Windows 8 GVU Trojaber

DGutschalk · 17.06.2014, 12:56

Hallo,

Ein Bekannter hat mich gebeten mal zu schauen ob ich den GVU Trojaner von seinem Rechner schmeißen kann.
Da ich nicht von meinem USB Stick booten kann um Kaspersky mal drüberlaufen zu lassen, habe ich entsprechend einem anderen Thread (Den ich nicht verlinken kann) schonmal den FRST Scan gemacht.
System: Windows 8

FRST.txt

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-06-2014
Ran by SYSTEM on MININT-ESI1DTR on 17-06-2014 13:48:24
Running from D:\
Platform: Windows 8 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.



==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12497552 2012-05-27] (Realtek Semiconductor)
HKLM\...\Run: [UMonit] => C:\WINDOWS\SysWOW64\UMonit.exe [28672 2012-07-24] ()
HKLM-x32\...\Run: [jmekey] => C:\WINDOWS\jmesoft\hotkey.exe [118784 2011-06-07] (Lenovo)
HKLM-x32\...\Run: [jmesoft] => C:\Windows\jmesoft\ServiceLoader.exe [28672 2011-03-15] ()
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-01-27] (McAfee, Inc.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-04] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)
HKLM-x32\...\Run: [ModeSwitch] => C:\Program Files\Lenovo\Power Control Switch\LitModeSwitch.exe [751104 2012-03-31] (Lenovo)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-01-27] (McAfee, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-20] (Apple Inc.)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\CrashsmashLP\...\Run: [PCSpeedUp] => C:\Program Files (x86)\PC Speed Up\PCSUNotifier.exe [272176 2013-11-12] ()
HKU\CrashsmashLP\...\Run: [lollipop_03241333] => c:\users\crashsmashlp\appdata\local\lollipop\lollipop_03241333.exe [2952192 2014-03-24] ()
HKU\CrashsmashLP\...\Run: [Browser Infrastructure Helper] => C:\Users\CrashsmashLP\AppData\Local\Smartbar\Application\SnapDo.exe [27680 2014-03-20] (Smartbar)
Startup: C:\Users\CrashsmashLP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
ShortcutTarget: GamersFirst LIVE!.lnk ->  (No File)
Startup: C:\Users\CrashsmashLP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\jgvmqbe.lnk
ShortcutTarget: jgvmqbe.lnk -> C:\ProgramData\ebqmvgj.gsa (Haarlems Dagblad, Inc)
Startup: C:\Users\CrashsmashLP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
Startup: C:\Users\CrashsmashLP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PricePeepUpdater.lnk
ShortcutTarget: PricePeepUpdater.lnk -> C:\Program Files (x86)\PricePeep\PricePeepUpdater.exe (No File)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Services (Whitelisted) =================

S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36392 2014-02-18] (Just Develop It)
S2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-10] (Cherished Technololgy LIMITED)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
S2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-03-15] ()
S2 LenovoCOMSvc; C:\Program Files\Lenovo\Power Control Switch\LenovoCOMSvc.exe [37888 2011-11-04] (Lenovo)
S3 LitModeCtrl; C:\Program Files\Lenovo\Power Control Switch\LitModeCtrl.exe [141824 2012-04-06] (Lenovo)
S2 LPTSystemUpdater; C:\Program Files (x86)\LPT\srpts.exe [32288 2014-02-06] ()
S2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-01-27] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\mcafee\msc\McAWFwk.exe [332080 2012-01-26] (McAfee, Inc.)
S2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
S2 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-10] (McAfee, Inc.)
S2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025712 2014-01-20] (McAfee, Inc.)
S2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-01-26] (McAfee, Inc.)
S2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [185792 2014-01-26] (McAfee, Inc.)
S2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S2 PCSUService; C:\Program Files (x86)\PC Speed Up\PCSUService.exe [417072 2013-11-12] ()
S2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-02-26] ()
S2 Re-markit; C:\Program Files (x86)\Re-markit-soft\Re-markit155.exe [193536 2014-03-03] ()
S2 Update FindRight; C:\Program Files (x86)\FindRight\updateFindRight.exe [317728 2014-06-05] ()
S2 Util FindRight; C:\Program Files (x86)\FindRight\bin\utilFindRight.exe [317728 2014-06-05] ()
S2 WajamUpdaterV3; C:\Program Files (x86)\Wajam\Updater\WajamUpdaterV3.exe [114176 2014-01-06] (Wajam)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-24] (Microsoft Corporation)
S2 Winmgmt; C:\ProgramData\jgvmqbe.faa [332020 2014-03-31] (Microsoft Corporation)
S2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [501904 2014-03-03] (Cherished Technololgy LIMITED)
S2 be0fb33b; "C:\WINDOWS\system32\rundll32.exe" "c:\progra~2\suppor~1\SupporterSvc.dll",service

==================== Drivers (Whitelisted) ====================

S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-01-26] (McAfee, Inc.)
S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [60928 2012-07-05] (GenesysLogic)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
S2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [180272 2014-01-26] (McAfee, Inc.)
S2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311600 2014-01-26] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69352 2014-01-26] (McAfee, Inc.)
S3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [520696 2014-01-26] (McAfee, Inc.)
S2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [783864 2014-01-26] (McAfee, Inc.)
S3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [422712 2014-01-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-01-20] (McAfee, Inc.)
S2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344688 2014-01-26] (McAfee, Inc.)
S1 wStLib64; C:\Windows\System32\drivers\wStLib64.sys [61112 2014-03-18] (StdLib)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
S2 X5XSEx_Pr148; C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.Sys [56136 2012-08-02] (Exent Technologies Ltd.)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-25] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-17 13:43 - 2014-06-17 13:43 - 00000000 ____D () C:\FRST
2014-06-02 06:23 - 2014-06-17 03:39 - 00001426 _____ () C:\Users\CrashsmashLP\Desktop\Registry kostenlos entrümpeln!.lnk
2014-06-02 06:15 - 2014-06-02 06:15 - 00000000 _____ () C:\end

==================== One Month Modified Files and Folders =======

2014-06-17 13:43 - 2014-06-17 13:43 - 00000000 ____D () C:\FRST
2014-06-17 03:40 - 2014-03-03 10:41 - 00000418 _____ () C:\Windows\Tasks\Re-markit Update.job
2014-06-17 03:40 - 2014-03-03 10:40 - 00000416 _____ () C:\Windows\Tasks\Re-markit_wd.job
2014-06-17 03:40 - 2014-02-25 05:37 - 00000000 ____D () C:\Program Files (x86)\PC Speed Up
2014-06-17 03:40 - 2014-02-02 00:17 - 00000008 _____ () C:\Users\CrashsmashLP\Documents\lmscfg
2014-06-17 03:40 - 2014-02-02 00:16 - 00000212 _____ () C:\Users\CrashsmashLP\Documents\pms.xml
2014-06-17 03:40 - 2014-02-02 00:15 - 00000000 ____D () C:\Users\CrashsmashLP\AppData\Local\Temp
2014-06-17 03:39 - 2014-06-02 06:23 - 00001426 _____ () C:\Users\CrashsmashLP\Desktop\Registry kostenlos entrümpeln!.lnk
2014-06-17 03:39 - 2014-04-01 03:58 - 00001130 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-17 03:39 - 2014-03-25 07:45 - 00003262 _____ () C:\Windows\System32\Tasks\PC Health Kit Schedule
2014-06-17 03:39 - 2014-03-25 07:45 - 00001534 _____ () C:\Windows\Tasks\easy-deals2-updater.job
2014-06-17 03:39 - 2014-03-25 07:45 - 00001490 _____ () C:\Windows\Tasks\easy-deals2-codedownloader.job
2014-06-17 03:39 - 2014-03-25 07:45 - 00001368 _____ () C:\Windows\Tasks\easy-deals2-enabler.job
2014-06-17 03:39 - 2014-03-25 07:44 - 00003118 _____ () C:\Windows\Tasks\easy-deals2-chromeinstaller.job
2014-06-17 03:39 - 2014-03-03 10:43 - 00000298 _____ () C:\Windows\Tasks\SpeedUpMyPC Startup.job
2014-06-17 03:39 - 2014-03-03 10:42 - 00001566 _____ () C:\Windows\Tasks\Video-for-PC-1.2-updater.job
2014-06-17 03:39 - 2014-03-03 10:41 - 00003138 _____ () C:\Windows\Tasks\Video-for-PC-1.2-chromeinstaller.job
2014-06-17 03:39 - 2014-03-03 10:41 - 00002622 _____ () C:\Windows\Tasks\Video-for-PC-1.2-firefoxinstaller.job
2014-06-17 03:39 - 2014-03-03 10:41 - 00001522 _____ () C:\Windows\Tasks\Video-for-PC-1.2-codedownloader.job
2014-06-17 03:39 - 2014-03-03 10:41 - 00001420 _____ () C:\Windows\Tasks\Video-for-PC-1.2-enabler.job
2014-06-17 03:38 - 2012-07-25 23:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-17 03:27 - 2014-04-02 05:15 - 00003120 _____ () C:\Windows\System32\Tasks\Advanced System Protector_startup
2014-06-17 03:14 - 2014-03-01 08:32 - 00000324 _____ () C:\Windows\Tasks\MySearchDial.job
2014-06-17 03:10 - 2012-07-25 23:21 - 00026869 _____ () C:\Windows\setupact.log
2014-06-17 03:07 - 2014-02-03 07:24 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-505307628-1853979233-654877678-1001
2014-06-17 03:05 - 2014-04-23 08:10 - 00003108 _____ () C:\Windows\System32\Tasks\RegClean Pro
2014-06-17 03:05 - 2014-02-25 05:36 - 00003132 _____ () C:\Windows\System32\Tasks\System Speedup
2014-06-17 03:05 - 2014-02-25 05:36 - 00000000 ____D () C:\Users\CrashsmashLP\AppData\Roaming\System Speedup
2014-06-17 03:03 - 2014-04-01 03:58 - 00001134 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-17 00:48 - 2014-02-25 05:37 - 00000366 _____ () C:\Windows\Tasks\PC SpeedUp Service Deactivator.job
2014-06-17 00:20 - 2012-07-25 21:26 - 00262144 ___SH () C:\Windows\System32\config\ELAM
2014-06-17 00:18 - 2012-11-02 14:17 - 02026843 _____ () C:\Windows\WindowsUpdate.log
2014-06-17 00:04 - 2012-07-26 00:12 - 00000000 ____D () C:\Windows\System32\sru
2014-06-05 09:00 - 2014-03-03 10:43 - 00000304 _____ () C:\Windows\Tasks\SpeedUpMyPC Maintenance.job
2014-06-05 08:57 - 2014-02-25 05:46 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-05 08:42 - 2014-03-03 10:41 - 00000000 ____D () C:\Users\CrashsmashLP\AppData\Local\Lollipop
2014-06-05 08:42 - 2012-11-02 14:13 - 00001855 _____ () C:\Users\Public\Desktop\McAfee Internet Security.lnk
2014-06-05 08:38 - 2012-07-26 00:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-06-02 06:26 - 2014-02-25 05:37 - 00000000 ____D () C:\Users\CrashsmashLP\Documents\PCSpeedUp
2014-06-02 06:15 - 2014-06-02 06:15 - 00000000 _____ () C:\end
2014-06-02 06:06 - 2012-08-01 07:51 - 00017438 _____ () C:\Windows\PFRO.log
2014-06-02 06:00 - 2014-03-03 10:41 - 00000000 ____D () C:\ProgramData\IePluginService
2014-06-02 06:00 - 2014-03-03 10:41 - 00000000 ____D () C:\Program Files (x86)\SupTab

