015-05-18 13:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2015-05-18 13:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\inetsrv
2015-05-18 13:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\en-GB
2015-05-18 13:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\Com
2015-05-18 13:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns
2015-05-18 13:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sppui
2015-05-18 13:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\setup
2015-05-18 13:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\inetsrv
2015-05-18 13:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\en-GB
2015-05-18 13:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\Com
2015-05-18 13:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\IME
2015-05-18 13:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2015-05-18 13:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-05-18 13:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
2015-05-18 13:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-05-18 13:12 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2015-05-18 13:12 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-05-18 13:12 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2015-05-18 13:12 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\oobe
2015-05-18 13:12 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\servicing
2015-05-18 13:11 - 2013-08-22 17:36 - 00000000 ___SD () C:\Windows\system32\dsc
2015-05-18 13:11 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform
2015-05-18 13:11 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\migwiz
2015-05-18 13:11 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2015-05-18 13:11 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-05-18 13:11 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform
2015-05-18 13:11 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Dism
2015-05-18 13:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\WindowsPowerShell
2015-05-18 13:05 - 2013-08-22 17:36 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2015-05-18 13:05 - 2013-08-22 17:36 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2015-05-18 12:47 - 2015-03-06 21:36 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-05-18 12:47 - 2015-03-06 21:36 - 00000000 ____D () C:\Windows\system32\appraiser
2015-05-18 12:35 - 2015-02-22 10:27 - 00000000 ____D () C:\Users\Martin\AppData\Local\Google
2015-05-18 12:15 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-05-18 12:13 - 2015-02-24 22:58 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-05-18 12:11 - 2015-02-21 19:23 - 00001083 _____ () C:\Users\Martin\Desktop\Dropbox.lnk
2015-05-18 12:11 - 2015-02-21 19:22 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-05-18 12:11 - 2015-02-21 15:06 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{20F81F6E-3F94-4A70-9B33-979B9878D40E}

==================== Files in the root of some directories =======

2015-02-22 11:27 - 2015-05-19 10:49 - 0000121 _____ () C:\Users\Martin\AppData\Roaming\WB.CFG
2015-02-24 22:52 - 2015-02-24 22:52 - 0274045 _____ () C:\Users\Martin\AppData\Local\dsi1.dat
2015-02-24 22:52 - 2015-02-24 22:52 - 0161916 _____ () C:\Users\Martin\AppData\Local\dsi2.dat
2015-02-21 18:45 - 2015-02-21 18:45 - 0000017 _____ () C:\Users\Martin\AppData\Local\resmon.resmoncfg

Some content of TEMP:
====================
C:\Users\Martin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphj3yy1.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-04-03 00:59

==================== End Of Log ============================
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-05-2015 02
Ran by Martin at 2015-05-19 11:45:25
Running from C:\Users\Martin\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2997078297-680790206-3901310365-500 - Administrator - Disabled)
Gast (S-1-5-21-2997078297-680790206-3901310365-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2997078297-680790206-3901310365-1003 - Limited - Enabled)
Martin (S-1-5-21-2997078297-680790206-3901310365-1001 - Administrator - Enabled) => C:\Users\Martin

