Im Internet werden Wörter blau markiert + Hyperlinks / Viel Werbung

ColiN17 · 24.02.2015, 21:46

Hallo zusammen,
Ich bin das erste mal hier und hoffe alles richtig zu machen.
Ich habe im Internet (Chrome und Internet Explorer) das Problem, dass Wörter blau markiert werden und wenn man mit der Maus drüber geht, sich Werbeanzeigen und neue Tabs öffnen - Neue Tabs werden auch geöffnet wenn ich mit der Maus irgendwohin klicke.
Neue Steiten für Chrome kann ich auch nicht einstellen.
Zudem versucht der Browser ständig neue Dateien runterzuladen. Der Computer ist sehr langsam geworden.

FRST-Log

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-02-2015
Ran by Jürgen (administrator) on JÜRGEN-NOTEBOOK on 24-02-2015 20:24:25
Running from C:\Users\Jürgen\Desktop
Loaded Profiles: UpdatusUser & Jürgen (Available profiles: UpdatusUser & Jürgen & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files (x86)\SupTab\HpUI.exe
() C:\Program Files (x86)\SupTab\Loader64.exe
() C:\Program Files (x86)\SupTab\Loader32.exe
(Akamai Technologies, Inc.) C:\Users\Jürgen\AppData\Local\Akamai\netsession_win.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHLE.EXE
(Akamai Technologies, Inc.) C:\Users\Jürgen\AppData\Local\Akamai\netsession_win.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\SAMSUNG\SW Update Service\SWMAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [Allin1Convert_8h Browser Plugin Loader 64] => C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hbrmon64.exe
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKLM-x32\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
HKLM-x32\...\Run: [gmsd_de_37] => [X]
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Jürgen\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\Run: [EPLTarget\P0000000000000001] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE [283232 2012-11-11] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\Run: [SlimCleaner Plus] => "C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe" /minimize
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\MountPoints2: {6e36cb99-290b-11e2-a34a-b80305d05830} - F:\LGAutoRun.exe
AppInit_DLLs-x32: c:\progra~2\searchprotect\searchprotect\bin\spvc32loader.dll => c:\Program Files (x86)\searchprotect\searchprotect\bin\spvc32loader.dll [1050912 2014-03-03] ()
AppInit_DLLs-x32:  c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32:  ,c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
Startup: C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (No File)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:60935;https=127.0.0.1:60935
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://isearch.omiga-plus.com/?type=hp&ts=1419546816&from=pcs&uid=HitachiXHTS547550A9E384_J112005MFUU59AFUU59AX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://isearch.omiga-plus.com/?type=hp&ts=1419546816&from=pcs&uid=HitachiXHTS547550A9E384_J112005MFUU59AFUU59AX
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1419546816&from=pcs&uid=HitachiXHTS547550A9E384_J112005MFUU59AFUU59AX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1419546816&from=pcs&uid=HitachiXHTS547550A9E384_J112005MFUU59AFUU59AX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://isearch.omiga-plus.com/?type=hp&ts=1419546816&from=pcs&uid=HitachiXHTS547550A9E384_J112005MFUU59AFUU59AX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://isearch.omiga-plus.com/?type=hp&ts=1419546816&from=pcs&uid=HitachiXHTS547550A9E384_J112005MFUU59AFUU59AX
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1419546816&from=pcs&uid=HitachiXHTS547550A9E384_J112005MFUU59AFUU59AX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1419546816&from=pcs&uid=HitachiXHTS547550A9E384_J112005MFUU59AFUU59AX&q={searchTerms}
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/?gws_rd=ssl
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://isearch.omiga-plus.com/?type=hp&ts=1419546816&from=pcs&uid=HitachiXHTS547550A9E384_J112005MFUU59AFUU59AX
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1419546816&from=pcs&uid=HitachiXHTS547550A9E384_J112005MFUU59AFUU59AX&q={searchTerms}
SearchScopes: HKLM -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_dsites_14_39_ie&cd=2XzuyEtN2Y1L1Qzu0EzztDtAzy0A0EyD0CyB0B0E0ByCzytBtN0D0Tzu0SzyzyyBtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StDyD0FyCyBzzzy0CtG0Bzy0CzytGzyyByDzytG0EyC0A0EtGyCyEyEyCyE0AyCtCtAyDzy0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0FtA0CyDyEtBtDtGtA0CzzzztGyEtDtA0BtGzyzyzytCtG0B0DtDzy0CyEyC0FyCtD0Ezz2Q&cr=1374966071&ir=
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1419546816&from=pcs&uid=HitachiXHTS547550A9E384_J112005MFUU59AFUU59AX&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1419546816&from=pcs&uid=HitachiXHTS547550A9E384_J112005MFUU59AFUU59AX&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1419546816&from=pcs&uid=HitachiXHTS547550A9E384_J112005MFUU59AFUU59AX&q={searchTerms}
SearchScopes: HKLM-x32 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&crg=3.62010009&ptr=100&st=12&q={searchTerms}&barid={AE199AE0-26DA-11E3-A815-B80305D05830}
SearchScopes: HKU\S-1-5-21-1656143743-13120863-1912775482-1001 -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={AE199AE0-26DA-11E3-A815-B80305D05830}&UPN2=92264240797806004&&st=23&did=10963&ptr=100
SearchScopes: HKU\S-1-5-21-1656143743-13120863-1912775482-1001 -> URL hxxp://www.trovigo.com/Results.aspx?gd=&ctid=CT3318001&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP71F23A66-DCF3-4EEA-AFEB-AB451F369A3E&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-1656143743-13120863-1912775482-1001 -> SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
SearchScopes: HKU\S-1-5-21-1656143743-13120863-1912775482-1001 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovigo.com/Results.aspx?gd=&ctid=CT3318001&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP71F23A66-DCF3-4EEA-AFEB-AB451F369A3E&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-1656143743-13120863-1912775482-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_dsites_14_39_ie&cd=2XzuyEtN2Y1L1Qzu0EzztDtAzy0A0EyD0CyB0B0E0ByCzytBtN0D0Tzu0SzyzyyBtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StDyD0FyCyBzzzy0CtG0Bzy0CzytGzyyByDzytG0EyC0A0EtGyCyEyEyCyE0AyCtCtAyDzy0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0FtA0CyDyEtBtDtGtA0CzzzztGyEtDtA0BtGzyzyzytCtG0B0DtDzy0CyEyC0FyCtD0Ezz2Q&cr=1374966071&ir=
SearchScopes: HKU\S-1-5-21-1656143743-13120863-1912775482-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1419546816&from=pcs&uid=HitachiXHTS547550A9E384_J112005MFUU59AFUU59AX&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1656143743-13120863-1912775482-1001 -> {4813F554-420C-4BDC-8EB2-539D7C50083E} URL = hxxp://www.search.ask.com/web?tpid=ORJ-ST-SPE&o=APN11461&pf=V7&p2=%5EBE7%5EOSJ000%5EYY%5EDE&gct=&itbv=12.15.5.31&apn_uid=944DC55B-44CD-4ADC-B7FA-352EC21F01D7&apn_ptnrs=BE7&apn_dtid=%5EOSJ000%5EYY%5EDE&apn_dbr=ie_11.0.9600.17239&doi=2014-08-18&trgb=IE&q={searchTerms}&psv=&pt=tb
SearchScopes: HKU\S-1-5-21-1656143743-13120863-1912775482-1001 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={AE199AE0-26DA-11E3-A815-B80305D05830}&UPN2=92264240797806004&&st=23&did=10963&ptr=100
BHO: lowruatE -> {3909cdc1-511d-4245-a49c-3e64a490f673} -> C:\Program Files (x86)\lowruatE\Mola4rU3D8ua0c.x64.dll ()
BHO: QuickshoPP -> {5d3fbe76-dc57-4c4c-b398-1f5f52975bbc} -> C:\ProgramData\QuickshoPP\BC6nZw04IkFyiH.x64.dll ()
BHO: cheaap4aLll -> {723b33cb-7e50-4027-8c42-114b19ae1621} -> C:\Program Files (x86)\cheaap4aLll\LzGLgpAtaCnhiW.x64.dll ()
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: appsaVe -> {9d4eb179-63d7-489e-ab2f-cd2ab5834197} -> C:\Program Files (x86)\appsaVe\whQcTDlG52IU8I.x64.dll ()
BHO: nicEnufreeo -> {b3fafa69-7783-4e42-bdf4-ed1fae3cf7a7} -> C:\Program Files (x86)\nicEnufreeo\QgNuEKFXNGNY1d.x64.dll ()
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: lowruatE -> {3909cdc1-511d-4245-a49c-3e64a490f673} -> C:\Program Files (x86)\lowruatE\Mola4rU3D8ua0c.dll ()
BHO-x32: QuickshoPP -> {5d3fbe76-dc57-4c4c-b398-1f5f52975bbc} -> C:\ProgramData\QuickshoPP\BC6nZw04IkFyiH.dll ()
BHO-x32: cheaap4aLll -> {723b33cb-7e50-4027-8c42-114b19ae1621} -> C:\Program Files (x86)\cheaap4aLll\LzGLgpAtaCnhiW.dll ()
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: appsaVe -> {9d4eb179-63d7-489e-ab2f-cd2ab5834197} -> C:\Program Files (x86)\appsaVe\whQcTDlG52IU8I.dll ()
BHO-x32: No Name -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} ->  No File
BHO-x32: Samsung BHO Class -> {AA609D72-8482-4076-8991-8CDAE5B93BCB} -> C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
BHO-x32: nicEnufreeo -> {b3fafa69-7783-4e42-bdf4-ed1fae3cf7a7} -> C:\Program Files (x86)\nicEnufreeo\QgNuEKFXNGNY1d.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKU\S-1-5-21-1656143743-13120863-1912775482-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-1656143743-13120863-1912775482-1001 -> No Name - {4F524A2D-5350-4500-76A7-7A786E7484D7} -  No File
Toolbar: HKU\S-1-5-21-1656143743-13120863-1912775482-1001 -> No Name - {4F524A2D-5354-2D53-5045-7A786E7484D7} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (offErraapp) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\abbnbfnmbefhkljaoilbflnhifonpcnd [2015-02-19]
CHR Extension: (No Name) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\beckihifaobcggnkcokhhnmcimkmdfco [2015-01-15]
CHR Extension: (metalmouth voice browser) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmogbhmnbehfapbmjlaoflagfobahfli [2015-02-19]
CHR Extension: (Utime) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpcibgnngaaabebmcabmkocdokepdaki [2015-02-04]
CHR Extension: (nitrodeoaalo) - C:\ProgramData\dpcmioaopgimeiknogfhiocbmflndibo\ [2015-02-04]
CHR Profile: C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (offErraapp) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\abbnbfnmbefhkljaoilbflnhifonpcnd [2015-02-19]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-15]
CHR Extension: (metalmouth voice browser) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bmogbhmnbehfapbmjlaoflagfobahfli [2015-02-19]
CHR Extension: (Utime) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kpcibgnngaaabebmcabmkocdokepdaki [2015-02-04]
CHR Extension: (Google Wallet) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-15]
CHR Extension: (nitrodeoaalo) - C:\ProgramData\dpcmioaopgimeiknogfhiocbmflndibo\ [2014-12-15]
CHR HKLM\...\Chrome\Extension: [pfkfdlcdbajamklbneflfbcmfgddmpae] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1656143743-13120863-1912775482-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pfkfdlcdbajamklbneflfbcmfgddmpae] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pfkfdlcdbajamklbneflfbcmfgddmpae] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2014-12-15] ()
R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [921664 2011-11-14] (Intel Corporation) [File not signed]
R3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1355840 2011-11-14] (Intel Corporation) [File not signed]
R2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [995392 2011-11-14] (Intel Corporation) [File not signed]
S4 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2454816 2014-03-03] () [File not signed]
R2 db79edbd; c:\Program Files (x86)\LighterSystem\LighterSystem.dll [2279936 2015-01-15] () [File not signed]
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [715656 2014-12-25] (Cherished Technololgy LIMITED)
S2 libusbd; C:\Windows\SysWOW64\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2014-05-30] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] () [File not signed]
S3 Samsung UPD Service2; C:\windows\System32\SUPDSvc2.exe [165456 2011-12-02] (Samsung Electronics)
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3018800 2013-10-21] (Samsung Electronics CO., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [485888 2014-12-25] (Fuyu LIMITED) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2014-10-11] ()
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] () [File not signed]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2014-10-11] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-07-30] (Windows (R) 2003 DDK 3790 provider)
R2 SGDrv; C:\Windows\System32\DRIVERS\SGdrv64.sys [7680 2011-04-11] (Phoenix Technologies Ltd.)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-09-26] ()
R1 {06b43f25-e282-4a26-a8ba-987e86000cdf}Gw64; C:\Windows\System32\drivers\{06b43f25-e282-4a26-a8ba-987e86000cdf}Gw64.sys [48784 2014-12-24] (StdLib)
S3 AthBTPort; system32\DRIVERS\btath_flt.sys [X]
S3 athr; system32\DRIVERS\athrx.sys [X]
S3 BTATH_A2DP; system32\drivers\btath_a2dp.sys [X]
S3 btath_avdt; system32\drivers\btath_avdt.sys [X]
S3 BTATH_BUS; system32\DRIVERS\btath_bus.sys [X]
S3 BTATH_HCRP; system32\DRIVERS\btath_hcrp.sys [X]
S3 BTATH_LWFLT; system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; system32\DRIVERS\btath_rcp.sys [X]
S3 BtFilter; system32\DRIVERS\btfilter.sys [X]
S1 cherimoya; system32\drivers\cherimoya.sys [X]
S3 cpuz134; \??\C:\Users\JRGEN~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 SBIOSIO; \??\C:\Users\JRGEN~1\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys [X]
S3 wolf; \??\C:\AeriaGames\WolfTeam-DE\avital\wolf64.sys [X]
S1 wpnfd_1_10_0_1; system32\drivers\wpnfd_1_10_0_1.sys [X]
S3 xhunter1; \??\C:\windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-24 20:24 - 2015-02-24 20:30 - 00026555 _____ () C:\Users\Jürgen\Desktop\FRST.txt
2015-02-24 20:24 - 2015-02-24 20:25 - 00000000 ____D () C:\FRST
2015-02-24 20:23 - 2015-02-24 20:23 - 02087424 _____ (Farbar) C:\Users\Jürgen\Desktop\FRST64.exe
2015-02-24 20:22 - 2015-02-24 20:22 - 00000474 _____ () C:\Users\Jürgen\Desktop\defogger_disable.log
2015-02-24 20:22 - 2015-02-24 20:22 - 00000000 _____ () C:\Users\Jürgen\defogger_reenable
2015-02-24 20:20 - 2015-02-24 20:20 - 00050477 _____ () C:\Users\Jürgen\Desktop\Defogger.exe
2015-02-24 20:11 - 2015-02-24 20:11 - 00000000 ____D () C:\Users\Jürgen\Desktop\Neuer Ordner
2015-02-23 22:19 - 2015-01-29 17:49 - 113756392 _____ (Microsoft Corporation) C:\windows\SysWOW64\MRT.exe
2015-02-23 20:23 - 2015-02-23 20:23 - 00000564 _____ () C:\windows\wmsetup.log
2015-02-23 20:23 - 2015-02-23 20:23 - 00000000 ____D () C:\Users\Jürgen\Documents\Riptide
2015-02-23 20:23 - 2015-02-23 20:23 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Chromium
2015-02-23 18:48 - 2015-02-23 18:48 - 00002259 _____ () C:\Users\Jürgen\Desktop\Chrome App Launcher.lnk
2015-02-23 18:48 - 2015-02-23 18:48 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-21 16:13 - 2015-02-21 16:13 - 00000274 _____ () C:\Users\Jürgen\AppData\Roaming\removeAllComponents.bat
2015-02-21 16:13 - 2015-02-21 16:13 - 00000143 _____ () C:\Users\Jürgen\AppData\Roaming\tmp_unregister.bat
2015-02-21 14:41 - 2015-02-21 14:41 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Steam
2015-02-20 16:27 - 2015-02-20 16:27 - 00000000 _____ () C:\windows\SysWOW64\sho602D.tmp
2015-02-19 23:20 - 2015-02-19 23:21 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\{77A394FF-250E-450A-AB1E-D87C5A2C591B}
2015-02-19 16:12 - 2015-02-19 16:13 - 00000000 ____D () C:\Program Files (x86)\cheaap4aLll
2015-02-19 16:12 - 2015-02-19 16:12 - 00000000 ____D () C:\Program Files (x86)\metalmouth voice browser
2015-02-19 16:09 - 2015-02-19 16:11 - 00000000 ____D () C:\Program Files (x86)\nicEnufreeo
2015-02-19 16:09 - 2015-02-19 16:11 - 00000000 ____D () C:\Program Files (x86)\auppsaave
2015-02-19 16:09 - 2015-02-19 16:09 - 00000000 ____D () C:\Program Files (x86)\offErraapp
2015-02-19 16:06 - 2015-02-19 16:09 - 00000000 ____D () C:\Program Files (x86)\fastsaeler
2015-02-19 16:02 - 2015-02-19 16:03 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Risen
2015-02-19 15:49 - 2015-02-19 15:49 - 00000000 ____D () C:\Program Files (x86)\Deep Silver
2015-02-12 23:23 - 2015-02-12 23:23 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\{1C7F2C48-3377-4EA1-8991-C137FA78B7FC}
2015-02-12 13:33 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-02-12 13:33 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-02-12 13:33 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-02-12 13:33 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-02-11 14:56 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-02-11 14:56 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-02-11 14:56 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-02-11 14:56 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-02-11 14:56 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-02-11 14:56 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-02-11 14:56 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-02-11 14:56 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2015-02-11 14:56 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-02-11 14:55 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-02-11 14:55 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-02-11 14:55 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-02-11 14:55 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-02-11 14:55 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-02-11 14:55 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-02-11 14:55 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-02-11 14:55 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-02-11 14:55 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-02-11 14:55 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-02-11 14:55 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-02-11 14:55 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-02-11 14:55 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-02-11 14:55 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-02-11 14:55 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-02-11 14:55 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-02-11 14:55 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-02-11 14:55 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-02-11 14:55 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-02-11 14:55 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 14:55 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-02-11 14:55 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-02-11 14:55 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-02-11 14:55 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-02-11 14:55 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-02-11 14:55 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-02-11 14:55 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-02-11 14:55 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-02-11 14:55 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-02-11 14:55 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-02-11 14:55 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-02-11 14:55 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-02-11 14:55 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-02-11 14:55 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-02-11 14:55 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-02-11 14:55 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-02-11 14:55 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-02-11 14:55 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-02-11 14:55 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 14:55 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-02-11 14:55 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-02-11 14:55 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-02-11 14:55 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-02-11 14:55 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-02-11 14:55 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-02-11 14:55 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-02-11 14:55 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-02-11 14:55 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-02-11 14:55 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-02-11 14:55 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-02-11 14:55 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-02-11 14:55 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-02-11 14:54 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-02-11 14:54 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-02-11 14:54 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-02-11 14:54 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-02-11 14:54 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-02-11 14:54 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-02-11 14:54 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-02-11 14:54 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-02-11 14:54 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-02-11 14:54 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-02-11 14:54 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-02-11 14:54 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-02-11 14:54 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-02-11 14:54 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-02-11 14:54 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-02-11 14:54 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-02-11 14:54 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-02-11 14:54 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-02-11 14:54 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-02-11 14:54 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2015-02-11 14:53 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-02-11 14:53 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2015-02-11 14:53 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2015-02-11 14:53 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2015-02-11 14:53 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2015-02-11 14:53 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2015-02-11 14:52 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2015-02-11 14:52 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2015-02-11 14:50 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-02-11 14:50 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-02-11 14:50 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-02-11 14:50 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-02-11 14:50 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-02-11 14:50 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-02-11 14:50 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-02-11 14:50 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2015-02-11 14:50 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll
2015-02-11 14:49 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-02-07 08:09 - 2015-02-07 08:09 - 00000020 _____ () C:\Users\Gast\AppData\Roaming\appdataFr3.bin
2015-02-05 16:23 - 2015-02-05 16:23 - 00000000 ____D () C:\ProgramData\cheapcoup
2015-02-04 22:29 - 2015-02-23 20:31 - 00000020 _____ () C:\Users\Jürgen\AppData\Roaming\appdataFr3.bin
2015-02-04 22:01 - 2015-02-04 22:01 - 00000000 ____D () C:\ProgramData\cheap-o
2015-02-04 16:40 - 2015-02-24 20:13 - 00004157 _____ () C:\windows\setupact.log
2015-02-04 16:40 - 2015-02-04 16:40 - 00000000 _____ () C:\windows\setuperr.log
2015-02-04 13:54 - 2015-02-04 13:54 - 00000000 ____D () C:\ProgramData\dpcmioaopgimeiknogfhiocbmflndibo
2015-02-04 13:54 - 2015-02-04 13:54 - 00000000 ____D () C:\Program Files (x86)\Utime
2015-02-04 13:54 - 2015-02-04 13:54 - 00000000 ____D () C:\Program Files (x86)\nitrodeoaalo
2015-02-04 13:53 - 2015-02-04 13:53 - 00000000 ____D () C:\Program Files (x86)\appsaVe
2015-02-04 13:52 - 2015-02-19 16:12 - 00000000 ____D () C:\ProgramData\12432574668826275089
2015-02-04 13:52 - 2015-02-04 13:53 - 00000000 ____D () C:\Program Files (x86)\offfeordealu
2015-02-04 13:52 - 2015-02-04 13:53 - 00000000 ____D () C:\Program Files (x86)\lowruatE
2015-02-04 13:52 - 2015-02-04 13:53 - 00000000 ____D () C:\Program Files (x86)\Dollarsavver
2015-01-29 20:20 - 2015-01-29 20:20 - 00301608 _____ (VuuPC Limited) C:\Users\Jürgen\AppData\Local\nsn4966.tmp
2015-01-29 20:16 - 2015-01-29 20:16 - 00000000 ____D () C:\ProgramData\Uniblue
2015-01-29 19:26 - 2015-01-29 19:26 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\com
2015-01-29 19:17 - 2015-01-29 20:20 - 00003476 _____ () C:\windows\System32\Tasks\ProPCCleaner_Popup
2015-01-29 19:17 - 2015-01-29 19:17 - 00004030 _____ () C:\windows\System32\Tasks\LaunchSignup
2015-01-29 19:17 - 2015-01-29 19:17 - 00003212 _____ () C:\windows\System32\Tasks\ProPCCleaner_Start
2015-01-29 19:17 - 2015-01-29 19:17 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Pro_PC_Cleaner
2015-01-29 19:14 - 2015-01-29 19:14 - 01974744 _____ (MPlyerVenture) C:\Users\Jürgen\AppData\Roaming\JFHJUKWM.exe
2015-01-29 19:14 - 2015-01-29 19:14 - 00001690 _____ () C:\windows\Tasks\JFHJUKWM.job
2015-01-29 19:13 - 2015-02-21 16:12 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\ContextTrue
2015-01-28 17:32 - 2015-02-06 19:24 - 00000000 ____D () C:\Users\Jürgen\Downloads\Papa
2015-01-28 17:30 - 2015-01-28 17:31 - 00000000 ____D () C:\Users\Jürgen\Downloads\BilderKevin
2015-01-28 17:30 - 2015-01-28 17:30 - 00000000 ____D () C:\Users\Jürgen\Downloads\Virenprogramm
2015-01-28 17:29 - 2015-02-24 12:29 - 00000000 ____D () C:\Users\Jürgen\Downloads\Spiele
2015-01-28 17:27 - 2015-01-28 17:27 - 00000000 ____D () C:\Users\Jürgen\Downloads\MusikPapa
2015-01-27 14:06 - 2015-02-23 18:46 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-01-25 17:12 - 2015-01-25 17:12 - 00001248 _____ () C:\Users\Jürgen\AppData\Roaming\JFHJUKWM

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-24 20:22 - 2012-11-07 12:45 - 00000000 ____D () C:\Users\Jürgen
2015-02-24 20:21 - 2009-07-14 05:45 - 00028624 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-24 20:21 - 2009-07-14 05:45 - 00028624 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-24 20:17 - 2012-03-08 23:10 - 02074627 _____ () C:\windows\WindowsUpdate.log
2015-02-24 20:14 - 2013-05-13 21:07 - 00000443 _____ () C:\windows\system32\Drivers\etc\hosts.ics
2015-02-24 20:13 - 2014-09-24 21:54 - 00000368 _____ () C:\windows\Tasks\SlimCleaner Plus (Scheduled Scan - Jürgen).job
2015-02-24 20:13 - 2013-02-17 18:12 - 00001106 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-24 20:13 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-02-24 19:56 - 2013-02-17 18:12 - 00001110 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-24 19:32 - 2012-11-14 16:59 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-02-24 18:03 - 2014-01-19 19:09 - 01132544 ___SH () C:\Users\Jürgen\Desktop\Thumbs.db
2015-02-24 17:55 - 2014-01-06 03:01 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-23 22:09 - 2012-11-07 16:11 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\SoftGrid Client
2015-02-23 22:08 - 2013-11-08 16:29 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-23 22:08 - 2013-11-08 16:28 - 00000000 ____D () C:\Program Files (x86)\Java
2015-02-23 22:06 - 2014-08-18 16:57 - 00272296 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2015-02-23 22:06 - 2014-08-18 16:56 - 00176552 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2015-02-23 22:06 - 2014-08-18 16:56 - 00176552 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2015-02-23 22:06 - 2013-11-08 16:29 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2015-02-23 20:22 - 2012-03-08 07:20 - 00231465 _____ () C:\windows\DirectX.log
2015-02-23 18:49 - 2012-11-07 20:27 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\CrashDumps
2015-02-23 17:43 - 2009-07-14 06:32 - 00000000 ____D () C:\windows\system32\FxsTmp
2015-02-22 18:57 - 2010-11-21 04:47 - 00903882 _____ () C:\windows\PFRO.log
2015-02-21 16:16 - 2012-03-08 07:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-02-21 16:13 - 2014-07-08 18:00 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\Security Systems
2015-02-21 16:11 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-21 16:10 - 2013-10-15 17:42 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-02-21 14:48 - 2013-04-27 14:02 - 00000000 ___RD () C:\Users\Jürgen\Desktop\Colin
2015-02-21 14:44 - 2014-06-19 17:53 - 00000000 ____D () C:\Program Files (x86)\Ubi Soft
2015-02-21 12:36 - 2009-07-14 06:08 - 00032632 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2015-02-19 15:48 - 2012-03-08 06:14 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-18 12:14 - 2012-03-08 22:43 - 00700134 _____ () C:\windows\system32\perfh007.dat
2015-02-18 12:14 - 2012-03-08 22:43 - 00149984 _____ () C:\windows\system32\perfc007.dat
2015-02-18 12:14 - 2009-07-14 06:13 - 01622300 _____ () C:\windows\system32\PerfStringBackup.INI
2015-02-13 20:19 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\rescache
2015-02-11 19:11 - 2009-07-14 05:45 - 00471704 _____ () C:\windows\system32\FNTCACHE.DAT
2015-02-11 19:09 - 2014-12-10 18:41 - 00000000 ____D () C:\windows\system32\appraiser
2015-02-11 19:09 - 2014-05-06 11:58 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-02-11 15:44 - 2012-11-09 19:21 - 00001912 _____ () C:\windows\epplauncher.mif
2015-02-11 15:43 - 2013-08-15 09:47 - 00000000 ____D () C:\windows\system32\MRT
2015-02-11 15:43 - 2012-11-09 19:21 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-02-11 15:43 - 2012-11-09 19:21 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-02-11 15:43 - 2012-11-09 19:21 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2015-02-11 14:30 - 2012-11-07 13:05 - 00122928 _____ () C:\Users\Jürgen\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-07 08:08 - 2015-01-05 16:37 - 00122928 _____ () C:\Users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-06 19:24 - 2014-06-21 18:02 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Adobe
2015-02-05 19:40 - 2012-11-15 14:28 - 00000000 ____D () C:\Users\Jürgen\Desktop\Eigene Dateien
2015-02-05 18:32 - 2012-11-14 16:59 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-02-05 18:32 - 2012-11-14 16:59 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-05 18:32 - 2012-11-14 16:59 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-02-04 14:22 - 2015-01-24 16:55 - 00000000 ____D () C:\windows\Minidump
2015-02-01 14:28 - 2013-11-12 16:50 - 00000232 _____ () C:\Users\Jürgen\AppData\Roaming\WB.CFG
2015-01-30 01:19 - 2014-12-25 14:47 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2015-01-29 20:37 - 2012-11-11 11:14 - 00000000 ____D () C:\Program Files (x86)\ABBYY FineReader 9.0 Sprint
2015-01-29 17:49 - 2012-11-07 13:33 - 116773704 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-01-29 07:11 - 2013-02-17 18:12 - 00000000 ____D () C:\Program Files\Google
2015-01-29 07:11 - 2013-02-17 18:11 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-29 06:58 - 2015-01-15 16:06 - 00000000 ____D () C:\ProgramData\QuickshoPP
2015-01-28 17:34 - 2014-03-15 13:06 - 00000000 ____D () C:\Users\Jürgen\Downloads\Schule
2015-01-28 17:34 - 2014-03-15 13:04 - 00000000 ____D () C:\Users\Jürgen\Downloads\Musik
2015-01-28 17:28 - 2014-03-15 13:05 - 00000000 ____D () C:\Users\Jürgen\Downloads\Minecraft
2015-01-28 17:24 - 2013-02-17 18:11 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Google

==================== Files in the root of some directories =======

2015-02-04 22:29 - 2015-02-23 20:31 - 0000020 _____ () C:\Users\Jürgen\AppData\Roaming\appdataFr3.bin
2015-01-25 17:12 - 2015-01-25 17:12 - 0001248 _____ () C:\Users\Jürgen\AppData\Roaming\JFHJUKWM
2015-01-29 19:14 - 2015-01-29 19:14 - 1974744 _____ (MPlyerVenture) C:\Users\Jürgen\AppData\Roaming\JFHJUKWM.exe
2014-09-01 09:18 - 2014-09-01 09:18 - 0002086 _____ () C:\Users\Jürgen\AppData\Roaming\JYL
2015-02-21 16:13 - 2015-02-21 16:13 - 0000274 _____ () C:\Users\Jürgen\AppData\Roaming\removeAllComponents.bat
2014-09-01 09:18 - 2014-09-01 09:18 - 0001248 _____ () C:\Users\Jürgen\AppData\Roaming\ROPUHBSS
2014-12-25 14:47 - 2014-12-25 14:47 - 1952744 _____ (Object Browser) C:\Users\Jürgen\AppData\Roaming\ROPUHBSS.exe
2014-07-08 18:01 - 2014-07-08 18:01 - 0000138 _____ () C:\Users\Jürgen\AppData\Roaming\tmp_register.bat
2015-02-21 16:13 - 2015-02-21 16:13 - 0000143 _____ () C:\Users\Jürgen\AppData\Roaming\tmp_unregister.bat
2013-11-12 16:50 - 2015-02-01 14:28 - 0000232 _____ () C:\Users\Jürgen\AppData\Roaming\WB.CFG
2013-11-12 16:50 - 2013-11-21 14:50 - 0000006 _____ () C:\Users\Jürgen\AppData\Roaming\WBPU-TTL.DAT
2014-09-01 09:18 - 2014-09-01 09:18 - 0001248 _____ () C:\Users\Jürgen\AppData\Roaming\WHDNEP
2014-12-25 15:01 - 2014-12-25 15:01 - 1881568 _____ (Cin-Plus1.4AIV08.12) C:\Users\Jürgen\AppData\Roaming\WHDNEP.exe
2014-05-11 21:26 - 2014-05-11 21:26 - 0000000 ___SH () C:\Users\Jürgen\AppData\Local\LumaEmu
2015-01-29 20:20 - 2015-01-29 20:20 - 0301608 _____ (VuuPC Limited) C:\Users\Jürgen\AppData\Local\nsn4966.tmp
2014-10-15 01:27 - 2014-10-15 01:27 - 0000906 _____ () C:\Users\Jürgen\AppData\Local\recently-used.xbel
2012-11-08 13:20 - 2012-11-08 13:20 - 0000017 _____ () C:\Users\Jürgen\AppData\Local\resmon.resmoncfg
2012-03-08 07:48 - 2012-03-08 07:48 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2012-03-08 07:43 - 2012-03-08 07:43 - 0000113 _____ () C:\ProgramData\{34FBC7C4-CD31-4D93-A428-0E524EAC4586}.log
2012-03-08 07:46 - 2012-03-08 07:46 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-03-08 07:43 - 2012-03-08 07:45 - 0000106 _____ () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log
2012-03-08 07:46 - 2012-03-08 07:48 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log

Some content of TEMP:
====================
C:\Users\Jürgen\AppData\Local\Temp\jre-8u31-windows-au.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-24 08:25