Some content of TEMP:
====================
C:\Users\CrashsmashLP\AppData\Local\Temp\airB377.exe
C:\Users\CrashsmashLP\AppData\Local\Temp\airB76A.exe
C:\Users\CrashsmashLP\AppData\Local\Temp\airE4AA.exe
C:\Users\CrashsmashLP\AppData\Local\Temp\airEA3E.exe
C:\Users\CrashsmashLP\AppData\Local\Temp\BackupSetup.exe
C:\Users\CrashsmashLP\AppData\Local\Temp\bdfilters.dll
C:\Users\CrashsmashLP\AppData\Local\Temp\IEHistory.exe
C:\Users\CrashsmashLP\AppData\Local\Temp\InstalledPrograms.exe
C:\Users\CrashsmashLP\AppData\Local\Temp\nse204.exe
C:\Users\CrashsmashLP\AppData\Local\Temp\nsf1DDB.exe
C:\Users\CrashsmashLP\AppData\Local\Temp\vcredist_x64.exe


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Restore Points  =========================

Restore point made on: 2014-04-01 05:08:23
Restore point made on: 2014-04-29 10:05:25

==================== Memory info =========================== 

Percentage of memory in use: 12%
Total physical RAM: 8152.33 MB
Available physical RAM: 7103.22 MB
Total Pagefile: 8152.33 MB
Available Pagefile: 7115.79 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:905.25 GB) (Free:627.86 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: () (Removable) (Total:3.73 GB) (Free:3.68 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 1328577F)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 4 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.


LastRegBack: 2014-06-17 00:30

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

Falls noch weitere Infos benötigt werden, einfach nachfragen. Vielen Dank schon im voraus.

M-K-D-B · 17.06.2014, 13:21

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo.
Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Drücke bitte die

+ R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

start
Startup: C:\Users\CrashsmashLP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\jgvmqbe.lnk
ShortcutTarget: jgvmqbe.lnk -> C:\ProgramData\ebqmvgj.gsa (Haarlems Dagblad, Inc)
S2 Winmgmt; C:\ProgramData\jgvmqbe.faa [332020 2014-03-31] (Microsoft Corporation)
end

Speichere diese bitte als Fixlist.txt auf deinem USB Stick.

Starte deinen Rechner erneut in die Reparaturoptionen
Starte nun die FRST.exe erneut und klicke den Entfernen Button.

Das Tool erstellt eine Fixlog.txt auf deinem USB Stick. Poste den Inhalt bitte hier.

Berichte mir, ob dein Rechner danach wieder normal startet (wir sind dann noch nicht fertig).

DGutschalk · 17.06.2014, 13:33

Hallo Matthias,

Danke für deinen Fix, der Rechner startet und der GVU Trojaner zeigt sich nicht mehr.
Entdeckt habe ich jetzt allerdings noch diversen Müll wie z.B. PC Health Kit oder PC Speed Up. Das sollte ich bei der Gelegenheit auch runter schmeißen.

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-06-2014
Ran by SYSTEM at 2014-06-17 14:29:24 Run:1
Running from D:\
Boot Mode: Recovery
==============================================

Content of fixlist:
*****************
start
Startup: C:\Users\CrashsmashLP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\jgvmqbe.lnk
ShortcutTarget: jgvmqbe.lnk -> C:\ProgramData\ebqmvgj.gsa (Haarlems Dagblad, Inc)
S2 Winmgmt; C:\ProgramData\jgvmqbe.faa [332020 2014-03-31] (Microsoft Corporation)
end
*****************

C:\Users\CrashsmashLP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\jgvmqbe.lnk => Moved successfully.
C:\ProgramData\ebqmvgj.gsa => Moved successfully.
Winmgmt => Service restored successfully.

==== End of Fixlog ====

M-K-D-B · 17.06.2014, 13:34

FRST auf dem Desktop downloaden und neu auführen:

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

DGutschalk · 17.06.2014, 13:42

Hallo Matthias,

Hier die beiden Logs:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-06-2014
Ran by CrashsmashLP (administrator) on MY-PC on 17-06-2014 14:37:40
Running from G:\zweiter lauf
Platform: Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\PC Speed Up\PCSUService.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Just Develop It) C:\Program Files (x86)\MyPC Backup\BackupStack.exe
(Systweak) C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe
() C:\Program Files (x86)\Re-markit-soft\Re-markit_wd.exe
(Uniblue Systems Limited) C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(PC Health Labs) C:\Program Files (x86)\PC Health Kit\PCHealthKit.exe
(PC Health Labs) C:\Program Files (x86)\PC Health Kit\PCHKSmartScan.exe
(System Speedup) C:\Program Files (x86)\System Speedup\SystemSpeedup.exe
(Systweak Inc) C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Windows\jmesoft\Service.exe
(Lenovo) C:\Program Files\Lenovo\Power Control Switch\LenovoCOMSvc.exe
() C:\Program Files (x86)\LPT\srpts.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Re-markit-soft\Re-markit155.exe
() C:\Program Files (x86)\FindRight\updateFindRight.exe
() C:\Program Files (x86)\FindRight\bin\utilFindRight.exe
(Wajam) C:\Program Files (x86)\Wajam\Updater\WajamUpdaterV3.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\SysWOW64\UMonit.exe
() C:\Users\CrashsmashLP\AppData\Local\Lollipop\lollipop_03241333.exe
(Smartbar) C:\Users\CrashsmashLP\AppData\Local\Smartbar\Application\SnapDo.exe
(Software Updater) C:\Program Files (x86)\Software Updater\SoftwareUpdater.exe
(Lenovo) C:\Windows\jmesoft\hotkey.exe
(GamersFirst) C:\Users\CrashsmashLP\AppData\Local\GamersFirst\LIVE!\Live.exe
() C:\Users\CrashsmashLP\AppData\Local\LPT\srptm.exe
() C:\Windows\jmesoft\JME_LOAD.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
(Lenovo) C:\Program Files\Lenovo\Power Control Switch\LitModeSwitch.exe
(Lenovo) C:\Program Files\Lenovo\Power Control Switch\LitModeCtrl.exe
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(McAfee, Inc.) C:\Program Files\mcafee.com\agent\mcupdate.exe
(McAfee, Inc.) C:\Program Files\mcafee.com\agent\mcupdate.exe
(McAfee, Inc.) C:\Program Files\mcafee\virusscan\McVsShld.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\Core\mchost.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12497552 2012-05-28] (Realtek Semiconductor)
HKLM\...\Run: [UMonit] => C:\WINDOWS\SysWOW64\UMonit.exe [28672 2012-07-24] ()
HKLM-x32\...\Run: [jmekey] => C:\WINDOWS\jmesoft\hotkey.exe [118784 2011-06-08] (Lenovo)
HKLM-x32\...\Run: [jmesoft] => C:\Windows\jmesoft\ServiceLoader.exe [28672 2011-03-15] ()
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-01-28] (McAfee, Inc.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-04] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)
HKLM-x32\...\Run: [ModeSwitch] => C:\Program Files\Lenovo\Power Control Switch\LitModeSwitch.exe [751104 2012-03-31] (Lenovo)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-01-28] (McAfee, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-505307628-1853979233-654877678-1001\...\Run: [PCSpeedUp] => C:\Program Files (x86)\PC Speed Up\PCSUNotifier.exe [272176 2013-11-12] ()
HKU\S-1-5-21-505307628-1853979233-654877678-1001\...\Run: [lollipop_03241333] => c:\users\crashsmashlp\appdata\local\lollipop\lollipop_03241333.exe [2952192 2014-03-24] ()
HKU\S-1-5-21-505307628-1853979233-654877678-1001\...\Run: [Browser Infrastructure Helper] => C:\Users\CrashsmashLP\AppData\Local\Smartbar\Application\SnapDo.exe [27680 2014-03-20] (Smartbar)
HKU\S-1-5-21-505307628-1853979233-654877678-1001\...\MountPoints2: {9d4b3424-8d92-11e3-be6e-806e6f6e6963} - "D:\pushinst.exe" 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftwareUpdater.lnk
ShortcutTarget: SoftwareUpdater.lnk -> C:\Program Files (x86)\Software Updater\SoftwareUpdater.exe (Software Updater)
Startup: C:\Users\CrashsmashLP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
ShortcutTarget: GamersFirst LIVE!.lnk -> C:\Users\CrashsmashLP\AppData\Local\GamersFirst\LIVE!\Live.exe (GamersFirst)
Startup: C:\Users\CrashsmashLP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
Startup: C:\Users\CrashsmashLP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PricePeepUpdater.lnk
ShortcutTarget: PricePeepUpdater.lnk -> C:\Program Files (x86)\PricePeep\PricePeepUpdater.exe (No File)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:13828
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaHk7fb-MO5XCXXVn8iDR8pW-E-OJbVqOPUTceunT9xDBqTAsjTjtdfAEK1mDSf3HeB9zqT3L-owNCn7MnG7LcXmu7tBNkmtibNHOhEfVBoRvYetCWm86iG_W9WNWQBckkhcrohnC51P5j3lj47gO43Ur9Nc_jMO0W2fPAlpR2SiGj68AItFFd-JA7EPzDJcTN8,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1393872078&from=tugs&uid=WDCXWD10EALX-089BA1_WD-WMATR138938689386
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaHk7fb-MO5XCXXVn8iDR8pW-E-OJbVqOPUTceunT9xDBqTAsjTjtdfAEK1mDSf3HeB9zqT3L-owNCn7MnG7LcXmu7tBNkmtibNHOhEfVBoRvYetCWm86iG_W9WNWQBckkhcrohnC51P5j3lj47gO43Ur9Nc_jMO0W2fPAlpR2SiGj68AItFFd-JA7EPzDJcTN8,&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393872078&from=tugs&uid=WDCXWD10EALX-089BA1_WD-WMATR138938689386&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1393872078&from=tugs&uid=WDCXWD10EALX-089BA1_WD-WMATR138938689386
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=cmi0301ie&cd=2XzuyEtN2Y1L1Qzu0DyEtA0DyB0EtC0F0F0Czzzzzy0FtCtAtN0D0Tzu0SyBzytAtN1L2XzutBtFtCyBtFtDtFtCtN1L1CzutDzytDtCtG1TtN1L1G1B1V1N2Y1L1Qzu2SyCyDtD0B0AzyzyyDtG0FtB0ByCtG0Azy0AzytG0EyCzyzytGyB0A0CyBtCtAzztAzytDtByC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0FzyyD0Czy0EyCtG0CtByB0FtG0E0A0AyBtGzztDzzyCtGyBtBzytB0CzyyEyE0B0Dzy0A2Q&cr=1171129213&ir=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1393872078&from=tugs&uid=WDCXWD10EALX-089BA1_WD-WMATR138938689386&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393872078&from=tugs&uid=WDCXWD10EALX-089BA1_WD-WMATR138938689386&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1393872078&from=tugs&uid=WDCXWD10EALX-089BA1_WD-WMATR138938689386
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=cmi0301ie&cd=2XzuyEtN2Y1L1Qzu0DyEtA0DyB0EtC0F0F0Czzzzzy0FtCtAtN0D0Tzu0SyBzytAtN1L2XzutBtFtCyBtFtDtFtCtN1L1CzutDzytDtCtG1TtN1L1G1B1V1N2Y1L1Qzu2SyCyDtD0B0AzyzyyDtG0FtB0ByCtG0Azy0AzytG0EyCzyzytGyB0A0CyBtCtAzztAzytDtByC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0FzyyD0Czy0EyCtG0CtByB0FtG0E0A0AyBtGzztDzzyCtGyBtBzytB0CzyyEyE0B0Dzy0A2Q&cr=1171129213&ir=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1393872078&from=tugs&uid=WDCXWD10EALX-089BA1_WD-WMATR138938689386&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.awesomehp.com/?type=sc&ts=1393872078&from=tugs&uid=WDCXWD10EALX-089BA1_WD-WMATR138938689386
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393872078&from=tugs&uid=WDCXWD10EALX-089BA1_WD-WMATR138938689386&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393872078&from=tugs&uid=WDCXWD10EALX-089BA1_WD-WMATR138938689386&q={searchTerms}
SearchScopes: HKLM - {424D67D3-6B88-4527-B275-39B22EE89AEC} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=cmi0301ie&cd=2XzuyEtN2Y1L1Qzu0DyEtA0DyB0EtC0F0F0Czzzzzy0FtCtAtN0D0Tzu0SyBzytAtN1L2XzutBtFtCyBtFtDtFtCtN1L1CzutDzytDtCtG1TtN1L1G1B1V1N2Y1L1Qzu2SyCyDtD0B0AzyzyyDtG0FtB0ByCtG0Azy0AzytG0EyCzyzytGyB0A0CyBtCtAzztAzytDtByC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0FzyyD0Czy0EyCtG0CtByB0FtG0E0A0AyBtGzztDzzyCtGyBtBzytB0CzyyEyE0B0Dzy0A2Q&cr=1171129213&ir=
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaHk7fb-MO5XCXXVn8iDR8pW-E-OJbVqOPUTceunT9xDBqTAsjTjtdfAEK1mDSf3HeB9zqT3L-owNCn7MnG7LcXmu7tBNkmtibNHOhEfVBoRvYetCWm86iG_W9WNWQBckkhcrohnC51P5j3lj47gO43Ur9Nc_jMO0W2fPAlpR2SiGj68AItFFd-JA7EPzDJcTN8,&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaHk7fb-MO5XCXXVn8iDR8pW-E-OJbVqOPUTceunT9xDBqTAsjTjtdfAEK1mDSf3HeB9zqT3L-owNCn7MnG7LcXmu7tBNkmtibNHOhEfVBoRvYetCWm86iG_W9WNWQBckkhcrohnC51P5j3lj47gO43Ur9Nc_jMO0W2fPAlpR2SiGj68AItFFd-JA7EPzDJcTN8,&q={searchTerms}
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaHk7fb-MO5XCXXVn8iDR8pW-E-OJbVqOPUTceunT9xDBqTAsjTjtdfAEK1mDSf3HeB9zqT3L-owNCn7MnG7LcXmu7tBNkmtibNHOhEfVBoRvYetCWm86iG_W9WNWQBckkhcrohnC51P5j3lj47gO43Ur9Nc_jMO0W2fPAlpR2SiGj68AItFFd-JA7EPzDJcTN8,&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaHk7fb-MO5XCXXVn8iDR8pW-E-OJbVqOPUTceunT9xDBqTAsjTjtdfAEK1mDSf3HeB9zqT3L-owNCn7MnG7LcXmu7tBNkmtibNHOhEfVBoRvYetCWm86iG_W9WNWQBckkhcrohnC51P5j3lj47gO43Ur9Nc_jMO0W2fPAlpR2SiGj68AItFFd-JA7EPzDJcTN8,&q={searchTerms}
BHO: easy-deals2 - {11111111-1111-1111-1111-110311991194} - C:\Program Files (x86)\easy-deals2\easy-deals2-bho64.dll (adassist2)
BHO: Video-for-PC-1.2 - {11111111-1111-1111-1111-110511151178} - C:\Program Files (x86)\Video-for-PC-1.2\Video-for-PC-1.2-bho64.dll (fun-games)
BHO: SmartbarInternetExplorerBHOEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
BHO: SaveClicker - {5E35BEDC-848F-3F2F-5A79-DDFF1E019BE6} - C:\Program Files (x86)\SaveClicker\ap6KgYK7u.x64.dll ()
BHO: RandoMPricce - {9A2EDA1B-FD76-D575-5E17-BBDA2C000A41} - C:\ProgramData\RandoMPricce\tuQrBryYB0.x64.dll ()
BHO-x32: easy-deals2 - {11111111-1111-1111-1111-110311991194} - C:\Program Files (x86)\easy-deals2\easy-deals2-bho.dll (adassist2)
BHO-x32: Video-for-PC-1.2 - {11111111-1111-1111-1111-110511151178} - C:\Program Files (x86)\Video-for-PC-1.2\Video-for-PC-1.2-bho.dll (fun-games)
BHO-x32: SmartbarInternetExplorerBHOEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: SaveClicker - {5E35BEDC-848F-3F2F-5A79-DDFF1E019BE6} - C:\Program Files (x86)\SaveClicker\ap6KgYK7u.dll ()
BHO-x32: Wajam - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam)
BHO-x32: mysearchdial Helper Object - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - C:\Program Files (x86)\Mysearchdial\1.8.29.0\bh\mysearchdial.dll (MySearchDial)
BHO-x32: No Name - {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} -  No File
Toolbar: HKLM - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialTlbr.dll (MySearchDial)
Toolbar: HKLM-x32 - loadtbs - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} - C:\Users\CrashsmashLP\AppData\Roaming\loadtbs\toolbar.dll (InfiniAd GmbH)
Toolbar: HKLM-x32 - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} -  No File
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095} 
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)

FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @exent.com/npExentControl,version=7.1.0.1 - C:\Program Files (x86)\FreeRide Games\npExentControl.dll (Exent Technologies Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Extension: Widget context - C:\Users\CrashsmashLP\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{140A2D0E-85CC-4ed3-9BA5-8FA35DA7FABA}.xpi [2014-03-30]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2012-11-03]
FF HKCU\...\Firefox\Extensions: [{18cb1911-bb8b-407a-a031-fffc8d7b664c}] - C:\Program Files (x86)\Re-markit-soft\155.xpi
FF Extension: Re-markit - C:\Program Files (x86)\Re-markit-soft\155.xpi [2014-03-03]

Chrome: 
=======
CHR HomePage: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_cr_de_display?ie=UTF8&tagbase=bds-p23&tbrId=v1_abb-channel-23_07a7f45c6591444893b91863b534e4b7_39_1006_20130624_DE_cr_sp_
CHR StartupUrls: "hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_cr_de_display?ie=UTF8&tagbase=bds-p23&tbrId=v1_abb-channel-23_07a7f45c6591444893b91863b534e4b7_39_1006_20130624_DE_cr_sp_"
CHR Extension: (Google Docs) - C:\Users\CrashsmashLP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-01]
CHR Extension: (Google Drive) - C:\Users\CrashsmashLP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-01]
CHR Extension: (YouTube) - C:\Users\CrashsmashLP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-01]
CHR Extension: (Google-Suche) - C:\Users\CrashsmashLP\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-01]
CHR Extension: (easy-deals2) - C:\Users\CrashsmashLP\AppData\Local\Google\Chrome\User Data\Default\Extensions\iobhlofholalpkgbeoeobhckdmfpcpce [2014-04-01]
CHR Extension: (Video-for-PC-1.2) - C:\Users\CrashsmashLP\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna [2014-04-01]
CHR Extension: (Google Wallet) - C:\Users\CrashsmashLP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-01]
CHR Extension: (Widget context) - C:\Users\CrashsmashLP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ombmmloebnfnpehgjnmkcgoegfachobp [2014-06-05]
CHR Extension: (Google Mail) - C:\Users\CrashsmashLP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-01]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36392 2014-02-18] (Just Develop It)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-03-15] () [File not signed]
R2 LenovoCOMSvc; C:\Program Files\Lenovo\Power Control Switch\LenovoCOMSvc.exe [37888 2011-11-04] (Lenovo) [File not signed]
R3 LitModeCtrl; C:\Program Files\Lenovo\Power Control Switch\LitModeCtrl.exe [141824 2012-04-06] (Lenovo) [File not signed]
R2 LPTSystemUpdater; C:\Program Files (x86)\LPT\srpts.exe [32288 2014-02-06] ()
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-01-28] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\mcafee\msc\McAWFwk.exe [332080 2012-01-26] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
S2 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025712 2014-01-21] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-01-27] (McAfee, Inc.)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [185792 2014-01-27] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 PCSUService; C:\Program Files (x86)\PC Speed Up\PCSUService.exe [417072 2013-11-12] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-02-26] ()
R2 Re-markit; C:\Program Files (x86)\Re-markit-soft\Re-markit155.exe [193536 2014-03-03] () [File not signed]
R2 Update FindRight; C:\Program Files (x86)\FindRight\updateFindRight.exe [317728 2014-06-05] ()
R2 Util FindRight; C:\Program Files (x86)\FindRight\bin\utilFindRight.exe [317728 2014-06-05] ()
R2 WajamUpdaterV3; C:\Program Files (x86)\Wajam\Updater\WajamUpdaterV3.exe [114176 2014-01-06] (Wajam) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [501904 2014-03-03] (Cherished Technololgy LIMITED)
S2 be0fb33b; "C:\WINDOWS\system32\rundll32.exe" "c:\progra~2\suppor~1\SupporterSvc.dll",service

==================== Drivers (Whitelisted) ====================

R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-01-27] (McAfee, Inc.)
R3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [60928 2012-07-06] (GenesysLogic)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [180272 2014-01-27] (McAfee, Inc.)
R2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311600 2014-01-27] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69352 2014-01-27] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [520696 2014-01-27] (McAfee, Inc.)
R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [783864 2014-01-27] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [422712 2014-01-21] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-01-21] (McAfee, Inc.)
R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344688 2014-01-27] (McAfee, Inc.)
R1 wStLib64; C:\Windows\System32\drivers\wStLib64.sys [61112 2014-03-18] (StdLib)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
R2 X5XSEx_Pr148; C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.Sys [56136 2012-08-02] (Exent Technologies Ltd.)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-17 23:43 - 2014-06-17 14:37 - 00000000 ____D () C:\FRST
2014-06-17 14:35 - 2014-06-17 14:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-06-02 16:23 - 2014-06-17 14:31 - 00001426 _____ () C:\Users\CrashsmashLP\Desktop\Registry kostenlos entrümpeln!.lnk
2014-06-02 16:15 - 2014-06-02 16:15 - 00000000 _____ () C:\end