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
AquaSnap 1.12.3 (HKLM-x32\...\{E0527016-B2F4-4EEB-97F6-A2B8C46196CA}) (Version: 1.12.3 - hxxp://www.nurgo-software.com?utm_source=AquaSnap&utm_medium=application&utm_campaign=continuous)
avast! SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.139.2 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bejeweled 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version:  - Broadcom Corporation)
Broadcom Bluetooth Drivers (HKLM\...\{0A1B4690-E176-4533-8058-939480AEE1D0}) (Version: 12.0.0.9810 - Broadcom Corporation)
Build-a-lot (x32 Version: 3.0.2.59 - WildTangent) Hidden
Building the Great Wall of China Collector's Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden
Buzzdock (HKLM-x32\...\{cfd32d46-7d3f-483f-bace-7172aec5592d}) (Version:  - Alactro LLC) <==== ATTENTION
Crazy Chicken Soccer (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.8.4420 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.3.5715 - CyberLink Corp.)
Cyberlink PhotoDirector (Version: 5.0.3.5715 - Ihr Firmenname) Hidden
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5.4505 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.8.4316 - CyberLink Corp.)
CyberLink PowerBackup 2.6 (HKLM-x32\...\InstallShield_{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.6.1.0903 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2.3324 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.2.3324 - Ihr Firmenname) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.5.4523 - CyberLink Corp.)
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dropbox (HKU\S-1-5-21-2997078297-680790206-3901310365-1001\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Evernote v. 5.5.3 (HKLM-x32\...\{B1A0F908-1448-11E4-8684-00163E98E7D0}) (Version: 5.5.3.4236 - Evernote Corp.)
Farm Frenzy (x32 Version: 3.0.2.59 - WildTangent) Hidden
Foxit PhantomPDF (HKLM-x32\...\{89BF1D4D-1D62-451E-9496-B971BDE82720}) (Version: 6.0.33.715 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.152 - Google Inc.)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{13133E99-B0D5-4143-B832-AAD55C62A41C}) (Version: 6.0.19.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF}) (Version: 2.20.41 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{6AAEDF97-4B93-4169-8FCA-FCB0378CED52}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{1E7F409E-E35A-4DF8-BF5C-FE34B74B640E}) (Version: 7.6.31.30 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{C39A7F0F-89A6-44BB-B1BF-5F96569B5345}) (Version: 1.2.9 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Inst5675 (Version: 8.01.11 - Softex Inc.) Hidden
Inst5676 (Version: 8.01.11 - Softex Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.28.1006 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.2.0.1016 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{84A2B59B-6A7B-4C01-8592-15C9BFE6AC36}) (Version: 2.4.3 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.21 - Intel(R) Corporation) Hidden
Jewel Match 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
McAfee LiveSafe - Internet Security (HKLM-x32\...\MSC) (Version: 13.6.1599 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.51 - WildTangent) Hidden
Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.55 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.32.508.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7358 - Realtek Semiconductor Corp.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Strong Signal (HKLM-x32\...\Strong Signal) (Version: 2.0.5530.28005 - Strong Signal) <==== ATTENTION!
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.7.16 - Synaptics Incorporated)
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Unity Web Player (HKU\S-1-5-21-2997078297-680790206-3901310365-1001\...\UnityWebPlayer) (Version: 5.0.2f1 - Unity Technologies ApS)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - Blizzard Entertainment)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App für HP (x32 Version: 4.0.11.14 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WSE_Taplika (HKLM-x32\...\WSE_Taplika) (Version:  - WSE_Taplika) <==== ATTENTION!
Youda Jewel Shop (x32 Version: 3.0.2.51 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2997078297-680790206-3901310365-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2997078297-680790206-3901310365-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2997078297-680790206-3901310365-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2997078297-680790206-3901310365-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2997078297-680790206-3901310365-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2997078297-680790206-3901310365-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2997078297-680790206-3901310365-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2997078297-680790206-3901310365-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2997078297-680790206-3901310365-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2997078297-680790206-3901310365-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points  =========================

06-03-2015 20:18:56 Windows Update
09-04-2015 12:12:34 Windows Update
18-05-2015 12:45:35 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {2BAE86E7-1AB0-41A2-8579-6DD20B1AC755} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-04-14] (Hewlett-Packard)
Task: {41D004A7-489A-45C1-B260-D9A2FC54BE0C} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-09-23] (CyberLink Corp.)
Task: {5366119B-BAC9-4094-ABD3-ABA52E25C189} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2014-10-15] (AVAST Software)
Task: {65407C7F-B2CD-46C3-A479-30B2660164E3} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-04-09] ()
Task: {7871DC1F-6D24-4346-A716-9E3BE2B693FA} - System32\Tasks\Taplika => C:\Users\Martin\AppData\Roaming\Taplika\UpdateProc\UpdateTask.exe [2015-02-22] () <==== ATTENTION
Task: {88B89FEC-4829-4991-A33E-AF9A1DFDCD1D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-08-01] (Hewlett-Packard Company)
Task: {92708700-1E76-4C1C-AE70-686605F73827} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {95B829BE-5BDC-486E-82C0-A24A1ED901B7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-04-09] (Microsoft Corporation)
Task: {98F2F77F-1F3A-49E7-B33D-8C376C8E4254} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2014-05-19] (Hewlett-Packard Development Company, L.P.)
Task: {9B8A1A92-F160-4D47-B997-01C58A654A1C} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-04-09] ()
Task: {AAFC9F19-8DD1-4F64-BAC7-BA4A18A3E23B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSFUpdaterRedux => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {AC0C291E-6537-43E6-96D3-C7D82B4557FE} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2014-09-15] ()
Task: {C2E9EB09-2D68-4835-9F21-4C0B4024C761} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-18] (Google Inc.)
Task: {CEEEE191-5316-45AF-A367-20A02CC1331B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_backup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-04-14] (Hewlett-Packard)
Task: {D28C0DD8-836C-4AB0-AB08-06FC1D4C5772} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-18] (Google Inc.)
Task: {D55B8052-CE2B-43CF-BAD2-2E0D10059C2D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-08-01] (Hewlett-Packard Company)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Taplika.job => C:\Users\Martin\AppData\Roaming\Taplika\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