==================== End Of Log ============================

Addition-Log

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-02-2015
Ran by Jürgen at 2015-02-24 20:31:07
Running from C:\Users\Jürgen\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Benutzerhandbuch EPSON SX235 Series (HKLM-x32\...\EPSON SX235 Series Useg) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
cheapcoup (HKLM-x32\...\{37476589-E48E-439E-A706-56189E2ED4C4}_is1) (Version:  - cheapcoup) <==== ATTENTION
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.)
CyberLink Media+ Player10 (HKLM-x32\...\InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}) (Version: 10.0.1110.00 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1130a - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3306 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.5016 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dead Island Riptide (HKLM-x32\...\Steam App 216250) (Version:  - Techland)
DMUninstaller (HKLM-x32\...\DMUninstaller) (Version:  - ) <==== ATTENTION
Easy File Share (HKLM-x32\...\{12F81925-F3C1-40DB-91F7-777817974319}) (Version: 1.3.1 - Samsung Electronics CO., LTD.)
Easy Migration (HKLM-x32\...\{AD86049C-3D9C-43E1-BE73-643F57D83D50}) (Version: 1.0 - Samsung Electronics Co., Ltd.)
Easy Settings (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 1.1 - Samsung Electronics CO., LTD.)
Easy Support Center (HKLM\...\{0738F5F1-8E70-49A6-8692-F5722E1E5A4D}) (Version: 1.2.32 - Samsung Electronics CO., LTD.)
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung)
Epson Easy Photo Print 2 (HKLM-x32\...\{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}) (Version: 2.2.4.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON SX235 Series Printer Uninstall (HKLM\...\EPSON SX235 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2622 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{90F00673-A276-4A58-B675-B426D39D1E09}) (Version: 15.3.0.0398 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{077BF055-512A-4D48-B3C2-44AD860FEB0A}) (Version: 1.3.0.0621 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.5.1001 - Intel Corporation)
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{ECE5B218-A086-4E18-A362-D11181681457}) (Version: 15.03.1000.1637 - Intel Corporation)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.2.11.20121025 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{5DB849D6-9392-4FB7-9ABB-87ED433152E5}) (Version: 3.8.1 - LG Electronics)
LibUSB-Win32-0.1.10.1 (HKLM-x32\...\LibUSB-Win32_is1) (Version: 0.1.10.1 - LibUSB-Win32)
LighterSystem (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{db79edbd}) (Version:  - Software Publisher) <==== ATTENTION
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version:  - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version:  - )
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Multimedia POP (HKLM-x32\...\{331ECF61-69AF-4F57-AC35-AFED610231C3}) (Version: 1.0 - )
Netzwerkhandbuch EPSON SX235 Series (HKLM-x32\...\EPSON SX235 Series Netg) (Version:  - )
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pro PC Cleaner (HKLM-x32\...\{C3060724-6AC7-4BEF-B516-4F6B1D90887D}) (Version: 2.5.5 - Pro PC Cleaner)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.44.421.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6413 - Realtek Semiconductor Corp.)
Risen (HKLM-x32\...\{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}) (Version: 1.00.0000 - Deep Silver)
S Agent (Version: 1.1.45 - Samsung Electronics CO., LTD.) Hidden
Samsung AllShare (HKLM-x32\...\InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}) (Version: 2.1.0.12013_8 - Samsung Electronics Co., Ltd.)
Samsung AllShare (x32 Version: 2.1.0.12013_8 - Samsung Electronics Co., Ltd.) Hidden
Samsung AnyWeb Print (HKLM-x32\...\{318DBE01-1E6B-4243-84B0-210391FE789A}) (Version: 2.0.67.1 - Samsung Electronics Co., Ltd.)
Samsung Recovery Solution 5 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.6.0.2 - Samsung Electronics CO., LTD.)
Samsung Universal Print Driver (HKLM-x32\...\Samsung Universal Print Driver) (Version: 2.03.01.00:36 - Samsung Electronics Co., Ltd.)
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.6.0 - Samsung Electronics Co., Ltd.)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.11.11.7 - Conduit) <==== ATTENTION
Software Launcher (HKLM-x32\...\{B750B5C2-CC17-4967-905B-29F4EB986131}) (Version: 1.0.2 - Samsung)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
SW Update (HKLM-x32\...\{DA06101F-FD76-4BF0-88BD-B26A197005E3}) (Version: 2.1.21 - Samsung Electronics CO., LTD.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.7.0 - Synaptics Incorporated)
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.3 - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
WinRAR 5.01 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

24-02-2015 08:32:09 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {154ACA5C-B2CB-4012-B7F4-08A7966C760A} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2012-10-30] (SEC)
Task: {1EC0E643-3FDF-4482-9A1E-AFD67DEC9349} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {20C1BA12-2C1B-42D8-B3A2-1F8DCDD1569D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {23146614-5F08-428B-BC7B-486427B6BB7B} - System32\Tasks\ProPCCleaner_Popup => C:\Program Files (x86)\Pro PC Cleaner\Splash.exe
Task: {29159C05-0D5C-4838-9A27-7484269528CB} - System32\Tasks\{1007D56E-DACF-48DF-98D8-92D1F0C7B371} => pcalua.exe -a "C:\Users\Jürgen\Downloads\setupd (1).exe" -d C:\Users\Jürgen\Downloads
Task: {2E6E4566-BACF-4871-8E17-8D0D60B225C2} - System32\Tasks\{B7691239-6637-4059-AE84-128E03EFA274} => pcalua.exe -a "C:\Program Files (x86)\Search Extensions\uninstall.exe" -c /u=true /UserID=f2a5958a-3552-45f3-b697-cb2dc159f52f /SourceID=browsersafeguard-rockettab-solimba /ImplementationID=browsersafeguard-rockettab-solimba /UC=20141225
Task: {31BFE392-27B1-4953-9240-7BCE4F2783C3} - System32\Tasks\EasySupportCenter => C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe [2013-01-22] (Samsung Electronics CO., LTD.)
Task: {36C9BD2F-A111-488F-A031-6D412033A55A} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION
Task: {38962509-F7EE-4278-A3CA-4357210F5917} - System32\Tasks\SCCSpeedBoot => C:\Program Files (x86)\Samsung\Easy Settings\SCCSpeedBoot.exe [2012-03-27] (Samsung Electronics Co., Ltd.)
Task: {3C478402-30B5-4EED-8C5B-AD2A4D870FCF} - System32\Tasks\SMupdate1 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update1 <==== ATTENTION
Task: {3E96A105-F9BD-48B0-AE88-E632C5F5699D} - System32\Tasks\{157764D6-4363-43FE-B3D3-9EB2EB7E3027} => pcalua.exe -a C:\Users\Jürgen\Downloads\LCGenericName02.exe -d C:\Users\Jürgen\Downloads
Task: {403FBC0B-0C4C-499F-89BF-320F820ABDEA} - System32\Tasks\RPC => C:\Program Files (x86)\RPC\Reg Pro Cleaner\RegProCleaner.exe
Task: {48F3E295-8257-4978-BF75-420B3A76D6DC} - System32\Tasks\{62D67987-52D3-469A-B426-43188359DAFA} => pcalua.exe -a E:\aoesetup.exe -d E:\ -c /autorun
Task: {55D4A1FF-D900-4B12-93C0-28BFDFC7038A} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe [2012-05-30] (Samsung Electronics Co., Ltd.)
Task: {58C08D85-B437-4727-8F60-9A04043458D7} - System32\Tasks\{FBA6B7CE-3DCD-405E-846A-6B291C3206F5} => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
Task: {5CB1B98D-4D4B-4CDE-91A3-D8695836D54A} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {6AAC3FF0-BB3A-4525-BC76-C9B467FD617C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {6F745946-47CC-4608-AF3D-2584C31346E5} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {78A1129F-5E0C-4229-83B8-0947C56CE8B6} - System32\Tasks\{B7FC3AFD-FD63-4F26-B64C-30C13B877806} => pcalua.exe -a E:\setup.exe -d E:\
Task: {7C960D05-6D4F-4B52-9CD4-C5947FDD91D2} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
Task: {7D5606FD-53F7-4A7A-B830-2743EFA23711} - System32\Tasks\YTDownloader => C:\Program Files (x86)\YTDownloader\YTDownloader.exe <==== ATTENTION
Task: {86BE6832-E0F5-464D-92E8-26378B547BE4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {948FAADC-F70A-490C-AB65-14A746EBD50D} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {94B986E6-7DE3-428C-BBF3-0946C6B2B552} - System32\Tasks\SlimCleaner Plus (Scheduled Scan - Jürgen) => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
Task: {997D8B03-A738-4625-BDCF-4C17E81FC87C} - System32\Tasks\PC Speed Maximizer Schedule => C:\Program Files (x86)\PC Speed Maximizer\SPMSchedule.exe
Task: {A2794569-2F71-45BD-9E57-E6CCBB23A9DE} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe [2012-04-25] (Samsung Electronics Co., Ltd.)
Task: {B9CC8ED8-153E-46A3-BDBA-05E4434F0FB0} - System32\Tasks\{9DECFD20-BB12-4E77-8E8C-4C8290775ABE} => pcalua.exe -a C:\Users\Jürgen\AppData\Roaming\omiga-plus\UninstallManager.exe -c  -ptid=pcs <==== ATTENTION
Task: {BD80BEE4-AD47-4DD8-9D51-73283F4BD1E4} - System32\Tasks\ProPCCleaner_Start => C:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe
Task: {BDDF89D9-6935-419F-BCF0-C43D7A55F098} - System32\Tasks\{6B06DBE3-F059-49DA-A6AB-84A7544D3BA1} => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
Task: {C03ECA6F-42A1-4B72-A8A0-6BB8C4D5B800} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\Easy Settings\EBM\EasyBatteryMgr4.exe [2011-11-18] (SAMSUNG Electronics co., LTD.)
Task: {CEA0DBBA-F4EB-404F-8A64-817078762765} - System32\Tasks\DealPly => C:\Users\JRGEN~1\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {D27874E7-CFAF-47BE-9BF4-C934FD7D40A3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {DFCBDADE-42FE-494B-8697-3F2AD62D3B97} - System32\Tasks\DSite => C:\Users\JRGEN~1\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {E4B313C7-4014-4CCF-8220-FC9FE067AA69} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-12-17] (Oracle Corporation)
Task: {E638EA23-D45A-4F72-BA0C-584704B65E8E} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2013-10-16] (Samsung Electronics CO., LTD.)
Task: {E8D09EFF-C572-44FC-B708-C336FBE54019} - System32\Tasks\{B2FBFA09-4198-423A-860B-6621750308AB} => pcalua.exe -a C:\PROGRA~2\NOMAN'~1\UNINST~1\UNWISE.EXE -c C:\PROGRA~2\NOMAN'~1\UNINST~1\INSTALL.LOG
Task: {F02744B9-B972-450E-B54F-4BC8DBB06B8A} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-02-16] (CyberLink)
Task: {F7A95637-326D-469D-81BE-96F2AE0550A6} - System32\Tasks\{6A1035E6-5B36-42A2-871E-E82F6A8994E5} => pcalua.exe -a C:\Users\Jürgen\Desktop\libusb-win32-filter-bin-0.1.10.1.exe -d C:\Users\Jürgen\Desktop
Task: {FBCF6554-C387-4CD1-9EA0-26DC552B9D7C} - System32\Tasks\{49AF95F3-123B-4086-8E03-231AA0DD39CA} => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\JFHJUKWM.job => C:\Users\Jýÿrgen\AppData\Roaming\JFHJUKWM.exe <==== ATTENTION
Task: C:\windows\Tasks\ROPUHBSS.job => C:\Users\Jýÿrgen\AppData\Roaming\ROPUHBSS.exe <==== ATTENTION
Task: C:\windows\Tasks\SlimCleaner Plus (Scheduled Scan - Jürgen).job => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe

==================== Loaded Modules (whitelisted) ==============

2012-11-07 14:27 - 2013-08-29 23:43 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-04-11 14:26 - 2011-04-11 14:26 - 00034304 _____ () C:\windows\System32\spd__l.dll
2014-05-29 18:51 - 2014-05-30 11:05 - 00076888 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2012-03-08 07:45 - 2009-12-01 08:21 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-08-21 12:33 - 2014-12-25 23:34 - 00106376 _____ () C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll
2014-08-21 12:32 - 2014-12-25 23:34 - 00733576 _____ () C:\Program Files (x86)\SupTab\HpUI.exe
2014-07-16 10:55 - 2014-07-16 10:55 - 00073216 _____ () C:\Program Files (x86)\SupTab\Loader64.exe
2014-07-16 11:16 - 2014-07-16 11:16 - 00064000 _____ () C:\Program Files (x86)\SupTab\Loader32.exe
2011-01-27 15:28 - 2011-01-27 15:28 - 00706048 _____ () C:\windows\system32\SnMinDrv.dll
2011-07-21 06:51 - 2010-12-16 10:37 - 00094208 _____ () C:\windows\system32\IccLibDll_x64.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-01-15 03:35 - 2015-01-15 03:35 - 02279936 _____ () c:\Program Files (x86)\LighterSystem\LighterSystem.dll
2014-08-21 12:33 - 2014-12-25 23:34 - 00023944 _____ () C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll
2012-11-08 20:38 - 2006-08-12 12:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Settings\HookDllPS2.dll
2012-11-08 20:38 - 2011-02-17 01:03 - 00203776 _____ () C:\Program Files (x86)\Samsung\Easy Settings\WinCRT.dll
2014-12-12 10:40 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-12 10:40 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-12 10:40 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-12 10:40 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-12-12 10:40 - 2014-12-06 02:50 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll
2012-11-08 20:29 - 2011-09-08 19:40 - 01645056 _____ () C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll
2009-11-02 06:20 - 2009-11-02 06:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 06:23 - 2009-11-02 06:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1656143743-13120863-1912775482-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-1656143743-13120863-1912775482-500 - Administrator - Disabled)
Gast (S-1-5-21-1656143743-13120863-1912775482-501 - Limited - Enabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-1656143743-13120863-1912775482-1003 - Limited - Enabled)
Jürgen (S-1-5-21-1656143743-13120863-1912775482-1001 - Administrator - Enabled) => C:\Users\Jürgen
UpdatusUser (S-1-5-21-1656143743-13120863-1912775482-1000 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============

Name: wpnfd_1_10_0_1
Description: wpnfd_1_10_0_1
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: wpnfd_1_10_0_1
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: cherimoya
Description: cherimoya
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: cherimoya
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/24/2015 08:16:20 PM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
   bei AllShareDmsUtil.Configuration.ConfigurationManager.GetSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.LoadSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.InitContentsDirectoryManager()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
   bei AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
   bei AllShareDMS.AllShareDMS.DoStart()
   bei AllShareDMS.AllShareDMS.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (02/24/2015 08:14:54 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (02/24/2015 08:13:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/24/2015 06:04:57 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (02/24/2015 06:03:30 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (02/24/2015 06:03:30 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (02/24/2015 05:56:05 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (02/24/2015 05:47:34 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (02/24/2015 00:08:33 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (02/24/2015 11:43:35 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.


System errors:
=============
Error: (02/24/2015 08:13:57 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cherimoya
wpnfd_1_10_0_1

Error: (02/24/2015 08:13:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LibUsb-Win32 - Daemon, Version 0.1.10.1" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (02/24/2015 08:13:38 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\libusb0.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (02/24/2015 08:13:37 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\libusb0.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (02/24/2015 08:13:37 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\libusb0.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (02/24/2015 08:13:36 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\libusb0.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (02/24/2015 08:13:36 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\libusb0.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (02/24/2015 08:13:34 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\libusb0.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (02/24/2015 08:13:34 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\libusb0.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (02/24/2015 06:34:19 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{7175F74E-B701-42C9-B8D3-303291C51D18}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.


Microsoft Office Sessions:
=========================
Error: (02/24/2015 08:16:20 PM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
   bei AllShareDmsUtil.Configuration.ConfigurationManager.GetSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.LoadSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.InitContentsDirectoryManager()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
   bei AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
   bei AllShareDMS.AllShareDMS.DoStart()
   bei AllShareDMS.AllShareDMS.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (02/24/2015 08:14:54 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe

Error: (02/24/2015 08:13:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/24/2015 06:04:57 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe

Error: (02/24/2015 06:03:30 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe

Error: (02/24/2015 06:03:30 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe

Error: (02/24/2015 05:56:05 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe

Error: (02/24/2015 05:47:34 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe

Error: (02/24/2015 00:08:33 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe

Error: (02/24/2015 11:43:35 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) CPU B960 @ 2.20GHz
Percentage of memory in use: 65%
Total physical RAM: 4009.55 MB
Available physical RAM: 1363.44 MB
Total Pagefile: 8017.28 MB
Available Pagefile: 4475.3 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:177 GB) (Free:79 GB) NTFS
Drive d: () (Fixed) (Total:265.39 GB) (Free:0 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 3882832C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=177 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=265.4 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=23.3 GB) - (Type=27)

==================== End Of Log ============================

Grüße Colin

Bootsektor · 24.02.2015, 23:43

Mein Name ist Sandra und ich werde Dir bei Deinem Problem behilflich sein.

Bitte arbeite alle Schritte der Reihe nach ab.
Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem
Führe bitte nur Scans durch zu denen Du von mir aufgefordert wirst.
Bitte kein Crossposting ( posten in mehreren Foren).
Installiere oder deinstalliere während der Bereinigung keine Software, ausser Du wurdest dazu aufgefordert.
Poste die Logfiles direkt in deinen Thread in Code-Tags.
Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 2 Tagen nichts von mir hörst, dann schreibe mir bitte eine PM.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der schnellere und bei einem Befall durch Malware immer der sicherste Weg. Adware lässt sich in den allermeisten Fällen problemlos entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Dir jemand vom Team sagt, dass Du clean bist.

Schritt 1
Bitte deinstalliere folgende Programme (falls vorhanden) :
cheapcoup
DMUninstaller
LighterSystem
Search Protect
Dazu gehe auf:
den Windowsbutton in der Taskleiste --> Systemsteuerung --> Programme (Unterpunkt Programme deinstallieren) --> Programm auswählen --> entfernen

Falls du ein Programm nicht deinstallieren kannst, lade dir von hier den Revo-uninstaller herunter und deinstalliere es damit, wähle dabei den moderaten Modus.

Schritt 2
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 3
Downloade Dir bitte Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad.
Starte Malwarebytes' Anti-Malware (MBAM).
Sollte die Benutzeroberfläche noch in Englisch sein, klicke auf Settings und wähle bei Language Deutsch aus.
Klicke im Anschluss auf Suchlauf, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf jetzt starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Aktionen anwenden.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Suchlauf-Protokoll aus und klicke auf Ansicht. Wähle Exportieren auf Textdatei (.txt) und speichere die Datei als mbam.txt auf dem Desktop ab.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 4
Starte noch einmal FRST.

Setze den Haken bei addition.txt und drücke auf Scan.
Wenn der Scan abgeschlossen ist, werden zwei neue Logfiles FRST.txt und addition.txt erstellt und auf dem Desktop (oder in dem Verzeichnis in dem FRST liegt) gespeichert.
Poste den Inhalt dieser Logfiles bitte hier in deinen Thread.

ColiN17 · 25.02.2015, 01:14

Dankeschön für die Hilfe

Ich habe jetzt noch Werbeanzeigen, dadrunter steht Ad by cheap4all.

Logdatei AdwCleaner

Code:

ATTFilter

# AdwCleaner v4.111 - Bericht erstellt 25/02/2015 um 00:08:57
# Aktualisiert 18/02/2015 von Xplode
# Datenbank : 2015-02-18.3 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Jürgen - JÜRGEN-NOTEBOOK
# Gestarted von : C:\Users\Jürgen\Desktop\AdwCleaner_4.111.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : CltMngSvc
Dienst Gelöscht : IePluginServices
Dienst Gelöscht : WindowsMangerProtect
[#] Dienst Gelöscht : cherimoya
Dienst Gelöscht : {06b43f25-e282-4a26-a8ba-987e86000cdf}Gw64

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\apn
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\IePluginServices
Ordner Gelöscht : C:\ProgramData\Uniblue
Ordner Gelöscht : C:\ProgramData\WindowsMangerProtect
Ordner Gelöscht : C:\ProgramData\niceneFuree
Ordner Gelöscht : C:\ProgramData\QuickshoPP
Ordner Gelöscht : C:\ProgramData\12432574668826275089
Ordner Gelöscht : C:\ProgramData\ac8960ca6ae8ed11
Ordner Gelöscht : C:\ProgramData\e11a5d4d00006c34
Ordner Gelöscht : C:\Program Files (x86)\AskPartnerNetwork
Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
Ordner Gelöscht : C:\Program Files (x86)\predm
Ordner Gelöscht : C:\Program Files (x86)\SearchProtect
Ordner Gelöscht : C:\Program Files (x86)\SoftwareUpdater
[!] Ordner Gelöscht : C:\Program Files (x86)\SupTab
Ordner Gelöscht : C:\Program Files (x86)\Cyti Web
Ordner Gelöscht : C:\Program Files (x86)\GU Player
Ordner Gelöscht : C:\Program Files (x86)\TrimInstance
Ordner Gelöscht : C:\Program Files (x86)\niceneFuree
Ordner Gelöscht : C:\Program Files (x86)\Dollarsavver
Ordner Gelöscht : C:\Program Files (x86)\fastsaeler
Ordner Gelöscht : C:\Program Files (x86)\nicEnufreeo
Ordner Gelöscht : C:\Program Files (x86)\nitrodeoaalo
Ordner Gelöscht : C:\Program Files (x86)\offfeordealu
Ordner Gelöscht : C:\Users\JRGEN~1\AppData\Local\Temp\Security Systems
Ordner Gelöscht : C:\Program Files\shopperz
Ordner Gelöscht : C:\windows\System32\ljkb
Ordner Gelöscht : C:\Users\Gast\AppData\LocalLow\Allin1Convert_8h
Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Babylon
Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Gameo
Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\globalUpdate
Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\SearchProtect
Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\CrashRpt
Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Pro_PC_Cleaner
Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\ContextTrue
Ordner Gelöscht : C:\Users\Jürgen\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Jürgen\AppData\Roaming\Common\LuaRT
Ordner Gelöscht : C:\Users\Jürgen\AppData\Roaming\fbDownloader
Ordner Gelöscht : C:\Users\Jürgen\AppData\Roaming\InetStat
Ordner Gelöscht : C:\Users\Jürgen\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\Jürgen\AppData\Roaming\Security Systems
Ordner Gelöscht : C:\Users\Jürgen\AppData\Roaming\Sixth
Ordner Gelöscht : C:\Users\Jürgen\AppData\Roaming\SSync
Ordner Gelöscht : C:\Users\Jürgen\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
Ordner Gelöscht : C:\ProgramData\dpcmioaopgimeiknogfhiocbmflndibo
Ordner Gelöscht : C:\ProgramData\mjehaeieojocdngclolapkelkkknbojk
Datei Gelöscht : C:\windows\Reimage.ini
Datei Gelöscht : C:\windows\patsearch.bin
Datei Gelöscht : C:\windows\System32\roboot64.exe
Datei Gelöscht : C:\windows\System32\drivers\{06b43f25-e282-4a26-a8ba-987e86000cdf}Gw64.sys
Datei Gelöscht : C:\Users\Gast\AppData\LocalLow\SkwConfig.bin
Datei Gelöscht : C:\Users\Jürgen\AppData\LocalLow\SkwConfig.bin

***** [ Geplante Tasks ] *****

Task Gelöscht : Dealply
Task Gelöscht : DSite
Task Gelöscht : LaunchSignup
Task Gelöscht : PC Speed Maximizer Schedule
Task Gelöscht : SMupdate1
Task Gelöscht : YTDownloader
Task Gelöscht : ProPCCleaner_Start
Task Gelöscht : ProPCCleaner_Popup

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Allin1Convert_8h.ToolbarProtector
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Allin1Convert_8h.ToolbarProtector.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\driverscanner
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Wert Gelöscht : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\P2a85de57_5837_4fdd_9c80_277f8c848faa_.P2a85de57_5837_4fdd_9c80_277f8c848faa_
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\P2a85de57_5837_4fdd_9c80_277f8c848faa_.P2a85de57_5837_4fdd_9c80_277f8c848faa_.10
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\P5d3fbe76_dc57_4c4c_b398_1f5f52975bbc_.P5d3fbe76_dc57_4c4c_b398_1f5f52975bbc_
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\P5d3fbe76_dc57_4c4c_b398_1f5f52975bbc_.P5d3fbe76_dc57_4c4c_b398_1f5f52975bbc_.10
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Pb3fafa69_7783_4e42_bdf4_ed1fae3cf7a7_.Pb3fafa69_7783_4e42_bdf4_ed1fae3cf7a7_
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Pb3fafa69_7783_4e42_bdf4_ed1fae3cf7a7_.Pb3fafa69_7783_4e42_bdf4_ed1fae3cf7a7_.9
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{6c60260}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Allin1Convert_8h Browser Plugin Loader 64]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{889F49D2-6CEA-40BE-BE5F-7217485F9745}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2a85de57-5837-4fdd-9c80-277f8c848faa}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5d3fbe76-dc57-4c4c-b398-1f5f52975bbc}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{b3fafa69-7783-4e42-bdf4-ed1fae3cf7a7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2561FD25-FE31-4E56-A120-AF7FEAAE3124}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{57B0DCF0-8B40-4449-8AA4-E297D6E779D4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E0D6077D-7186-48B2-A6C6-2F7C533E8CFF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5d3fbe76-dc57-4c4c-b398-1f5f52975bbc}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b3fafa69-7783-4e42-bdf4-ed1fae3cf7a7}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7CAEFAFC-9A1E-4BCC-94DD-BC7D8D52717A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5d3fbe76-dc57-4c4c-b398-1f5f52975bbc}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{b3fafa69-7783-4e42-bdf4-ed1fae3cf7a7}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{01F29AE5-D48D-417B-9D00-8A115C23A0EB}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5d3fbe76-dc57-4c4c-b398-1f5f52975bbc}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{b3fafa69-7783-4e42-bdf4-ed1fae3cf7a7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2a85de57-5837-4fdd-9c80-277f8c848faa}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5d3fbe76-dc57-4c4c-b398-1f5f52975bbc}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{b3fafa69-7783-4e42-bdf4-ed1fae3cf7a7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E58CDA9-3B21-4611-A859-26EE28950E61}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4F524A2D-5350-4500-76A7-7A786E7484D7}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{020B1D4B-5738-4C77-9E19-4F173DD9B486}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{2a85de57-5837-4fdd-9c80-277f8c848faa}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{5d3fbe76-dc57-4c4c-b398-1f5f52975bbc}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{b3fafa69-7783-4e42-bdf4-ed1fae3cf7a7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5E58CDA9-3B21-4611-A859-26EE28950E61}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6C5561B6-3DD2-46B5-83BE-EAE744366046}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5d3fbe76-dc57-4c4c-b398-1f5f52975bbc}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b3fafa69-7783-4e42-bdf4-ed1fae3cf7a7}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4813F554-420C-4BDC-8EB2-539D7C50083E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\dsiteproducts
Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\InetStat
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\pc speed maximizer
Schlüssel Gelöscht : HKCU\Software\Protector
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\SupHpUISoft
Schlüssel Gelöscht : HKCU\Software\SweetIM
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\TutoTag
Schlüssel Gelöscht : HKCU\Software\Vittalia
Schlüssel Gelöscht : HKCU\Software\StormWatchApp
Schlüssel Gelöscht : HKCU\Software\gameo
Schlüssel Gelöscht : HKCU\Software\Super Optimizer
Schlüssel Gelöscht : HKCU\Software\Pro PC Cleaner
Schlüssel Gelöscht : HKCU\Software\ProPCCleanerLanguage
Schlüssel Gelöscht : HKCU\Software\ContextTrue
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\SOFTWARE\do-searchSoftware
Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
Schlüssel Gelöscht : HKLM\SOFTWARE\omiga-plusSoftware
Schlüssel Gelöscht : HKLM\SOFTWARE\SoftwareUpdater
Schlüssel Gelöscht : HKLM\SOFTWARE\SupDp
Schlüssel Gelöscht : HKLM\SOFTWARE\SupTab
Schlüssel Gelöscht : HKLM\SOFTWARE\supWindowsMangerProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\supWPM
Schlüssel Gelöscht : HKLM\SOFTWARE\SweetIM
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Tutorials
Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue
Schlüssel Gelöscht : HKLM\SOFTWARE\GAMESDESKTOP
Schlüssel Gelöscht : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\WordProser_1.10.0.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Pro PC Cleaner
Schlüssel Gelöscht : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3060724-6AC7-4BEF-B516-4F6B1D90887D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\ShopperPro
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Reimage
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\YTDownloader
Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\searchprotect\searchprotect\bin\spvc32loader.dll
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Features\4270603C7CA6FEB45B61F4B6D10988D7
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\4270603C7CA6FEB45B61F4B6D10988D7
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4270603C7CA6FEB45B61F4B6D10988D7
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>;<local>

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17631

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v39.0.2171.95

[C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://log.incredibar-search.com/?q={searchTerms}&pr=&spr=2&o=APN10044&gct=bar&u=92266880716411442&a=6OAaaWSKX0&i=26&did=10963&lang=german&cid=1&source=365503612&gc=de
[C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://mystart.incredibar.com/?a=6OAaaWSKX0&i=26&did=10963&loc=skw&search={searchTerms}
[C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://mystart.incredibar.com/?a=6OAaaWSKX0&i=26&did=10963&loc=skw&search={searchTerms}
[C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\preferences] - Gelöscht [Extension] : pfkfdlcdbajamklbneflfbcmfgddmpae
[C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\preferences] - Gelöscht [Extension] : mjehaeieojocdngclolapkelkkknbojk
[C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\preferences] - Gelöscht [Extension] : dpcmioaopgimeiknogfhiocbmflndibo

-\\ Chromium v

[C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://log.incredibar-search.com/?q={searchTerms}&pr=&spr=2&o=APN10044&gct=bar&u=92266880716411442&a=6OAaaWSKX0&i=26&did=10963&lang=german&cid=1&source=365503612&gc=de
[C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://mystart.incredibar.com/?a=6OAaaWSKX0&i=26&did=10963&loc=skw&search={searchTerms}
[C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://mystart.incredibar.com/?a=6OAaaWSKX0&i=26&did=10963&loc=skw&search={searchTerms}

*************************

AdwCleaner[R0].txt - [21301 Bytes] - [25/02/2015 00:07:14]
AdwCleaner[S0].txt - [18441 Bytes] - [25/02/2015 00:08:57]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [18501  Bytes] ##########

Code:

ATTFilter

# AdwCleaner v4.111 - Bericht erstellt 25/02/2015 um 00:07:14
# Aktualisiert 18/02/2015 von Xplode
# Datenbank : 2015-02-18.3 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Jürgen - JÜRGEN-NOTEBOOK
# Gestarted von : C:\Users\Jürgen\Desktop\AdwCleaner_4.111.exe
# Option : Suchlauf

***** [ Dienste ] *****

Dienst Gefunden : CltMngSvc
Dienst Gefunden : IePluginServices
Dienst Gefunden : WindowsMangerProtect
Dienst Gefunden : cherimoya
Dienst Gefunden : {06b43f25-e282-4a26-a8ba-987e86000cdf}Gw64

***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\Users\Gast\AppData\LocalLow\SkwConfig.bin
Datei Gefunden : C:\Users\Jürgen\AppData\LocalLow\SkwConfig.bin
Datei Gefunden : C:\windows\patsearch.bin
Datei Gefunden : C:\windows\Reimage.ini
Datei Gefunden : C:\windows\System32\drivers\{06b43f25-e282-4a26-a8ba-987e86000cdf}Gw64.sys
Datei Gefunden : C:\windows\System32\roboot64.exe
Ordner Gefunden : C:\Program Files (x86)\AskPartnerNetwork
Ordner Gefunden : C:\Program Files (x86)\Cyti Web
Ordner Gefunden : C:\Program Files (x86)\Dollarsavver
Ordner Gefunden : C:\Program Files (x86)\fastsaeler
Ordner Gefunden : C:\Program Files (x86)\globalUpdate
Ordner Gefunden : C:\Program Files (x86)\GU Player
Ordner Gefunden : C:\Program Files (x86)\niceneFuree
Ordner Gefunden : C:\Program Files (x86)\niceneFuree
Ordner Gefunden : C:\Program Files (x86)\nicEnufreeo
Ordner Gefunden : C:\Program Files (x86)\nitrodeoaalo
Ordner Gefunden : C:\Program Files (x86)\offfeordealu
Ordner Gefunden : C:\Program Files (x86)\predm
Ordner Gefunden : C:\Program Files (x86)\SearchProtect
Ordner Gefunden : C:\Program Files (x86)\SoftwareUpdater
Ordner Gefunden : C:\Program Files (x86)\SupTab
Ordner Gefunden : C:\Program Files (x86)\TrimInstance
Ordner Gefunden : C:\Program Files\shopperz
Ordner Gefunden : C:\ProgramData\12432574668826275089
Ordner Gefunden : C:\ProgramData\ac8960ca6ae8ed11
Ordner Gefunden : C:\ProgramData\apn
Ordner Gefunden : C:\ProgramData\Babylon
Ordner Gefunden : C:\ProgramData\dpcmioaopgimeiknogfhiocbmflndibo
Ordner Gefunden : C:\ProgramData\dpcmioaopgimeiknogfhiocbmflndibo
Ordner Gefunden : C:\ProgramData\e11a5d4d00006c34
Ordner Gefunden : C:\ProgramData\IePluginServices
Ordner Gefunden : C:\ProgramData\mjehaeieojocdngclolapkelkkknbojk
Ordner Gefunden : C:\ProgramData\mjehaeieojocdngclolapkelkkknbojk
Ordner Gefunden : C:\ProgramData\niceneFuree
Ordner Gefunden : C:\ProgramData\niceneFuree
Ordner Gefunden : C:\ProgramData\QuickshoPP
Ordner Gefunden : C:\ProgramData\Uniblue
Ordner Gefunden : C:\ProgramData\Uniblue\DriverScanner
Ordner Gefunden : C:\ProgramData\WindowsMangerProtect
Ordner Gefunden : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
Ordner Gefunden : C:\Users\Gast\AppData\LocalLow\Allin1Convert_8h
Ordner Gefunden : C:\Users\JRGEN~1\AppData\Local\Temp\Security Systems
Ordner Gefunden : C:\Users\Jürgen\AppData\Local\Babylon
Ordner Gefunden : C:\Users\Jürgen\AppData\Local\ContextTrue
Ordner Gefunden : C:\Users\Jürgen\AppData\Local\CrashRpt
Ordner Gefunden : C:\Users\Jürgen\AppData\Local\Gameo
Ordner Gefunden : C:\Users\Jürgen\AppData\Local\globalUpdate
Ordner Gefunden : C:\Users\Jürgen\AppData\Local\Pro_PC_Cleaner
Ordner Gefunden : C:\Users\Jürgen\AppData\Local\SearchProtect
Ordner Gefunden : C:\Users\Jürgen\AppData\Roaming\Babylon
Ordner Gefunden : C:\Users\Jürgen\AppData\Roaming\Common\LuaRT
Ordner Gefunden : C:\Users\Jürgen\AppData\Roaming\fbDownloader
Ordner Gefunden : C:\Users\Jürgen\AppData\Roaming\InetStat
Ordner Gefunden : C:\Users\Jürgen\AppData\Roaming\OpenCandy
Ordner Gefunden : C:\Users\Jürgen\AppData\Roaming\Security Systems
Ordner Gefunden : C:\Users\Jürgen\AppData\Roaming\Sixth
Ordner Gefunden : C:\Users\Jürgen\AppData\Roaming\SSync
Ordner Gefunden : C:\Users\Jürgen\AppData\Roaming\Systweak
Ordner Gefunden : C:\windows\System32\ljkb