==================== One Month Modified Files and Folders =======

2014-06-18 00:29 - 2014-02-02 10:16 - 00000000 ___RD () C:\Users\CrashsmashLP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-17 14:38 - 2014-02-02 10:16 - 00000214 _____ () C:\Users\CrashsmashLP\Documents\pms.xml
2014-06-17 14:38 - 2014-02-02 10:15 - 00000000 ____D () C:\Users\CrashsmashLP\AppData\Local\Temp
2014-06-17 14:37 - 2014-06-17 23:43 - 00000000 ____D () C:\FRST
2014-06-17 14:37 - 2014-03-03 20:41 - 00002033 _____ () C:\Users\CrashsmashLP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lollipop.lnk
2014-06-17 14:36 - 2014-02-03 17:24 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-505307628-1853979233-654877678-1001
2014-06-17 14:36 - 2012-11-03 08:55 - 00751892 _____ () C:\WINDOWS\system32\perfh007.dat
2014-06-17 14:36 - 2012-11-03 08:55 - 00155620 _____ () C:\WINDOWS\system32\perfc007.dat
2014-06-17 14:36 - 2012-07-26 09:28 - 01745416 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-06-17 14:35 - 2014-06-17 14:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-06-17 14:35 - 2012-11-03 00:13 - 00001855 _____ () C:\Users\Public\Desktop\McAfee Internet Security.lnk
2014-06-17 14:34 - 2014-03-03 20:41 - 00000418 _____ () C:\WINDOWS\Tasks\Re-markit Update.job
2014-06-17 14:33 - 2014-04-23 18:10 - 00003108 _____ () C:\WINDOWS\System32\Tasks\RegClean Pro
2014-06-17 14:33 - 2014-02-25 15:36 - 00003132 _____ () C:\WINDOWS\System32\Tasks\System Speedup
2014-06-17 14:33 - 2014-02-25 15:36 - 00000000 ____D () C:\Users\CrashsmashLP\AppData\Roaming\System Speedup
2014-06-17 14:32 - 2014-04-02 15:15 - 00003120 _____ () C:\WINDOWS\System32\Tasks\Advanced System Protector_startup
2014-06-17 14:32 - 2014-02-25 15:37 - 00000000 ____D () C:\Program Files (x86)\PC Speed Up
2014-06-17 14:31 - 2014-06-02 16:23 - 00001426 _____ () C:\Users\CrashsmashLP\Desktop\Registry kostenlos entrümpeln!.lnk
2014-06-17 14:31 - 2014-04-01 13:58 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-17 14:31 - 2014-03-25 17:45 - 00003262 _____ () C:\WINDOWS\System32\Tasks\PC Health Kit Schedule
2014-06-17 14:31 - 2014-03-25 17:45 - 00001534 _____ () C:\WINDOWS\Tasks\easy-deals2-updater.job
2014-06-17 14:31 - 2014-03-25 17:45 - 00001490 _____ () C:\WINDOWS\Tasks\easy-deals2-codedownloader.job
2014-06-17 14:31 - 2014-03-25 17:45 - 00001368 _____ () C:\WINDOWS\Tasks\easy-deals2-enabler.job
2014-06-17 14:31 - 2014-03-25 17:44 - 00003118 _____ () C:\WINDOWS\Tasks\easy-deals2-chromeinstaller.job
2014-06-17 14:31 - 2014-03-03 20:43 - 00000298 _____ () C:\WINDOWS\Tasks\SpeedUpMyPC Startup.job
2014-06-17 14:31 - 2014-03-03 20:42 - 00001566 _____ () C:\WINDOWS\Tasks\Video-for-PC-1.2-updater.job
2014-06-17 14:31 - 2014-03-03 20:41 - 00003138 _____ () C:\WINDOWS\Tasks\Video-for-PC-1.2-chromeinstaller.job
2014-06-17 14:31 - 2014-03-03 20:41 - 00002622 _____ () C:\WINDOWS\Tasks\Video-for-PC-1.2-firefoxinstaller.job
2014-06-17 14:31 - 2014-03-03 20:41 - 00001522 _____ () C:\WINDOWS\Tasks\Video-for-PC-1.2-codedownloader.job
2014-06-17 14:31 - 2014-03-03 20:41 - 00001420 _____ () C:\WINDOWS\Tasks\Video-for-PC-1.2-enabler.job
2014-06-17 14:31 - 2014-03-03 20:40 - 00000416 _____ () C:\WINDOWS\Tasks\Re-markit_wd.job
2014-06-17 14:31 - 2012-07-26 09:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-06-17 13:40 - 2014-02-02 10:17 - 00000008 _____ () C:\Users\CrashsmashLP\Documents\lmscfg
2014-06-17 13:14 - 2014-03-01 18:32 - 00000324 _____ () C:\WINDOWS\Tasks\MySearchDial.job
2014-06-17 13:10 - 2012-07-26 09:21 - 00026869 _____ () C:\WINDOWS\setupact.log
2014-06-17 13:03 - 2014-04-01 13:58 - 00001134 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-17 10:48 - 2014-02-25 15:37 - 00000366 _____ () C:\WINDOWS\Tasks\PC SpeedUp Service Deactivator.job
2014-06-17 10:20 - 2012-07-26 07:26 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-06-17 10:18 - 2012-11-03 00:17 - 02026843 _____ () C:\WINDOWS\WindowsUpdate.log
2014-06-17 10:04 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-06-05 19:00 - 2014-03-03 20:43 - 00000304 _____ () C:\WINDOWS\Tasks\SpeedUpMyPC Maintenance.job
2014-06-05 18:57 - 2014-02-25 15:46 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-05 18:42 - 2014-03-03 20:41 - 00000000 ____D () C:\Users\CrashsmashLP\AppData\Local\Lollipop
2014-06-05 18:38 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-06-02 16:26 - 2014-02-25 15:37 - 00000000 ____D () C:\Users\CrashsmashLP\Documents\PCSpeedUp
2014-06-02 16:15 - 2014-06-02 16:15 - 00000000 _____ () C:\end
2014-06-02 16:06 - 2012-08-01 17:51 - 00017438 _____ () C:\WINDOWS\PFRO.log
2014-06-02 16:00 - 2014-03-03 20:41 - 00000000 ____D () C:\ProgramData\IePluginService
2014-06-02 16:00 - 2014-03-03 20:41 - 00000000 ____D () C:\Program Files (x86)\SupTab

Some content of TEMP:
====================
C:\Users\CrashsmashLP\AppData\Local\Temp\airB377.exe
C:\Users\CrashsmashLP\AppData\Local\Temp\airB76A.exe
C:\Users\CrashsmashLP\AppData\Local\Temp\airE4AA.exe
C:\Users\CrashsmashLP\AppData\Local\Temp\airEA3E.exe
C:\Users\CrashsmashLP\AppData\Local\Temp\BackupSetup.exe
C:\Users\CrashsmashLP\AppData\Local\Temp\bdfilters.dll
C:\Users\CrashsmashLP\AppData\Local\Temp\IEHistory.exe
C:\Users\CrashsmashLP\AppData\Local\Temp\InstalledPrograms.exe
C:\Users\CrashsmashLP\AppData\Local\Temp\nse204.exe
C:\Users\CrashsmashLP\AppData\Local\Temp\nsf1DDB.exe
C:\Users\CrashsmashLP\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-17 10:30

==================== End Of Log ============================

--- --- ---

--- --- ---

Addition.txt

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-06-2014
Ran by CrashsmashLP at 2014-06-17 14:38:32
Running from G:\zweiter lauf
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: McAfee Anti-Virus und Anti-Spyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Disabled - Out of date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Disabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

Advanced System Protector (HKLM-x32\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1) (Version: 2.1.1000.12580 - Systweak Software) <==== ATTENTION
Amazon Browser App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.0 - Amazon)
APB Reloaded (HKLM-x32\...\Steam App 113400) (Version:  - Reloaded Productions)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
awesomehp uninstaller (HKLM-x32\...\awesomehp uninstaller) (Version:  - awesomehp) <==== ATTENTION
Bandicam (HKLM-x32\...\Bandicam) (Version: 1.8.2 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - )
Batman™: Arkham Origins (HKLM-x32\...\Steam App 209000) (Version:  - WB Games Montreal)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon MG8100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG8100_series) (Version:  - )
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - Torn Banner Studios)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CouponSupport (HKLM-x32\...\S-649636217) (Version: 3.3.0.1598 - CouponSupport) <==== ATTENTION
DiRT 3 (HKLM-x32\...\Steam App 44320) (Version:  - Codemasters Racing Studio)
Driver & Application Installation (HKLM-x32\...\{BFECCF2A-F094-4066-8BFA-29CCBB7F6602}) (Version: 6.12.0815 - Lenovo)
Driver San Francisco (HKLM-x32\...\Steam App 33440) (Version:  - Ubisoft Reflections)
easy-deals2 (HKLM-x32\...\easy-deals2) (Version: 1.34.3.17 - adassist2)
FindRight (HKLM\...\FindRight) (Version: 2014.02.26.051729 - FindRight) <==== ATTENTION
FreeRide Games (HKLM-x32\...\{6C26A305-4549-4A8A-9F03-25719C03B0FB}) (Version: 07.05.80.00 - Exent Technologies)
GamersFirst LIVE! (HKCU\...\GamersFirst LIVE!) (Version:  - GamersFirst)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.1.1.0 - Genesys Logic)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
GRID 2 (HKLM-x32\...\Steam App 44350) (Version:  - Codemasters Racing)
IePluginService12.27.0.3326 (HKLM-x32\...\IePlugins) (Version: 12.27.0.3326 - Cherished Technololgy LIMITED) <==== ATTENTION
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Lenovo Blacksilk USB Keyboard Driver (HKLM-x32\...\{B266E062-D6C5-485B-B426-51B152B041A6}) (Version: V1.4.11.0608 - Lenovo)
Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version:  - CEWE COLOR AG u Co. OHG)
Lenovo Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.6418 - CyberLink Corp.)
Lenovo Power2Go (x32 Version: 6.0.6418 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.0822 - CyberLink Corp.)
Lenovo Rescue System (Version: 4.0.0.0822 - CyberLink Corp.) Hidden
LIMBO (HKLM-x32\...\Steam App 48000) (Version:  - Playdead)
loadtbs-3.0 (HKLM-x32\...\loadtbs-3.0) (Version:  - )
Lollipop (HKCU\...\lollipop_03241333) (Version:  - Lollipop Network, S.L.) <==== ATTENTION
LPT System Updater Service (x32 Version: 1.0.0.0 - LPT) Hidden <==== ATTENTION
Max Payne 3 (HKLM-x32\...\Steam App 204100) (Version:  - Rockstar Studios)
McAfee Internet Security (HKLM-x32\...\MSC) (Version: 12.8.934 - McAfee, Inc.)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
MX vs ATV Reflex (HKLM-x32\...\Steam App 55140) (Version:  - Double Helix Games)
MXGP - The Official Motocross Videogame (HKLM-x32\...\Steam App 256370) (Version:  - Milestone S.r.l.)
MyPC Backup  (HKLM\...\MyPC Backup) (Version:  - JDi Backup Ltd) <==== ATTENTION
Mysearchdial (HKLM-x32\...\mysearchdial) (Version:  - Mysearchdial) <==== ATTENTION
NVIDIA Grafiktreiber 305.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 305.93 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.82.513 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Systemsteuerung 305.93 (Version: 305.93 - NVIDIA Corporation) Hidden
Off-Road Drive (HKLM-x32\...\Steam App 200230) (Version:  - 1C-Avalon)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PC Health Kit v3.2 (HKLM-x32\...\PC Health Kit_is1) (Version: 3.2 - PC Health Labs)
PC Speed Up (HKLM\...\PCSU-SL_is1) (Version: 3.4.1.0 - Speedchecker Limited)
Power Control Switch (HKLM-x32\...\{816F9A97-9889-43DA-A394-7AA45DD68BA0}) (Version: 4.0.0.0704 - Lenovo)
PricePeep (HKLM-x32\...\PricePeep) (Version: 2.2.0.10 - betwikx LLC) <==== ATTENTION
Prince of Persia: The Forgotten Sands (HKLM-x32\...\Steam App 33320) (Version:  - Ubisoft Montreal)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
RandoMPricce (HKLM-x32\...\{8E8C2E2D-7F21-2CF5-0ADB-64935121ECF0}) (Version:  - RandoomPrIce) <==== ATTENTION
Rapture3D 2.4.8 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6649 - Realtek Semiconductor Corp.)
RegClean Pro (HKLM-x32\...\RegClean Pro_is1) (Version: 6.21 - Systweak Inc) <==== ATTENTION
Re-markit (HKLM-x32\...\674d5dbc-360d-4da7-aa62-80d47d9437b8) (Version:  - Re-markit Software) <==== ATTENTION
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)
SaveClicker (HKLM-x32\...\{E96338DC-1468-4918-8EC2-8454BFFC5025}) (Version: 3.0.0.1941 - SaveClicker) <==== ATTENTION
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.10.30.15 - Conduit) <==== ATTENTION
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shift 2 Unleashed (HKLM-x32\...\Steam App 47920) (Version:  - Slightly Mad Studios)
Snap.Do (HKLM-x32\...\{3A014A11-3D9E-44BD-9431-2DB67F752CB9}) (Version: 11.32.1.16055 - ReSoft Ltd.) <==== ATTENTION
Snap.Do Engine (HKCU\...\{bb4c4f5f-26b5-45fa-9e01-3d056cb56fa2}) (Version: 11.32.1.16055 - ReSoft Ltd.) <==== ATTENTION
Software Updater version 1.8.4 (HKLM-x32\...\Software Updater_is1) (Version: 1.8.4 - Air Software) <==== ATTENTION
SpeedUpMyPC (HKLM-x32\...\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1) (Version: 6.0.2.0 - Uniblue Systems Limited) <==== ATTENTION
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
Supporter 1.80 (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{be0fb33b}) (Version:  - SaveClicker) <==== ATTENTION
SupTab (HKLM-x32\...\SupTab) (Version: 1.1.1.0 - ) <==== ATTENTION
System Speedup (HKLM-x32\...\System Speedup_is1) (Version: 2.1 - systemspeedup.com)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
Test Drive Unlimited 2 (HKLM-x32\...\Steam App 9930) (Version:  - Eden Studios)
Trials Evolution Gold Edition (HKLM-x32\...\Steam App 220160) (Version:  - Redlynx Ltd)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Video-for-PC-1.2 (HKLM-x32\...\Video-for-PC-1.2) (Version: 1.34.2.13 - fun-games) <==== ATTENTION
VO Package (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - ) <==== ATTENTION
Wajam (HKLM-x32\...\Wajam) (Version: 2.13 - Wajam) <==== ATTENTION
WPM17.8.0.3393 (HKLM-x32\...\WPM) (Version: 17.8.0.3393 - Cherished Technololgy LIMITED) <==== ATTENTION