==================== Loaded Modules (Whitelisted) ==============

2014-03-28 14:31 - 2014-03-28 14:31 - 02110464 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-03-28 14:27 - 2014-03-28 14:27 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-03-28 14:27 - 2014-03-28 14:27 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2014-03-28 14:27 - 2014-03-28 14:27 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-03-28 14:48 - 2014-03-28 14:48 - 00367504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-03-28 14:48 - 2014-03-28 14:48 - 00712080 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2014-10-31 12:30 - 2014-04-14 19:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-10-31 12:08 - 2014-10-15 16:02 - 00435064 _____ () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
2015-03-16 11:39 - 2015-03-16 11:39 - 00612352 _____ () C:\Program Files (x86)\AquaSnap\AquaSnap.Hook.x64.dll
2014-03-28 14:36 - 2014-03-28 14:36 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2014-04-09 12:29 - 2014-04-09 12:29 - 00174368 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
2015-02-22 05:35 - 2015-05-19 11:18 - 00556304 _____ () C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugincontainer.exe
2015-05-18 14:45 - 2015-05-18 14:45 - 00454928 _____ () C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\6\plugin.exe
2015-05-19 11:19 - 2015-05-19 11:19 - 00480528 _____ () C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\3\plugin.exe
2015-05-19 11:19 - 2015-05-19 11:19 - 00422672 _____ () C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\4\plugin.exe
2015-05-19 11:19 - 2015-05-19 11:19 - 00663824 _____ () C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\5\plugin.exe
2015-05-19 11:19 - 2015-05-19 11:19 - 00639760 _____ () C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\8\plugin.exe
2015-05-19 11:19 - 2015-05-19 11:19 - 01274640 _____ () C:\ProgramData\0780f478-67ce-4ec3-98db-39a65f4618ce\plugins\2\plugin.exe
2015-02-22 05:33 - 2015-05-19 11:19 - 00478992 _____ () C:\Program Files (x86)\Common Files\0780f478-67ce-4ec3-98db-39a65f4618ce\updater.exe
2014-09-03 12:03 - 2014-09-03 12:03 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-03-16 11:39 - 2015-03-16 11:39 - 00488960 _____ () C:\Program Files (x86)\AquaSnap\AquaSnap.Hook.dll
2014-10-31 12:08 - 2014-10-15 16:02 - 38561576 _____ () C:\Program Files\AVAST Software\SecureLine\libcef.dll
2015-05-19 10:48 - 2015-05-19 10:48 - 00043008 _____ () c:\users\martin\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphj3yy1.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\Martin\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\Martin\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\Martin\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\Martin\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2014-04-09 12:30 - 2014-04-09 12:30 - 00041248 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32api.pyd
2014-04-09 12:29 - 2014-04-09 12:29 - 00059680 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\pywintypes27.dll
2014-04-09 12:29 - 2014-04-09 12:29 - 00119072 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\pythoncom27.dll
2014-04-09 12:29 - 2014-04-09 12:29 - 00562464 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\urlmon.dll
2014-04-09 12:29 - 2014-04-09 12:29 - 00401184 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iertutil.dll
2014-04-09 12:29 - 2014-04-09 12:29 - 00412448 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\WININET.dll
2014-04-09 12:30 - 2014-04-09 12:30 - 00020256 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_multiprocessing.pyd
2014-04-09 12:30 - 2014-04-09 12:30 - 00025376 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32service.pyd
2014-04-09 12:30 - 2014-04-09 12:30 - 00022816 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\servicemanager.pyd
2014-04-09 12:30 - 2014-04-09 12:30 - 00018208 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32event.pyd
2014-04-09 12:30 - 2014-04-09 12:30 - 00027424 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_socket.pyd
2014-04-09 12:30 - 2014-04-09 12:30 - 00277280 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_ssl.pyd
2014-04-09 12:30 - 2014-04-09 12:30 - 00113952 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_hashlib.pyd
2014-04-09 12:30 - 2014-04-09 12:30 - 00016672 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\select.pyd