***** [ Geplante Tasks ] *****

Task Gefunden : Dealply
Task Gefunden : DSite
Task Gefunden : LaunchSignup
Task Gefunden : PC Speed Maximizer Schedule
Task Gefunden : SMupdate1
Task Gefunden : YTDownloader
Task Gefunden : ProPCCleaner_Start
Task Gefunden : ProPCCleaner_Popup

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Daten Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>;<local>
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\searchprotect\searchprotect\bin\spvc32loader.dll
Schlüssel Gefunden : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gefunden : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\ContextTrue
Schlüssel Gefunden : HKCU\Software\dsiteproducts
Schlüssel Gefunden : HKCU\Software\gameo
Schlüssel Gefunden : HKCU\Software\GlobalUpdate
Schlüssel Gefunden : HKCU\Software\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
Schlüssel Gefunden : HKCU\Software\IM
Schlüssel Gefunden : HKCU\Software\ImInstaller
Schlüssel Gefunden : HKCU\Software\InetStat
Schlüssel Gefunden : HKCU\Software\InstallCore
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4813F554-420C-4BDC-8EB2-539D7C50083E}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{01F29AE5-D48D-417B-9D00-8A115C23A0EB}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5d3fbe76-dc57-4c4c-b398-1f5f52975bbc}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{b3fafa69-7783-4e42-bdf4-ed1fae3cf7a7}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5d3fbe76-dc57-4c4c-b398-1f5f52975bbc}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7CAEFAFC-9A1E-4BCC-94DD-BC7D8D52717A}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{b3fafa69-7783-4e42-bdf4-ed1fae3cf7a7}
Schlüssel Gefunden : HKCU\Software\Optimizer Pro
Schlüssel Gefunden : HKCU\Software\pc speed maximizer
Schlüssel Gefunden : HKCU\Software\Pro PC Cleaner
Schlüssel Gefunden : HKCU\Software\ProPCCleanerLanguage
Schlüssel Gefunden : HKCU\Software\Protector
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\StormWatchApp
Schlüssel Gefunden : HKCU\Software\Super Optimizer
Schlüssel Gefunden : HKCU\Software\SupHpUISoft
Schlüssel Gefunden : HKCU\Software\SweetIM
Schlüssel Gefunden : HKCU\Software\systweak
Schlüssel Gefunden : HKCU\Software\TutoTag
Schlüssel Gefunden : HKCU\Software\Vittalia
Schlüssel Gefunden : [x64] HKCU\Software\Conduit
Schlüssel Gefunden : [x64] HKCU\Software\ContextTrue
Schlüssel Gefunden : [x64] HKCU\Software\dsiteproducts
Schlüssel Gefunden : [x64] HKCU\Software\gameo
Schlüssel Gefunden : [x64] HKCU\Software\GlobalUpdate
Schlüssel Gefunden : [x64] HKCU\Software\IM
Schlüssel Gefunden : [x64] HKCU\Software\ImInstaller
Schlüssel Gefunden : [x64] HKCU\Software\InetStat
Schlüssel Gefunden : [x64] HKCU\Software\InstallCore
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4813F554-420C-4BDC-8EB2-539D7C50083E}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : [x64] HKCU\Software\Optimizer Pro
Schlüssel Gefunden : [x64] HKCU\Software\pc speed maximizer
Schlüssel Gefunden : [x64] HKCU\Software\Pro PC Cleaner
Schlüssel Gefunden : [x64] HKCU\Software\ProPCCleanerLanguage
Schlüssel Gefunden : [x64] HKCU\Software\Protector
Schlüssel Gefunden : [x64] HKCU\Software\Softonic
Schlüssel Gefunden : [x64] HKCU\Software\StormWatchApp
Schlüssel Gefunden : [x64] HKCU\Software\Super Optimizer
Schlüssel Gefunden : [x64] HKCU\Software\SupHpUISoft
Schlüssel Gefunden : [x64] HKCU\Software\SweetIM
Schlüssel Gefunden : [x64] HKCU\Software\systweak
Schlüssel Gefunden : [x64] HKCU\Software\TutoTag
Schlüssel Gefunden : [x64] HKCU\Software\Vittalia
Schlüssel Gefunden : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gefunden : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Schlüssel Gefunden : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Schlüssel Gefunden : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gefunden : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Allin1Convert_8h.ToolbarProtector
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Allin1Convert_8h.ToolbarProtector.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{2a85de57-5837-4fdd-9c80-277f8c848faa}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{5d3fbe76-dc57-4c4c-b398-1f5f52975bbc}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{889F49D2-6CEA-40BE-BE5F-7217485F9745}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{b3fafa69-7783-4e42-bdf4-ed1fae3cf7a7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\driverscanner
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Installer\Features\4270603C7CA6FEB45B61F4B6D10988D7
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Installer\Products\4270603C7CA6FEB45B61F4B6D10988D7
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\P2a85de57_5837_4fdd_9c80_277f8c848faa_.P2a85de57_5837_4fdd_9c80_277f8c848faa_
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\P2a85de57_5837_4fdd_9c80_277f8c848faa_.P2a85de57_5837_4fdd_9c80_277f8c848faa_.10
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\P5d3fbe76_dc57_4c4c_b398_1f5f52975bbc_.P5d3fbe76_dc57_4c4c_b398_1f5f52975bbc_
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\P5d3fbe76_dc57_4c4c_b398_1f5f52975bbc_.P5d3fbe76_dc57_4c4c_b398_1f5f52975bbc_.10
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Pb3fafa69_7783_4e42_bdf4_ed1fae3cf7a7_.Pb3fafa69_7783_4e42_bdf4_ed1fae3cf7a7_
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Pb3fafa69_7783_4e42_bdf4_ed1fae3cf7a7_.Pb3fafa69_7783_4e42_bdf4_ed1fae3cf7a7_.9
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{2561FD25-FE31-4E56-A120-AF7FEAAE3124}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{57B0DCF0-8B40-4449-8AA4-E297D6E779D4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{E0D6077D-7186-48B2-A6C6-2F7C533E8CFF}
Schlüssel Gefunden : HKLM\SOFTWARE\do-searchSoftware
Schlüssel Gefunden : HKLM\SOFTWARE\GAMESDESKTOP
Schlüssel Gefunden : HKLM\SOFTWARE\GlobalUpdate
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E58CDA9-3B21-4611-A859-26EE28950E61}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5d3fbe76-dc57-4c4c-b398-1f5f52975bbc}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b3fafa69-7783-4e42-bdf4-ed1fae3cf7a7}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2a85de57-5837-4fdd-9c80-277f8c848faa}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5d3fbe76-dc57-4c4c-b398-1f5f52975bbc}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{b3fafa69-7783-4e42-bdf4-ed1fae3cf7a7}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{6c60260}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3060724-6AC7-4BEF-B516-4F6B1D90887D}
Schlüssel Gefunden : HKLM\SOFTWARE\omiga-plusSoftware
Schlüssel Gefunden : HKLM\SOFTWARE\Pro PC Cleaner
Schlüssel Gefunden : HKLM\SOFTWARE\SoftwareUpdater
Schlüssel Gefunden : HKLM\SOFTWARE\SupDp
Schlüssel Gefunden : HKLM\SOFTWARE\SupTab
Schlüssel Gefunden : HKLM\SOFTWARE\supWindowsMangerProtect
Schlüssel Gefunden : HKLM\SOFTWARE\supWPM
Schlüssel Gefunden : HKLM\SOFTWARE\SweetIM
Schlüssel Gefunden : HKLM\SOFTWARE\systweak
Schlüssel Gefunden : HKLM\SOFTWARE\Tutorials
Schlüssel Gefunden : HKLM\SOFTWARE\Uniblue
Schlüssel Gefunden : HKLM\SOFTWARE\WordProser_1.10.0.1
Schlüssel Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Schlüssel Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{020B1D4B-5738-4C77-9E19-4F173DD9B486}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{2a85de57-5837-4fdd-9c80-277f8c848faa}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{5d3fbe76-dc57-4c4c-b398-1f5f52975bbc}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{b3fafa69-7783-4e42-bdf4-ed1fae3cf7a7}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{5E58CDA9-3B21-4611-A859-26EE28950E61}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{6C5561B6-3DD2-46B5-83BE-EAE744366046}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5d3fbe76-dc57-4c4c-b398-1f5f52975bbc}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b3fafa69-7783-4e42-bdf4-ed1fae3cf7a7}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4270603C7CA6FEB45B61F4B6D10988D7
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Reimage
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\ShopperPro
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\YTDownloader
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4F524A2D-5350-4500-76A7-7A786E7484D7}]
Wert Gefunden : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Allin1Convert_8h Browser Plugin Loader 64]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17631

Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://isearch.omiga-plus.com/?type=hp&ts=1419546816&from=pcs&uid=HitachiXHTS547550A9E384_J112005MFUU59AFUU59AX
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1419546816&from=pcs&uid=HitachiXHTS547550A9E384_J112005MFUU59AFUU59AX&q={searchTerms}
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://isearch.omiga-plus.com/?type=hp&ts=1419546816&from=pcs&uid=HitachiXHTS547550A9E384_J112005MFUU59AFUU59AX
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://isearch.omiga-plus.com/?type=hp&ts=1419546816&from=pcs&uid=HitachiXHTS547550A9E384_J112005MFUU59AFUU59AX
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1419546816&from=pcs&uid=HitachiXHTS547550A9E384_J112005MFUU59AFUU59AX&q={searchTerms}
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1419546816&from=pcs&uid=HitachiXHTS547550A9E384_J112005MFUU59AFUU59AX&q={searchTerms}
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://isearch.omiga-plus.com/?type=hp&ts=1419546816&from=pcs&uid=HitachiXHTS547550A9E384_J112005MFUU59AFUU59AX
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://isearch.omiga-plus.com/?type=hp&ts=1419546816&from=pcs&uid=HitachiXHTS547550A9E384_J112005MFUU59AFUU59AX
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1419546816&from=pcs&uid=HitachiXHTS547550A9E384_J112005MFUU59AFUU59AX&q={searchTerms}

-\\ Google Chrome v39.0.2171.95

[C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://log.incredibar-search.com/?q={searchTerms}&pr=&spr=2&o=APN10044&gct=bar&u=92266880716411442&a=6OAaaWSKX0&i=26&did=10963&lang=german&cid=1&source=365503612&gc=de
[C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://mystart.incredibar.com/?a=6OAaaWSKX0&i=26&did=10963&loc=skw&search={searchTerms}
[C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://mystart.incredibar.com/?a=6OAaaWSKX0&i=26&did=10963&loc=skw&search={searchTerms}
[C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\preferences] - Gefunden [Extension] : pfkfdlcdbajamklbneflfbcmfgddmpae
[C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\preferences] - Gefunden [Extension] : mjehaeieojocdngclolapkelkkknbojk
[C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\preferences] - Gefunden [Extension] : dpcmioaopgimeiknogfhiocbmflndibo

-\\ Chromium v

*************************

AdwCleaner[R0].txt - [20941 Bytes] - [25/02/2015 00:07:14]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [21001 Bytes] ##########

Malwarebytes Anti-Malware

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 25.02.2015
Suchlauf-Zeit: 00:18:53
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.02.24.07
Rootkit Datenbank: v2015.02.22.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: JÃ¼rgen

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 448642
Verstrichene Zeit: 37 Min, 6 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 15
PUP.Optional.WordProser.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\wpnfd_1_10_0_1, In Quarantäne, [c87f0e146d1d7abcbfe007a59a69f010], 
PUP.Optional.GeForce.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Ge-Force-nv, In Quarantäne, [291e6fb3bad0c670ab2fce59d33203fd], 
PUP.Optional.InternetSpeedChecker.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Internet Speed Checker-nv, In Quarantäne, [4ff8e83a0b7f0432f6b29ff8877c6f91], 
PUP.Optional.MediaPlayer.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MedPLyerV1.2-nv, In Quarantäne, [f3547ca67218fd3974e59b0263a0f10f], 
PUP.Optional.SweetIM.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SweetIM, In Quarantäne, [83c4af739af08aacb6f01c8720e3ab55], 
PUP.Optional.GeForce.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Ge-Force, In Quarantäne, [ce79da48dab0102619b4071429dc3ac6], 
PUP.Optional.InternetSpeedChecker, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Internet Speed Checker, In Quarantäne, [9ea96eb42f5b072f2f9639801ce758a8], 
PUP.Optional.MediaPlayer.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\MedPLyerV1.2, In Quarantäne, [b88f60c2d1b980b6fd5a3f5ef70cb34d], 
PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT, In Quarantäne, [50f7b56d1674ef478e7c4ab8010440c0], 
PUP.Optional.MindSpark.A, HKU\S-1-5-21-1656143743-13120863-1912775482-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Allin1Convert_8h, In Quarantäne, [78cf869cb6d4a19526861caeca39b34d], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1656143743-13120863-1912775482-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\21636, In Quarantäne, [53f49989098168ceb5ecaf03a95aaf51], 
PUP.Optional.MindSpark.A, HKU\S-1-5-21-1656143743-13120863-1912775482-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Allin1Convert_8h, In Quarantäne, [94b3c260593122141cc9a5701ee7d12f], 
PUP.Optional.SweetIM.A, HKU\S-1-5-21-1656143743-13120863-1912775482-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SweetIM, In Quarantäne, [9daab171078376c0ddc94b58da299769], 
PUP.Optional.MindSpark.A, HKU\S-1-5-21-1656143743-13120863-1912775482-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Allin1Convert_8h, In Quarantäne, [4205938fddad6acc3a7228a2d23118e8], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1656143743-13120863-1912775482-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\21636, In Quarantäne, [51f6bd6592f884b29f022f838e7505fb], 

Registrierungswerte: 2
PUP.Optional.GamesDesktop.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|gmsd_de_37, In Quarantäne, [8eb9ea383a50dd59532e2f7693708a76], 
PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT|URL, MYSTART, In Quarantäne, [50f7b56d1674ef478e7c4ab8010440c0]

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 5
Rogue.Multiple, C:\ProgramData\1078601655, In Quarantäne, [5dea65bdfb8f96a0a3dbb29c0af9f20e], 
Rogue.Multiple, C:\ProgramData\2355320829, In Quarantäne, [0d3a7da53456cc6a8af44d01a36022de], 
PUP.Optional.CinemaPlus.A, C:\Program Files (x86)\CinPlus-1.4AIV08.12, In Quarantäne, [72d533ef99f1c4724879b5ced330a55b], 
PUP.Optional.MagnoPlayer.A, C:\Users\JÃ¼rgen\AppData\Local\com\MagnoPlayer.exe_Url_1mhbegbsljequujxisnv3adbpqk4e3ar, In Quarantäne, [ff4847db52389c9a54651a7a9e650df3], 
PUP.Optional.MagnoPlayer.A, C:\Users\JÃ¼rgen\AppData\Local\com\MagnoPlayer.exe_Url_1mhbegbsljequujxisnv3adbpqk4e3ar\2.1.2.10, In Quarantäne, [ff4847db52389c9a54651a7a9e650df3], 

Dateien: 12
PUP.Optional.Sense.A, C:\Users\JÃ¼rgen\AppData\Roaming\ROPUHBSS.exe, In Quarantäne, [0e39bb67fa905adca1561e55f110f50b], 
PUP.Optional.CinemaPlus.A, C:\Users\JÃ¼rgen\AppData\Roaming\WHDNEP.exe, In Quarantäne, [f057160c8901cd69617f9a67b3539868], 
PUP.Optional.MediaPlayer.A, C:\Users\JÃ¼rgen\AppData\Roaming\JFHJUKWM.exe, In Quarantäne, [5aedeb371c6ebe781c90bf48f214a25e], 
PUP.Optional.WebInstr.A, C:\Windows\System32\drivers\Msft_Kernel_webinstrNewH_01009.Wdf, In Quarantäne, [e067aa781f6b56e08195e3bd4cb749b7], 
PUP.Optional.CinemaPlus.A, C:\Program Files (x86)\CinPlus-1.4AIV08.12\1293297481.mxaddon, In Quarantäne, [72d533ef99f1c4724879b5ced330a55b], 
PUP.Optional.CinemaPlus.A, C:\Program Files (x86)\CinPlus-1.4AIV08.12\4010df31-87c3-4c0f-8a88-6cb18e1484ab.crx, In Quarantäne, [72d533ef99f1c4724879b5ced330a55b], 
PUP.Optional.CinemaPlus.A, C:\Program Files (x86)\CinPlus-1.4AIV08.12\8557f47f-4e41-416c-b32c-f8b36cbc99bb.crx, In Quarantäne, [72d533ef99f1c4724879b5ced330a55b], 
PUP.Optional.CinemaPlus.A, C:\Program Files (x86)\CinPlus-1.4AIV08.12\background.html, In Quarantäne, [72d533ef99f1c4724879b5ced330a55b], 
PUP.Optional.CinemaPlus.A, C:\Program Files (x86)\CinPlus-1.4AIV08.12\bgNova.html, In Quarantäne, [72d533ef99f1c4724879b5ced330a55b], 
PUP.Optional.CinemaPlus.A, C:\Program Files (x86)\CinPlus-1.4AIV08.12\d92331e0-6cd1-414b-bad8-42c4f2bb53d3.crx, In Quarantäne, [72d533ef99f1c4724879b5ced330a55b], 
PUP.Optional.CinemaPlus.A, C:\Program Files (x86)\CinPlus-1.4AIV08.12\d92331e0-6cd1-414b-bad8-42c4f2bb53d3.xpi, In Quarantäne, [72d533ef99f1c4724879b5ced330a55b], 
PUP.Optional.MagnoPlayer.A, C:\Users\JÃ¼rgen\AppData\Local\com\MagnoPlayer.exe_Url_1mhbegbsljequujxisnv3adbpqk4e3ar\2.1.2.10\user.config, In Quarantäne, [ff4847db52389c9a54651a7a9e650df3], 

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)

FRST-Log

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 25.02.2015
Suchlauf-Zeit: 00:18:53
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.02.24.07
Rootkit Datenbank: v2015.02.22.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: JÃ¼rgen

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 448642
Verstrichene Zeit: 37 Min, 6 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 15
PUP.Optional.WordProser.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\wpnfd_1_10_0_1, In Quarantäne, [c87f0e146d1d7abcbfe007a59a69f010], 
PUP.Optional.GeForce.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Ge-Force-nv, In Quarantäne, [291e6fb3bad0c670ab2fce59d33203fd], 
PUP.Optional.InternetSpeedChecker.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Internet Speed Checker-nv, In Quarantäne, [4ff8e83a0b7f0432f6b29ff8877c6f91], 
PUP.Optional.MediaPlayer.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MedPLyerV1.2-nv, In Quarantäne, [f3547ca67218fd3974e59b0263a0f10f], 
PUP.Optional.SweetIM.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SweetIM, In Quarantäne, [83c4af739af08aacb6f01c8720e3ab55], 
PUP.Optional.GeForce.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Ge-Force, In Quarantäne, [ce79da48dab0102619b4071429dc3ac6], 
PUP.Optional.InternetSpeedChecker, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Internet Speed Checker, In Quarantäne, [9ea96eb42f5b072f2f9639801ce758a8], 
PUP.Optional.MediaPlayer.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\MedPLyerV1.2, In Quarantäne, [b88f60c2d1b980b6fd5a3f5ef70cb34d], 
PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT, In Quarantäne, [50f7b56d1674ef478e7c4ab8010440c0], 
PUP.Optional.MindSpark.A, HKU\S-1-5-21-1656143743-13120863-1912775482-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Allin1Convert_8h, In Quarantäne, [78cf869cb6d4a19526861caeca39b34d], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1656143743-13120863-1912775482-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\21636, In Quarantäne, [53f49989098168ceb5ecaf03a95aaf51], 
PUP.Optional.MindSpark.A, HKU\S-1-5-21-1656143743-13120863-1912775482-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Allin1Convert_8h, In Quarantäne, [94b3c260593122141cc9a5701ee7d12f], 
PUP.Optional.SweetIM.A, HKU\S-1-5-21-1656143743-13120863-1912775482-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SweetIM, In Quarantäne, [9daab171078376c0ddc94b58da299769], 
PUP.Optional.MindSpark.A, HKU\S-1-5-21-1656143743-13120863-1912775482-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Allin1Convert_8h, In Quarantäne, [4205938fddad6acc3a7228a2d23118e8], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1656143743-13120863-1912775482-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\21636, In Quarantäne, [51f6bd6592f884b29f022f838e7505fb], 

Registrierungswerte: 2
PUP.Optional.GamesDesktop.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|gmsd_de_37, In Quarantäne, [8eb9ea383a50dd59532e2f7693708a76], 
PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT|URL, MYSTART, In Quarantäne, [50f7b56d1674ef478e7c4ab8010440c0]

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 5
Rogue.Multiple, C:\ProgramData\1078601655, In Quarantäne, [5dea65bdfb8f96a0a3dbb29c0af9f20e], 
Rogue.Multiple, C:\ProgramData\2355320829, In Quarantäne, [0d3a7da53456cc6a8af44d01a36022de], 
PUP.Optional.CinemaPlus.A, C:\Program Files (x86)\CinPlus-1.4AIV08.12, In Quarantäne, [72d533ef99f1c4724879b5ced330a55b], 
PUP.Optional.MagnoPlayer.A, C:\Users\JÃ¼rgen\AppData\Local\com\MagnoPlayer.exe_Url_1mhbegbsljequujxisnv3adbpqk4e3ar, In Quarantäne, [ff4847db52389c9a54651a7a9e650df3], 
PUP.Optional.MagnoPlayer.A, C:\Users\JÃ¼rgen\AppData\Local\com\MagnoPlayer.exe_Url_1mhbegbsljequujxisnv3adbpqk4e3ar\2.1.2.10, In Quarantäne, [ff4847db52389c9a54651a7a9e650df3], 

Dateien: 12
PUP.Optional.Sense.A, C:\Users\JÃ¼rgen\AppData\Roaming\ROPUHBSS.exe, In Quarantäne, [0e39bb67fa905adca1561e55f110f50b], 
PUP.Optional.CinemaPlus.A, C:\Users\JÃ¼rgen\AppData\Roaming\WHDNEP.exe, In Quarantäne, [f057160c8901cd69617f9a67b3539868], 
PUP.Optional.MediaPlayer.A, C:\Users\JÃ¼rgen\AppData\Roaming\JFHJUKWM.exe, In Quarantäne, [5aedeb371c6ebe781c90bf48f214a25e], 
PUP.Optional.WebInstr.A, C:\Windows\System32\drivers\Msft_Kernel_webinstrNewH_01009.Wdf, In Quarantäne, [e067aa781f6b56e08195e3bd4cb749b7], 
PUP.Optional.CinemaPlus.A, C:\Program Files (x86)\CinPlus-1.4AIV08.12\1293297481.mxaddon, In Quarantäne, [72d533ef99f1c4724879b5ced330a55b], 
PUP.Optional.CinemaPlus.A, C:\Program Files (x86)\CinPlus-1.4AIV08.12\4010df31-87c3-4c0f-8a88-6cb18e1484ab.crx, In Quarantäne, [72d533ef99f1c4724879b5ced330a55b], 
PUP.Optional.CinemaPlus.A, C:\Program Files (x86)\CinPlus-1.4AIV08.12\8557f47f-4e41-416c-b32c-f8b36cbc99bb.crx, In Quarantäne, [72d533ef99f1c4724879b5ced330a55b], 
PUP.Optional.CinemaPlus.A, C:\Program Files (x86)\CinPlus-1.4AIV08.12\background.html, In Quarantäne, [72d533ef99f1c4724879b5ced330a55b], 
PUP.Optional.CinemaPlus.A, C:\Program Files (x86)\CinPlus-1.4AIV08.12\bgNova.html, In Quarantäne, [72d533ef99f1c4724879b5ced330a55b], 
PUP.Optional.CinemaPlus.A, C:\Program Files (x86)\CinPlus-1.4AIV08.12\d92331e0-6cd1-414b-bad8-42c4f2bb53d3.crx, In Quarantäne, [72d533ef99f1c4724879b5ced330a55b], 
PUP.Optional.CinemaPlus.A, C:\Program Files (x86)\CinPlus-1.4AIV08.12\d92331e0-6cd1-414b-bad8-42c4f2bb53d3.xpi, In Quarantäne, [72d533ef99f1c4724879b5ced330a55b], 
PUP.Optional.MagnoPlayer.A, C:\Users\JÃ¼rgen\AppData\Local\com\MagnoPlayer.exe_Url_1mhbegbsljequujxisnv3adbpqk4e3ar\2.1.2.10\user.config, In Quarantäne, [ff4847db52389c9a54651a7a9e650df3], 

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)

Addition-Log

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-02-2015
Ran by Jürgen at 2015-02-25 01:06:18
Running from C:\Users\Jürgen\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Benutzerhandbuch EPSON SX235 Series (HKLM-x32\...\EPSON SX235 Series Useg) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.)
CyberLink Media+ Player10 (HKLM-x32\...\InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}) (Version: 10.0.1110.00 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1130a - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3306 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.5016 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dead Island Riptide (HKLM-x32\...\Steam App 216250) (Version:  - Techland)
Easy File Share (HKLM-x32\...\{12F81925-F3C1-40DB-91F7-777817974319}) (Version: 1.3.1 - Samsung Electronics CO., LTD.)
Easy Migration (HKLM-x32\...\{AD86049C-3D9C-43E1-BE73-643F57D83D50}) (Version: 1.0 - Samsung Electronics Co., Ltd.)
Easy Settings (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 1.1 - Samsung Electronics CO., LTD.)
Easy Support Center (HKLM\...\{0738F5F1-8E70-49A6-8692-F5722E1E5A4D}) (Version: 1.2.32 - Samsung Electronics CO., LTD.)
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung)
Epson Easy Photo Print 2 (HKLM-x32\...\{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}) (Version: 2.2.4.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON SX235 Series Printer Uninstall (HKLM\...\EPSON SX235 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2622 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{90F00673-A276-4A58-B675-B426D39D1E09}) (Version: 15.3.0.0398 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{077BF055-512A-4D48-B3C2-44AD860FEB0A}) (Version: 1.3.0.0621 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.5.1001 - Intel Corporation)
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{ECE5B218-A086-4E18-A362-D11181681457}) (Version: 15.03.1000.1637 - Intel Corporation)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.2.11.20121025 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{5DB849D6-9392-4FB7-9ABB-87ED433152E5}) (Version: 3.8.1 - LG Electronics)
LibUSB-Win32-0.1.10.1 (HKLM-x32\...\LibUSB-Win32_is1) (Version: 0.1.10.1 - LibUSB-Win32)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version:  - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version:  - )
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Multimedia POP (HKLM-x32\...\{331ECF61-69AF-4F57-AC35-AFED610231C3}) (Version: 1.0 - )
Netzwerkhandbuch EPSON SX235 Series (HKLM-x32\...\EPSON SX235 Series Netg) (Version:  - )
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.44.421.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6413 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Risen (HKLM-x32\...\{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}) (Version: 1.00.0000 - Deep Silver)
S Agent (Version: 1.1.45 - Samsung Electronics CO., LTD.) Hidden
Samsung AllShare (HKLM-x32\...\InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}) (Version: 2.1.0.12013_8 - Samsung Electronics Co., Ltd.)
Samsung AllShare (x32 Version: 2.1.0.12013_8 - Samsung Electronics Co., Ltd.) Hidden
Samsung AnyWeb Print (HKLM-x32\...\{318DBE01-1E6B-4243-84B0-210391FE789A}) (Version: 2.0.67.1 - Samsung Electronics Co., Ltd.)
Samsung Recovery Solution 5 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.6.0.2 - Samsung Electronics CO., LTD.)
Samsung Universal Print Driver (HKLM-x32\...\Samsung Universal Print Driver) (Version: 2.03.01.00:36 - Samsung Electronics Co., Ltd.)
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.6.0 - Samsung Electronics Co., Ltd.)
Software Launcher (HKLM-x32\...\{B750B5C2-CC17-4967-905B-29F4EB986131}) (Version: 1.0.2 - Samsung)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
SW Update (HKLM-x32\...\{DA06101F-FD76-4BF0-88BD-B26A197005E3}) (Version: 2.1.21 - Samsung Electronics CO., LTD.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.7.0 - Synaptics Incorporated)
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.3 - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
WinRAR 5.01 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

24-02-2015 08:32:09 Geplanter Prüfpunkt
24-02-2015 23:58:58 Revo Uninstaller's restore point - cheapcoup
25-02-2015 00:01:30 Revo Uninstaller's restore point - cheapcoup
25-02-2015 00:02:50 Revo Uninstaller's restore point - Search Protect

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {154ACA5C-B2CB-4012-B7F4-08A7966C760A} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2012-10-30] (SEC)
Task: {1EC0E643-3FDF-4482-9A1E-AFD67DEC9349} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {20C1BA12-2C1B-42D8-B3A2-1F8DCDD1569D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {29159C05-0D5C-4838-9A27-7484269528CB} - System32\Tasks\{1007D56E-DACF-48DF-98D8-92D1F0C7B371} => pcalua.exe -a "C:\Users\Jürgen\Downloads\setupd (1).exe" -d C:\Users\Jürgen\Downloads
Task: {2E6E4566-BACF-4871-8E17-8D0D60B225C2} - System32\Tasks\{B7691239-6637-4059-AE84-128E03EFA274} => pcalua.exe -a "C:\Program Files (x86)\Search Extensions\uninstall.exe" -c /u=true /UserID=f2a5958a-3552-45f3-b697-cb2dc159f52f /SourceID=browsersafeguard-rockettab-solimba /ImplementationID=browsersafeguard-rockettab-solimba /UC=20141225
Task: {31BFE392-27B1-4953-9240-7BCE4F2783C3} - System32\Tasks\EasySupportCenter => C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe [2013-01-22] (Samsung Electronics CO., LTD.)
Task: {36C9BD2F-A111-488F-A031-6D412033A55A} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION
Task: {38962509-F7EE-4278-A3CA-4357210F5917} - System32\Tasks\SCCSpeedBoot => C:\Program Files (x86)\Samsung\Easy Settings\SCCSpeedBoot.exe [2012-03-27] (Samsung Electronics Co., Ltd.)
Task: {3E96A105-F9BD-48B0-AE88-E632C5F5699D} - System32\Tasks\{157764D6-4363-43FE-B3D3-9EB2EB7E3027} => pcalua.exe -a C:\Users\Jürgen\Downloads\LCGenericName02.exe -d C:\Users\Jürgen\Downloads
Task: {403FBC0B-0C4C-499F-89BF-320F820ABDEA} - System32\Tasks\RPC => C:\Program Files (x86)\RPC\Reg Pro Cleaner\RegProCleaner.exe
Task: {48F3E295-8257-4978-BF75-420B3A76D6DC} - System32\Tasks\{62D67987-52D3-469A-B426-43188359DAFA} => pcalua.exe -a E:\aoesetup.exe -d E:\ -c /autorun
Task: {55D4A1FF-D900-4B12-93C0-28BFDFC7038A} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe [2012-05-30] (Samsung Electronics Co., Ltd.)
Task: {58C08D85-B437-4727-8F60-9A04043458D7} - System32\Tasks\{FBA6B7CE-3DCD-405E-846A-6B291C3206F5} => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
Task: {5CB1B98D-4D4B-4CDE-91A3-D8695836D54A} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {6AAC3FF0-BB3A-4525-BC76-C9B467FD617C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {6F745946-47CC-4608-AF3D-2584C31346E5} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {78A1129F-5E0C-4229-83B8-0947C56CE8B6} - System32\Tasks\{B7FC3AFD-FD63-4F26-B64C-30C13B877806} => pcalua.exe -a E:\setup.exe -d E:\
Task: {7C960D05-6D4F-4B52-9CD4-C5947FDD91D2} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
Task: {86BE6832-E0F5-464D-92E8-26378B547BE4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {94B986E6-7DE3-428C-BBF3-0946C6B2B552} - System32\Tasks\SlimCleaner Plus (Scheduled Scan - Jürgen) => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
Task: {A2794569-2F71-45BD-9E57-E6CCBB23A9DE} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe [2012-04-25] (Samsung Electronics Co., Ltd.)
Task: {B9CC8ED8-153E-46A3-BDBA-05E4434F0FB0} - System32\Tasks\{9DECFD20-BB12-4E77-8E8C-4C8290775ABE} => pcalua.exe -a C:\Users\Jürgen\AppData\Roaming\omiga-plus\UninstallManager.exe -c  -ptid=pcs <==== ATTENTION
Task: {BDDF89D9-6935-419F-BCF0-C43D7A55F098} - System32\Tasks\{6B06DBE3-F059-49DA-A6AB-84A7544D3BA1} => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
Task: {C03ECA6F-42A1-4B72-A8A0-6BB8C4D5B800} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\Easy Settings\EBM\EasyBatteryMgr4.exe [2011-11-18] (SAMSUNG Electronics co., LTD.)
Task: {C080A121-C6B8-49CB-9411-F4E9039A8D12} - System32\Tasks\{BE7F4215-8603-4909-A21D-BEF997B6DADD} => pcalua.exe -a C:\PROGRA~2\SearchProtect\Main\bin\uninstall.exe -c /S <==== ATTENTION
Task: {D27874E7-CFAF-47BE-9BF4-C934FD7D40A3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E4B313C7-4014-4CCF-8220-FC9FE067AA69} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-12-17] (Oracle Corporation)
Task: {E638EA23-D45A-4F72-BA0C-584704B65E8E} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2013-10-16] (Samsung Electronics CO., LTD.)
Task: {E8D09EFF-C572-44FC-B708-C336FBE54019} - System32\Tasks\{B2FBFA09-4198-423A-860B-6621750308AB} => pcalua.exe -a C:\PROGRA~2\NOMAN'~1\UNINST~1\UNWISE.EXE -c C:\PROGRA~2\NOMAN'~1\UNINST~1\INSTALL.LOG
Task: {F02744B9-B972-450E-B54F-4BC8DBB06B8A} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-02-16] (CyberLink)
Task: {F7A95637-326D-469D-81BE-96F2AE0550A6} - System32\Tasks\{6A1035E6-5B36-42A2-871E-E82F6A8994E5} => pcalua.exe -a C:\Users\Jürgen\Desktop\libusb-win32-filter-bin-0.1.10.1.exe -d C:\Users\Jürgen\Desktop
Task: {FBCF6554-C387-4CD1-9EA0-26DC552B9D7C} - System32\Tasks\{49AF95F3-123B-4086-8E03-231AA0DD39CA} => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\JFHJUKWM.job => C:\Users\Jýÿrgen\AppData\Roaming\JFHJUKWM.exe <==== ATTENTION
Task: C:\windows\Tasks\ROPUHBSS.job => C:\Users\Jýÿrgen\AppData\Roaming\ROPUHBSS.exe <==== ATTENTION
Task: C:\windows\Tasks\SlimCleaner Plus (Scheduled Scan - Jürgen).job => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe

==================== Loaded Modules (whitelisted) ==============

2011-04-11 14:26 - 2011-04-11 14:26 - 00034304 _____ () C:\windows\System32\spd__l.dll
2012-11-07 14:27 - 2013-08-29 23:43 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-29 18:51 - 2014-05-30 11:05 - 00076888 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2012-03-08 07:45 - 2009-12-01 08:21 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2011-01-27 15:28 - 2011-01-27 15:28 - 00706048 _____ () C:\windows\system32\SnMinDrv.dll
2011-07-21 06:51 - 2010-12-16 10:37 - 00094208 _____ () C:\windows\system32\IccLibDll_x64.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-11-08 20:38 - 2006-08-12 12:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Settings\HookDllPS2.dll
2012-11-08 20:38 - 2011-02-17 01:03 - 00203776 _____ () C:\Program Files (x86)\Samsung\Easy Settings\WinCRT.dll
2014-12-12 10:40 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-12 10:40 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-12 10:40 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-12 10:40 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-12-12 10:40 - 2014-12-06 02:50 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll
2012-11-08 20:29 - 2011-09-08 19:40 - 01645056 _____ () C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll
2009-11-02 06:20 - 2009-11-02 06:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 06:23 - 2009-11-02 06:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1656143743-13120863-1912775482-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-1656143743-13120863-1912775482-500 - Administrator - Disabled)
Gast (S-1-5-21-1656143743-13120863-1912775482-501 - Limited - Enabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-1656143743-13120863-1912775482-1003 - Limited - Enabled)
Jürgen (S-1-5-21-1656143743-13120863-1912775482-1001 - Administrator - Enabled) => C:\Users\Jürgen
UpdatusUser (S-1-5-21-1656143743-13120863-1912775482-1000 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/25/2015 01:03:00 AM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
   bei AllShareDmsUtil.Configuration.ConfigurationManager.GetSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.LoadSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.InitContentsDirectoryManager()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
   bei AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
   bei AllShareDMS.AllShareDMS.DoStart()
   bei AllShareDMS.AllShareDMS.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (02/25/2015 01:01:36 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (02/25/2015 01:00:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/25/2015 00:18:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.1.711, Zeitstempel: 0x542b53ec
Name des fehlerhaften Moduls: QtCore4.dll, Version: 4.8.4.0, Zeitstempel: 0x51352df8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00042016
ID des fehlerhaften Prozesses: 0x1ae0
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3

Error: (02/25/2015 00:16:43 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (02/25/2015 00:16:11 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (02/25/2015 00:16:10 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (02/25/2015 00:14:24 AM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
   bei AllShareDmsUtil.Configuration.ConfigurationManager.GetSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.LoadSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.InitContentsDirectoryManager()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
   bei AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
   bei AllShareDMS.AllShareDMS.DoStart()
   bei AllShareDMS.AllShareDMS.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (02/25/2015 00:12:24 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (02/25/2015 00:11:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (02/25/2015 01:01:57 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{7175F74E-B701-42C9-B8D3-303291C51D18}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (02/25/2015 01:00:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LibUsb-Win32 - Daemon, Version 0.1.10.1" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (02/25/2015 01:00:29 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst TrimInstance erreicht.