==================== Restore Points  =========================

01-04-2014 13:07:01 RegClean Pro Di, Apr 01, 14  15:07
29-04-2014 18:05:12 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {016BC803-E3DA-4A60-8083-6E7E3080DB7A} - System32\Tasks\OFFICE2010ACT => C:\ProgramData\Microsoft\Windows\OFFICEICON.vbs [2012-03-08] ()
Task: {055ACA79-76E3-4128-9A88-C6E53D5DA306} - System32\Tasks\System Speedup_UPDATES => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe [2013-12-13] (System Speedup)
Task: {0E121932-2C16-4C4A-8EF9-C7F7D30F38D9} - System32\Tasks\PC Health Kit Schedule => C:\Program Files (x86)\PC Health Kit\PCHKLauncher.exe [2014-02-24] (PC Health Labs)
Task: {0E1A62BA-936B-4B5D-AB0C-4C74C8B32BBF} - System32\Tasks\Ongoing package check => C:\Users\CrashsmashLP\AppData\Roaming\VOPackage\VOPackage.exe [2014-03-03] ()
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {340156DF-4365-49B2-8BF7-7882DE5C2404} - System32\Tasks\Video-for-PC-1.2-updater => C:\Program Files (x86)\Video-for-PC-1.2\Video-for-PC-1.2-updater.exe [2014-03-03] (fun-games) <==== ATTENTION
Task: {39AAB40E-30F9-4F34-85D3-09C9BE511890} - System32\Tasks\System Speedup => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe [2013-12-13] (System Speedup)
Task: {4B6C35EB-7A11-4D36-9B69-8E19E7B6B437} - System32\Tasks\easy-deals2-enabler => C:\Program Files (x86)\easy-deals2\easy-deals2-enabler.exe [2014-03-25] (adassist2)
Task: {4CF1CB1A-F362-4425-9731-7197968BFE87} - System32\Tasks\Re-markit_wd => C:\Program Files (x86)\Re-markit-soft\Re-markit_wd.exe [2014-03-03] () <==== ATTENTION
Task: {570E3154-D7CA-4070-874E-1FAE5591AB83} - System32\Tasks\easy-deals2-codedownloader => C:\Program Files (x86)\easy-deals2\easy-deals2-codedownloader.exe [2014-03-25] (adassist2)
Task: {600F52E3-C80A-4AD1-AA02-0AA4642EAEBA} - System32\Tasks\PC SpeedUp Service Deactivator => C:\Program Files (x86)\PC Speed Up\PCSUSD.exe [2013-11-12] () <==== ATTENTION
Task: {629C9F0B-6229-4BDF-BA53-0FA07EA89CD1} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2014-01-21] (Systweak Inc) <==== ATTENTION
Task: {6522885D-569C-4DA3-A081-6E2D5FAAFEA8} - System32\Tasks\SpeedUpMyPC Startup => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe [2014-02-19] (Uniblue Systems Limited) <==== ATTENTION
Task: {67D0416B-EA61-4694-804D-D5F53AD96F47} - System32\Tasks\easy-deals2-chromeinstaller => C:\Program Files (x86)\easy-deals2\easy-deals2-chromeinstaller.exe [2014-03-25] (adassist2)
Task: {808095AD-620F-43E6-B0B4-BB1BAADE8106} - System32\Tasks\System Speedup_DEFAULT => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe [2013-12-13] (System Speedup)
Task: {871C9EC1-111E-4343-B7D3-4E69D96D696B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {AC7C4170-C8A2-42BB-A9B9-C0A24716F594} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2014-01-21] (Systweak Inc) <==== ATTENTION
Task: {ACCE5BB3-88DD-45FF-B7EE-0B79A1BA0DD9} - System32\Tasks\Video-for-PC-1.2-firefoxinstaller => C:\Program Files (x86)\Video-for-PC-1.2\Video-for-PC-1.2-firefoxinstaller.exe [2014-03-03] (fun-games) <==== ATTENTION
Task: {B36EEA24-957E-42E4-B7D4-8ECCE70146A4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-01] (Google Inc.)
Task: {B3AC06F8-6001-479A-87AA-C31D1122CAD5} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2014-01-21] (Systweak Inc) <==== ATTENTION
Task: {B4299654-83B1-4622-8B94-0AD038000AF6} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {C36F9A0B-EEE1-4DCB-B7FA-BF484EAE8672} - System32\Tasks\MySearchDial => C:\Users\CRASHS~1\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {C97D9686-3DEE-4D40-BCAC-0D062733668D} - System32\Tasks\SpeedUpMyPC Maintenance => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe [2014-02-19] (Uniblue Systems Limited) <==== ATTENTION
Task: {CD2A0605-4783-40E9-AE9C-E56621E3C9FE} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe [2014-01-15] (Systweak) <==== ATTENTION
Task: {DE8B386F-AD9C-4455-B59E-AE803FDFEE5A} - System32\Tasks\Re-markit Update => C:\Program Files (x86)\Re-markit-soft\ReMar.exe [2014-03-03] () <==== ATTENTION
Task: {E861AB9D-879B-4B73-BB70-E116C24F1354} - System32\Tasks\Video-for-PC-1.2-enabler => C:\Program Files (x86)\Video-for-PC-1.2\Video-for-PC-1.2-enabler.exe [2014-03-03] (fun-games) <==== ATTENTION
Task: {EAE12587-3082-4C98-82DE-A0CFFE84C912} - System32\Tasks\Video-for-PC-1.2-chromeinstaller => C:\Program Files (x86)\Video-for-PC-1.2\Video-for-PC-1.2-chromeinstaller.exe [2014-03-03] (fun-games) <==== ATTENTION
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {EFB336BD-EBF4-4B09-B03D-0A60FFD171A2} - System32\Tasks\easy-deals2-updater => C:\Program Files (x86)\easy-deals2\easy-deals2-updater.exe [2014-03-25] (adassist2)
Task: {F0A61E0C-950A-4724-984E-839485F2D1EE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-01] (Google Inc.)
Task: {FA0B6CE9-6845-401E-BDB7-E366370D2275} - System32\Tasks\Video-for-PC-1.2-codedownloader => C:\Program Files (x86)\Video-for-PC-1.2\Video-for-PC-1.2-codedownloader.exe [2014-03-03] (fun-games) <==== ATTENTION
Task: C:\WINDOWS\Tasks\easy-deals2-chromeinstaller.job => C:\Program Files (x86)\easy-deals2\easy-deals2-chromeinstaller.exe
Task: C:\WINDOWS\Tasks\easy-deals2-codedownloader.job => C:\Program Files (x86)\easy-deals2\easy-deals2-codedownloader.exe
Task: C:\WINDOWS\Tasks\easy-deals2-enabler.job => C:\Program Files (x86)\easy-deals2\easy-deals2-enabler.exe
Task: C:\WINDOWS\Tasks\easy-deals2-updater.job => C:\Program Files (x86)\easy-deals2\easy-deals2-updater.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\MySearchDial.job => C:\Users\CRASHS~1\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\PC SpeedUp Service Deactivator.job => C:\Program Files (x86)\PC Speed Up\PCSUSD.exe
Task: C:\WINDOWS\Tasks\Re-markit Update.job => C:\Program Files (x86)\Re-markit-soft\ReMar.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Re-markit_wd.job => C:\Program Files (x86)\Re-markit-soft\Re-markit_wd.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\SpeedUpMyPC Maintenance.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\SpeedUpMyPC Startup.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\System Speedup_DEFAULT.job => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe
Task: C:\WINDOWS\Tasks\System Speedup_UPDATES.job => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe
Task: C:\WINDOWS\Tasks\Video-for-PC-1.2-chromeinstaller.job => C:\Program Files (x86)\Video-for-PC-1.2\Video-for-PC-1.2-chromeinstaller.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Video-for-PC-1.2-codedownloader.job => C:\Program Files (x86)\Video-for-PC-1.2\Video-for-PC-1.2-codedownloader.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Video-for-PC-1.2-enabler.job => C:\Program Files (x86)\Video-for-PC-1.2\Video-for-PC-1.2-enabler.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Video-for-PC-1.2-firefoxinstaller.job => C:\Program Files (x86)\Video-for-PC-1.2\Video-for-PC-1.2-firefoxinstaller.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Video-for-PC-1.2-updater.job => C:\Program Files (x86)\Video-for-PC-1.2\Video-for-PC-1.2-updater.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2014-02-25 15:37 - 2013-11-12 20:59 - 00417072 _____ () C:\Program Files (x86)\PC Speed Up\PCSUService.exe
2014-02-18 15:32 - 2014-02-18 15:32 - 01102336 _____ () C:\Program Files (x86)\MyPC Backup\x64\System.Data.SQLite.dll
2014-03-03 20:40 - 2014-03-03 20:40 - 00093184 _____ () C:\Program Files (x86)\Re-markit-soft\Re-markit_wd.exe
2012-11-03 00:05 - 2011-03-15 21:47 - 00032768 _____ () C:\Windows\jmesoft\Service.exe
2014-02-06 22:19 - 2014-02-06 22:19 - 00032288 _____ () C:\Program Files (x86)\LPT\srpts.exe