2014-04-09 12:30 - 2014-04-09 12:30 - 00040736 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_ctypes.pyd
2014-04-09 12:30 - 2014-04-09 12:30 - 00023328 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32process.pyd
2014-04-09 12:30 - 2014-04-09 12:30 - 00020256 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32ts.pyd
2014-04-09 12:30 - 2014-04-09 12:30 - 00018720 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32profile.pyd
2014-04-09 12:30 - 2014-04-09 12:30 - 00042784 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32security.pyd
2014-04-09 12:30 - 2014-04-09 12:30 - 00336160 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_bsddb.pyd
2014-04-09 12:30 - 2014-04-09 12:30 - 00023328 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32evtlog.pyd
2014-04-09 12:30 - 2014-04-09 12:30 - 00024864 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32inet.pyd
2014-04-09 12:29 - 2014-04-09 12:29 - 00021280 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\EnvironmentID.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Martin\OneDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2997078297-680790206-3901310365-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Hewlett-Packard Backgrounds\backgroundDefault.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{23C66485-763A-438D-850D-8EFD0C1A176A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C88A1DC5-DA84-4214-8FF5-AB05A3DA2E6D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{45D6C2DE-01D1-416E-8E92-1FD9CFAA115E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{EF340041-9D0B-42C1-805A-6FC30E5C4D15}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B8D575B3-E5A8-40ED-AA39-A8B404FDA09B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{C4B20993-734C-442C-A13D-B7BCDA0241FC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{163DBC8B-E1A0-44DE-A6A2-5A427C4B8ED7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{96A98FC5-7FB8-4990-A66B-44ECDA3FC2E6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{356BB5A7-2FB0-4A20-9BB8-41B0040A5E9A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{E876BDD2-4C15-40DF-ACBD-FC4A81589DA9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{3AE4353E-C0B1-49FB-8239-894F1A7B4368}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{2796E601-1038-42C9-AA4F-3262642865E8}] => (Allow) C:\Program Files\CyberLink\PowerDirector12\PDR10.EXE
FirewallRules: [{1C579757-0F53-48F6-8B72-941C4C5DE5D9}] => (Allow) C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{A1A147DF-3F44-4D7A-AAAA-0FCF9FCBEA84}] => (Allow) C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{91659765-E8FE-4EE8-A9A4-8594EBF6A567}C:\users\martin\desktop\warcraft\warcraft iii\war3.exe] => (Block) C:\users\martin\desktop\warcraft\warcraft iii\war3.exe
FirewallRules: [UDP Query User{8FADB71C-CBFA-4FDE-B652-15EF711E7DF0}C:\users\martin\desktop\warcraft\warcraft iii\war3.exe] => (Block) C:\users\martin\desktop\warcraft\warcraft iii\war3.exe
FirewallRules: [{FDE8D626-6DCF-4E20-8670-160106FC7645}] => (Allow) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
FirewallRules: [{2B7B6614-5F40-4504-AB8E-C91E1B3DC060}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{E4489C34-B05B-4025-88CE-4CFD04986D6A}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{3D6788C7-F94F-44FB-A747-CFE0F14EA03E}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{F31C5BEF-BDA5-4503-B9B0-062742FA1968}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{99DE4F0F-7DFB-4B59-B1EB-7020D8A70BA0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/19/2015 11:16:50 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (05/19/2015 10:48:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HPWMISVC.exe, Version: 1.2.9.0, Zeitstempel: 0x5436443d
Name des fehlerhaften Moduls: fastprox.dll_unloaded, Version: 6.3.9600.17415, Zeitstempel: 0x54503be7
Ausnahmecode: 0xc00001a5
Fehleroffset: 0x000595ac
ID des fehlerhaften Prozesses: 0x1318
Startzeit der fehlerhaften Anwendung: 0xHPWMISVC.exe0
Pfad der fehlerhaften Anwendung: HPWMISVC.exe1
Pfad des fehlerhaften Moduls: HPWMISVC.exe2
Berichtskennung: HPWMISVC.exe3
Vollständiger Name des fehlerhaften Pakets: HPWMISVC.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: HPWMISVC.exe5

Error: (05/18/2015 09:11:09 PM) (Source: Python Service) (EventID: 255) (User: )
Description: Exception : (1056, 'StartService', 'Es wird bereits eine Instanz des Dienstes ausgef\xfchrt.')