Error: (02/25/2015 00:59:47 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\libusb0.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (02/25/2015 00:59:47 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\libusb0.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (02/25/2015 00:59:47 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\libusb0.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (02/25/2015 00:59:46 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\libusb0.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (02/25/2015 00:59:46 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\libusb0.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (02/25/2015 00:59:45 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\libusb0.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (02/25/2015 00:59:44 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\libusb0.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.


Microsoft Office Sessions:
=========================
Error: (02/25/2015 01:03:00 AM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
   bei AllShareDmsUtil.Configuration.ConfigurationManager.GetSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.LoadSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.InitContentsDirectoryManager()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
   bei AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
   bei AllShareDMS.AllShareDMS.DoStart()
   bei AllShareDMS.AllShareDMS.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (02/25/2015 01:01:36 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe

Error: (02/25/2015 01:00:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/25/2015 00:18:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.1.711542b53ecQtCore4.dll4.8.4.051352df8c0000005000420161ae001d05087faf4de87C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exeC:\Program Files (x86)\ Malwarebytes Anti-Malware \QtCore4.dll6a1c0a1b-bc7b-11e4-959b-b80305d05830

Error: (02/25/2015 00:16:43 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe

Error: (02/25/2015 00:16:11 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe

Error: (02/25/2015 00:16:10 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe

Error: (02/25/2015 00:14:24 AM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
   bei AllShareDmsUtil.Configuration.ConfigurationManager.GetSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.LoadSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.InitContentsDirectoryManager()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
   bei AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
   bei AllShareDMS.AllShareDMS.DoStart()
   bei AllShareDMS.AllShareDMS.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (02/25/2015 00:12:24 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe

Error: (02/25/2015 00:11:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) CPU B960 @ 2.20GHz
Percentage of memory in use: 63%
Total physical RAM: 4009.55 MB
Available physical RAM: 1455.71 MB
Total Pagefile: 8017.28 MB
Available Pagefile: 5114.54 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:177 GB) (Free:77.74 GB) NTFS
Drive d: () (Fixed) (Total:265.39 GB) (Free:0 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 3882832C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=177 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=265.4 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=23.3 GB) - (Type=27)

==================== End Of Log ============================

Bootsektor · 25.02.2015, 15:35

Hallo,

ich brauche unbedingt noch die FRST.txt, bittte poste mir diese noch.

ColiN17 · 25.02.2015, 15:39

FRST-Log

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-02-2015
Ran by Jürgen (administrator) on JÜRGEN-NOTEBOOK on 25-02-2015 01:04:07
Running from C:\Users\Jürgen\Desktop
Loaded Profiles: UpdatusUser & Jürgen (Available profiles: UpdatusUser & Jürgen & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Akamai Technologies, Inc.) C:\Users\Jürgen\AppData\Local\Akamai\netsession_win.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHLE.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Akamai Technologies, Inc.) C:\Users\Jürgen\AppData\Local\Akamai\netsession_win.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\SAMSUNG\SW Update Service\SWMAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Jürgen\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\Run: [EPLTarget\P0000000000000001] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE [283232 2012-11-11] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\Run: [SlimCleaner Plus] => "C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe" /minimize
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\Run: [GoogleChromeAutoLaunch_B841313E84CA8B8B9216D49316EC9E85] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\MountPoints2: {6e36cb99-290b-11e2-a34a-b80305d05830} - F:\LGAutoRun.exe
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: , c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
Startup: C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (No File)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:60935;https=127.0.0.1:60935
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/?gws_rd=ssl
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1656143743-13120863-1912775482-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1656143743-13120863-1912775482-1001 -> URL hxxp://www.trovigo.com/Results.aspx?gd=&ctid=CT3318001&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP71F23A66-DCF3-4EEA-AFEB-AB451F369A3E&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-1656143743-13120863-1912775482-1001 -> SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
BHO: lowruatE -> {3909cdc1-511d-4245-a49c-3e64a490f673} -> C:\Program Files (x86)\lowruatE\Mola4rU3D8ua0c.x64.dll ()
BHO: cheaap4aLll -> {723b33cb-7e50-4027-8c42-114b19ae1621} -> C:\Program Files (x86)\cheaap4aLll\LzGLgpAtaCnhiW.x64.dll ()
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: appsaVe -> {9d4eb179-63d7-489e-ab2f-cd2ab5834197} -> C:\Program Files (x86)\appsaVe\whQcTDlG52IU8I.x64.dll ()
BHO-x32: lowruatE -> {3909cdc1-511d-4245-a49c-3e64a490f673} -> C:\Program Files (x86)\lowruatE\Mola4rU3D8ua0c.dll ()
BHO-x32: cheaap4aLll -> {723b33cb-7e50-4027-8c42-114b19ae1621} -> C:\Program Files (x86)\cheaap4aLll\LzGLgpAtaCnhiW.dll ()
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: appsaVe -> {9d4eb179-63d7-489e-ab2f-cd2ab5834197} -> C:\Program Files (x86)\appsaVe\whQcTDlG52IU8I.dll ()
BHO-x32: Samsung BHO Class -> {AA609D72-8482-4076-8991-8CDAE5B93BCB} -> C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKU\S-1-5-21-1656143743-13120863-1912775482-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-1656143743-13120863-1912775482-1001 -> No Name - {4F524A2D-5354-2D53-5045-7A786E7484D7} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (offErraapp) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\abbnbfnmbefhkljaoilbflnhifonpcnd [2015-02-19]
CHR Extension: (No Name) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\beckihifaobcggnkcokhhnmcimkmdfco [2015-01-15]
CHR Extension: (metalmouth voice browser) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmogbhmnbehfapbmjlaoflagfobahfli [2015-02-19]
CHR Extension: (Utime) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpcibgnngaaabebmcabmkocdokepdaki [2015-02-04]
CHR Profile: C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (offErraapp) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\abbnbfnmbefhkljaoilbflnhifonpcnd [2015-02-19]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-15]
CHR Extension: (metalmouth voice browser) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bmogbhmnbehfapbmjlaoflagfobahfli [2015-02-19]
CHR Extension: (Utime) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kpcibgnngaaabebmcabmkocdokepdaki [2015-02-04]
CHR Extension: (Google Wallet) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-15]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2014-12-15] ()
R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [921664 2011-11-14] (Intel Corporation) [File not signed]
R3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1355840 2011-11-14] (Intel Corporation) [File not signed]
R2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [995392 2011-11-14] (Intel Corporation) [File not signed]
S2 libusbd; C:\Windows\SysWOW64\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2014-05-30] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] () [File not signed]
S3 Samsung UPD Service2; C:\windows\System32\SUPDSvc2.exe [165456 2011-12-02] (Samsung Electronics)
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3018800 2013-10-21] (Samsung Electronics CO., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 06c60260; "C:\windows\system32\rundll32.exe" "c:\Program Files (x86)\TrimInstance\TrimInstance.dll",serv

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2014-10-11] ()
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] () [File not signed]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2014-10-11] ()
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-25] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-07-30] (Windows (R) 2003 DDK 3790 provider)
R2 SGDrv; C:\Windows\System32\DRIVERS\SGdrv64.sys [7680 2011-04-11] (Phoenix Technologies Ltd.)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-09-26] ()
S3 AthBTPort; system32\DRIVERS\btath_flt.sys [X]
S3 athr; system32\DRIVERS\athrx.sys [X]
S3 BTATH_A2DP; system32\drivers\btath_a2dp.sys [X]
S3 btath_avdt; system32\drivers\btath_avdt.sys [X]
S3 BTATH_BUS; system32\DRIVERS\btath_bus.sys [X]
S3 BTATH_HCRP; system32\DRIVERS\btath_hcrp.sys [X]
S3 BTATH_LWFLT; system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; system32\DRIVERS\btath_rcp.sys [X]
S3 BtFilter; system32\DRIVERS\btfilter.sys [X]
S3 cpuz134; \??\C:\Users\JRGEN~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 SBIOSIO; \??\C:\Users\JRGEN~1\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys [X]
S3 wolf; \??\C:\AeriaGames\WolfTeam-DE\avital\wolf64.sys [X]
S3 xhunter1; \??\C:\windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-25 01:03 - 2015-02-25 01:03 - 00006534 _____ () C:\Users\Jürgen\Desktop\mbam.txt
2015-02-25 00:16 - 2015-02-25 01:02 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-25 00:16 - 2015-02-25 00:16 - 00001062 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-02-25 00:16 - 2015-02-25 00:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-02-25 00:16 - 2015-02-25 00:16 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-02-25 00:16 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-02-25 00:16 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-02-25 00:16 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-02-25 00:15 - 2015-02-25 00:15 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-25 00:13 - 2015-02-25 00:14 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Jürgen\Desktop\mbam-setup-2.0.4.1028.exe
2015-02-25 00:07 - 2015-02-25 00:09 - 00000000 ____D () C:\AdwCleaner
2015-02-25 00:05 - 2015-02-25 00:05 - 02126848 _____ () C:\Users\Jürgen\Desktop\AdwCleaner_4.111.exe
2015-02-24 23:57 - 2015-02-24 23:57 - 00001224 _____ () C:\Users\Jürgen\Desktop\Revo Uninstaller.lnk
2015-02-24 23:57 - 2015-02-24 23:57 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-02-24 23:56 - 2015-02-24 23:57 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Jürgen\Desktop\revosetup95.exe
2015-02-24 23:56 - 2015-02-24 23:56 - 00003118 _____ () C:\windows\System32\Tasks\{BE7F4215-8603-4909-A21D-BEF997B6DADD}
2015-02-24 21:10 - 2015-02-24 21:10 - 00039779 _____ () C:\Users\Jürgen\Desktop\Gmer.txt
2015-02-24 20:55 - 2015-02-24 20:55 - 641903775 _____ () C:\windows\MEMORY.DMP
2015-02-24 20:55 - 2015-02-24 20:55 - 00262144 _____ () C:\windows\Minidump\022415-18127-01.dmp
2015-02-24 20:33 - 2015-02-24 20:33 - 00380416 _____ () C:\Users\Jürgen\Desktop\Gmer-19357.exe
2015-02-24 20:31 - 2015-02-24 20:32 - 00047753 _____ () C:\Users\Jürgen\Desktop\Addition.txt
2015-02-24 20:24 - 2015-02-25 01:05 - 00020098 _____ () C:\Users\Jürgen\Desktop\FRST.txt
2015-02-24 20:24 - 2015-02-25 01:04 - 00000000 ____D () C:\FRST
2015-02-24 20:23 - 2015-02-24 20:23 - 02087424 _____ (Farbar) C:\Users\Jürgen\Desktop\FRST64.exe
2015-02-24 20:22 - 2015-02-24 20:22 - 00000474 _____ () C:\Users\Jürgen\Desktop\defogger_disable.log
2015-02-24 20:22 - 2015-02-24 20:22 - 00000000 _____ () C:\Users\Jürgen\defogger_reenable
2015-02-24 20:20 - 2015-02-24 20:20 - 00050477 _____ () C:\Users\Jürgen\Desktop\Defogger.exe
2015-02-24 20:11 - 2015-02-24 20:11 - 00000000 ____D () C:\Users\Jürgen\Desktop\Neuer Ordner
2015-02-23 22:19 - 2015-01-29 17:49 - 113756392 _____ (Microsoft Corporation) C:\windows\SysWOW64\MRT.exe
2015-02-23 20:23 - 2015-02-23 20:23 - 00000564 _____ () C:\windows\wmsetup.log
2015-02-23 20:23 - 2015-02-23 20:23 - 00000000 ____D () C:\Users\Jürgen\Documents\Riptide
2015-02-23 20:23 - 2015-02-23 20:23 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Chromium
2015-02-23 18:48 - 2015-02-23 18:48 - 00002259 _____ () C:\Users\Jürgen\Desktop\Chrome App Launcher.lnk
2015-02-23 18:48 - 2015-02-23 18:48 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-21 16:13 - 2015-02-21 16:13 - 00000274 _____ () C:\Users\Jürgen\AppData\Roaming\removeAllComponents.bat
2015-02-21 16:13 - 2015-02-21 16:13 - 00000143 _____ () C:\Users\Jürgen\AppData\Roaming\tmp_unregister.bat
2015-02-21 14:41 - 2015-02-21 14:41 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Steam
2015-02-20 16:27 - 2015-02-20 16:27 - 00000000 _____ () C:\windows\SysWOW64\sho602D.tmp
2015-02-19 23:20 - 2015-02-19 23:21 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\{77A394FF-250E-450A-AB1E-D87C5A2C591B}
2015-02-19 16:12 - 2015-02-19 16:13 - 00000000 ____D () C:\Program Files (x86)\cheaap4aLll
2015-02-19 16:12 - 2015-02-19 16:12 - 00000000 ____D () C:\Program Files (x86)\metalmouth voice browser
2015-02-19 16:09 - 2015-02-19 16:11 - 00000000 ____D () C:\Program Files (x86)\auppsaave
2015-02-19 16:09 - 2015-02-19 16:09 - 00000000 ____D () C:\Program Files (x86)\offErraapp
2015-02-19 16:02 - 2015-02-19 16:03 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Risen
2015-02-19 15:49 - 2015-02-19 15:49 - 00000000 ____D () C:\Program Files (x86)\Deep Silver
2015-02-12 23:23 - 2015-02-12 23:23 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\{1C7F2C48-3377-4EA1-8991-C137FA78B7FC}
2015-02-12 13:33 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-02-12 13:33 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-02-12 13:33 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-02-12 13:33 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-02-11 14:56 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-02-11 14:56 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-02-11 14:56 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-02-11 14:56 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-02-11 14:56 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-02-11 14:56 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-02-11 14:56 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-02-11 14:56 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2015-02-11 14:56 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-02-11 14:55 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-02-11 14:55 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-02-11 14:55 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-02-11 14:55 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-02-11 14:55 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-02-11 14:55 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-02-11 14:55 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-02-11 14:55 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-02-11 14:55 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-02-11 14:55 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-02-11 14:55 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-02-11 14:55 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-02-11 14:55 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-02-11 14:55 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-02-11 14:55 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-02-11 14:55 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-02-11 14:55 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-02-11 14:55 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-02-11 14:55 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-02-11 14:55 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 14:55 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-02-11 14:55 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-02-11 14:55 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-02-11 14:55 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-02-11 14:55 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-02-11 14:55 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-02-11 14:55 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-02-11 14:55 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-02-11 14:55 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-02-11 14:55 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-02-11 14:55 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-02-11 14:55 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-02-11 14:55 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-02-11 14:55 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-02-11 14:55 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-02-11 14:55 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-02-11 14:55 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-02-11 14:55 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-02-11 14:55 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 14:55 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-02-11 14:55 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-02-11 14:55 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-02-11 14:55 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-02-11 14:55 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-02-11 14:55 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-02-11 14:55 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-02-11 14:55 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-02-11 14:55 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-02-11 14:55 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-02-11 14:55 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-02-11 14:55 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-02-11 14:55 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-02-11 14:54 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-02-11 14:54 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-02-11 14:54 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-02-11 14:54 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-02-11 14:54 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-02-11 14:54 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-02-11 14:54 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-02-11 14:54 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-02-11 14:54 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-02-11 14:54 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-02-11 14:54 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-02-11 14:54 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-02-11 14:54 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-02-11 14:54 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-02-11 14:54 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-02-11 14:54 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-02-11 14:54 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-02-11 14:54 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-02-11 14:54 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-02-11 14:54 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2015-02-11 14:53 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-02-11 14:53 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2015-02-11 14:53 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2015-02-11 14:53 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2015-02-11 14:53 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2015-02-11 14:53 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2015-02-11 14:52 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2015-02-11 14:52 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2015-02-11 14:50 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-02-11 14:50 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-02-11 14:50 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-02-11 14:50 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-02-11 14:50 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-02-11 14:50 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-02-11 14:50 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-02-11 14:50 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2015-02-11 14:50 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll
2015-02-11 14:49 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-02-07 08:09 - 2015-02-07 08:09 - 00000020 _____ () C:\Users\Gast\AppData\Roaming\appdataFr3.bin
2015-02-04 22:29 - 2015-02-24 23:20 - 00000020 _____ () C:\Users\Jürgen\AppData\Roaming\appdataFr3.bin
2015-02-04 22:01 - 2015-02-04 22:01 - 00000000 ____D () C:\ProgramData\cheap-o
2015-02-04 16:40 - 2015-02-25 00:59 - 00004493 _____ () C:\windows\setupact.log
2015-02-04 16:40 - 2015-02-04 16:40 - 00000000 _____ () C:\windows\setuperr.log
2015-02-04 13:54 - 2015-02-04 13:54 - 00000000 ____D () C:\Program Files (x86)\Utime
2015-02-04 13:53 - 2015-02-04 13:53 - 00000000 ____D () C:\Program Files (x86)\appsaVe
2015-02-04 13:52 - 2015-02-04 13:53 - 00000000 ____D () C:\Program Files (x86)\lowruatE
2015-01-29 20:20 - 2015-01-29 20:20 - 00301608 _____ (VuuPC Limited) C:\Users\Jürgen\AppData\Local\nsn4966.tmp
2015-01-29 19:26 - 2015-02-25 00:56 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\com
2015-01-29 19:14 - 2015-01-29 19:14 - 00001690 _____ () C:\windows\Tasks\JFHJUKWM.job
2015-01-28 17:32 - 2015-02-06 19:24 - 00000000 ____D () C:\Users\Jürgen\Downloads\Papa
2015-01-28 17:30 - 2015-01-28 17:31 - 00000000 ____D () C:\Users\Jürgen\Downloads\BilderKevin
2015-01-28 17:30 - 2015-01-28 17:30 - 00000000 ____D () C:\Users\Jürgen\Downloads\Virenprogramm
2015-01-28 17:29 - 2015-02-24 12:29 - 00000000 ____D () C:\Users\Jürgen\Downloads\Spiele
2015-01-28 17:27 - 2015-01-28 17:27 - 00000000 ____D () C:\Users\Jürgen\Downloads\MusikPapa
2015-01-27 14:06 - 2015-02-23 18:46 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-25 01:04 - 2012-03-08 23:10 - 01137914 _____ () C:\windows\WindowsUpdate.log
2015-02-25 01:00 - 2013-05-13 21:07 - 00000443 _____ () C:\windows\system32\Drivers\etc\hosts.ics
2015-02-25 01:00 - 2013-02-17 18:12 - 00001106 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-25 00:59 - 2010-11-21 04:47 - 00909616 _____ () C:\windows\PFRO.log
2015-02-25 00:59 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-02-25 00:59 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\Resources
2015-02-25 00:56 - 2013-02-17 18:12 - 00001110 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-25 00:32 - 2012-11-14 16:59 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-02-25 00:19 - 2009-07-14 05:45 - 00028624 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-25 00:19 - 2009-07-14 05:45 - 00028624 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-25 00:18 - 2012-11-07 20:27 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\CrashDumps
2015-02-25 00:18 - 2012-03-08 22:43 - 00700134 _____ () C:\windows\system32\perfh007.dat
2015-02-25 00:18 - 2012-03-08 22:43 - 00149984 _____ () C:\windows\system32\perfc007.dat
2015-02-25 00:18 - 2009-07-14 06:13 - 01622300 _____ () C:\windows\system32\PerfStringBackup.INI
2015-02-25 00:09 - 2014-07-08 18:01 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\Common
2015-02-25 00:08 - 2012-11-07 16:11 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\SoftGrid Client
2015-02-24 22:54 - 2014-09-24 21:54 - 00000368 _____ () C:\windows\Tasks\SlimCleaner Plus (Scheduled Scan - Jürgen).job
2015-02-24 21:14 - 2012-11-15 14:28 - 00000000 ____D () C:\Users\Jürgen\Desktop\Eigene Dateien
2015-02-24 20:55 - 2015-01-24 16:55 - 00000000 ____D () C:\windows\Minidump
2015-02-24 20:22 - 2012-11-07 12:45 - 00000000 ____D () C:\Users\Jürgen
2015-02-24 18:03 - 2014-01-19 19:09 - 01132544 ___SH () C:\Users\Jürgen\Desktop\Thumbs.db
2015-02-24 17:55 - 2014-01-06 03:01 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-23 22:08 - 2013-11-08 16:29 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-23 22:08 - 2013-11-08 16:28 - 00000000 ____D () C:\Program Files (x86)\Java
2015-02-23 22:06 - 2014-08-18 16:57 - 00272296 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2015-02-23 22:06 - 2014-08-18 16:56 - 00176552 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2015-02-23 22:06 - 2014-08-18 16:56 - 00176552 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2015-02-23 22:06 - 2013-11-08 16:29 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2015-02-23 20:22 - 2012-03-08 07:20 - 00231465 _____ () C:\windows\DirectX.log
2015-02-23 17:43 - 2009-07-14 06:32 - 00000000 ____D () C:\windows\system32\FxsTmp
2015-02-21 16:16 - 2012-03-08 07:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-02-21 16:11 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-21 16:10 - 2013-10-15 17:42 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-02-21 14:48 - 2013-04-27 14:02 - 00000000 ___RD () C:\Users\Jürgen\Desktop\Colin
2015-02-21 14:44 - 2014-06-19 17:53 - 00000000 ____D () C:\Program Files (x86)\Ubi Soft
2015-02-21 12:36 - 2009-07-14 06:08 - 00032632 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2015-02-19 15:48 - 2012-03-08 06:14 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-13 20:19 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\rescache
2015-02-11 19:11 - 2009-07-14 05:45 - 00471704 _____ () C:\windows\system32\FNTCACHE.DAT
2015-02-11 19:09 - 2014-12-10 18:41 - 00000000 ____D () C:\windows\system32\appraiser
2015-02-11 19:09 - 2014-05-06 11:58 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-02-11 15:44 - 2012-11-09 19:21 - 00001912 _____ () C:\windows\epplauncher.mif
2015-02-11 15:43 - 2013-08-15 09:47 - 00000000 ____D () C:\windows\system32\MRT
2015-02-11 15:43 - 2012-11-09 19:21 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-02-11 15:43 - 2012-11-09 19:21 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-02-11 15:43 - 2012-11-09 19:21 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2015-02-11 14:30 - 2012-11-07 13:05 - 00122928 _____ () C:\Users\Jürgen\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-07 08:08 - 2015-01-05 16:37 - 00122928 _____ () C:\Users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-06 19:24 - 2014-06-21 18:02 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Adobe
2015-02-05 18:32 - 2012-11-14 16:59 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-02-05 18:32 - 2012-11-14 16:59 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-05 18:32 - 2012-11-14 16:59 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-02-01 14:28 - 2013-11-12 16:50 - 00000232 _____ () C:\Users\Jürgen\AppData\Roaming\WB.CFG
2015-01-29 20:37 - 2012-11-11 11:14 - 00000000 ____D () C:\Program Files (x86)\ABBYY FineReader 9.0 Sprint
2015-01-29 17:49 - 2012-11-07 13:33 - 116773704 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-01-29 07:11 - 2013-02-17 18:12 - 00000000 ____D () C:\Program Files\Google
2015-01-29 07:11 - 2013-02-17 18:11 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-28 17:34 - 2014-03-15 13:06 - 00000000 ____D () C:\Users\Jürgen\Downloads\Schule
2015-01-28 17:34 - 2014-03-15 13:04 - 00000000 ____D () C:\Users\Jürgen\Downloads\Musik
2015-01-28 17:28 - 2014-03-15 13:05 - 00000000 ____D () C:\Users\Jürgen\Downloads\Minecraft
2015-01-28 17:24 - 2013-02-17 18:11 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Google

==================== Files in the root of some directories =======

2015-02-04 22:29 - 2015-02-24 23:20 - 0000020 _____ () C:\Users\Jürgen\AppData\Roaming\appdataFr3.bin
2015-01-25 17:12 - 2015-01-25 17:12 - 0001248 _____ () C:\Users\Jürgen\AppData\Roaming\JFHJUKWM
2014-09-01 09:18 - 2014-09-01 09:18 - 0002086 _____ () C:\Users\Jürgen\AppData\Roaming\JYL
2015-02-21 16:13 - 2015-02-21 16:13 - 0000274 _____ () C:\Users\Jürgen\AppData\Roaming\removeAllComponents.bat
2014-09-01 09:18 - 2014-09-01 09:18 - 0001248 _____ () C:\Users\Jürgen\AppData\Roaming\ROPUHBSS
2014-07-08 18:01 - 2014-07-08 18:01 - 0000138 _____ () C:\Users\Jürgen\AppData\Roaming\tmp_register.bat
2015-02-21 16:13 - 2015-02-21 16:13 - 0000143 _____ () C:\Users\Jürgen\AppData\Roaming\tmp_unregister.bat
2013-11-12 16:50 - 2015-02-01 14:28 - 0000232 _____ () C:\Users\Jürgen\AppData\Roaming\WB.CFG
2013-11-12 16:50 - 2013-11-21 14:50 - 0000006 _____ () C:\Users\Jürgen\AppData\Roaming\WBPU-TTL.DAT
2014-09-01 09:18 - 2014-09-01 09:18 - 0001248 _____ () C:\Users\Jürgen\AppData\Roaming\WHDNEP
2014-05-11 21:26 - 2014-05-11 21:26 - 0000000 ___SH () C:\Users\Jürgen\AppData\Local\LumaEmu
2015-01-29 20:20 - 2015-01-29 20:20 - 0301608 _____ (VuuPC Limited) C:\Users\Jürgen\AppData\Local\nsn4966.tmp
2014-10-15 01:27 - 2014-10-15 01:27 - 0000906 _____ () C:\Users\Jürgen\AppData\Local\recently-used.xbel
2012-11-08 13:20 - 2012-11-08 13:20 - 0000017 _____ () C:\Users\Jürgen\AppData\Local\resmon.resmoncfg
2012-03-08 07:48 - 2012-03-08 07:48 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2012-03-08 07:43 - 2012-03-08 07:43 - 0000113 _____ () C:\ProgramData\{34FBC7C4-CD31-4D93-A428-0E524EAC4586}.log
2012-03-08 07:46 - 2012-03-08 07:46 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-03-08 07:43 - 2012-03-08 07:45 - 0000106 _____ () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log
2012-03-08 07:46 - 2012-03-08 07:48 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log

Some content of TEMP:
====================
C:\Users\Jürgen\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Jürgen\AppData\Local\Temp\Quarantine.exe
C:\Users\Jürgen\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-24 08:25

==================== End Of Log ============================

--- --- ---

Bootsektor · 25.02.2015, 23:15

Hallo

und danke

Wie sieht es denn hiernach aus?

Schritt 1

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:60935;https=127.0.0.1:60935
SearchScopes: HKU\S-1-5-21-1656143743-13120863-1912775482-1001 -> URL hxxp://www.trovigo.com/Results.aspx?gd=&ctid=CT3318001&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP71F23A66-DCF3-4EEA-AFEB-AB451F369A3E&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-1656143743-13120863-1912775482-1001 -> SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
BHO: lowruatE -> {3909cdc1-511d-4245-a49c-3e64a490f673} -> C:\Program Files (x86)\lowruatE\Mola4rU3D8ua0c.x64.dll ()
BHO: cheaap4aLll -> {723b33cb-7e50-4027-8c42-114b19ae1621} -> C:\Program Files (x86)\cheaap4aLll\LzGLgpAtaCnhiW.x64.dll ()
BHO: appsaVe -> {9d4eb179-63d7-489e-ab2f-cd2ab5834197} -> C:\Program Files (x86)\appsaVe\whQcTDlG52IU8I.x64.dll ()
BHO-x32: lowruatE -> {3909cdc1-511d-4245-a49c-3e64a490f673} -> C:\Program Files (x86)\lowruatE\Mola4rU3D8ua0c.dll ()
BHO-x32: cheaap4aLll -> {723b33cb-7e50-4027-8c42-114b19ae1621} -> C:\Program Files (x86)\cheaap4aLll\LzGLgpAtaCnhiW.dll ()
BHO-x32: appsaVe -> {9d4eb179-63d7-489e-ab2f-cd2ab5834197} -> C:\Program Files (x86)\appsaVe\whQcTDlG52IU8I.dll ()
CHR Extension: (offErraapp) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\abbnbfnmbefhkljaoilbflnhifonpcnd [2015-02-19]
CHR Extension: (offErraapp) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\abbnbfnmbefhkljaoilbflnhifonpcnd [2015-02-19]
S2 06c60260; "C:\windows\system32\rundll32.exe" "c:\Program Files (x86)\TrimInstance\TrimInstance.dll",serv
C:\Program Files (x86)\appsaVe
C:\Program Files (x86)\cheaap4aLll
C:\Program Files (x86)\lowruatE
C:\Program Files (x86)\auppsaave
C:\Program Files (x86)\offErraapp
C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\abbnbfnmbefhkljaoilbflnhifonpcnd [2015-02-19]
C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\abbnbfnmbefhkljaoilbflnhifonpcnd [2015-02-19]
c:\Program Files (x86)\TrimInstance\TrimInstance.dll
cmd: dir "C:\Users\Jürgen\AppData\Roaming\JFHJUKWM" /s
cmd: dir "C:\Users\Jürgen\AppData\Roaming\WHDNEP" /s
REG: reg query "HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings"
REG: reg query "HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections"
REG: reg query "HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad"
REG: reg query "HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-12-35-02"
REG: reg query "HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters" /s
reboot:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2
Starte noch einmal FRST.