2014-02-26 18:53 - 2014-02-26 18:54 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-03-03 20:40 - 2014-03-03 20:40 - 00193536 _____ () C:\Program Files (x86)\Re-markit-soft\Re-markit155.exe
2014-02-26 07:19 - 2014-06-05 18:53 - 00317728 _____ () C:\Program Files (x86)\FindRight\updateFindRight.exe
2014-03-01 19:36 - 2014-06-05 18:44 - 00317728 _____ () C:\Program Files (x86)\FindRight\bin\utilFindRight.exe
2012-11-03 00:05 - 2012-07-24 13:36 - 00028672 _____ () C:\Windows\SysWOW64\UMonit.exe
2014-03-24 15:33 - 2014-03-24 15:33 - 02952192 _____ () C:\Users\CrashsmashLP\AppData\Local\Lollipop\lollipop_03241333.exe
2014-03-20 16:39 - 2014-03-20 16:39 - 00023072 _____ () C:\Users\CrashsmashLP\AppData\Local\LPT\srptm.exe
2012-11-03 00:05 - 2011-05-17 14:54 - 00024576 _____ () C:\Windows\jmesoft\JME_LOAD.exe
2014-02-18 15:38 - 2014-02-18 15:38 - 00012288 _____ () C:\Program Files (x86)\MyPC Backup\GetText.dll
2014-02-25 15:37 - 2013-11-12 21:00 - 00585608 _____ () C:\Program Files (x86)\PC Speed Up\sqlite3.dll
2014-02-12 21:58 - 2014-02-12 21:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 21:58 - 2014-02-12 21:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-02-25 15:37 - 2012-07-25 13:03 - 00886272 _____ () C:\Program Files (x86)\Advanced System Protector\System.Data.SQLite.dll
2014-02-25 15:37 - 2014-01-15 19:53 - 01731312 _____ () C:\Program Files (x86)\Advanced System Protector\aspsys.dll
2014-03-03 20:43 - 2013-06-06 11:43 - 26034688 _____ () C:\Program Files (x86)\Uniblue\SpeedUpMyPC\libcef.dll
2014-03-03 20:43 - 2014-02-19 16:59 - 00452720 _____ () C:\Program Files (x86)\Uniblue\SpeedUpMyPC\x86\Trackerbird.py.clr4.dll
2014-02-06 22:19 - 2014-02-06 22:19 - 00070176 _____ () C:\Program Files (x86)\LPT\srpt.dll
2014-02-06 22:19 - 2014-02-06 22:19 - 00022048 _____ () C:\Program Files (x86)\LPT\srptc.dll
2014-02-06 22:18 - 2014-02-06 22:18 - 00018976 _____ () C:\Program Files (x86)\LPT\Smartbar.Common.dll
2014-03-20 16:39 - 2014-03-20 16:39 - 00046624 _____ () C:\Users\CrashsmashLP\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2014-03-20 16:39 - 2014-03-20 16:39 - 00068640 _____ () C:\Users\CrashsmashLP\AppData\Local\Smartbar\Application\srau.dll
2014-03-20 16:39 - 2014-03-20 16:39 - 00165408 _____ () C:\Users\CrashsmashLP\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2014-03-20 16:39 - 2014-03-20 16:39 - 02282528 _____ () C:\Users\CrashsmashLP\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2014-03-20 16:39 - 2014-03-20 16:39 - 00066592 _____ () C:\Users\CrashsmashLP\AppData\Local\Smartbar\Application\spbl.dll
2014-03-20 16:39 - 2014-03-20 16:39 - 00154656 _____ () C:\Users\CrashsmashLP\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-03-20 16:39 - 2014-03-20 16:39 - 00014368 _____ () C:\Users\CrashsmashLP\AppData\Local\Smartbar\Application\siem.dll
2014-03-20 16:39 - 2014-03-20 16:39 - 00063520 _____ () C:\Users\CrashsmashLP\AppData\Local\Smartbar\Application\sppsm.dll
2014-03-20 16:39 - 2014-03-20 16:39 - 00696352 _____ () C:\Users\CrashsmashLP\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2014-03-20 16:39 - 2014-03-20 16:39 - 00014880 _____ () C:\Users\CrashsmashLP\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2014-03-20 16:39 - 2014-03-20 16:39 - 00078368 _____ () C:\Users\CrashsmashLP\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2014-03-20 16:39 - 2014-03-20 16:39 - 00026656 _____ () C:\Users\CrashsmashLP\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2014-03-20 16:39 - 2014-03-20 16:39 - 00056352 _____ () C:\Users\CrashsmashLP\AppData\Local\Smartbar\Application\srut.dll
2014-03-20 16:39 - 2014-03-20 16:39 - 00029216 _____ () C:\Users\CrashsmashLP\AppData\Local\Smartbar\Application\srsbs.dll
2014-03-20 16:39 - 2014-03-20 16:39 - 00065056 _____ () C:\Users\CrashsmashLP\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2014-03-20 16:39 - 2014-03-20 16:39 - 00030752 _____ () C:\Users\CrashsmashLP\AppData\Local\Smartbar\Application\srom.dll
2014-03-20 16:39 - 2014-03-20 16:39 - 00030752 _____ () C:\Users\CrashsmashLP\AppData\Local\Smartbar\Application\smtu.dll
2014-03-20 16:39 - 2014-03-20 16:39 - 00038944 _____ () C:\Users\CrashsmashLP\AppData\Local\Smartbar\Application\smta.dll
2014-03-20 16:39 - 2014-03-20 16:39 - 00043552 _____ () C:\Users\CrashsmashLP\AppData\Local\Smartbar\Application\srbu.dll
2014-03-20 16:38 - 2014-03-20 16:38 - 00024096 _____ () C:\Users\CrashsmashLP\AppData\Local\Smartbar\Application\sgml.dll
2014-03-20 16:39 - 2014-03-20 16:39 - 00061472 _____ () C:\Users\CrashsmashLP\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2014-03-20 16:39 - 2014-03-20 16:39 - 00024608 _____ () C:\Users\CrashsmashLP\AppData\Local\Smartbar\Application\srpdm.dll
2014-03-20 16:38 - 2014-03-20 16:38 - 00043040 _____ () C:\Users\CrashsmashLP\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2014-03-20 16:37 - 2014-03-20 16:37 - 00026656 _____ () C:\Users\CrashsmashLP\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2014-03-20 16:39 - 2014-03-20 16:39 - 00035360 _____ () C:\Users\CrashsmashLP\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2014-03-20 16:39 - 2014-03-20 16:39 - 00193056 _____ () C:\Users\CrashsmashLP\AppData\Local\Smartbar\Application\sgmu.dll
2014-03-20 16:36 - 2014-03-20 16:36 - 00061440 _____ () C:\Users\CrashsmashLP\AppData\Local\Smartbar\Application\AxInterop.WMPLib.dll
2014-03-20 16:39 - 2014-03-20 16:39 - 00255008 _____ () C:\Users\CrashsmashLP\AppData\Local\Smartbar\Application\srns.dll
2012-04-27 00:38 - 2012-04-27 00:38 - 20758016 _____ () C:\Users\CrashsmashLP\AppData\Local\GamersFirst\LIVE!\libcef.dll
2014-03-20 16:39 - 2014-03-20 16:39 - 00077856 _____ () C:\Users\CrashsmashLP\AppData\Local\LPT\srpt.dll
2014-03-20 16:39 - 2014-03-20 16:39 - 00023072 _____ () C:\Users\CrashsmashLP\AppData\Local\LPT\srptc.dll
2014-03-20 16:38 - 2014-03-20 16:38 - 00018976 _____ () C:\Users\CrashsmashLP\AppData\Local\LPT\Smartbar.Common.dll
2014-03-20 16:39 - 2014-03-20 16:39 - 00056352 _____ () C:\Users\CrashsmashLP\AppData\Local\LPT\srut.dll
2014-03-20 16:39 - 2014-03-20 16:39 - 00063520 _____ () C:\Users\CrashsmashLP\AppData\Local\LPT\sppsm.dll
2014-03-20 16:39 - 2014-03-20 16:39 - 00154656 _____ () C:\Users\CrashsmashLP\AppData\Local\LPT\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-03-20 16:39 - 2014-03-20 16:39 - 00026656 _____ () C:\Users\CrashsmashLP\AppData\Local\LPT\Smartbar.Personalization.Common.dll
2014-03-20 16:39 - 2014-03-20 16:39 - 00165408 _____ () C:\Users\CrashsmashLP\AppData\Local\LPT\Smartbar.Infrastructure.Utilities.dll
2012-11-03 00:05 - 2011-05-17 14:27 - 00028672 _____ () C:\Windows\jmesoft\hidhook.dll
2009-12-04 17:59 - 2009-12-04 17:59 - 00619816 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMediaLibrary.dll
2009-12-04 18:04 - 2009-12-04 18:04 - 00013096 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvcPS.dll
2012-11-03 00:05 - 2012-06-25 04:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/17/2014 01:31:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Re-markit155.exe, Version: 1.155.0.0, Zeitstempel: 0x531329b6
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.2.9200.16451, Zeitstempel: 0x50988950
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x00014b32
ID des fehlerhaften Prozesses: 0xe84
Startzeit der fehlerhaften Anwendung: 0xRe-markit155.exe0
Pfad der fehlerhaften Anwendung: Re-markit155.exe1
Pfad des fehlerhaften Moduls: Re-markit155.exe2
Berichtskennung: Re-markit155.exe3
Vollständiger Name des fehlerhaften Pakets: Re-markit155.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Re-markit155.exe5