Error: (05/18/2015 01:29:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6343

Error: (05/18/2015 01:29:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6343

Error: (05/18/2015 01:29:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/18/2015 01:26:42 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database

Error: (05/18/2015 00:39:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: OPBHOBroker.exe, Version: 8.0.1.11, Zeitstempel: 0x5335c281
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x26e8
Startzeit der fehlerhaften Anwendung: 0xOPBHOBroker.exe0
Pfad der fehlerhaften Anwendung: OPBHOBroker.exe1
Pfad des fehlerhaften Moduls: OPBHOBroker.exe2
Berichtskennung: OPBHOBroker.exe3
Vollständiger Name des fehlerhaften Pakets: OPBHOBroker.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: OPBHOBroker.exe5

Error: (05/18/2015 00:30:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 11.0.9600.17416, Zeitstempel: 0x5452fe91
Name des fehlerhaften Moduls: MSHTML.dll, Version: 11.0.9600.17690, Zeitstempel: 0x54e7db07
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000031da8a
ID des fehlerhaften Prozesses: 0xb2c
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3
Vollständiger Name des fehlerhaften Pakets: iexplore.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: iexplore.exe5

Error: (04/30/2015 10:50:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.3.9600.17667 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2198

Startzeit: 01d083784896da08

Endzeit: 0

Anwendungspfad: C:\Windows\Explorer.EXE

Berichts-ID: 4353bdc7-ef7a-11e4-8263-3863bbb073f9

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


System errors:
=============
Error: (05/18/2015 01:29:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "GamesAppIntegrationService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/18/2015 01:29:00 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.

Error: (05/18/2015 01:29:00 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst McNaiAnn erreicht.

Error: (05/18/2015 01:28:30 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst iphlpsvc erreicht.

Error: (05/18/2015 01:27:07 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (05/18/2015 01:25:53 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "McAfee Home Network" wurde nicht richtig gestartet.

Error: (05/18/2015 01:09:54 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246013 fehlgeschlagen: Update für Windows 8.1 für x64-Systeme (KB3024755)

Error: (05/18/2015 01:09:54 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246013 fehlgeschlagen: Update für Windows 8.1 für x64-Systeme (KB3025417)

Error: (05/18/2015 01:09:54 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246013 fehlgeschlagen: Update für Windows 8.1 für x64-Systeme (KB3012702)

Error: (05/18/2015 01:08:56 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246013 fehlgeschlagen: Update für Windows 8.1 für x64-Systeme (KB3012235)


Microsoft Office Sessions:
=========================
Error: (05/19/2015 11:16:50 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (05/19/2015 10:48:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: HPWMISVC.exe1.2.9.05436443dfastprox.dll_unloaded6.3.9600.1741554503be7c00001a5000595ac131801d0919e75654e1fC:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exefastprox.dlld993a070-fe03-11e4-8264-3863bbb073f9

Error: (05/18/2015 09:11:09 PM) (Source: Python Service) (EventID: 255) (User: )
Description: Exception : (1056, 'StartService', 'Es wird bereits eine Instanz des Dienstes ausgef\xfchrt.')

Error: (05/18/2015 01:29:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6343

Error: (05/18/2015 01:29:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6343

Error: (05/18/2015 01:29:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/18/2015 01:26:42 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: -2147024883

Error: (05/18/2015 00:39:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OPBHOBroker.exe8.0.1.115335c281unknown0.0.0.000000000c0000005000000000000000026e801d0915272820c38C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exeunknown38b9e4e1-fd4a-11e4-8263-3863bbb073f9

Error: (05/18/2015 00:30:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.174165452fe91MSHTML.dll11.0.9600.1769054e7db07c0000005000000000031da8ab2c01d0915417b77b71C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\SYSTEM32\MSHTML.dlle54f40c9-fd48-11e4-8263-3863bbb073f9

Error: (04/30/2015 10:50:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.3.9600.17667219801d083784896da080C:\Windows\Explorer.EXE4353bdc7-ef7a-11e4-8263-3863bbb073f9


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 55%
Total physical RAM: 4018.27 MB
Available physical RAM: 1768.43 MB
Total Pagefile: 4914.27 MB
Available Pagefile: 2792.54 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:906.77 GB) (Free:846.92 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:23.72 GB) (Free:2.66 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: DC13FC01)

Partition: GPT Partition Type.