Ändere keine der Voreinstellungen und drücke auf Scan.
Wenn der Scan abgeschlossen ist, wird ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

ColiN17 · 25.02.2015, 23:28

Hallo

sieht nach dem fix noch immer so aus wie davor,dass heißt Werbung und die blau markierten Wörter sind noch da.
Trotzdem danke

Fixlog

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-02-2015 01
Ran by Jürgen at 2015-02-25 23:18:42 Run:1
Running from C:\Users\Jürgen\Desktop
Loaded Profiles: UpdatusUser & Jürgen (Available profiles: UpdatusUser & Jürgen & Gast)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
ProxyEnable: [.DEFAULT] => INTERNET EXPLORER proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:60935;https=127.0.0.1:60935
SearchScopes: HKU\S-1-5-21-1656143743-13120863-1912775482-1001 -> URL hxxp://www.trovigo.com/Results.aspx?gd=&ctid=CT3318001&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP71F23A66-DCF3-4EEA-AFEB-AB451F369A3E&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-1656143743-13120863-1912775482-1001 -> SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
BHO: lowruatE -> {3909cdc1-511d-4245-a49c-3e64a490f673} -> C:\Program Files (x86)\lowruatE\Mola4rU3D8ua0c.x64.dll ()
BHO: cheaap4aLll -> {723b33cb-7e50-4027-8c42-114b19ae1621} -> C:\Program Files (x86)\cheaap4aLll\LzGLgpAtaCnhiW.x64.dll ()
BHO: appsaVe -> {9d4eb179-63d7-489e-ab2f-cd2ab5834197} -> C:\Program Files (x86)\appsaVe\whQcTDlG52IU8I.x64.dll ()
BHO-x32: lowruatE -> {3909cdc1-511d-4245-a49c-3e64a490f673} -> C:\Program Files (x86)\lowruatE\Mola4rU3D8ua0c.dll ()
BHO-x32: cheaap4aLll -> {723b33cb-7e50-4027-8c42-114b19ae1621} -> C:\Program Files (x86)\cheaap4aLll\LzGLgpAtaCnhiW.dll ()
BHO-x32: appsaVe -> {9d4eb179-63d7-489e-ab2f-cd2ab5834197} -> C:\Program Files (x86)\appsaVe\whQcTDlG52IU8I.dll ()
CHR Extension: (offErraapp) - C:\Users\Jürgen\AppData\Local\GOOGLE\CHROME\User Data\Default\Extensions\abbnbfnmbefhkljaoilbflnhifonpcnd [2015-02-19]
CHR Extension: (offErraapp) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\PROFILE 1\Extensions\abbnbfnmbefhkljaoilbflnhifonpcnd [2015-02-19]
S2 06c60260; "C:\windows\system32\rundll32.exe" "c:\Program Files (x86)\TrimInstance\TrimInstance.dll",serv
C:\Program Files (x86)\appsaVe
C:\Program Files (x86)\cheaap4aLll
C:\Program Files (x86)\lowruatE
C:\Program Files (x86)\auppsaave
C:\Program Files (x86)\offErraapp
C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\abbnbfnmbefhkljaoilbflnhifonpcnd [2015-02-19]
C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\abbnbfnmbefhkljaoilbflnhifonpcnd [2015-02-19]
c:\Program Files (x86)\TrimInstance\TrimInstance.dll
cmd: dir "C:\Users\Jürgen\AppData\Roaming\JFHJUKWM" /s
cmd: dir "C:\Users\Jürgen\AppData\Roaming\WHDNEP" /s
REG: reg query "HKEY_USERS\.DEFAULT\Software\MICROSOFT\Windows\CurrentVersion\Internet Settings"
REG: reg query "HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections"
REG: reg query "HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad"
REG: reg query "HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-12-35-02"
REG: reg query "HKLM\SYSTEM\CurrentControlSet\SERVICES\NlaSvc\Parameters" /s
reboot:
*****************

HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\URL => value deleted successfully.
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\SuggestionsURL_JSON => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3909cdc1-511d-4245-a49c-3e64a490f673}" => Key deleted successfully.
"HKCR\CLSID\{3909cdc1-511d-4245-a49c-3e64a490f673}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{723b33cb-7e50-4027-8c42-114b19ae1621}" => Key deleted successfully.
"HKCR\CLSID\{723b33cb-7e50-4027-8c42-114b19ae1621}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9d4eb179-63d7-489e-ab2f-cd2ab5834197}" => Key deleted successfully.
"HKCR\CLSID\{9d4eb179-63d7-489e-ab2f-cd2ab5834197}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3909cdc1-511d-4245-a49c-3e64a490f673}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{3909cdc1-511d-4245-a49c-3e64a490f673}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{723b33cb-7e50-4027-8c42-114b19ae1621}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{723b33cb-7e50-4027-8c42-114b19ae1621}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9d4eb179-63d7-489e-ab2f-cd2ab5834197}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{9d4eb179-63d7-489e-ab2f-cd2ab5834197}" => Key deleted successfully.
C:\Users\Jürgen\AppData\Local\GOOGLE\CHROME\User Data\Default\Extensions\abbnbfnmbefhkljaoilbflnhifonpcnd => Moved successfully.
C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\PROFILE 1\Extensions\abbnbfnmbefhkljaoilbflnhifonpcnd => Moved successfully.
06c60260 => Service deleted successfully.
C:\Program Files (x86)\appsaVe => Moved successfully.
C:\Program Files (x86)\cheaap4aLll => Moved successfully.
C:\Program Files (x86)\lowruatE => Moved successfully.
C:\Program Files (x86)\auppsaave => Moved successfully.
C:\Program Files (x86)\offErraapp => Moved successfully.
"C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\abbnbfnmbefhkljaoilbflnhifonpcnd [2015-02-19]" => File/Directory not found.
"C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\abbnbfnmbefhkljaoilbflnhifonpcnd [2015-02-19]" => File/Directory not found.
"c:\Program Files (x86)\TrimInstance\TrimInstance.dll" => File/Directory not found.

=========  dir "C:\Users\Jürgen\AppData\Roaming\JFHJUKWM" /s =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: 502F-B692

 Verzeichnis von C:\Users\J�rgen\AppData\Roaming

25.01.2015  17:12             1.248 JFHJUKWM
               1 Datei(en),          1.248 Bytes

     Anzahl der angezeigten Dateien:
               1 Datei(en),          1.248 Bytes
               0 Verzeichnis(se), 82.943.336.448 Bytes frei

========= End of CMD: =========


=========  dir "C:\Users\Jürgen\AppData\Roaming\WHDNEP" /s =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: 502F-B692

 Verzeichnis von C:\Users\J�rgen\AppData\Roaming

01.09.2014  09:18             1.248 WHDNEP
               1 Datei(en),          1.248 Bytes

     Anzahl der angezeigten Dateien:
               1 Datei(en),          1.248 Bytes
               0 Verzeichnis(se), 82.943.377.408 Bytes frei

========= End of CMD: =========


========= reg query "HKEY_USERS\.DEFAULT\Software\MICROSOFT\Windows\CurrentVersion\Internet Settings" =========


HKEY_USERS\.DEFAULT\Software\MICROSOFT\Windows\CurrentVersion\Internet Settings
    EnableNegotiate    REG_DWORD    0x1
    User Agent    REG_SZ    Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    IE5_UA_Backup_Flag    REG_SZ    5.0
    ZonesSecurityUpgrade    REG_BINARY    B6A118893F04CA01
    ProxyOverride    REG_SZ    <-loopback>

HKEY_USERS\.DEFAULT\Software\MICROSOFT\Windows\CurrentVersion\Internet Settings\5.0
HKEY_USERS\.DEFAULT\Software\MICROSOFT\Windows\CurrentVersion\Internet Settings\Connections
HKEY_USERS\.DEFAULT\Software\MICROSOFT\Windows\CurrentVersion\Internet Settings\Lockdown_Zones
HKEY_USERS\.DEFAULT\Software\MICROSOFT\Windows\CurrentVersion\Internet Settings\P3P
HKEY_USERS\.DEFAULT\Software\MICROSOFT\Windows\CurrentVersion\Internet Settings\Wpad
HKEY_USERS\.DEFAULT\Software\MICROSOFT\Windows\CurrentVersion\Internet Settings\ZoneMap
HKEY_USERS\.DEFAULT\Software\MICROSOFT\Windows\CurrentVersion\Internet Settings\Zones


========= End of Reg: =========


========= reg query "HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections" =========


HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
    SavedLegacySettings    REG_BINARY    46000000A7080000030000002A000000687474703D3132372E302E302E313A36303933353B68747470733D3132372E302E302E313A36303933350B0000003C2D6C6F6F706261636B3E00000000000000000000000016BC8945335CCE010000000000000000000000000100000002000000C0A8026C000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
    DefaultConnectionSettings    REG_BINARY    4600000061120000030000002A000000687474703D3132372E302E302E313A36303933353B68747470733D3132372E302E302E313A36303933350B0000003C2D6C6F6F706261636B3E00000000000000000000000016BC8945335CCE010000000000000000000000000100000002000000C0A8026C000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000



========= End of Reg: =========


========= reg query "HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad" =========


HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\00-eb-2d-ae-4e-30
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\4a-74-6e-76-43-64_7e-4f-b5-79-2a-91
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\7c-4f-b5-7d-84-38
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\7e-4f-b5-79-2a-91
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\7e-4f-b5-79-2a-91_f2-23-db-a5-f7-64
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\c8-14-79-4b-4e-35
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\f2-23-db-a5-8b-00
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{069648BE-CDBE-45ED-A1C1-4E6311E8AA1A}
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{2FF837D8-1860-461D-B679-65533937DD10}_{76796E37-092F-470A-AB9B-A22CE3665597}
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{573D61D8-204F-446D-805C-A8DCDF254002}
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{5F2C7584-F644-4318-BC7E-369AA70434A2}
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{76796E37-092F-470A-AB9B-A22CE3665597}
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{76796E37-092F-470A-AB9B-A22CE3665597}_{FAFFDD6C-3297-4466-94B7-3D87146C251B}
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{94E383F4-959D-49E4-893A-1CC90136322C}
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{A4CBF257-5B45-412E-8214-6545C6DD3D32}
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{B8422182-D130-4C81-AABA-461E8D5A9B26}


========= End of Reg: =========


========= reg query "HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\52-54-00-12-35-02" =========

FEHLER: Der angegebene Registrierungsschlssel bzw. Wert wurde nicht gefunden.


========= End of Reg: =========


========= reg query "HKLM\SYSTEM\CurrentControlSet\SERVICES\NlaSvc\Parameters" /s =========


HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\SERVICES\NlaSvc\Parameters
    ServiceDll    REG_EXPAND_SZ    %SystemRoot%\System32\nlasvc.dll
    ServiceDllUnloadOnStop    REG_DWORD    0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\SERVICES\NlaSvc\Parameters\Internet
    PassivePollPeriod    REG_DWORD    0x5
    StaleThreshold    REG_DWORD    0x1e
    WebTimeout    REG_DWORD    0x23
    EnableActiveProbing    REG_DWORD    0x1
    ActiveWebProbeHost    REG_SZ    www.msftncsi.com
    ActiveWebProbePath    REG_SZ    ncsi.txt
    ActiveWebProbeContent    REG_SZ    Microsoft NCSI
    ActiveDnsProbeHost    REG_SZ    dns.msftncsi.com
    ActiveDnsProbeContent    REG_SZ    131.107.255.255
    ActiveWebProbePathV6    REG_SZ    ncsi.txt
    ActiveWebProbeContentV6    REG_SZ    Microsoft NCSI
    ActiveDnsProbeContentV6    REG_SZ    fd3e:4f5a:5b81::1
    ActiveWebProbeHostV6    REG_SZ    ipv6.msftncsi.com
    ActiveDnsProbeHostV6    REG_SZ    dns.msftncsi.com
    OpportunisticInternetGatewaysV4    REG_SZ    7e-4f-b5-79-2a-91 151158

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\SERVICES\NlaSvc\Parameters\Internet\ManualProxies



========= End of Reg: =========



The system needed a reboot. 

==== End of Fixlog 23:19:10 ====

FRSTlog

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-02-2015 01
Ran by Jürgen (administrator) on JÜRGEN-NOTEBOOK on 25-02-2015 23:23:57
Running from C:\Users\Jürgen\Desktop
Loaded Profiles: UpdatusUser & Jürgen (Available profiles: UpdatusUser & Jürgen & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Akamai Technologies, Inc.) C:\Users\Jürgen\AppData\Local\Akamai\netsession_win.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHLE.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Akamai Technologies, Inc.) C:\Users\Jürgen\AppData\Local\Akamai\netsession_win.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\SCCSpeedBoot.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\SysWOW64\icacls.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\SAMSUNG\SW Update Service\SWMAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Jürgen\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\Run: [EPLTarget\P0000000000000001] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE [283232 2012-11-11] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\Run: [SlimCleaner Plus] => "C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe" /minimize
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\Run: [GoogleChromeAutoLaunch_B841313E84CA8B8B9216D49316EC9E85] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\MountPoints2: {6e36cb99-290b-11e2-a34a-b80305d05830} - F:\LGAutoRun.exe
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: , c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
Startup: C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (No File)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/?gws_rd=ssl
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1656143743-13120863-1912775482-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Samsung BHO Class -> {AA609D72-8482-4076-8991-8CDAE5B93BCB} -> C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKU\S-1-5-21-1656143743-13120863-1912775482-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-1656143743-13120863-1912775482-1001 -> No Name - {4F524A2D-5354-2D53-5045-7A786E7484D7} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\beckihifaobcggnkcokhhnmcimkmdfco [2015-01-15]
CHR Extension: (metalmouth voice browser) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmogbhmnbehfapbmjlaoflagfobahfli [2015-02-19]
CHR Extension: (Utime) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpcibgnngaaabebmcabmkocdokepdaki [2015-02-04]
CHR Profile: C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-15]
CHR Extension: (metalmouth voice browser) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bmogbhmnbehfapbmjlaoflagfobahfli [2015-02-19]
CHR Extension: (Utime) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kpcibgnngaaabebmcabmkocdokepdaki [2015-02-04]
CHR Extension: (Google Wallet) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-15]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2014-12-15] ()
R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [921664 2011-11-14] (Intel Corporation) [File not signed]
U3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1355840 2011-11-14] (Intel Corporation) [File not signed]
R2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [995392 2011-11-14] (Intel Corporation) [File not signed]
S2 libusbd; C:\Windows\SysWOW64\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2014-05-30] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] () [File not signed]
S3 Samsung UPD Service2; C:\windows\System32\SUPDSvc2.exe [165456 2011-12-02] (Samsung Electronics)
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3018800 2013-10-21] (Samsung Electronics CO., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2014-10-11] ()
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] () [File not signed]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2014-10-11] ()
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-25] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-07-30] (Windows (R) 2003 DDK 3790 provider)
R2 SGDrv; C:\Windows\System32\DRIVERS\SGdrv64.sys [7680 2011-04-11] (Phoenix Technologies Ltd.)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-09-26] ()
S3 AthBTPort; system32\DRIVERS\btath_flt.sys [X]
S3 athr; system32\DRIVERS\athrx.sys [X]
S3 BTATH_A2DP; system32\drivers\btath_a2dp.sys [X]
S3 btath_avdt; system32\drivers\btath_avdt.sys [X]
S3 BTATH_BUS; system32\DRIVERS\btath_bus.sys [X]
S3 BTATH_HCRP; system32\DRIVERS\btath_hcrp.sys [X]
S3 BTATH_LWFLT; system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; system32\DRIVERS\btath_rcp.sys [X]
S3 BtFilter; system32\DRIVERS\btfilter.sys [X]
S3 cpuz134; \??\C:\Users\JRGEN~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 SBIOSIO; \??\C:\Users\JRGEN~1\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys [X]
S3 wolf; \??\C:\AeriaGames\WolfTeam-DE\avital\wolf64.sys [X]
S3 xhunter1; \??\C:\windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-25 23:18 - 2015-02-25 23:18 - 00000000 ____D () C:\Users\Jürgen\Desktop\FRST-OlderVersion
2015-02-25 14:50 - 2015-01-09 00:44 - 00419936 _____ () C:\windows\SysWOW64\locale.nls
2015-02-25 14:50 - 2015-01-09 00:43 - 00419936 _____ () C:\windows\system32\locale.nls
2015-02-25 01:09 - 2015-02-25 00:12 - 00018694 _____ () C:\Users\Jürgen\Desktop\AdwCleaner[S0].txt
2015-02-25 01:09 - 2015-02-25 00:08 - 00021301 _____ () C:\Users\Jürgen\Desktop\AdwCleaner[R0].txt
2015-02-25 01:03 - 2015-02-25 01:03 - 00006534 _____ () C:\Users\Jürgen\Desktop\mbam.txt
2015-02-25 00:16 - 2015-02-25 23:23 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-25 00:16 - 2015-02-25 00:16 - 00001062 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-02-25 00:16 - 2015-02-25 00:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-02-25 00:16 - 2015-02-25 00:16 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-02-25 00:16 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-02-25 00:16 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-02-25 00:16 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-02-25 00:15 - 2015-02-25 00:15 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-25 00:13 - 2015-02-25 00:14 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Jürgen\Desktop\mbam-setup-2.0.4.1028.exe
2015-02-25 00:07 - 2015-02-25 00:09 - 00000000 ____D () C:\AdwCleaner
2015-02-25 00:05 - 2015-02-25 00:05 - 02126848 _____ () C:\Users\Jürgen\Desktop\AdwCleaner_4.111.exe
2015-02-24 23:57 - 2015-02-24 23:57 - 00001224 _____ () C:\Users\Jürgen\Desktop\Revo Uninstaller.lnk
2015-02-24 23:57 - 2015-02-24 23:57 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-02-24 23:56 - 2015-02-24 23:57 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Jürgen\Desktop\revosetup95.exe
2015-02-24 23:56 - 2015-02-24 23:56 - 00003118 _____ () C:\windows\System32\Tasks\{BE7F4215-8603-4909-A21D-BEF997B6DADD}
2015-02-24 21:10 - 2015-02-24 21:10 - 00039779 _____ () C:\Users\Jürgen\Desktop\Gmer.txt
2015-02-24 20:55 - 2015-02-24 20:55 - 641903775 _____ () C:\windows\MEMORY.DMP
2015-02-24 20:55 - 2015-02-24 20:55 - 00262144 _____ () C:\windows\Minidump\022415-18127-01.dmp
2015-02-24 20:33 - 2015-02-24 20:33 - 00380416 _____ () C:\Users\Jürgen\Desktop\Gmer-19357.exe
2015-02-24 20:31 - 2015-02-25 01:07 - 00043584 _____ () C:\Users\Jürgen\Desktop\Addition.txt
2015-02-24 20:24 - 2015-02-25 23:24 - 00000000 ____D () C:\FRST
2015-02-24 20:24 - 2015-02-25 23:23 - 00017142 _____ () C:\Users\Jürgen\Desktop\FRST.txt
2015-02-24 20:23 - 2015-02-25 23:18 - 02087936 _____ (Farbar) C:\Users\Jürgen\Desktop\FRST64.exe
2015-02-24 20:22 - 2015-02-24 20:22 - 00000474 _____ () C:\Users\Jürgen\Desktop\defogger_disable.log
2015-02-24 20:22 - 2015-02-24 20:22 - 00000000 _____ () C:\Users\Jürgen\defogger_reenable
2015-02-24 20:20 - 2015-02-24 20:20 - 00050477 _____ () C:\Users\Jürgen\Desktop\Defogger.exe
2015-02-24 20:11 - 2015-02-24 20:11 - 00000000 ____D () C:\Users\Jürgen\Desktop\Neuer Ordner
2015-02-23 22:19 - 2015-01-29 17:49 - 113756392 _____ (Microsoft Corporation) C:\windows\SysWOW64\MRT.exe
2015-02-23 20:23 - 2015-02-23 20:23 - 00000564 _____ () C:\windows\wmsetup.log
2015-02-23 20:23 - 2015-02-23 20:23 - 00000000 ____D () C:\Users\Jürgen\Documents\Riptide
2015-02-23 20:23 - 2015-02-23 20:23 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Chromium
2015-02-23 18:48 - 2015-02-23 18:48 - 00002259 _____ () C:\Users\Jürgen\Desktop\Chrome App Launcher.lnk
2015-02-23 18:48 - 2015-02-23 18:48 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-21 16:13 - 2015-02-21 16:13 - 00000274 _____ () C:\Users\Jürgen\AppData\Roaming\removeAllComponents.bat
2015-02-21 16:13 - 2015-02-21 16:13 - 00000143 _____ () C:\Users\Jürgen\AppData\Roaming\tmp_unregister.bat
2015-02-21 14:41 - 2015-02-21 14:41 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Steam
2015-02-20 16:27 - 2015-02-20 16:27 - 00000000 _____ () C:\windows\SysWOW64\sho602D.tmp
2015-02-19 23:20 - 2015-02-19 23:21 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\{77A394FF-250E-450A-AB1E-D87C5A2C591B}
2015-02-19 16:12 - 2015-02-19 16:12 - 00000000 ____D () C:\Program Files (x86)\metalmouth voice browser
2015-02-19 16:02 - 2015-02-19 16:03 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Risen
2015-02-19 15:49 - 2015-02-19 15:49 - 00000000 ____D () C:\Program Files (x86)\Deep Silver
2015-02-12 23:23 - 2015-02-12 23:23 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\{1C7F2C48-3377-4EA1-8991-C137FA78B7FC}
2015-02-12 13:33 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-02-12 13:33 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-02-12 13:33 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-02-12 13:33 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-02-11 14:56 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-02-11 14:56 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-02-11 14:56 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-02-11 14:56 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-02-11 14:56 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-02-11 14:56 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-02-11 14:56 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-02-11 14:56 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2015-02-11 14:56 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-02-11 14:55 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-02-11 14:55 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-02-11 14:55 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-02-11 14:55 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-02-11 14:55 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-02-11 14:55 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-02-11 14:55 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-02-11 14:55 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-02-11 14:55 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-02-11 14:55 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-02-11 14:55 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-02-11 14:55 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-02-11 14:55 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-02-11 14:55 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-02-11 14:55 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-02-11 14:55 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-02-11 14:55 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-02-11 14:55 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-02-11 14:55 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-02-11 14:55 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 14:55 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-02-11 14:55 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-02-11 14:55 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-02-11 14:55 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-02-11 14:55 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-02-11 14:55 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-02-11 14:55 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-02-11 14:55 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-02-11 14:55 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-02-11 14:55 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-02-11 14:55 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-02-11 14:55 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-02-11 14:55 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-02-11 14:55 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-02-11 14:55 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-02-11 14:55 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-02-11 14:55 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-02-11 14:55 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-02-11 14:55 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 14:55 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-02-11 14:55 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-02-11 14:55 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-02-11 14:55 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-02-11 14:55 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-02-11 14:55 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-02-11 14:55 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-02-11 14:55 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-02-11 14:55 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-02-11 14:55 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-02-11 14:55 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-02-11 14:55 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-02-11 14:55 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-02-11 14:54 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-02-11 14:54 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-02-11 14:54 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-02-11 14:54 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-02-11 14:54 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-02-11 14:54 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-02-11 14:54 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-02-11 14:54 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-02-11 14:54 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-02-11 14:54 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-02-11 14:54 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-02-11 14:54 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-02-11 14:54 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-02-11 14:54 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-02-11 14:54 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-02-11 14:54 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-02-11 14:54 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-02-11 14:54 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-02-11 14:54 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-02-11 14:54 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2015-02-11 14:53 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-02-11 14:53 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2015-02-11 14:53 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2015-02-11 14:53 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2015-02-11 14:53 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2015-02-11 14:53 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2015-02-11 14:52 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2015-02-11 14:52 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2015-02-11 14:50 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-02-11 14:50 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-02-11 14:50 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-02-11 14:50 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-02-11 14:50 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-02-11 14:50 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-02-11 14:50 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-02-11 14:50 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2015-02-11 14:50 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll
2015-02-11 14:49 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-02-07 08:09 - 2015-02-07 08:09 - 00000020 _____ () C:\Users\Gast\AppData\Roaming\appdataFr3.bin
2015-02-04 22:29 - 2015-02-24 23:20 - 00000020 _____ () C:\Users\Jürgen\AppData\Roaming\appdataFr3.bin
2015-02-04 22:01 - 2015-02-04 22:01 - 00000000 ____D () C:\ProgramData\cheap-o
2015-02-04 16:40 - 2015-02-25 23:20 - 00004717 _____ () C:\windows\setupact.log
2015-02-04 16:40 - 2015-02-04 16:40 - 00000000 _____ () C:\windows\setuperr.log
2015-02-04 13:54 - 2015-02-04 13:54 - 00000000 ____D () C:\Program Files (x86)\Utime
2015-01-29 20:20 - 2015-01-29 20:20 - 00301608 _____ (VuuPC Limited) C:\Users\Jürgen\AppData\Local\nsn4966.tmp
2015-01-29 19:26 - 2015-02-25 00:56 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\com
2015-01-29 19:14 - 2015-01-29 19:14 - 00001690 _____ () C:\windows\Tasks\JFHJUKWM.job
2015-01-28 17:32 - 2015-02-06 19:24 - 00000000 ____D () C:\Users\Jürgen\Downloads\Papa
2015-01-28 17:30 - 2015-01-28 17:31 - 00000000 ____D () C:\Users\Jürgen\Downloads\BilderKevin
2015-01-28 17:30 - 2015-01-28 17:30 - 00000000 ____D () C:\Users\Jürgen\Downloads\Virenprogramm
2015-01-28 17:29 - 2015-02-24 12:29 - 00000000 ____D () C:\Users\Jürgen\Downloads\Spiele
2015-01-28 17:27 - 2015-01-28 17:27 - 00000000 ____D () C:\Users\Jürgen\Downloads\MusikPapa
2015-01-27 14:06 - 2015-02-23 18:46 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-25 23:22 - 2013-05-13 21:07 - 00000443 _____ () C:\windows\system32\Drivers\etc\hosts.ics
2015-02-25 23:20 - 2013-02-17 18:12 - 00001106 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-25 23:20 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-02-25 23:19 - 2012-03-08 23:10 - 01250192 _____ () C:\windows\WindowsUpdate.log
2015-02-25 23:03 - 2009-07-14 05:45 - 00028624 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-25 23:03 - 2009-07-14 05:45 - 00028624 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-25 22:56 - 2013-02-17 18:12 - 00001110 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-25 22:54 - 2014-09-24 21:54 - 00000368 _____ () C:\windows\Tasks\SlimCleaner Plus (Scheduled Scan - Jürgen).job
2015-02-25 22:47 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\NDF
2015-02-25 22:32 - 2012-11-14 16:59 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-02-25 15:09 - 2010-11-21 04:47 - 00909966 _____ () C:\windows\PFRO.log
2015-02-25 00:59 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\Resources
2015-02-25 00:18 - 2012-11-07 20:27 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\CrashDumps
2015-02-25 00:18 - 2012-03-08 22:43 - 00700134 _____ () C:\windows\system32\perfh007.dat
2015-02-25 00:18 - 2012-03-08 22:43 - 00149984 _____ () C:\windows\system32\perfc007.dat
2015-02-25 00:18 - 2009-07-14 06:13 - 01622300 _____ () C:\windows\system32\PerfStringBackup.INI
2015-02-25 00:09 - 2014-07-08 18:01 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\Common
2015-02-25 00:08 - 2012-11-07 16:11 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\SoftGrid Client
2015-02-24 21:14 - 2012-11-15 14:28 - 00000000 ____D () C:\Users\Jürgen\Desktop\Eigene Dateien
2015-02-24 20:55 - 2015-01-24 16:55 - 00000000 ____D () C:\windows\Minidump
2015-02-24 20:22 - 2012-11-07 12:45 - 00000000 ____D () C:\Users\Jürgen
2015-02-24 18:03 - 2014-01-19 19:09 - 01132544 ___SH () C:\Users\Jürgen\Desktop\Thumbs.db
2015-02-24 17:55 - 2014-01-06 03:01 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-23 22:08 - 2013-11-08 16:29 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-23 22:08 - 2013-11-08 16:28 - 00000000 ____D () C:\Program Files (x86)\Java
2015-02-23 22:06 - 2014-08-18 16:57 - 00272296 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2015-02-23 22:06 - 2014-08-18 16:56 - 00176552 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2015-02-23 22:06 - 2014-08-18 16:56 - 00176552 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2015-02-23 22:06 - 2013-11-08 16:29 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2015-02-23 20:22 - 2012-03-08 07:20 - 00231465 _____ () C:\windows\DirectX.log
2015-02-23 17:43 - 2009-07-14 06:32 - 00000000 ____D () C:\windows\system32\FxsTmp
2015-02-21 16:16 - 2012-03-08 07:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-02-21 16:11 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-21 16:10 - 2013-10-15 17:42 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-02-21 14:48 - 2013-04-27 14:02 - 00000000 ___RD () C:\Users\Jürgen\Desktop\Colin
2015-02-21 14:44 - 2014-06-19 17:53 - 00000000 ____D () C:\Program Files (x86)\Ubi Soft
2015-02-21 12:36 - 2009-07-14 06:08 - 00032632 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2015-02-19 15:48 - 2012-03-08 06:14 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-13 20:19 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\rescache
2015-02-11 19:11 - 2009-07-14 05:45 - 00471704 _____ () C:\windows\system32\FNTCACHE.DAT
2015-02-11 19:09 - 2014-12-10 18:41 - 00000000 ____D () C:\windows\system32\appraiser
2015-02-11 19:09 - 2014-05-06 11:58 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-02-11 15:44 - 2012-11-09 19:21 - 00001912 _____ () C:\windows\epplauncher.mif
2015-02-11 15:43 - 2013-08-15 09:47 - 00000000 ____D () C:\windows\system32\MRT
2015-02-11 15:43 - 2012-11-09 19:21 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-02-11 15:43 - 2012-11-09 19:21 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-02-11 15:43 - 2012-11-09 19:21 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2015-02-11 14:30 - 2012-11-07 13:05 - 00122928 _____ () C:\Users\Jürgen\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-07 08:08 - 2015-01-05 16:37 - 00122928 _____ () C:\Users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-06 19:24 - 2014-06-21 18:02 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Adobe
2015-02-05 18:32 - 2012-11-14 16:59 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-02-05 18:32 - 2012-11-14 16:59 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-05 18:32 - 2012-11-14 16:59 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-02-01 14:28 - 2013-11-12 16:50 - 00000232 _____ () C:\Users\Jürgen\AppData\Roaming\WB.CFG
2015-01-29 20:37 - 2012-11-11 11:14 - 00000000 ____D () C:\Program Files (x86)\ABBYY FineReader 9.0 Sprint
2015-01-29 17:49 - 2012-11-07 13:33 - 116773704 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-01-29 07:11 - 2013-02-17 18:12 - 00000000 ____D () C:\Program Files\Google
2015-01-29 07:11 - 2013-02-17 18:11 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-28 17:34 - 2014-03-15 13:06 - 00000000 ____D () C:\Users\Jürgen\Downloads\Schule
2015-01-28 17:34 - 2014-03-15 13:04 - 00000000 ____D () C:\Users\Jürgen\Downloads\Musik
2015-01-28 17:28 - 2014-03-15 13:05 - 00000000 ____D () C:\Users\Jürgen\Downloads\Minecraft
2015-01-28 17:24 - 2013-02-17 18:11 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Google

==================== Files in the root of some directories =======

2015-02-04 22:29 - 2015-02-24 23:20 - 0000020 _____ () C:\Users\Jürgen\AppData\Roaming\appdataFr3.bin
2015-01-25 17:12 - 2015-01-25 17:12 - 0001248 _____ () C:\Users\Jürgen\AppData\Roaming\JFHJUKWM
2014-09-01 09:18 - 2014-09-01 09:18 - 0002086 _____ () C:\Users\Jürgen\AppData\Roaming\JYL
2015-02-21 16:13 - 2015-02-21 16:13 - 0000274 _____ () C:\Users\Jürgen\AppData\Roaming\removeAllComponents.bat
2014-09-01 09:18 - 2014-09-01 09:18 - 0001248 _____ () C:\Users\Jürgen\AppData\Roaming\ROPUHBSS
2014-07-08 18:01 - 2014-07-08 18:01 - 0000138 _____ () C:\Users\Jürgen\AppData\Roaming\tmp_register.bat
2015-02-21 16:13 - 2015-02-21 16:13 - 0000143 _____ () C:\Users\Jürgen\AppData\Roaming\tmp_unregister.bat
2013-11-12 16:50 - 2015-02-01 14:28 - 0000232 _____ () C:\Users\Jürgen\AppData\Roaming\WB.CFG
2013-11-12 16:50 - 2013-11-21 14:50 - 0000006 _____ () C:\Users\Jürgen\AppData\Roaming\WBPU-TTL.DAT
2014-09-01 09:18 - 2014-09-01 09:18 - 0001248 _____ () C:\Users\Jürgen\AppData\Roaming\WHDNEP
2014-05-11 21:26 - 2014-05-11 21:26 - 0000000 ___SH () C:\Users\Jürgen\AppData\Local\LumaEmu
2015-01-29 20:20 - 2015-01-29 20:20 - 0301608 _____ (VuuPC Limited) C:\Users\Jürgen\AppData\Local\nsn4966.tmp
2014-10-15 01:27 - 2014-10-15 01:27 - 0000906 _____ () C:\Users\Jürgen\AppData\Local\recently-used.xbel
2012-11-08 13:20 - 2012-11-08 13:20 - 0000017 _____ () C:\Users\Jürgen\AppData\Local\resmon.resmoncfg
2012-03-08 07:48 - 2012-03-08 07:48 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2012-03-08 07:43 - 2012-03-08 07:43 - 0000113 _____ () C:\ProgramData\{34FBC7C4-CD31-4D93-A428-0E524EAC4586}.log
2012-03-08 07:46 - 2012-03-08 07:46 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-03-08 07:43 - 2012-03-08 07:45 - 0000106 _____ () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log
2012-03-08 07:46 - 2012-03-08 07:48 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log

Some content of TEMP:
====================
C:\Users\Jürgen\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Jürgen\AppData\Local\Temp\Quarantine.exe
C:\Users\Jürgen\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-24 08:25

==================== End Of Log ============================

--- --- ---

--- --- ---

Grüße Colin

Bootsektor · 26.02.2015, 00:00

Hallo,

nach diesem Fix auch noch immer noch im IE und in Chrome?
Schritt 1

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Task: {36C9BD2F-A111-488F-A031-6D412033A55A} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION
Task: {7C960D05-6D4F-4B52-9CD4-C5947FDD91D2} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
Task: {B9CC8ED8-153E-46A3-BDBA-05E4434F0FB0} - System32\Tasks\{9DECFD20-BB12-4E77-8E8C-4C8290775ABE} => pcalua.exe -a C:\Users\Jürgen\AppData\Roaming\omiga-plus\UninstallManager.exe -c  -ptid=pcs <==== ATTENTION
Task: {C080A121-C6B8-49CB-9411-F4E9039A8D12} - System32\Tasks\{BE7F4215-8603-4909-A21D-BEF997B6DADD} => pcalua.exe -a C:\PROGRA~2\SearchProtect\Main\bin\uninstall.exe -c /S <==== ATTENTION
Task: C:\windows\Tasks\JFHJUKWM.job => C:\Users\Jýÿrgen\AppData\Roaming\JFHJUKWM.exe <==== ATTENTION
Task: C:\windows\Tasks\ROPUHBSS.job => C:\Users\Jýÿrgen\AppData\Roaming\ROPUHBSS.exe <==== ATTENTION
c:\program files\common files\system\sysmenu.dll
C:\Users\Jürgen\AppData\Local\nsn4966.tmp
C:\Users\Jürgen\AppData\Roaming\WHDNEP
C:\Users\Jürgen\AppData\Roaming\ROPUHBSS
C:\Users\Jürgen\AppData\Roaming\JYL
C:\Users\Jürgen\AppData\Roaming\JFHJUKWM

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2
Starte noch einmal FRST.