Error: (06/02/2014 04:07:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WSHost.exe, Version: 6.2.9200.16384, Zeitstempel: 0x50108842
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16579, Zeitstempel: 0x51637f77
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000001069
ID des fehlerhaften Prozesses: 0x11fc
Startzeit der fehlerhaften Anwendung: 0xWSHost.exe0
Pfad der fehlerhaften Anwendung: WSHost.exe1
Pfad des fehlerhaften Moduls: WSHost.exe2
Berichtskennung: WSHost.exe3
Vollständiger Name des fehlerhaften Pakets: WSHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: WSHost.exe5

Error: (06/02/2014 04:02:31 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to poke open firewall

Error: (06/02/2014 03:53:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNS_Execute: mDNSPlatformRawTime went backwards by 1373463062 ticks; setting correction factor to 61896425

Error: (04/23/2014 06:08:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.2.9200.16628 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 17b8

Startzeit: 01cf5f0e248d1577

Endzeit: 15

Anwendungspfad: C:\WINDOWS\Explorer.EXE

Berichts-ID: 7a143984-cb01-11e3-be8d-d43d7e1ffc88

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/06/2014 00:42:38 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to poke open firewall

Error: (04/06/2014 00:42:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SystemSettings.exe, Version 6.2.9200.16420 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: c2c

Startzeit: 01cf5184d3bce1d1

Endzeit: 31

Anwendungspfad: C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe

Berichts-ID: 2598adb0-bd78-11e3-be8d-d43d7e1ffc88

Vollständiger Name des fehlerhaften Pakets: windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: microsoft.windows.immersivecontrolpanel

Error: (04/05/2014 07:13:26 AM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to poke open firewall

Error: (04/03/2014 05:30:58 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (04/02/2014 03:13:03 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to poke open firewall


System errors:
=============
Error: (06/17/2014 02:31:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Inc. mfeapfk" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1243

Error: (06/17/2014 02:31:38 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Supporter erreicht.

Error: (06/17/2014 01:39:46 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet: 
%%127

Error: (06/17/2014 01:39:45 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet: 
%%127

Error: (06/17/2014 01:39:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet: 
%%127

Error: (06/17/2014 01:39:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet: 
%%127

Error: (06/17/2014 01:39:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet: 
%%127

Error: (06/17/2014 01:39:43 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet: 
%%127

Error: (06/17/2014 01:39:37 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet: 
%%127

Error: (06/17/2014 01:39:37 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "IP-Hilfsdienst" ist vom Dienst "Windows-Verwaltungsinstrumentation" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%127


Microsoft Office Sessions:
=========================
Error: (06/17/2014 01:31:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Re-markit155.exe1.155.0.0531329b6KERNELBASE.dll6.2.9200.1645150988950e06d736300014b32e8401cf8a1f9af7d1d7C:\Program Files (x86)\Re-markit-soft\Re-markit155.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dlldd516fe5-f612-11e3-be96-001f1fdcf1ad

Error: (06/02/2014 04:07:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: WSHost.exe6.2.9200.1638450108842ntdll.dll6.2.9200.1657951637f77c0000005000000000000106911fc01cf7e6bff8f8a6eC:\WINDOWS\WinStore\WSHost.exeC:\WINDOWS\SYSTEM32\ntdll.dll3fc6e39e-ea5f-11e3-be8e-d43d7e1ffc88

Error: (06/02/2014 04:02:31 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Failed to poke open firewall

Error: (06/02/2014 03:53:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNS_Execute: mDNSPlatformRawTime went backwards by 1373463062 ticks; setting correction factor to 61896425

Error: (04/23/2014 06:08:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.2.9200.1662817b801cf5f0e248d157715C:\WINDOWS\Explorer.EXE7a143984-cb01-11e3-be8d-d43d7e1ffc88

Error: (04/06/2014 00:42:38 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Failed to poke open firewall

Error: (04/06/2014 00:42:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SystemSettings.exe6.2.9200.16420c2c01cf5184d3bce1d131C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe2598adb0-bd78-11e3-be8d-d43d7e1ffc88windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewymicrosoft.windows.immersivecontrolpanel

Error: (04/05/2014 07:13:26 AM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Failed to poke open firewall

Error: (04/03/2014 05:30:58 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (04/02/2014 03:13:03 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Failed to poke open firewall


==================== Memory info =========================== 

Percentage of memory in use: 23%
Total physical RAM: 8152.33 MB
Available physical RAM: 6220.89 MB
Total Pagefile: 16856.33 MB
Available Pagefile: 14651.26 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:905.25 GB) (Free:627.86 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: () (Removable) (Total:3.73 GB) (Free:3.68 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 1328577F)

Partition: GPT Partition Type.

========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 4 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

M-K-D-B · 17.06.2014, 13:44

Bitte genau lesen...

Zitat:

Running from G:\zweiter lauf

Alle Tools auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind.
Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen.

Windows 8 GVU Trojaber

Plagegeister aller Art und deren Bekämpfung: Windows 8 GVU Trojaber