==================== End Of Log ============================
Hallo Jürgen ich hoffe ich hab das so richtig gemacht.

 

Themen zu Neuer Laptop und unmengen an Popups! Surfen fast nicht mehr möglich!
funktionier, funktioniert, gen, helft, inter, interne, laptop, menge, monate, neue, neuen, neuer, nicht mehr, popup, popups, seite, seiten, surfe, surfen, unerwünschte, unerwünschte seiten, weitergeleitet, öffnen


« Strong Signal nicht zu Entfernen. | PC fährt von alleine hoch. Firewall schaltet sich automatisch ab »


Ähnliche Themen: Neuer Laptop und unmengen an Popups! Surfen fast nicht mehr möglich!


  1. neuer laptop läuft gar nix mehr! kein internet, keine anwendungen
    Plagegeister aller Art und deren Bekämpfung - 26.12.2015 (19)
  2. Mailware im Browser ,surfen fast unmöglich
    Log-Analyse und Auswertung - 03.08.2015 (15)
  3. Windows 8: neuer Laptop öffnet Unmengen an Werbung im Browser
    Log-Analyse und Auswertung - 07.04.2015 (11)
  4. Dauerhaftes Werbung öffnen macht Surfen fast unmöglich
    Plagegeister aller Art und deren Bekämpfung - 15.07.2014 (17)
  5. windows 7 - programme schließen nicht, surfen unmöglich wegen ständigen Popups und Weiterleitungen, lange Ladezeiten der Programme -Virus?
    Plagegeister aller Art und deren Bekämpfung - 22.12.2013 (9)
  6. Win 8, Entfernung von Popups,... und von DoSearches, nicht möglich!
    Plagegeister aller Art und deren Bekämpfung - 25.11.2013 (7)
  7. Auf dem Laptop keine Eingabe mehr möglich
    Plagegeister aller Art und deren Bekämpfung - 24.10.2013 (3)
  8. Massiver Virenbefall auf Laptop, Starten kaum mehr möglich
    Plagegeister aller Art und deren Bekämpfung - 22.09.2013 (3)
  9. Laptop bootet nach Trojaner Meldung (Avira) nicht mehr, Start von Win XP CD nicht möglich
    Plagegeister aller Art und deren Bekämpfung - 12.11.2012 (1)
  10. Scrollen nicht mehr möglich/Google Chrome Rechtsklick nicht mehr möglich
    Plagegeister aller Art und deren Bekämpfung - 03.04.2012 (13)
  11. Pc fast nicht mehr bedienbar, gpj.exe, Gqepia.exe
    Plagegeister aller Art und deren Bekämpfung - 27.04.2011 (6)
  12. Laptop auf einmal langsamer - Spiele nicht mehr möglich
    Log-Analyse und Auswertung - 23.08.2010 (0)
  13. Fast alle Dienste deaktiviert! keine Aktivierungen mehr möglich...
    Plagegeister aller Art und deren Bekämpfung - 23.04.2010 (0)
  14. Surfen nicht möglich
    Log-Analyse und Auswertung - 26.03.2010 (1)
  15. Neuer Laptop mit PopUps! Bitte HiJackThis Log auswerten! Danke!
    Mülltonne - 10.07.2006 (1)
  16. HJT Auswertung, kein Surfen mehr möglich
    Log-Analyse und Auswertung - 14.05.2006 (1)
  17. Lästige PopUps - Arbeiten im Inet nicht mehr möglich
    Log-Analyse und Auswertung - 09.05.2006 (4)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Neuer Laptop und unmengen an Popups! Surfen fast nicht mehr möglich! - Code: Alles auswählen Aufklappen ATTFilter 2015-04-27 18:02 - 2015-04-27 23:23 - 00000000 ____D () C:\Users\Martin\Documents\StarCraft II 2015-04-27 18:01 - 2015-04-27 21:18 - 00000000 ____D () C:\Program Files (x86)\StarCraft II 2015-04-27 - Neuer Laptop und unmengen an Popups! Surfen fast nicht mehr möglich!...
Archiv
Du betrachtest: Neuer Laptop und unmengen an Popups! Surfen fast nicht mehr möglich! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131