Setze den Haken bei addition.txt und drücke auf Scan.
Wenn der Scan abgeschlossen ist, werden zwei neue Logfiles FRST.txt und addition.txt erstellt und auf dem Desktop (oder in dem Verzeichnis in dem FRST liegt) gespeichert.
Poste den Inhalt dieser Logfiles bitte hier in deinen Thread.

ColiN17 · 26.02.2015, 00:14

Im IE ist grade nichts zu erkennen, aber weiterhin bei Chrome.

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-02-2015 01
Ran by Jürgen at 2015-02-26 00:05:22 Run:2
Running from C:\Users\Jürgen\Desktop
Loaded Profiles: UpdatusUser & Jürgen (Available profiles: UpdatusUser & Jürgen & Gast)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Task: {36C9BD2F-A111-488F-A031-6D412033A55A} - System32\Tasks\MICROSOFT\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION
Task: {7C960D05-6D4F-4B52-9CD4-C5947FDD91D2} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
Task: {B9CC8ED8-153E-46A3-BDBA-05E4434F0FB0} - System32\Tasks\{9DECFD20-BB12-4E77-8E8C-4C8290775ABE} => pcalua.exe -a C:\Users\Jürgen\AppData\Roaming\omiga-plus\UninstallManager.exe -c  -ptid=pcs <==== ATTENTION
Task: {C080A121-C6B8-49CB-9411-F4E9039A8D12} - System32\Tasks\{BE7F4215-8603-4909-A21D-BEF997B6DADD} => pcalua.exe -a C:\PROGRA~2\SearchProtect\Main\bin\uninstall.exe -c /S <==== ATTENTION
Task: C:\windows\Tasks\JFHJUKWM.JOB => C:\Users\Jýÿrgen\AppData\Roaming\JFHJUKWM.exe <==== ATTENTION
Task: C:\windows\Tasks\ROPUHBSS.job => C:\Users\Jýÿrgen\AppData\Roaming\ROPUHBSS.exe <==== ATTENTION
c:\program files\common files\system\sysmenu.dll
C:\Users\Jürgen\AppData\Local\nsn4966.tmp
C:\Users\Jürgen\AppData\Roaming\WHDNEP
C:\Users\Jürgen\AppData\Roaming\ROPUHBSS
C:\Users\Jürgen\AppData\Roaming\JYL
C:\Users\Jürgen\AppData\Roaming\JFHJUKWM
*****************

"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{36C9BD2F-A111-488F-A031-6D412033A55A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{36C9BD2F-A111-488F-A031-6D412033A55A}" => Key deleted successfully.
C:\Windows\System32\Tasks\MICROSOFT\Windows\Multimedia\SMupdate3 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MICROSOFT\Windows\Multimedia\SMupdate3" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7C960D05-6D4F-4B52-9CD4-C5947FDD91D2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C960D05-6D4F-4B52-9CD4-C5947FDD91D2}" => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Maintenance\SMupdate2" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B9CC8ED8-153E-46A3-BDBA-05E4434F0FB0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9CC8ED8-153E-46A3-BDBA-05E4434F0FB0}" => Key deleted successfully.
C:\Windows\System32\Tasks\{9DECFD20-BB12-4E77-8E8C-4C8290775ABE} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9DECFD20-BB12-4E77-8E8C-4C8290775ABE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C080A121-C6B8-49CB-9411-F4E9039A8D12}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C080A121-C6B8-49CB-9411-F4E9039A8D12}" => Key deleted successfully.
C:\Windows\System32\Tasks\{BE7F4215-8603-4909-A21D-BEF997B6DADD} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BE7F4215-8603-4909-A21D-BEF997B6DADD}" => Key deleted successfully.
C:\windows\Tasks\JFHJUKWM.JOB => Moved successfully.
C:\windows\Tasks\ROPUHBSS.job => Moved successfully.
c:\program files\common files\system\sysmenu.dll => Moved successfully.
C:\Users\Jürgen\AppData\Local\nsn4966.tmp => Moved successfully.
C:\Users\Jürgen\AppData\Roaming\WHDNEP => Moved successfully.
C:\Users\Jürgen\AppData\Roaming\ROPUHBSS => Moved successfully.
C:\Users\Jürgen\AppData\Roaming\JYL => Moved successfully.
C:\Users\Jürgen\AppData\Roaming\JFHJUKWM => Moved successfully.

==== End of Fixlog 00:05:23 ====

FRSTlog

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-02-2015 01
Ran by Jürgen (administrator) on JÜRGEN-NOTEBOOK on 26-02-2015 00:06:23
Running from C:\Users\Jürgen\Desktop
Loaded Profiles: UpdatusUser & Jürgen (Available profiles: UpdatusUser & Jürgen & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Akamai Technologies, Inc.) C:\Users\Jürgen\AppData\Local\Akamai\netsession_win.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHLE.EXE
(Akamai Technologies, Inc.) C:\Users\Jürgen\AppData\Local\Akamai\netsession_win.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\SAMSUNG\SW Update Service\SWMAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Jürgen\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\Run: [EPLTarget\P0000000000000001] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE [283232 2012-11-11] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\Run: [SlimCleaner Plus] => "C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe" /minimize
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\Run: [GoogleChromeAutoLaunch_B841313E84CA8B8B9216D49316EC9E85] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\MountPoints2: {6e36cb99-290b-11e2-a34a-b80305d05830} - F:\LGAutoRun.exe
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: , c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
Startup: C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (No File)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:60935;https=127.0.0.1:60935
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/?gws_rd=ssl
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1656143743-13120863-1912775482-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Samsung BHO Class -> {AA609D72-8482-4076-8991-8CDAE5B93BCB} -> C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKU\S-1-5-21-1656143743-13120863-1912775482-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-1656143743-13120863-1912775482-1001 -> No Name - {4F524A2D-5354-2D53-5045-7A786E7484D7} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\beckihifaobcggnkcokhhnmcimkmdfco [2015-01-15]
CHR Extension: (metalmouth voice browser) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmogbhmnbehfapbmjlaoflagfobahfli [2015-02-19]
CHR Extension: (Utime) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpcibgnngaaabebmcabmkocdokepdaki [2015-02-04]
CHR Profile: C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-15]
CHR Extension: (metalmouth voice browser) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bmogbhmnbehfapbmjlaoflagfobahfli [2015-02-19]
CHR Extension: (Utime) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kpcibgnngaaabebmcabmkocdokepdaki [2015-02-04]
CHR Extension: (Google Wallet) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-15]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2014-12-15] ()
R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [921664 2011-11-14] (Intel Corporation) [File not signed]
R3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1355840 2011-11-14] (Intel Corporation) [File not signed]
R2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [995392 2011-11-14] (Intel Corporation) [File not signed]
S2 libusbd; C:\Windows\SysWOW64\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2014-05-30] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] () [File not signed]
S3 Samsung UPD Service2; C:\windows\System32\SUPDSvc2.exe [165456 2011-12-02] (Samsung Electronics)
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3018800 2013-10-21] (Samsung Electronics CO., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2014-10-11] ()
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] () [File not signed]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2014-10-11] ()
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-25] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-07-30] (Windows (R) 2003 DDK 3790 provider)
R2 SGDrv; C:\Windows\System32\DRIVERS\SGdrv64.sys [7680 2011-04-11] (Phoenix Technologies Ltd.)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-09-26] ()
S3 AthBTPort; system32\DRIVERS\btath_flt.sys [X]
S3 athr; system32\DRIVERS\athrx.sys [X]
S3 BTATH_A2DP; system32\drivers\btath_a2dp.sys [X]
S3 btath_avdt; system32\drivers\btath_avdt.sys [X]
S3 BTATH_BUS; system32\DRIVERS\btath_bus.sys [X]
S3 BTATH_HCRP; system32\DRIVERS\btath_hcrp.sys [X]
S3 BTATH_LWFLT; system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; system32\DRIVERS\btath_rcp.sys [X]
S3 BtFilter; system32\DRIVERS\btfilter.sys [X]
S3 cpuz134; \??\C:\Users\JRGEN~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 SBIOSIO; \??\C:\Users\JRGEN~1\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys [X]
S3 wolf; \??\C:\AeriaGames\WolfTeam-DE\avital\wolf64.sys [X]
S3 xhunter1; \??\C:\windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-25 23:18 - 2015-02-25 23:18 - 00000000 ____D () C:\Users\Jürgen\Desktop\FRST-OlderVersion
2015-02-25 14:50 - 2015-01-09 00:44 - 00419936 _____ () C:\windows\SysWOW64\locale.nls
2015-02-25 14:50 - 2015-01-09 00:43 - 00419936 _____ () C:\windows\system32\locale.nls
2015-02-25 01:09 - 2015-02-25 00:12 - 00018694 _____ () C:\Users\Jürgen\Desktop\AdwCleaner[S0].txt
2015-02-25 01:09 - 2015-02-25 00:08 - 00021301 _____ () C:\Users\Jürgen\Desktop\AdwCleaner[R0].txt
2015-02-25 01:03 - 2015-02-25 01:03 - 00006534 _____ () C:\Users\Jürgen\Desktop\mbam.txt
2015-02-25 00:16 - 2015-02-25 23:23 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-25 00:16 - 2015-02-25 00:16 - 00001062 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-02-25 00:16 - 2015-02-25 00:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-02-25 00:16 - 2015-02-25 00:16 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-02-25 00:16 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-02-25 00:16 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-02-25 00:16 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-02-25 00:15 - 2015-02-25 00:15 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-25 00:13 - 2015-02-25 00:14 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Jürgen\Desktop\mbam-setup-2.0.4.1028.exe
2015-02-25 00:07 - 2015-02-25 00:09 - 00000000 ____D () C:\AdwCleaner
2015-02-25 00:05 - 2015-02-25 00:05 - 02126848 _____ () C:\Users\Jürgen\Desktop\AdwCleaner_4.111.exe
2015-02-24 23:57 - 2015-02-24 23:57 - 00001224 _____ () C:\Users\Jürgen\Desktop\Revo Uninstaller.lnk
2015-02-24 23:57 - 2015-02-24 23:57 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-02-24 23:56 - 2015-02-24 23:57 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Jürgen\Desktop\revosetup95.exe
2015-02-24 21:10 - 2015-02-24 21:10 - 00039779 _____ () C:\Users\Jürgen\Desktop\Gmer.txt
2015-02-24 20:55 - 2015-02-24 20:55 - 641903775 _____ () C:\windows\MEMORY.DMP
2015-02-24 20:55 - 2015-02-24 20:55 - 00262144 _____ () C:\windows\Minidump\022415-18127-01.dmp
2015-02-24 20:33 - 2015-02-24 20:33 - 00380416 _____ () C:\Users\Jürgen\Desktop\Gmer-19357.exe
2015-02-24 20:31 - 2015-02-25 01:07 - 00043584 _____ () C:\Users\Jürgen\Desktop\Addition.txt
2015-02-24 20:24 - 2015-02-26 00:06 - 00018067 _____ () C:\Users\Jürgen\Desktop\FRST.txt
2015-02-24 20:24 - 2015-02-26 00:06 - 00000000 ____D () C:\FRST
2015-02-24 20:23 - 2015-02-25 23:18 - 02087936 _____ (Farbar) C:\Users\Jürgen\Desktop\FRST64.exe
2015-02-24 20:22 - 2015-02-24 20:22 - 00000474 _____ () C:\Users\Jürgen\Desktop\defogger_disable.log
2015-02-24 20:22 - 2015-02-24 20:22 - 00000000 _____ () C:\Users\Jürgen\defogger_reenable
2015-02-24 20:20 - 2015-02-24 20:20 - 00050477 _____ () C:\Users\Jürgen\Desktop\Defogger.exe
2015-02-24 20:11 - 2015-02-24 20:11 - 00000000 ____D () C:\Users\Jürgen\Desktop\Neuer Ordner
2015-02-23 22:19 - 2015-01-29 17:49 - 113756392 _____ (Microsoft Corporation) C:\windows\SysWOW64\MRT.exe
2015-02-23 20:23 - 2015-02-23 20:23 - 00000564 _____ () C:\windows\wmsetup.log
2015-02-23 20:23 - 2015-02-23 20:23 - 00000000 ____D () C:\Users\Jürgen\Documents\Riptide
2015-02-23 20:23 - 2015-02-23 20:23 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Chromium
2015-02-23 18:48 - 2015-02-23 18:48 - 00002259 _____ () C:\Users\Jürgen\Desktop\Chrome App Launcher.lnk
2015-02-23 18:48 - 2015-02-23 18:48 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-21 16:13 - 2015-02-21 16:13 - 00000274 _____ () C:\Users\Jürgen\AppData\Roaming\removeAllComponents.bat
2015-02-21 16:13 - 2015-02-21 16:13 - 00000143 _____ () C:\Users\Jürgen\AppData\Roaming\tmp_unregister.bat
2015-02-21 14:41 - 2015-02-21 14:41 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Steam
2015-02-20 16:27 - 2015-02-20 16:27 - 00000000 _____ () C:\windows\SysWOW64\sho602D.tmp
2015-02-19 23:20 - 2015-02-19 23:21 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\{77A394FF-250E-450A-AB1E-D87C5A2C591B}
2015-02-19 16:12 - 2015-02-19 16:12 - 00000000 ____D () C:\Program Files (x86)\metalmouth voice browser
2015-02-19 16:02 - 2015-02-19 16:03 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Risen
2015-02-19 15:49 - 2015-02-19 15:49 - 00000000 ____D () C:\Program Files (x86)\Deep Silver
2015-02-12 23:23 - 2015-02-12 23:23 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\{1C7F2C48-3377-4EA1-8991-C137FA78B7FC}
2015-02-12 13:33 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-02-12 13:33 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-02-12 13:33 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-02-12 13:33 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-02-11 14:56 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-02-11 14:56 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-02-11 14:56 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-02-11 14:56 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-02-11 14:56 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-02-11 14:56 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-02-11 14:56 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-02-11 14:56 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2015-02-11 14:56 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-02-11 14:55 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-02-11 14:55 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-02-11 14:55 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-02-11 14:55 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-02-11 14:55 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-02-11 14:55 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-02-11 14:55 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-02-11 14:55 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-02-11 14:55 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-02-11 14:55 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-02-11 14:55 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-02-11 14:55 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-02-11 14:55 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-02-11 14:55 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-02-11 14:55 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-02-11 14:55 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-02-11 14:55 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-02-11 14:55 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-02-11 14:55 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-02-11 14:55 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 14:55 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-02-11 14:55 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-02-11 14:55 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-02-11 14:55 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-02-11 14:55 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-02-11 14:55 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-02-11 14:55 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-02-11 14:55 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-02-11 14:55 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-02-11 14:55 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-02-11 14:55 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-02-11 14:55 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-02-11 14:55 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-02-11 14:55 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-02-11 14:55 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-02-11 14:55 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-02-11 14:55 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-02-11 14:55 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-02-11 14:55 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 14:55 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-02-11 14:55 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-02-11 14:55 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-02-11 14:55 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-02-11 14:55 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-02-11 14:55 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-02-11 14:55 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-02-11 14:55 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-02-11 14:55 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-02-11 14:55 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-02-11 14:55 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-02-11 14:55 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-02-11 14:55 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-02-11 14:54 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-02-11 14:54 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-02-11 14:54 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-02-11 14:54 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-02-11 14:54 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-02-11 14:54 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-02-11 14:54 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-02-11 14:54 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-02-11 14:54 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-02-11 14:54 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-02-11 14:54 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-02-11 14:54 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-02-11 14:54 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-02-11 14:54 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-02-11 14:54 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-02-11 14:54 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-02-11 14:54 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-02-11 14:54 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-02-11 14:54 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-02-11 14:54 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2015-02-11 14:53 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-02-11 14:53 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2015-02-11 14:53 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2015-02-11 14:53 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2015-02-11 14:53 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2015-02-11 14:53 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2015-02-11 14:52 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2015-02-11 14:52 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2015-02-11 14:50 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-02-11 14:50 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-02-11 14:50 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-02-11 14:50 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-02-11 14:50 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-02-11 14:50 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-02-11 14:50 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-02-11 14:50 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2015-02-11 14:50 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll
2015-02-11 14:49 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-02-07 08:09 - 2015-02-07 08:09 - 00000020 _____ () C:\Users\Gast\AppData\Roaming\appdataFr3.bin
2015-02-04 22:29 - 2015-02-24 23:20 - 00000020 _____ () C:\Users\Jürgen\AppData\Roaming\appdataFr3.bin
2015-02-04 22:01 - 2015-02-04 22:01 - 00000000 ____D () C:\ProgramData\cheap-o
2015-02-04 16:40 - 2015-02-25 23:20 - 00004717 _____ () C:\windows\setupact.log
2015-02-04 16:40 - 2015-02-04 16:40 - 00000000 _____ () C:\windows\setuperr.log
2015-02-04 13:54 - 2015-02-04 13:54 - 00000000 ____D () C:\Program Files (x86)\Utime
2015-01-29 19:26 - 2015-02-25 00:56 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\com
2015-01-28 17:32 - 2015-02-06 19:24 - 00000000 ____D () C:\Users\Jürgen\Downloads\Papa
2015-01-28 17:30 - 2015-01-28 17:31 - 00000000 ____D () C:\Users\Jürgen\Downloads\BilderKevin
2015-01-28 17:30 - 2015-01-28 17:30 - 00000000 ____D () C:\Users\Jürgen\Downloads\Virenprogramm
2015-01-28 17:29 - 2015-02-24 12:29 - 00000000 ____D () C:\Users\Jürgen\Downloads\Spiele
2015-01-28 17:27 - 2015-01-28 17:27 - 00000000 ____D () C:\Users\Jürgen\Downloads\MusikPapa
2015-01-27 14:06 - 2015-02-23 18:46 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-26 00:05 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-02-25 23:56 - 2013-02-17 18:12 - 00001110 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-25 23:34 - 2012-03-08 23:10 - 01258158 _____ () C:\windows\WindowsUpdate.log
2015-02-25 23:32 - 2012-11-14 16:59 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-02-25 23:28 - 2009-07-14 05:45 - 00028624 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-25 23:28 - 2009-07-14 05:45 - 00028624 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-25 23:22 - 2013-05-13 21:07 - 00000443 _____ () C:\windows\system32\Drivers\etc\hosts.ics
2015-02-25 23:20 - 2013-02-17 18:12 - 00001106 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-25 23:20 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-02-25 22:54 - 2014-09-24 21:54 - 00000368 _____ () C:\windows\Tasks\SlimCleaner Plus (Scheduled Scan - Jürgen).job
2015-02-25 22:47 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\NDF
2015-02-25 15:09 - 2010-11-21 04:47 - 00909966 _____ () C:\windows\PFRO.log
2015-02-25 00:59 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\Resources
2015-02-25 00:18 - 2012-11-07 20:27 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\CrashDumps
2015-02-25 00:18 - 2012-03-08 22:43 - 00700134 _____ () C:\windows\system32\perfh007.dat
2015-02-25 00:18 - 2012-03-08 22:43 - 00149984 _____ () C:\windows\system32\perfc007.dat
2015-02-25 00:18 - 2009-07-14 06:13 - 01622300 _____ () C:\windows\system32\PerfStringBackup.INI
2015-02-25 00:09 - 2014-07-08 18:01 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\Common
2015-02-25 00:08 - 2012-11-07 16:11 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\SoftGrid Client
2015-02-24 21:14 - 2012-11-15 14:28 - 00000000 ____D () C:\Users\Jürgen\Desktop\Eigene Dateien
2015-02-24 20:55 - 2015-01-24 16:55 - 00000000 ____D () C:\windows\Minidump
2015-02-24 20:22 - 2012-11-07 12:45 - 00000000 ____D () C:\Users\Jürgen
2015-02-24 18:03 - 2014-01-19 19:09 - 01132544 ___SH () C:\Users\Jürgen\Desktop\Thumbs.db
2015-02-24 17:55 - 2014-01-06 03:01 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-23 22:08 - 2013-11-08 16:29 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-23 22:08 - 2013-11-08 16:28 - 00000000 ____D () C:\Program Files (x86)\Java
2015-02-23 22:06 - 2014-08-18 16:57 - 00272296 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2015-02-23 22:06 - 2014-08-18 16:56 - 00176552 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2015-02-23 22:06 - 2014-08-18 16:56 - 00176552 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2015-02-23 22:06 - 2013-11-08 16:29 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2015-02-23 20:22 - 2012-03-08 07:20 - 00231465 _____ () C:\windows\DirectX.log
2015-02-23 17:43 - 2009-07-14 06:32 - 00000000 ____D () C:\windows\system32\FxsTmp
2015-02-21 16:16 - 2012-03-08 07:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-02-21 16:11 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-21 16:10 - 2013-10-15 17:42 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-02-21 14:48 - 2013-04-27 14:02 - 00000000 ___RD () C:\Users\Jürgen\Desktop\Colin
2015-02-21 14:44 - 2014-06-19 17:53 - 00000000 ____D () C:\Program Files (x86)\Ubi Soft
2015-02-21 12:36 - 2009-07-14 06:08 - 00032632 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2015-02-19 15:48 - 2012-03-08 06:14 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-13 20:19 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\rescache
2015-02-11 19:11 - 2009-07-14 05:45 - 00471704 _____ () C:\windows\system32\FNTCACHE.DAT
2015-02-11 19:09 - 2014-12-10 18:41 - 00000000 ____D () C:\windows\system32\appraiser
2015-02-11 19:09 - 2014-05-06 11:58 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-02-11 15:44 - 2012-11-09 19:21 - 00001912 _____ () C:\windows\epplauncher.mif
2015-02-11 15:43 - 2013-08-15 09:47 - 00000000 ____D () C:\windows\system32\MRT
2015-02-11 15:43 - 2012-11-09 19:21 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-02-11 15:43 - 2012-11-09 19:21 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-02-11 15:43 - 2012-11-09 19:21 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2015-02-11 14:30 - 2012-11-07 13:05 - 00122928 _____ () C:\Users\Jürgen\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-07 08:08 - 2015-01-05 16:37 - 00122928 _____ () C:\Users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-06 19:24 - 2014-06-21 18:02 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Adobe
2015-02-05 18:32 - 2012-11-14 16:59 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-02-05 18:32 - 2012-11-14 16:59 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-05 18:32 - 2012-11-14 16:59 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-02-01 14:28 - 2013-11-12 16:50 - 00000232 _____ () C:\Users\Jürgen\AppData\Roaming\WB.CFG
2015-01-29 20:37 - 2012-11-11 11:14 - 00000000 ____D () C:\Program Files (x86)\ABBYY FineReader 9.0 Sprint
2015-01-29 17:49 - 2012-11-07 13:33 - 116773704 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-01-29 07:11 - 2013-02-17 18:12 - 00000000 ____D () C:\Program Files\Google
2015-01-29 07:11 - 2013-02-17 18:11 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-28 17:34 - 2014-03-15 13:06 - 00000000 ____D () C:\Users\Jürgen\Downloads\Schule
2015-01-28 17:34 - 2014-03-15 13:04 - 00000000 ____D () C:\Users\Jürgen\Downloads\Musik
2015-01-28 17:28 - 2014-03-15 13:05 - 00000000 ____D () C:\Users\Jürgen\Downloads\Minecraft
2015-01-28 17:24 - 2013-02-17 18:11 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Google

==================== Files in the root of some directories =======

2015-02-04 22:29 - 2015-02-24 23:20 - 0000020 _____ () C:\Users\Jürgen\AppData\Roaming\appdataFr3.bin
2015-02-21 16:13 - 2015-02-21 16:13 - 0000274 _____ () C:\Users\Jürgen\AppData\Roaming\removeAllComponents.bat
2014-07-08 18:01 - 2014-07-08 18:01 - 0000138 _____ () C:\Users\Jürgen\AppData\Roaming\tmp_register.bat
2015-02-21 16:13 - 2015-02-21 16:13 - 0000143 _____ () C:\Users\Jürgen\AppData\Roaming\tmp_unregister.bat
2013-11-12 16:50 - 2015-02-01 14:28 - 0000232 _____ () C:\Users\Jürgen\AppData\Roaming\WB.CFG
2013-11-12 16:50 - 2013-11-21 14:50 - 0000006 _____ () C:\Users\Jürgen\AppData\Roaming\WBPU-TTL.DAT
2014-05-11 21:26 - 2014-05-11 21:26 - 0000000 ___SH () C:\Users\Jürgen\AppData\Local\LumaEmu
2014-10-15 01:27 - 2014-10-15 01:27 - 0000906 _____ () C:\Users\Jürgen\AppData\Local\recently-used.xbel
2012-11-08 13:20 - 2012-11-08 13:20 - 0000017 _____ () C:\Users\Jürgen\AppData\Local\resmon.resmoncfg
2012-03-08 07:48 - 2012-03-08 07:48 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2012-03-08 07:43 - 2012-03-08 07:43 - 0000113 _____ () C:\ProgramData\{34FBC7C4-CD31-4D93-A428-0E524EAC4586}.log
2012-03-08 07:46 - 2012-03-08 07:46 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-03-08 07:43 - 2012-03-08 07:45 - 0000106 _____ () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log
2012-03-08 07:46 - 2012-03-08 07:48 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log

Some content of TEMP:
====================
C:\Users\Jürgen\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Jürgen\AppData\Local\Temp\Quarantine.exe
C:\Users\Jürgen\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-24 08:25

==================== End Of Log ============================

--- --- ---

Addionlog

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-02-2015 01
Ran by Jürgen at 2015-02-26 00:07:11
Running from C:\Users\Jürgen\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Benutzerhandbuch EPSON SX235 Series (HKLM-x32\...\EPSON SX235 Series Useg) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.)
CyberLink Media+ Player10 (HKLM-x32\...\InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}) (Version: 10.0.1110.00 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1130a - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3306 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.5016 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dead Island Riptide (HKLM-x32\...\Steam App 216250) (Version:  - Techland)
Easy File Share (HKLM-x32\...\{12F81925-F3C1-40DB-91F7-777817974319}) (Version: 1.3.1 - Samsung Electronics CO., LTD.)
Easy Migration (HKLM-x32\...\{AD86049C-3D9C-43E1-BE73-643F57D83D50}) (Version: 1.0 - Samsung Electronics Co., Ltd.)
Easy Settings (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 1.1 - Samsung Electronics CO., LTD.)
Easy Support Center (HKLM\...\{0738F5F1-8E70-49A6-8692-F5722E1E5A4D}) (Version: 1.2.32 - Samsung Electronics CO., LTD.)
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung)
Epson Easy Photo Print 2 (HKLM-x32\...\{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}) (Version: 2.2.4.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON SX235 Series Printer Uninstall (HKLM\...\EPSON SX235 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2622 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{90F00673-A276-4A58-B675-B426D39D1E09}) (Version: 15.3.0.0398 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{077BF055-512A-4D48-B3C2-44AD860FEB0A}) (Version: 1.3.0.0621 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.5.1001 - Intel Corporation)
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{ECE5B218-A086-4E18-A362-D11181681457}) (Version: 15.03.1000.1637 - Intel Corporation)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.2.11.20121025 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{5DB849D6-9392-4FB7-9ABB-87ED433152E5}) (Version: 3.8.1 - LG Electronics)
LibUSB-Win32-0.1.10.1 (HKLM-x32\...\LibUSB-Win32_is1) (Version: 0.1.10.1 - LibUSB-Win32)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version:  - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version:  - )
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Multimedia POP (HKLM-x32\...\{331ECF61-69AF-4F57-AC35-AFED610231C3}) (Version: 1.0 - )
Netzwerkhandbuch EPSON SX235 Series (HKLM-x32\...\EPSON SX235 Series Netg) (Version:  - )
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.44.421.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6413 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Risen (HKLM-x32\...\{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}) (Version: 1.00.0000 - Deep Silver)
S Agent (Version: 1.1.45 - Samsung Electronics CO., LTD.) Hidden
Samsung AllShare (HKLM-x32\...\InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}) (Version: 2.1.0.12013_8 - Samsung Electronics Co., Ltd.)
Samsung AllShare (x32 Version: 2.1.0.12013_8 - Samsung Electronics Co., Ltd.) Hidden
Samsung AnyWeb Print (HKLM-x32\...\{318DBE01-1E6B-4243-84B0-210391FE789A}) (Version: 2.0.67.1 - Samsung Electronics Co., Ltd.)
Samsung Recovery Solution 5 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.6.0.2 - Samsung Electronics CO., LTD.)
Samsung Universal Print Driver (HKLM-x32\...\Samsung Universal Print Driver) (Version: 2.03.01.00:36 - Samsung Electronics Co., Ltd.)
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.6.0 - Samsung Electronics Co., Ltd.)
Software Launcher (HKLM-x32\...\{B750B5C2-CC17-4967-905B-29F4EB986131}) (Version: 1.0.2 - Samsung)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
SW Update (HKLM-x32\...\{DA06101F-FD76-4BF0-88BD-B26A197005E3}) (Version: 2.1.21 - Samsung Electronics CO., LTD.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.7.0 - Synaptics Incorporated)
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.3 - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
WinRAR 5.01 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

25-02-2015 00:01:30 Revo Uninstaller's restore point - cheapcoup
25-02-2015 00:02:50 Revo Uninstaller's restore point - Search Protect
25-02-2015 14:49:07 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {154ACA5C-B2CB-4012-B7F4-08A7966C760A} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2012-10-30] (SEC)
Task: {1EC0E643-3FDF-4482-9A1E-AFD67DEC9349} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {20C1BA12-2C1B-42D8-B3A2-1F8DCDD1569D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {29159C05-0D5C-4838-9A27-7484269528CB} - System32\Tasks\{1007D56E-DACF-48DF-98D8-92D1F0C7B371} => pcalua.exe -a "C:\Users\Jürgen\Downloads\setupd (1).exe" -d C:\Users\Jürgen\Downloads
Task: {2E6E4566-BACF-4871-8E17-8D0D60B225C2} - System32\Tasks\{B7691239-6637-4059-AE84-128E03EFA274} => pcalua.exe -a "C:\Program Files (x86)\Search Extensions\uninstall.exe" -c /u=true /UserID=f2a5958a-3552-45f3-b697-cb2dc159f52f /SourceID=browsersafeguard-rockettab-solimba /ImplementationID=browsersafeguard-rockettab-solimba /UC=20141225
Task: {31BFE392-27B1-4953-9240-7BCE4F2783C3} - System32\Tasks\EasySupportCenter => C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe [2013-01-22] (Samsung Electronics CO., LTD.)
Task: {38962509-F7EE-4278-A3CA-4357210F5917} - System32\Tasks\SCCSpeedBoot => C:\Program Files (x86)\Samsung\Easy Settings\SCCSpeedBoot.exe [2012-03-27] (Samsung Electronics Co., Ltd.)
Task: {3E96A105-F9BD-48B0-AE88-E632C5F5699D} - System32\Tasks\{157764D6-4363-43FE-B3D3-9EB2EB7E3027} => pcalua.exe -a C:\Users\Jürgen\Downloads\LCGenericName02.exe -d C:\Users\Jürgen\Downloads
Task: {403FBC0B-0C4C-499F-89BF-320F820ABDEA} - System32\Tasks\RPC => C:\Program Files (x86)\RPC\Reg Pro Cleaner\RegProCleaner.exe
Task: {48F3E295-8257-4978-BF75-420B3A76D6DC} - System32\Tasks\{62D67987-52D3-469A-B426-43188359DAFA} => pcalua.exe -a E:\aoesetup.exe -d E:\ -c /autorun
Task: {55D4A1FF-D900-4B12-93C0-28BFDFC7038A} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe [2012-05-30] (Samsung Electronics Co., Ltd.)
Task: {58C08D85-B437-4727-8F60-9A04043458D7} - System32\Tasks\{FBA6B7CE-3DCD-405E-846A-6B291C3206F5} => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
Task: {5CB1B98D-4D4B-4CDE-91A3-D8695836D54A} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {6AAC3FF0-BB3A-4525-BC76-C9B467FD617C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {6F745946-47CC-4608-AF3D-2584C31346E5} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {78A1129F-5E0C-4229-83B8-0947C56CE8B6} - System32\Tasks\{B7FC3AFD-FD63-4F26-B64C-30C13B877806} => pcalua.exe -a E:\setup.exe -d E:\
Task: {86BE6832-E0F5-464D-92E8-26378B547BE4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {94B986E6-7DE3-428C-BBF3-0946C6B2B552} - System32\Tasks\SlimCleaner Plus (Scheduled Scan - Jürgen) => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
Task: {A2794569-2F71-45BD-9E57-E6CCBB23A9DE} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe [2012-04-25] (Samsung Electronics Co., Ltd.)
Task: {BDDF89D9-6935-419F-BCF0-C43D7A55F098} - System32\Tasks\{6B06DBE3-F059-49DA-A6AB-84A7544D3BA1} => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
Task: {C03ECA6F-42A1-4B72-A8A0-6BB8C4D5B800} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\Easy Settings\EBM\EasyBatteryMgr4.exe [2011-11-18] (SAMSUNG Electronics co., LTD.)
Task: {D27874E7-CFAF-47BE-9BF4-C934FD7D40A3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E4B313C7-4014-4CCF-8220-FC9FE067AA69} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-12-17] (Oracle Corporation)
Task: {E638EA23-D45A-4F72-BA0C-584704B65E8E} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2013-10-16] (Samsung Electronics CO., LTD.)
Task: {E8D09EFF-C572-44FC-B708-C336FBE54019} - System32\Tasks\{B2FBFA09-4198-423A-860B-6621750308AB} => pcalua.exe -a C:\PROGRA~2\NOMAN'~1\UNINST~1\UNWISE.EXE -c C:\PROGRA~2\NOMAN'~1\UNINST~1\INSTALL.LOG
Task: {F02744B9-B972-450E-B54F-4BC8DBB06B8A} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-02-16] (CyberLink)
Task: {F7A95637-326D-469D-81BE-96F2AE0550A6} - System32\Tasks\{6A1035E6-5B36-42A2-871E-E82F6A8994E5} => pcalua.exe -a C:\Users\Jürgen\Desktop\libusb-win32-filter-bin-0.1.10.1.exe -d C:\Users\Jürgen\Desktop
Task: {FBCF6554-C387-4CD1-9EA0-26DC552B9D7C} - System32\Tasks\{49AF95F3-123B-4086-8E03-231AA0DD39CA} => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\SlimCleaner Plus (Scheduled Scan - Jürgen).job => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe

==================== Loaded Modules (whitelisted) ==============

2011-04-11 14:26 - 2011-04-11 14:26 - 00034304 _____ () C:\windows\System32\spd__l.dll
2014-05-29 18:51 - 2014-05-30 11:05 - 00076888 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2012-03-08 07:45 - 2009-12-01 08:21 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2011-01-27 15:28 - 2011-01-27 15:28 - 00706048 _____ () C:\windows\system32\SnMinDrv.dll
2011-07-21 06:51 - 2010-12-16 10:37 - 00094208 _____ () C:\windows\system32\IccLibDll_x64.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-11-08 20:38 - 2011-02-17 01:03 - 00203776 _____ () C:\Program Files (x86)\Samsung\Easy Settings\WinCRT.dll
2012-11-08 20:38 - 2006-08-12 12:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Settings\HookDllPS2.dll
2012-11-08 20:29 - 2011-09-08 19:40 - 01645056 _____ () C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll
2009-11-02 06:20 - 2009-11-02 06:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 06:23 - 2009-11-02 06:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-12-12 10:40 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-12 10:40 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-12 10:40 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-12 10:40 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1656143743-13120863-1912775482-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-1656143743-13120863-1912775482-500 - Administrator - Disabled)
Gast (S-1-5-21-1656143743-13120863-1912775482-501 - Limited - Enabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-1656143743-13120863-1912775482-1003 - Limited - Enabled)
Jürgen (S-1-5-21-1656143743-13120863-1912775482-1001 - Administrator - Enabled) => C:\Users\Jürgen
UpdatusUser (S-1-5-21-1656143743-13120863-1912775482-1000 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/26/2015 00:05:53 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (02/25/2015 11:23:48 PM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
   bei AllShareDmsUtil.Configuration.ConfigurationManager.GetSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.LoadSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.InitContentsDirectoryManager()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
   bei AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
   bei AllShareDMS.AllShareDMS.DoStart()
   bei AllShareDMS.AllShareDMS.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (02/25/2015 11:21:32 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (02/25/2015 11:21:32 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (02/25/2015 11:21:07 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (02/25/2015 11:21:07 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (02/25/2015 11:20:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/25/2015 10:58:20 PM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
   bei AllShareDmsUtil.Configuration.ConfigurationManager.GetSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.LoadSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.InitContentsDirectoryManager()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
   bei AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
   bei AllShareDMS.AllShareDMS.DoStart()
   bei AllShareDMS.AllShareDMS.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (02/25/2015 10:57:03 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (02/25/2015 10:55:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (02/25/2015 11:30:54 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureCommand" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (02/25/2015 11:30:51 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (02/25/2015 11:20:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LibUsb-Win32 - Daemon, Version 0.1.10.1" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (02/25/2015 11:20:11 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\libusb0.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (02/25/2015 11:20:11 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\libusb0.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (02/25/2015 11:20:10 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\libusb0.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (02/25/2015 11:20:10 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\libusb0.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (02/25/2015 11:20:10 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\libusb0.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (02/25/2015 11:20:08 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\libusb0.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (02/25/2015 11:20:07 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\libusb0.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.


Microsoft Office Sessions:
=========================
Error: (02/26/2015 00:05:53 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe

Error: (02/25/2015 11:23:48 PM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
   bei AllShareDmsUtil.Configuration.ConfigurationManager.GetSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.LoadSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.InitContentsDirectoryManager()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
   bei AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
   bei AllShareDMS.AllShareDMS.DoStart()
   bei AllShareDMS.AllShareDMS.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (02/25/2015 11:21:32 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe

Error: (02/25/2015 11:21:32 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe

Error: (02/25/2015 11:21:07 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe

Error: (02/25/2015 11:21:07 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe

Error: (02/25/2015 11:20:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/25/2015 10:58:20 PM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
   bei AllShareDmsUtil.Configuration.ConfigurationManager.GetSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.LoadSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.InitContentsDirectoryManager()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
   bei AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
   bei AllShareDMS.AllShareDMS.DoStart()
   bei AllShareDMS.AllShareDMS.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (02/25/2015 10:57:03 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe

Error: (02/25/2015 10:55:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) CPU B960 @ 2.20GHz
Percentage of memory in use: 44%
Total physical RAM: 4009.55 MB
Available physical RAM: 2228.04 MB
Total Pagefile: 8017.28 MB
Available Pagefile: 5877.88 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:177 GB) (Free:77.25 GB) NTFS
Drive d: () (Fixed) (Total:265.39 GB) (Free:0 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 3882832C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=177 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=265.4 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=23.3 GB) - (Type=27)

==================== End Of Log ============================

Bootsektor · 26.02.2015, 23:18

Hmhm,

der Proxy ist auch wieder da.

Schritt 1

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

Reg: Reg delete "HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections" /v "SavedLegacySettings" /f
Reg: Reg delete "HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections" /v "DefaultConnectionSettings" /f
CHR Extension: (metalmouth voice browser) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmogbhmnbehfapbmjlaoflagfobahfli [2015-02-19]
CHR Extension: (Utime) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpcibgnngaaabebmcabmkocdokepdaki [2015-02-04]
CHR Extension: (metalmouth voice browser) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bmogbhmnbehfapbmjlaoflagfobahfli [2015-02-19]
CHR Extension: (Utime) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kpcibgnngaaabebmcabmkocdokepdaki [2015-02-04]
C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kpcibgnngaaabebmcabmkocdokepdaki 
C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bmogbhmnbehfapbmjlaoflagfobahfli
reboot:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2
Starte noch einmal FRST.

Ändere keine der Voreinstellungen und drücke auf Scan.
Wenn der Scan abgeschlossen ist, wird ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

ColiN17 · 26.02.2015, 23:48

Ok die Werbung und die blau markierten Wörter sind weg, dankeschön

Fixlog

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-02-2015 01
Ran by Jürgen at 2015-02-26 23:32:19 Run:3
Running from C:\Users\Jürgen\Desktop
Loaded Profiles: UpdatusUser & Jürgen (Available profiles: UpdatusUser & Jürgen & Gast)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Reg: Reg delete "HKEY_USERS\.DEFAULT\Software\MICROSOFT\Windows\CurrentVersion\Internet Settings\Connections" /v "SavedLegacySettings" /f
Reg: Reg delete "HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections" /v "DefaultConnectionSettings" /f
CHR Extension: (metalmouth voice browser) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmogbhmnbehfapbmjlaoflagfobahfli [2015-02-19]
CHR Extension: (Utime) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpcibgnngaaabebmcabmkocdokepdaki [2015-02-04]
CHR Extension: (metalmouth voice browser) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\PROFILE 1\Extensions\bmogbhmnbehfapbmjlaoflagfobahfli [2015-02-19]
CHR Extension: (Utime) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kpcibgnngaaabebmcabmkocdokepdaki [2015-02-04]
C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kpcibgnngaaabebmcabmkocdokepdaki 
C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bmogbhmnbehfapbmjlaoflagfobahfli
reboot:
*****************


========= Reg delete "HKEY_USERS\.DEFAULT\Software\MICROSOFT\Windows\CurrentVersion\Internet Settings\Connections" /v "SavedLegacySettings" /f =========

Der Vorgang wurde erfolgreich beendet.



========= End of Reg: =========


========= Reg delete "HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections" /v "DefaultConnectionSettings" /f =========

Der Vorgang wurde erfolgreich beendet.



========= End of Reg: =========

C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmogbhmnbehfapbmjlaoflagfobahfli => Moved successfully.
C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpcibgnngaaabebmcabmkocdokepdaki => Moved successfully.
C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\PROFILE 1\Extensions\bmogbhmnbehfapbmjlaoflagfobahfli => Moved successfully.
C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kpcibgnngaaabebmcabmkocdokepdaki => Moved successfully.
"C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kpcibgnngaaabebmcabmkocdokepdaki" => File/Directory not found.
"C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bmogbhmnbehfapbmjlaoflagfobahfli" => File/Directory not found.


The system needed a reboot. 

==== End of Fixlog 23:32:23 ====

FRSTLog

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-02-2015 01
Ran by Jürgen (administrator) on JÜRGEN-NOTEBOOK on 26-02-2015 23:38:34
Running from C:\Users\Jürgen\Desktop
Loaded Profiles: Jürgen (Available profiles: UpdatusUser & Jürgen & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Akamai Technologies, Inc.) C:\Users\Jürgen\AppData\Local\Akamai\netsession_win.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHLE.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Akamai Technologies, Inc.) C:\Users\Jürgen\AppData\Local\Akamai\netsession_win.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(Microsoft Corporation) C:\Windows\SysWOW64\icacls.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Jürgen\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\Run: [EPLTarget\P0000000000000001] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE [283232 2012-11-11] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\Run: [SlimCleaner Plus] => "C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe" /minimize
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\Run: [GoogleChromeAutoLaunch_B841313E84CA8B8B9216D49316EC9E85] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592 2015-02-17] (Google Inc.)
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\MountPoints2: {6e36cb99-290b-11e2-a34a-b80305d05830} - F:\LGAutoRun.exe
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: , c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
Startup: C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (No File)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:60935;https=127.0.0.1:60935
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/?gws_rd=ssl
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Samsung BHO Class -> {AA609D72-8482-4076-8991-8CDAE5B93BCB} -> C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKU\S-1-5-21-1656143743-13120863-1912775482-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-1656143743-13120863-1912775482-1001 -> No Name - {4F524A2D-5354-2D53-5045-7A786E7484D7} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HomePage: Profile 1 -> hxxp://google.de/
CHR StartupUrls: Profile 1 -> "hxxp://google.de/"
CHR DefaultSuggestURL: Profile 1 -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\beckihifaobcggnkcokhhnmcimkmdfco [2015-01-15]
CHR Profile: C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-15]
CHR Extension: (Google Wallet) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-15]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2014-12-15] ()
R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [921664 2011-11-14] (Intel Corporation) [File not signed]
R3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1355840 2011-11-14] (Intel Corporation) [File not signed]
R2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [995392 2011-11-14] (Intel Corporation) [File not signed]
S2 libusbd; C:\Windows\SysWOW64\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2014-05-30] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] () [File not signed]
S3 Samsung UPD Service2; C:\windows\System32\SUPDSvc2.exe [165456 2011-12-02] (Samsung Electronics)
S2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3018800 2013-10-21] (Samsung Electronics CO., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2014-10-11] ()
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] () [File not signed]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2014-10-11] ()
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-26] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-07-30] (Windows (R) 2003 DDK 3790 provider)
R2 SGDrv; C:\Windows\System32\DRIVERS\SGdrv64.sys [7680 2011-04-11] (Phoenix Technologies Ltd.)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-09-26] ()
S3 AthBTPort; system32\DRIVERS\btath_flt.sys [X]
S3 athr; system32\DRIVERS\athrx.sys [X]
S3 BTATH_A2DP; system32\drivers\btath_a2dp.sys [X]
S3 btath_avdt; system32\drivers\btath_avdt.sys [X]
S3 BTATH_BUS; system32\DRIVERS\btath_bus.sys [X]
S3 BTATH_HCRP; system32\DRIVERS\btath_hcrp.sys [X]
S3 BTATH_LWFLT; system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; system32\DRIVERS\btath_rcp.sys [X]
S3 BtFilter; system32\DRIVERS\btfilter.sys [X]
S3 cpuz134; \??\C:\Users\JRGEN~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 SBIOSIO; \??\C:\Users\JRGEN~1\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys [X]
S3 wolf; \??\C:\AeriaGames\WolfTeam-DE\avital\wolf64.sys [X]
S3 xhunter1; \??\C:\windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-25 23:18 - 2015-02-25 23:18 - 00000000 ____D () C:\Users\Jürgen\Desktop\FRST-OlderVersion
2015-02-25 14:50 - 2015-01-09 00:44 - 00419936 _____ () C:\windows\SysWOW64\locale.nls
2015-02-25 14:50 - 2015-01-09 00:43 - 00419936 _____ () C:\windows\system32\locale.nls
2015-02-25 01:09 - 2015-02-25 00:12 - 00018694 _____ () C:\Users\Jürgen\Desktop\AdwCleaner[S0].txt
2015-02-25 01:09 - 2015-02-25 00:08 - 00021301 _____ () C:\Users\Jürgen\Desktop\AdwCleaner[R0].txt
2015-02-25 01:03 - 2015-02-25 01:03 - 00006534 _____ () C:\Users\Jürgen\Desktop\mbam.txt
2015-02-25 00:16 - 2015-02-26 23:37 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-25 00:16 - 2015-02-25 00:16 - 00001062 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-02-25 00:16 - 2015-02-25 00:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-02-25 00:16 - 2015-02-25 00:16 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-02-25 00:16 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-02-25 00:16 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-02-25 00:16 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-02-25 00:15 - 2015-02-25 00:15 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-25 00:13 - 2015-02-25 00:14 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Jürgen\Desktop\mbam-setup-2.0.4.1028.exe
2015-02-25 00:07 - 2015-02-25 00:09 - 00000000 ____D () C:\AdwCleaner
2015-02-25 00:05 - 2015-02-25 00:05 - 02126848 _____ () C:\Users\Jürgen\Desktop\AdwCleaner_4.111.exe
2015-02-24 23:57 - 2015-02-24 23:57 - 00001224 _____ () C:\Users\Jürgen\Desktop\Revo Uninstaller.lnk
2015-02-24 23:57 - 2015-02-24 23:57 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-02-24 23:56 - 2015-02-24 23:57 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Jürgen\Desktop\revosetup95.exe
2015-02-24 21:10 - 2015-02-24 21:10 - 00039779 _____ () C:\Users\Jürgen\Desktop\Gmer.txt
2015-02-24 20:55 - 2015-02-24 20:55 - 641903775 _____ () C:\windows\MEMORY.DMP
2015-02-24 20:55 - 2015-02-24 20:55 - 00262144 _____ () C:\windows\Minidump\022415-18127-01.dmp
2015-02-24 20:33 - 2015-02-24 20:33 - 00380416 _____ () C:\Users\Jürgen\Desktop\Gmer-19357.exe
2015-02-24 20:31 - 2015-02-26 00:07 - 00042695 _____ () C:\Users\Jürgen\Desktop\Addition.txt
2015-02-24 20:24 - 2015-02-26 23:38 - 00017423 _____ () C:\Users\Jürgen\Desktop\FRST.txt
2015-02-24 20:24 - 2015-02-26 23:38 - 00000000 ____D () C:\FRST
2015-02-24 20:23 - 2015-02-25 23:18 - 02087936 _____ (Farbar) C:\Users\Jürgen\Desktop\FRST64.exe
2015-02-24 20:22 - 2015-02-24 20:22 - 00000474 _____ () C:\Users\Jürgen\Desktop\defogger_disable.log
2015-02-24 20:22 - 2015-02-24 20:22 - 00000000 _____ () C:\Users\Jürgen\defogger_reenable
2015-02-24 20:20 - 2015-02-24 20:20 - 00050477 _____ () C:\Users\Jürgen\Desktop\Defogger.exe
2015-02-24 20:11 - 2015-02-24 20:11 - 00000000 ____D () C:\Users\Jürgen\Desktop\Neuer Ordner
2015-02-23 22:19 - 2015-01-29 17:49 - 113756392 _____ (Microsoft Corporation) C:\windows\SysWOW64\MRT.exe
2015-02-23 20:23 - 2015-02-23 20:23 - 00000564 _____ () C:\windows\wmsetup.log
2015-02-23 20:23 - 2015-02-23 20:23 - 00000000 ____D () C:\Users\Jürgen\Documents\Riptide
2015-02-23 20:23 - 2015-02-23 20:23 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Chromium
2015-02-23 18:48 - 2015-02-23 18:48 - 00002259 _____ () C:\Users\Jürgen\Desktop\Chrome App Launcher.lnk
2015-02-23 18:48 - 2015-02-23 18:48 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-21 16:13 - 2015-02-21 16:13 - 00000274 _____ () C:\Users\Jürgen\AppData\Roaming\removeAllComponents.bat
2015-02-21 16:13 - 2015-02-21 16:13 - 00000143 _____ () C:\Users\Jürgen\AppData\Roaming\tmp_unregister.bat
2015-02-21 14:41 - 2015-02-21 14:41 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Steam
2015-02-20 16:27 - 2015-02-20 16:27 - 00000000 _____ () C:\windows\SysWOW64\sho602D.tmp
2015-02-19 23:20 - 2015-02-19 23:21 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\{77A394FF-250E-450A-AB1E-D87C5A2C591B}
2015-02-19 16:12 - 2015-02-19 16:12 - 00000000 ____D () C:\Program Files (x86)\metalmouth voice browser
2015-02-19 16:02 - 2015-02-19 16:03 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Risen
2015-02-19 15:49 - 2015-02-19 15:49 - 00000000 ____D () C:\Program Files (x86)\Deep Silver
2015-02-12 23:23 - 2015-02-12 23:23 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\{1C7F2C48-3377-4EA1-8991-C137FA78B7FC}
2015-02-12 13:33 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-02-12 13:33 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-02-12 13:33 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-02-12 13:33 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-02-11 14:56 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-02-11 14:56 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-02-11 14:56 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-02-11 14:56 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-02-11 14:56 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-02-11 14:56 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-02-11 14:56 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-02-11 14:56 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2015-02-11 14:56 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-02-11 14:55 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-02-11 14:55 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-02-11 14:55 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-02-11 14:55 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-02-11 14:55 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-02-11 14:55 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-02-11 14:55 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-02-11 14:55 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-02-11 14:55 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-02-11 14:55 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-02-11 14:55 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-02-11 14:55 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-02-11 14:55 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-02-11 14:55 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-02-11 14:55 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-02-11 14:55 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-02-11 14:55 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-02-11 14:55 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-02-11 14:55 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-02-11 14:55 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 14:55 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-02-11 14:55 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-02-11 14:55 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-02-11 14:55 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-02-11 14:55 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-02-11 14:55 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-02-11 14:55 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-02-11 14:55 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-02-11 14:55 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-02-11 14:55 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-02-11 14:55 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-02-11 14:55 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-02-11 14:55 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-02-11 14:55 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-02-11 14:55 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-02-11 14:55 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-02-11 14:55 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-02-11 14:55 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-02-11 14:55 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 14:55 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-02-11 14:55 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-02-11 14:55 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-02-11 14:55 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-02-11 14:55 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-02-11 14:55 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-02-11 14:55 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-02-11 14:55 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-02-11 14:55 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-02-11 14:55 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-02-11 14:55 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-02-11 14:55 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-02-11 14:55 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-02-11 14:54 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-02-11 14:54 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-02-11 14:54 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-02-11 14:54 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-02-11 14:54 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-02-11 14:54 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-02-11 14:54 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-02-11 14:54 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-02-11 14:54 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-02-11 14:54 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-02-11 14:54 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-02-11 14:54 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-02-11 14:54 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-02-11 14:54 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-02-11 14:54 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-02-11 14:54 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-02-11 14:54 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-02-11 14:54 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-02-11 14:54 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-02-11 14:54 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2015-02-11 14:53 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-02-11 14:53 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2015-02-11 14:53 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2015-02-11 14:53 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2015-02-11 14:53 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2015-02-11 14:53 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2015-02-11 14:52 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2015-02-11 14:52 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2015-02-11 14:50 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-02-11 14:50 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-02-11 14:50 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-02-11 14:50 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-02-11 14:50 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-02-11 14:50 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-02-11 14:50 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-02-11 14:50 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2015-02-11 14:50 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll
2015-02-11 14:49 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-02-07 08:09 - 2015-02-07 08:09 - 00000020 _____ () C:\Users\Gast\AppData\Roaming\appdataFr3.bin
2015-02-04 22:29 - 2015-02-24 23:20 - 00000020 _____ () C:\Users\Jürgen\AppData\Roaming\appdataFr3.bin
2015-02-04 22:01 - 2015-02-04 22:01 - 00000000 ____D () C:\ProgramData\cheap-o
2015-02-04 16:40 - 2015-02-26 23:35 - 00005109 _____ () C:\windows\setupact.log
2015-02-04 16:40 - 2015-02-04 16:40 - 00000000 _____ () C:\windows\setuperr.log
2015-02-04 13:54 - 2015-02-04 13:54 - 00000000 ____D () C:\Program Files (x86)\Utime
2015-01-29 19:26 - 2015-02-25 00:56 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\com
2015-01-28 17:32 - 2015-02-06 19:24 - 00000000 ____D () C:\Users\Jürgen\Downloads\Papa
2015-01-28 17:30 - 2015-01-28 17:31 - 00000000 ____D () C:\Users\Jürgen\Downloads\BilderKevin
2015-01-28 17:30 - 2015-01-28 17:30 - 00000000 ____D () C:\Users\Jürgen\Downloads\Virenprogramm
2015-01-28 17:29 - 2015-02-24 12:29 - 00000000 ____D () C:\Users\Jürgen\Downloads\Spiele
2015-01-28 17:27 - 2015-01-28 17:27 - 00000000 ____D () C:\Users\Jürgen\Downloads\MusikPapa
2015-01-27 14:06 - 2015-02-23 18:46 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-26 23:36 - 2013-05-13 21:07 - 00000443 _____ () C:\windows\system32\Drivers\etc\hosts.ics
2015-02-26 23:35 - 2014-09-24 21:54 - 00000368 _____ () C:\windows\Tasks\SlimCleaner Plus (Scheduled Scan - Jürgen).job
2015-02-26 23:35 - 2013-02-17 18:12 - 00001106 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-26 23:35 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-02-26 23:34 - 2012-03-08 23:10 - 01383436 _____ () C:\windows\WindowsUpdate.log
2015-02-26 23:32 - 2012-11-14 16:59 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-02-26 20:27 - 2009-07-14 05:45 - 00028624 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-26 20:27 - 2009-07-14 05:45 - 00028624 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-26 15:52 - 2012-03-08 22:43 - 00700134 _____ () C:\windows\system32\perfh007.dat
2015-02-26 15:52 - 2012-03-08 22:43 - 00149984 _____ () C:\windows\system32\perfc007.dat
2015-02-26 15:52 - 2009-07-14 06:13 - 01622300 _____ () C:\windows\system32\PerfStringBackup.INI
2015-02-26 00:46 - 2013-02-17 18:13 - 00002135 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-26 00:38 - 2013-02-17 18:12 - 00004106 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-26 00:38 - 2013-02-17 18:12 - 00003854 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-26 00:38 - 2013-02-17 18:12 - 00001110 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-26 00:05 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-02-25 22:47 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\NDF
2015-02-25 15:09 - 2010-11-21 04:47 - 00909966 _____ () C:\windows\PFRO.log
2015-02-25 00:59 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\Resources
2015-02-25 00:18 - 2012-11-07 20:27 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\CrashDumps
2015-02-25 00:09 - 2014-07-08 18:01 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\Common
2015-02-25 00:08 - 2012-11-07 16:11 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\SoftGrid Client
2015-02-24 21:14 - 2012-11-15 14:28 - 00000000 ____D () C:\Users\Jürgen\Desktop\Eigene Dateien
2015-02-24 20:55 - 2015-01-24 16:55 - 00000000 ____D () C:\windows\Minidump
2015-02-24 20:22 - 2012-11-07 12:45 - 00000000 ____D () C:\Users\Jürgen
2015-02-24 18:03 - 2014-01-19 19:09 - 01132544 ___SH () C:\Users\Jürgen\Desktop\Thumbs.db
2015-02-24 17:55 - 2014-01-06 03:01 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-23 22:08 - 2013-11-08 16:29 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-23 22:08 - 2013-11-08 16:28 - 00000000 ____D () C:\Program Files (x86)\Java
2015-02-23 22:06 - 2014-08-18 16:57 - 00272296 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2015-02-23 22:06 - 2014-08-18 16:56 - 00176552 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2015-02-23 22:06 - 2014-08-18 16:56 - 00176552 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2015-02-23 22:06 - 2013-11-08 16:29 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2015-02-23 20:22 - 2012-03-08 07:20 - 00231465 _____ () C:\windows\DirectX.log
2015-02-23 17:43 - 2009-07-14 06:32 - 00000000 ____D () C:\windows\system32\FxsTmp
2015-02-21 16:16 - 2012-03-08 07:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-02-21 16:11 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-21 16:10 - 2013-10-15 17:42 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-02-21 14:48 - 2013-04-27 14:02 - 00000000 ___RD () C:\Users\Jürgen\Desktop\Colin
2015-02-21 14:44 - 2014-06-19 17:53 - 00000000 ____D () C:\Program Files (x86)\Ubi Soft
2015-02-21 12:36 - 2009-07-14 06:08 - 00032632 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2015-02-19 15:48 - 2012-03-08 06:14 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-13 20:19 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\rescache
2015-02-11 19:11 - 2009-07-14 05:45 - 00471704 _____ () C:\windows\system32\FNTCACHE.DAT
2015-02-11 19:09 - 2014-12-10 18:41 - 00000000 ____D () C:\windows\system32\appraiser
2015-02-11 19:09 - 2014-05-06 11:58 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-02-11 15:44 - 2012-11-09 19:21 - 00001912 _____ () C:\windows\epplauncher.mif
2015-02-11 15:43 - 2013-08-15 09:47 - 00000000 ____D () C:\windows\system32\MRT
2015-02-11 15:43 - 2012-11-09 19:21 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-02-11 15:43 - 2012-11-09 19:21 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-02-11 15:43 - 2012-11-09 19:21 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2015-02-11 14:30 - 2012-11-07 13:05 - 00122928 _____ () C:\Users\Jürgen\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-07 08:08 - 2015-01-05 16:37 - 00122928 _____ () C:\Users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-06 19:24 - 2014-06-21 18:02 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Adobe
2015-02-05 18:32 - 2012-11-14 16:59 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-02-05 18:32 - 2012-11-14 16:59 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-05 18:32 - 2012-11-14 16:59 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-02-01 14:28 - 2013-11-12 16:50 - 00000232 _____ () C:\Users\Jürgen\AppData\Roaming\WB.CFG
2015-01-29 20:37 - 2012-11-11 11:14 - 00000000 ____D () C:\Program Files (x86)\ABBYY FineReader 9.0 Sprint
2015-01-29 17:49 - 2012-11-07 13:33 - 116773704 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-01-29 07:11 - 2013-02-17 18:12 - 00000000 ____D () C:\Program Files\Google
2015-01-29 07:11 - 2013-02-17 18:11 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-28 17:34 - 2014-03-15 13:06 - 00000000 ____D () C:\Users\Jürgen\Downloads\Schule
2015-01-28 17:34 - 2014-03-15 13:04 - 00000000 ____D () C:\Users\Jürgen\Downloads\Musik
2015-01-28 17:28 - 2014-03-15 13:05 - 00000000 ____D () C:\Users\Jürgen\Downloads\Minecraft
2015-01-28 17:24 - 2013-02-17 18:11 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Google

==================== Files in the root of some directories =======

2015-02-04 22:29 - 2015-02-24 23:20 - 0000020 _____ () C:\Users\Jürgen\AppData\Roaming\appdataFr3.bin
2015-02-21 16:13 - 2015-02-21 16:13 - 0000274 _____ () C:\Users\Jürgen\AppData\Roaming\removeAllComponents.bat
2014-07-08 18:01 - 2014-07-08 18:01 - 0000138 _____ () C:\Users\Jürgen\AppData\Roaming\tmp_register.bat
2015-02-21 16:13 - 2015-02-21 16:13 - 0000143 _____ () C:\Users\Jürgen\AppData\Roaming\tmp_unregister.bat
2013-11-12 16:50 - 2015-02-01 14:28 - 0000232 _____ () C:\Users\Jürgen\AppData\Roaming\WB.CFG
2013-11-12 16:50 - 2013-11-21 14:50 - 0000006 _____ () C:\Users\Jürgen\AppData\Roaming\WBPU-TTL.DAT
2014-05-11 21:26 - 2014-05-11 21:26 - 0000000 ___SH () C:\Users\Jürgen\AppData\Local\LumaEmu
2014-10-15 01:27 - 2014-10-15 01:27 - 0000906 _____ () C:\Users\Jürgen\AppData\Local\recently-used.xbel
2012-11-08 13:20 - 2012-11-08 13:20 - 0000017 _____ () C:\Users\Jürgen\AppData\Local\resmon.resmoncfg
2012-03-08 07:48 - 2012-03-08 07:48 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2012-03-08 07:43 - 2012-03-08 07:43 - 0000113 _____ () C:\ProgramData\{34FBC7C4-CD31-4D93-A428-0E524EAC4586}.log
2012-03-08 07:46 - 2012-03-08 07:46 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-03-08 07:43 - 2012-03-08 07:45 - 0000106 _____ () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log
2012-03-08 07:46 - 2012-03-08 07:48 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log

Some content of TEMP:
====================
C:\Users\Jürgen\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Jürgen\AppData\Local\Temp\Quarantine.exe
C:\Users\Jürgen\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-24 08:25

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

Bootsektor · 26.02.2015, 23:55

Sehr schön,

leider müssen wir nochmal den Proxy fixen, wieder mit reboot und dann bitte noch mal n neues FRST, danke.

Schritt 1

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:60935;https=127.0.0.1:60935
Reg: Reg delete "HKEY_USERS\.DEFAULT\Software\MICROSOFT\Windows\CurrentVersion\Internet Settings\Connections" /v "SavedLegacySettings" /f
Reg: Reg delete "HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections" /v "DefaultConnectionSettings" /f
reboot:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

ColiN17 · 27.02.2015, 00:02

FixLog

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-02-2015 01
Ran by Jürgen at 2015-02-26 23:56:22 Run:4
Running from C:\Users\Jürgen\Desktop
Loaded Profiles: UpdatusUser & Jürgen (Available profiles: UpdatusUser & Jürgen & Gast)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:60935;https=127.0.0.1:60935
Reg: Reg delete "HKEY_USERS\.DEFAULT\Software\MICROSOFT\Windows\CurrentVersion\Internet Settings\Connections" /v "SavedLegacySettings" /f
Reg: Reg delete "HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections" /v "DefaultConnectionSettings" /f
reboot:
*****************

HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value not found.

========= Reg delete "HKEY_USERS\.DEFAULT\Software\MICROSOFT\Windows\CurrentVersion\Internet Settings\Connections" /v "SavedLegacySettings" /f =========

Der Vorgang wurde erfolgreich beendet.



========= End of Reg: =========


========= Reg delete "HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections" /v "DefaultConnectionSettings" /f =========

Der Vorgang wurde erfolgreich beendet.



========= End of Reg: =========



The system needed a reboot. 

==== End of Fixlog 23:56:23 ====

FRSTLog

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-02-2015 01
Ran by Jürgen (administrator) on JÜRGEN-NOTEBOOK on 26-02-2015 23:59:50
Running from C:\Users\Jürgen\Desktop
Loaded Profiles: Jürgen (Available profiles: UpdatusUser & Jürgen & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Akamai Technologies, Inc.) C:\Users\Jürgen\AppData\Local\Akamai\netsession_win.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHLE.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Akamai Technologies, Inc.) C:\Users\Jürgen\AppData\Local\Akamai\netsession_win.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\SCCSpeedBoot.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(SAMSUNG Electronics co., LTD.) C:\Program Files (x86)\Samsung\Easy Settings\EBM\EasyBatteryMgr4.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Jürgen\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\Run: [EPLTarget\P0000000000000001] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE [283232 2012-11-11] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\Run: [SlimCleaner Plus] => "C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe" /minimize
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\Run: [GoogleChromeAutoLaunch_B841313E84CA8B8B9216D49316EC9E85] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592 2015-02-17] (Google Inc.)
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\MountPoints2: {6e36cb99-290b-11e2-a34a-b80305d05830} - F:\LGAutoRun.exe
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: , c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
Startup: C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (No File)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/?gws_rd=ssl
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Samsung BHO Class -> {AA609D72-8482-4076-8991-8CDAE5B93BCB} -> C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKU\S-1-5-21-1656143743-13120863-1912775482-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-1656143743-13120863-1912775482-1001 -> No Name - {4F524A2D-5354-2D53-5045-7A786E7484D7} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HomePage: Profile 1 -> hxxp://google.de/
CHR StartupUrls: Profile 1 -> "hxxp://google.de/"
CHR DefaultSuggestURL: Profile 1 -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\beckihifaobcggnkcokhhnmcimkmdfco [2015-01-15]
CHR Profile: C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-15]
CHR Extension: (Google Wallet) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-15]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2014-12-15] ()
R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [921664 2011-11-14] (Intel Corporation) [File not signed]
S3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1355840 2011-11-14] (Intel Corporation) [File not signed]
R2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [995392 2011-11-14] (Intel Corporation) [File not signed]
S2 libusbd; C:\Windows\SysWOW64\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2014-05-30] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] () [File not signed]
S3 Samsung UPD Service2; C:\windows\System32\SUPDSvc2.exe [165456 2011-12-02] (Samsung Electronics)
S2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3018800 2013-10-21] (Samsung Electronics CO., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2014-10-11] ()
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] () [File not signed]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2014-10-11] ()
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-26] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-07-30] (Windows (R) 2003 DDK 3790 provider)
R2 SGDrv; C:\Windows\System32\DRIVERS\SGdrv64.sys [7680 2011-04-11] (Phoenix Technologies Ltd.)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-09-26] ()
S3 AthBTPort; system32\DRIVERS\btath_flt.sys [X]
S3 athr; system32\DRIVERS\athrx.sys [X]
S3 BTATH_A2DP; system32\drivers\btath_a2dp.sys [X]
S3 btath_avdt; system32\drivers\btath_avdt.sys [X]
S3 BTATH_BUS; system32\DRIVERS\btath_bus.sys [X]
S3 BTATH_HCRP; system32\DRIVERS\btath_hcrp.sys [X]
S3 BTATH_LWFLT; system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; system32\DRIVERS\btath_rcp.sys [X]
S3 BtFilter; system32\DRIVERS\btfilter.sys [X]
S3 cpuz134; \??\C:\Users\JRGEN~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 SBIOSIO; \??\C:\Users\JRGEN~1\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys [X]
S3 wolf; \??\C:\AeriaGames\WolfTeam-DE\avital\wolf64.sys [X]
S3 xhunter1; \??\C:\windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-25 23:18 - 2015-02-25 23:18 - 00000000 ____D () C:\Users\Jürgen\Desktop\FRST-OlderVersion
2015-02-25 14:50 - 2015-01-09 00:44 - 00419936 _____ () C:\windows\SysWOW64\locale.nls
2015-02-25 14:50 - 2015-01-09 00:43 - 00419936 _____ () C:\windows\system32\locale.nls
2015-02-25 01:09 - 2015-02-25 00:12 - 00018694 _____ () C:\Users\Jürgen\Desktop\AdwCleaner[S0].txt
2015-02-25 01:09 - 2015-02-25 00:08 - 00021301 _____ () C:\Users\Jürgen\Desktop\AdwCleaner[R0].txt
2015-02-25 01:03 - 2015-02-25 01:03 - 00006534 _____ () C:\Users\Jürgen\Desktop\mbam.txt
2015-02-25 00:16 - 2015-02-26 23:59 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-25 00:16 - 2015-02-25 00:16 - 00001062 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-02-25 00:16 - 2015-02-25 00:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-02-25 00:16 - 2015-02-25 00:16 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-02-25 00:16 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-02-25 00:16 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-02-25 00:16 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-02-25 00:15 - 2015-02-25 00:15 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-25 00:13 - 2015-02-25 00:14 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Jürgen\Desktop\mbam-setup-2.0.4.1028.exe
2015-02-25 00:07 - 2015-02-25 00:09 - 00000000 ____D () C:\AdwCleaner
2015-02-25 00:05 - 2015-02-25 00:05 - 02126848 _____ () C:\Users\Jürgen\Desktop\AdwCleaner_4.111.exe
2015-02-24 23:57 - 2015-02-24 23:57 - 00001224 _____ () C:\Users\Jürgen\Desktop\Revo Uninstaller.lnk
2015-02-24 23:57 - 2015-02-24 23:57 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-02-24 23:56 - 2015-02-24 23:57 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Jürgen\Desktop\revosetup95.exe
2015-02-24 21:10 - 2015-02-24 21:10 - 00039779 _____ () C:\Users\Jürgen\Desktop\Gmer.txt
2015-02-24 20:55 - 2015-02-24 20:55 - 641903775 _____ () C:\windows\MEMORY.DMP
2015-02-24 20:55 - 2015-02-24 20:55 - 00262144 _____ () C:\windows\Minidump\022415-18127-01.dmp
2015-02-24 20:33 - 2015-02-24 20:33 - 00380416 _____ () C:\Users\Jürgen\Desktop\Gmer-19357.exe
2015-02-24 20:31 - 2015-02-26 00:07 - 00042695 _____ () C:\Users\Jürgen\Desktop\Addition.txt
2015-02-24 20:24 - 2015-02-26 23:59 - 00016546 _____ () C:\Users\Jürgen\Desktop\FRST.txt
2015-02-24 20:24 - 2015-02-26 23:59 - 00000000 ____D () C:\FRST
2015-02-24 20:23 - 2015-02-25 23:18 - 02087936 _____ (Farbar) C:\Users\Jürgen\Desktop\FRST64.exe
2015-02-24 20:22 - 2015-02-24 20:22 - 00000474 _____ () C:\Users\Jürgen\Desktop\defogger_disable.log
2015-02-24 20:22 - 2015-02-24 20:22 - 00000000 _____ () C:\Users\Jürgen\defogger_reenable
2015-02-24 20:20 - 2015-02-24 20:20 - 00050477 _____ () C:\Users\Jürgen\Desktop\Defogger.exe
2015-02-24 20:11 - 2015-02-24 20:11 - 00000000 ____D () C:\Users\Jürgen\Desktop\Neuer Ordner
2015-02-23 22:19 - 2015-01-29 17:49 - 113756392 _____ (Microsoft Corporation) C:\windows\SysWOW64\MRT.exe
2015-02-23 20:23 - 2015-02-23 20:23 - 00000564 _____ () C:\windows\wmsetup.log
2015-02-23 20:23 - 2015-02-23 20:23 - 00000000 ____D () C:\Users\Jürgen\Documents\Riptide
2015-02-23 20:23 - 2015-02-23 20:23 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Chromium
2015-02-23 18:48 - 2015-02-23 18:48 - 00002259 _____ () C:\Users\Jürgen\Desktop\Chrome App Launcher.lnk
2015-02-23 18:48 - 2015-02-23 18:48 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-21 16:13 - 2015-02-21 16:13 - 00000274 _____ () C:\Users\Jürgen\AppData\Roaming\removeAllComponents.bat
2015-02-21 16:13 - 2015-02-21 16:13 - 00000143 _____ () C:\Users\Jürgen\AppData\Roaming\tmp_unregister.bat
2015-02-21 14:41 - 2015-02-21 14:41 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Steam
2015-02-20 16:27 - 2015-02-20 16:27 - 00000000 _____ () C:\windows\SysWOW64\sho602D.tmp
2015-02-19 23:20 - 2015-02-19 23:21 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\{77A394FF-250E-450A-AB1E-D87C5A2C591B}
2015-02-19 16:12 - 2015-02-19 16:12 - 00000000 ____D () C:\Program Files (x86)\metalmouth voice browser
2015-02-19 16:02 - 2015-02-19 16:03 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Risen
2015-02-19 15:49 - 2015-02-19 15:49 - 00000000 ____D () C:\Program Files (x86)\Deep Silver
2015-02-12 23:23 - 2015-02-12 23:23 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\{1C7F2C48-3377-4EA1-8991-C137FA78B7FC}
2015-02-12 13:33 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-02-12 13:33 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-02-12 13:33 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-02-12 13:33 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-02-11 14:56 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-02-11 14:56 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-02-11 14:56 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-02-11 14:56 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-02-11 14:56 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-02-11 14:56 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-02-11 14:56 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-02-11 14:56 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2015-02-11 14:56 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-02-11 14:55 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-02-11 14:55 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-02-11 14:55 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-02-11 14:55 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-02-11 14:55 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-02-11 14:55 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-02-11 14:55 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-02-11 14:55 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-02-11 14:55 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-02-11 14:55 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-02-11 14:55 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-02-11 14:55 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-02-11 14:55 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-02-11 14:55 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-02-11 14:55 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-02-11 14:55 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-02-11 14:55 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-02-11 14:55 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-02-11 14:55 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-02-11 14:55 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 14:55 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-02-11 14:55 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-02-11 14:55 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-02-11 14:55 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-02-11 14:55 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-02-11 14:55 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-02-11 14:55 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-02-11 14:55 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-02-11 14:55 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-02-11 14:55 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-02-11 14:55 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-02-11 14:55 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-02-11 14:55 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-02-11 14:55 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-02-11 14:55 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-02-11 14:55 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-02-11 14:55 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-02-11 14:55 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-02-11 14:55 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 14:55 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-02-11 14:55 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-02-11 14:55 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-02-11 14:55 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-02-11 14:55 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-02-11 14:55 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-02-11 14:55 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-02-11 14:55 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-02-11 14:55 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-02-11 14:55 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-02-11 14:55 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-02-11 14:55 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-02-11 14:55 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-02-11 14:54 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-02-11 14:54 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-02-11 14:54 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-02-11 14:54 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-02-11 14:54 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-02-11 14:54 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-02-11 14:54 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-02-11 14:54 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-02-11 14:54 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-02-11 14:54 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-02-11 14:54 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-02-11 14:54 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-02-11 14:54 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-02-11 14:54 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-02-11 14:54 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-02-11 14:54 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-02-11 14:54 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-02-11 14:54 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-02-11 14:54 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-02-11 14:54 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2015-02-11 14:53 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-02-11 14:53 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2015-02-11 14:53 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2015-02-11 14:53 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2015-02-11 14:53 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2015-02-11 14:53 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2015-02-11 14:52 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2015-02-11 14:52 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2015-02-11 14:50 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-02-11 14:50 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-02-11 14:50 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-02-11 14:50 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-02-11 14:50 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-02-11 14:50 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-02-11 14:50 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-02-11 14:50 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2015-02-11 14:50 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll
2015-02-11 14:49 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-02-07 08:09 - 2015-02-07 08:09 - 00000020 _____ () C:\Users\Gast\AppData\Roaming\appdataFr3.bin
2015-02-04 22:29 - 2015-02-24 23:20 - 00000020 _____ () C:\Users\Jürgen\AppData\Roaming\appdataFr3.bin
2015-02-04 22:01 - 2015-02-04 22:01 - 00000000 ____D () C:\ProgramData\cheap-o
2015-02-04 16:40 - 2015-02-26 23:57 - 00005165 _____ () C:\windows\setupact.log
2015-02-04 16:40 - 2015-02-04 16:40 - 00000000 _____ () C:\windows\setuperr.log
2015-02-04 13:54 - 2015-02-04 13:54 - 00000000 ____D () C:\Program Files (x86)\Utime
2015-01-29 19:26 - 2015-02-25 00:56 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\com
2015-01-28 17:32 - 2015-02-06 19:24 - 00000000 ____D () C:\Users\Jürgen\Downloads\Papa
2015-01-28 17:30 - 2015-01-28 17:31 - 00000000 ____D () C:\Users\Jürgen\Downloads\BilderKevin
2015-01-28 17:30 - 2015-01-28 17:30 - 00000000 ____D () C:\Users\Jürgen\Downloads\Virenprogramm
2015-01-28 17:29 - 2015-02-24 12:29 - 00000000 ____D () C:\Users\Jürgen\Downloads\Spiele
2015-01-28 17:27 - 2015-01-28 17:27 - 00000000 ____D () C:\Users\Jürgen\Downloads\MusikPapa

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-26 23:58 - 2013-05-13 21:07 - 00000443 _____ () C:\windows\system32\Drivers\etc\hosts.ics
2015-02-26 23:58 - 2013-02-17 18:12 - 00001106 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-26 23:57 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-02-26 23:56 - 2012-03-08 23:10 - 01392523 _____ () C:\windows\WindowsUpdate.log
2015-02-26 23:44 - 2009-07-14 05:45 - 00028624 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-26 23:44 - 2009-07-14 05:45 - 00028624 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-26 23:35 - 2014-09-24 21:54 - 00000368 _____ () C:\windows\Tasks\SlimCleaner Plus (Scheduled Scan - Jürgen).job
2015-02-26 23:32 - 2012-11-14 16:59 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-02-26 15:52 - 2012-03-08 22:43 - 00700134 _____ () C:\windows\system32\perfh007.dat
2015-02-26 15:52 - 2012-03-08 22:43 - 00149984 _____ () C:\windows\system32\perfc007.dat
2015-02-26 15:52 - 2009-07-14 06:13 - 01622300 _____ () C:\windows\system32\PerfStringBackup.INI
2015-02-26 00:46 - 2013-02-17 18:13 - 00002135 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-26 00:38 - 2013-02-17 18:12 - 00004106 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-26 00:38 - 2013-02-17 18:12 - 00003854 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-26 00:38 - 2013-02-17 18:12 - 00001110 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-26 00:05 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-02-25 22:47 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\NDF
2015-02-25 15:09 - 2010-11-21 04:47 - 00909966 _____ () C:\windows\PFRO.log
2015-02-25 00:59 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\Resources
2015-02-25 00:18 - 2012-11-07 20:27 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\CrashDumps
2015-02-25 00:09 - 2014-07-08 18:01 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\Common
2015-02-25 00:08 - 2012-11-07 16:11 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\SoftGrid Client
2015-02-24 21:14 - 2012-11-15 14:28 - 00000000 ____D () C:\Users\Jürgen\Desktop\Eigene Dateien
2015-02-24 20:55 - 2015-01-24 16:55 - 00000000 ____D () C:\windows\Minidump
2015-02-24 20:22 - 2012-11-07 12:45 - 00000000 ____D () C:\Users\Jürgen
2015-02-24 18:03 - 2014-01-19 19:09 - 01132544 ___SH () C:\Users\Jürgen\Desktop\Thumbs.db
2015-02-24 17:55 - 2014-01-06 03:01 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-23 22:08 - 2013-11-08 16:29 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-23 22:08 - 2013-11-08 16:28 - 00000000 ____D () C:\Program Files (x86)\Java
2015-02-23 22:06 - 2014-08-18 16:57 - 00272296 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2015-02-23 22:06 - 2014-08-18 16:56 - 00176552 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2015-02-23 22:06 - 2014-08-18 16:56 - 00176552 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2015-02-23 22:06 - 2013-11-08 16:29 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2015-02-23 20:22 - 2012-03-08 07:20 - 00231465 _____ () C:\windows\DirectX.log
2015-02-23 18:46 - 2015-01-27 14:06 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-02-23 17:43 - 2009-07-14 06:32 - 00000000 ____D () C:\windows\system32\FxsTmp
2015-02-21 16:16 - 2012-03-08 07:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-02-21 16:11 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-21 16:10 - 2013-10-15 17:42 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-02-21 14:48 - 2013-04-27 14:02 - 00000000 ___RD () C:\Users\Jürgen\Desktop\Colin
2015-02-21 14:44 - 2014-06-19 17:53 - 00000000 ____D () C:\Program Files (x86)\Ubi Soft
2015-02-21 12:36 - 2009-07-14 06:08 - 00032632 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2015-02-19 15:48 - 2012-03-08 06:14 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-13 20:19 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\rescache
2015-02-11 19:11 - 2009-07-14 05:45 - 00471704 _____ () C:\windows\system32\FNTCACHE.DAT
2015-02-11 19:09 - 2014-12-10 18:41 - 00000000 ____D () C:\windows\system32\appraiser
2015-02-11 19:09 - 2014-05-06 11:58 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-02-11 15:44 - 2012-11-09 19:21 - 00001912 _____ () C:\windows\epplauncher.mif
2015-02-11 15:43 - 2013-08-15 09:47 - 00000000 ____D () C:\windows\system32\MRT
2015-02-11 15:43 - 2012-11-09 19:21 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-02-11 15:43 - 2012-11-09 19:21 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-02-11 15:43 - 2012-11-09 19:21 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2015-02-11 14:30 - 2012-11-07 13:05 - 00122928 _____ () C:\Users\Jürgen\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-07 08:08 - 2015-01-05 16:37 - 00122928 _____ () C:\Users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-06 19:24 - 2014-06-21 18:02 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Adobe
2015-02-05 18:32 - 2012-11-14 16:59 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-02-05 18:32 - 2012-11-14 16:59 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-05 18:32 - 2012-11-14 16:59 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-02-01 14:28 - 2013-11-12 16:50 - 00000232 _____ () C:\Users\Jürgen\AppData\Roaming\WB.CFG
2015-01-29 20:37 - 2012-11-11 11:14 - 00000000 ____D () C:\Program Files (x86)\ABBYY FineReader 9.0 Sprint
2015-01-29 17:49 - 2012-11-07 13:33 - 116773704 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-01-29 07:11 - 2013-02-17 18:12 - 00000000 ____D () C:\Program Files\Google
2015-01-29 07:11 - 2013-02-17 18:11 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-28 17:34 - 2014-03-15 13:06 - 00000000 ____D () C:\Users\Jürgen\Downloads\Schule
2015-01-28 17:34 - 2014-03-15 13:04 - 00000000 ____D () C:\Users\Jürgen\Downloads\Musik
2015-01-28 17:28 - 2014-03-15 13:05 - 00000000 ____D () C:\Users\Jürgen\Downloads\Minecraft
2015-01-28 17:24 - 2013-02-17 18:11 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Google

==================== Files in the root of some directories =======

2015-02-04 22:29 - 2015-02-24 23:20 - 0000020 _____ () C:\Users\Jürgen\AppData\Roaming\appdataFr3.bin
2015-02-21 16:13 - 2015-02-21 16:13 - 0000274 _____ () C:\Users\Jürgen\AppData\Roaming\removeAllComponents.bat
2014-07-08 18:01 - 2014-07-08 18:01 - 0000138 _____ () C:\Users\Jürgen\AppData\Roaming\tmp_register.bat
2015-02-21 16:13 - 2015-02-21 16:13 - 0000143 _____ () C:\Users\Jürgen\AppData\Roaming\tmp_unregister.bat
2013-11-12 16:50 - 2015-02-01 14:28 - 0000232 _____ () C:\Users\Jürgen\AppData\Roaming\WB.CFG
2013-11-12 16:50 - 2013-11-21 14:50 - 0000006 _____ () C:\Users\Jürgen\AppData\Roaming\WBPU-TTL.DAT
2014-05-11 21:26 - 2014-05-11 21:26 - 0000000 ___SH () C:\Users\Jürgen\AppData\Local\LumaEmu
2014-10-15 01:27 - 2014-10-15 01:27 - 0000906 _____ () C:\Users\Jürgen\AppData\Local\recently-used.xbel
2012-11-08 13:20 - 2012-11-08 13:20 - 0000017 _____ () C:\Users\Jürgen\AppData\Local\resmon.resmoncfg
2012-03-08 07:48 - 2012-03-08 07:48 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2012-03-08 07:43 - 2012-03-08 07:43 - 0000113 _____ () C:\ProgramData\{34FBC7C4-CD31-4D93-A428-0E524EAC4586}.log
2012-03-08 07:46 - 2012-03-08 07:46 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-03-08 07:43 - 2012-03-08 07:45 - 0000106 _____ () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log
2012-03-08 07:46 - 2012-03-08 07:48 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log

Some content of TEMP:
====================
C:\Users\Jürgen\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Jürgen\AppData\Local\Temp\Quarantine.exe
C:\Users\Jürgen\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-24 08:25

==================== End Of Log ============================

--- --- ---

Bootsektor · 01.03.2015, 00:06

Hallo,

das sieht ja gut aus.

Dann bitte

Schritt 1
Da der Scan mit Eset sehr gründlich ist, kann er unter Umständen mehrere Stunden dauern

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 2
Starte noch einmal FRST.

Setze den Haken bei addition.txt und drücke auf Scan.
Wenn der Scan abgeschlossen ist, werden zwei neue Logfiles FRST.txt und addition.txt erstellt und auf dem Desktop (oder in dem Verzeichnis in dem FRST liegt) gespeichert.
Poste den Inhalt dieser Logfiles bitte hier in deinen Thread.

ColiN17 · 01.03.2015, 10:07

Hallo,
seit gestern ist die Werbung und die blauen Wörter auch wieder da

Eset Logfiles

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=6fddad9cb5887d43abe6f19c4d356667
# engine=22695
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-03-01 06:36:03
# local_time=2015-03-01 07:36:03 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 1529542 96481785 0 0
# scanned=247749
# found=88
# cleaned=0
# scan_time=23160
sh=5717BBE86BA23A85DC0C8B47FE0F5164C19688B3 ft=1 fh=09469654f4475051 vn="Variante von Win32/ReImageRepair.C evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-1656143743-13120863-1912775482-1001\$R0FWMFT.exe"
sh=D8C5052BA2029AB7E67A4555D85303A9F696DB54 ft=1 fh=d73611cbbe62c989 vn="Variante von Win32/Toolbar.Perion.K evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\shopperz\krios.dll.vir"
sh=4912DCC980C66A9929C84BB922D118DDA0ACF90B ft=1 fh=c71c0011b82918ce vn="Variante von Win32/Adware.MultiPlug.EG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\nicEnufreeo\QgNuEKFXNGNY1d.dll.vir"
sh=DCE9DBE8EF82D2FA113E6E1AAEF3B8CC12173292 ft=1 fh=6615ee6d6fae02f0 vn="Variante von Win64/Adware.MultiPlug.F Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\nicEnufreeo\QgNuEKFXNGNY1d.x64.dll.vir"
sh=35C1DD8A1D5F19D88123A5A3F2F6CD8826E6AC3A ft=1 fh=d28258757c67b6e3 vn="Variante von MSIL/Vittalia.M.gen evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SoftwareUpdater\AppsUpd4ter.exe.vir"
sh=C0BCE4404F5103F62CED97D395F1731EBAC54E4C ft=1 fh=dc2870efbe092644 vn="Variante von MSIL/Vittalia.M.gen evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SoftwareUpdater\Upd4terSrv.exe.vir"
sh=53F226B3D1D3828304E40C6C7A50667ADF23B42A ft=1 fh=e1ea10a5e9416a5c vn="Win32/Thinknice.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface32.dll.vir"
sh=0CB68F399D491465198E3E86F1D2923A211614E7 ft=1 fh=021f675753f993f2 vn="Win64/Thinknice.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface64.dll.vir"
sh=86EA851108D635D9ED47C01E86899845DFDA3EC7 ft=1 fh=90733a3b10b3e858 vn="Variante von Win32/Thinknice.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\HpUI.exe.vir"
sh=12EBF6FC8AD543662053CA101C2D5DA175137EB2 ft=1 fh=c71c00119e5c1a87 vn="Win32/Thinknice.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\Loader32.exe.vir"
sh=8F0ABE23DDA3F9DC04497B1A4F455AF8CE9D45B8 ft=1 fh=787e176d56997de7 vn="Win64/Thinknice.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\Loader64.exe.vir"
sh=A8E3A9E6972C6F8B253EA0E1837AEEBF0A07B187 ft=1 fh=e2a5b168a3934371 vn="Win32/Thinknice.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\RSHP.exe.vir"
sh=30E2FB1C671B2808D2E80518D793575965AF2416 ft=1 fh=d06e6f3f3f60e357 vn="Variante von Win32/Thinknice.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect32.dll.vir"
sh=AC11914CC02E023E2EF06A80DEE1701419A5473A ft=1 fh=4cb2d0bd10147652 vn="Win64/Thinknice.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect64.dll.vir"
sh=36F969E522FD53A189312D946C430EFD02D5A982 ft=1 fh=5d022c015afe1524 vn="Variante von Win32/ELEX.AV evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupIePluginServiceUpdate.exe.vir"
sh=D037F58CF4B36F3B437FAA0D9500720445B27D65 ft=1 fh=b07c7921935b766c vn="Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir"
sh=4139F95644E13A650D4827C943BCC9F2F0F6AA93 ft=1 fh=3b96e1736604b8bc vn="Win32/Thinknice.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\uninstall.exe.vir"
sh=79C9BD304C93AB8FD0544108656A899993DB14EF ft=1 fh=e6f80544d6e8089f vn="Variante von Win32/Thinknice.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\WindowsSupportDll32.dll.vir"
sh=96B85214CD9E4FF85AC6144E7EF3DDF9E0F215E6 ft=1 fh=098a6735f96a550a vn="Variante von Win32/Thinknice.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\WindowsSupportDll64.dll.vir"
sh=A7C04764E300103700C95BD5FBB3C60BE9E61348 ft=1 fh=c71c0011729892a8 vn="Variante von Win32/SProtector.O evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\TrimInstance\TrimInstance.dll.vir"
sh=BCEEBB0E4E06F414598ADF91F74BF80FD738A4D6 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATP Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\dpcmioaopgimeiknogfhiocbmflndibo\J3iiR1.js.vir"
sh=36F969E522FD53A189312D946C430EFD02D5A982 ft=1 fh=5d022c015afe1524 vn="Variante von Win32/ELEX.AV evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\IePluginServices\PluginService.exe.vir"
sh=4C1A12D0C1755AA9A6E6A1AEA2986FC765342861 ft=1 fh=c71c0011efd923f5 vn="Win32/Adware.MultiPlug.EG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\QuickshoPP\BC6nZw04IkFyiH.dll.vir"
sh=80658EDEC1B9A10F28D8B52D95DEF44CCD3C6467 ft=1 fh=02e66a7f3f3954c6 vn="Variante von Win64/Adware.MultiPlug.F Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\QuickshoPP\BC6nZw04IkFyiH.x64.dll.vir"
sh=F0DB92E27FF763CDC3002BB2B7320F9F3478224F ft=1 fh=c71c0011edb12146 vn="Variante von Win32/ELEX.BH evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir"
sh=96BDD77C57F5067F8C1ADCB17FEDBD51E483B10A ft=1 fh=c1b29ef911c6d3f6 vn="Variante von Win32/Adware.Synatix.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\JRGEN~1\AppData\Local\Temp\Security Systems\Setup.exe.vir"
sh=C4420C6E94B8CAACCB3811384280D8A93CB0A37D ft=1 fh=25f111c507a31a21 vn="Win32/Toolbar.Conduit.R evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Jürgen\AppData\Roaming\OpenCandy\2F053C241C6945059D3830E90C29D07D\sp-downloader.exe.vir"
sh=3A2FAE26B9B30C425DB0073E4E942E862E5500A4 ft=1 fh=ce952b9677084fed vn="Variante von Win32/Amonetize.Z evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Jürgen\AppData\Roaming\OpenCandy\F3EC0F45DD33435089BF357131401C03\WS_p4v2_2CB2.exe.vir"
sh=59D4C6F0B76A7F44A8CB34FFC630D67BD9975371 ft=1 fh=ad372f130eec696f vn="Variante von Win32/Adware.Synatix.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Jürgen\AppData\Roaming\Security Systems\uninstaller.exe.vir"
sh=E2E7555ACD0F7F6827A0958817774C8E4253DC21 ft=1 fh=117f72a1057668b7 vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\windows\System32\roboot64.exe.vir"
sh=3BA3E4F71F247F89D6F40025C620591CED2499DC ft=1 fh=c057460346d19606 vn="Variante von Win32/SBWatchman.D evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\program files\common files\system\sysmenu.dll.xBAD"
sh=2E04EDB42570CB2423BFB2DC8248FF7131072F8C ft=1 fh=c71c0011551423b7 vn="Variante von Win32/Adware.MultiPlug.EG Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files (x86)\appsaVe\whQcTDlG52IU8I.dll"
sh=CA13229ED7CA68221A4E99B774722B4F491F9672 ft=1 fh=4abd756e0734107e vn="Variante von Win64/Adware.MultiPlug.F Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files (x86)\appsaVe\whQcTDlG52IU8I.x64.dll"
sh=6F21ECC2FAEECE1CE5161998C20E37A85BDAC968 ft=1 fh=c71c0011c271261b vn="Variante von Win32/Adware.MultiPlug.EG Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files (x86)\cheaap4aLll\LzGLgpAtaCnhiW.dll"
sh=258680F65267905BC7CC596FEFF9A6D5CA374D5A ft=1 fh=6615ee6d4ef641d3 vn="Variante von Win64/Adware.MultiPlug.F Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files (x86)\cheaap4aLll\LzGLgpAtaCnhiW.x64.dll"
sh=2E04EDB42570CB2423BFB2DC8248FF7131072F8C ft=1 fh=c71c0011551423b7 vn="Variante von Win32/Adware.MultiPlug.EG Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files (x86)\lowruatE\Mola4rU3D8ua0c.dll"
sh=CA13229ED7CA68221A4E99B774722B4F491F9672 ft=1 fh=4abd756e0734107e vn="Variante von Win64/Adware.MultiPlug.F Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files (x86)\lowruatE\Mola4rU3D8ua0c.x64.dll"
sh=79B4812E218D35CFF7C81E41B626D1B33258CA37 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\FRST\Quarantine\C\Users\Jürgen\AppData\Local\GOOGLE\CHROME\User Data\Default\Extensions\kpcibgnngaaabebmcabmkocdokepdaki\175\content.js"
sh=0F2C38B4819A72F5A204937870B7444F2AA656A6 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\FRST\Quarantine\C\Users\Jürgen\AppData\Local\GOOGLE\CHROME\User Data\Default\Extensions\kpcibgnngaaabebmcabmkocdokepdaki\175\djMeY.js"
sh=79B4812E218D35CFF7C81E41B626D1B33258CA37 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\FRST\Quarantine\C\Users\Jürgen\AppData\Local\GOOGLE\CHROME\User Data\PROFILE 1\Extensions\kpcibgnngaaabebmcabmkocdokepdaki\175\content.js"
sh=0F2C38B4819A72F5A204937870B7444F2AA656A6 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\FRST\Quarantine\C\Users\Jürgen\AppData\Local\GOOGLE\CHROME\User Data\PROFILE 1\Extensions\kpcibgnngaaabebmcabmkocdokepdaki\175\djMeY.js"
sh=DDD7E789E67132CF6C5D8169B2F46E3498FCA60F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Users\Jürgen\AppData\Roaming\JFHJUKWM.xBAD"
sh=9413821E4285C46DAF48156B472065FC2D763FE8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Users\Jürgen\AppData\Roaming\JYL.xBAD"
sh=DDD7E789E67132CF6C5D8169B2F46E3498FCA60F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Users\Jürgen\AppData\Roaming\ROPUHBSS.xBAD"
sh=DDD7E789E67132CF6C5D8169B2F46E3498FCA60F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Users\Jürgen\AppData\Roaming\WHDNEP.xBAD"
sh=22354F7D65AD660FB0EA75E07F581D774C045F84 ft=1 fh=8615d1c425dc37d1 vn="Variante von Win32/SBWatchman.D evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\Common Files\System\SysMenu64.dll"
sh=E40549CEB14A7C06F9F9E9EB92F73ED965E040F4 ft=1 fh=b7b8c96c17c22525 vn="Win32/Patched.NFQ Trojaner" ac=I fn="C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\chrome.dll"
sh=CF5F8D6E9813289C4B428C9AB67F64C9C4474512 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\beckihifaobcggnkcokhhnmcimkmdfco\101\acpoIv66X.js"
sh=BCB1617E55F3DA5A1E26BDD66E005B2B65AD0A81 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\beckihifaobcggnkcokhhnmcimkmdfco\101\lsdb.js"
sh=CF5F8D6E9813289C4B428C9AB67F64C9C4474512 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\beckihifaobcggnkcokhhnmcimkmdfco\101\acpoIv66X.js"
sh=BCB1617E55F3DA5A1E26BDD66E005B2B65AD0A81 ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.B Anwendung" ac=I fn="C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\beckihifaobcggnkcokhhnmcimkmdfco\101\lsdb.js"
sh=BB7C38DC44CD34B618236AF25E34803D58BB49AC ft=1 fh=06f12e6997f08758 vn="Variante von Win32/SweetIM.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jürgen\Downloads\Schule\gimp_mp_pgr.exe"
sh=D361F4498ADAC7D92088534B205DC2C38D19AE07 ft=1 fh=d9a0f3ca4f5910db vn="Variante von MSIL/Solimba.AK.gen evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jürgen\Downloads\Schule\Microsoft Office 2010.exe"
sh=E750C443A83F9B135B499E7917C5A93120384BB3 ft=1 fh=4eedbac881d1fc72 vn="Win32/DownWare.L evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jürgen\Downloads\Spiele\DTLite4491-0356.exe"
sh=F2D83172D56E547255D9115BDCB869309F0EF581 ft=1 fh=20a01275a58657b2 vn="Variante von Win32/Toolbar.Perion.H evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\mjcm\dnkt.exe"
sh=C33FEDF1A60F25DC90A4754446535DF6924A9FDF ft=1 fh=017cd515e52a74e6 vn="Variante von Win32/Toolbar.Perion.H evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\mjcm\5108\nsib.dll"
sh=181241E6431887DC27F4E2B92159F77D82831893 ft=1 fh=80d13d017bfcdcc5 vn="Variante von Win32/Toolbar.Perion.H evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\mjcm\5113\nsib.dll"
sh=C0A6EE22B75DAB50FA3B2C6C71B7F3A2A6F470DC ft=1 fh=ef388b79d75014b6 vn="Variante von Win32/Toolbar.Perion.H evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\mjcm\5119\nsib.dll"
sh=D589418ED5B785A121824C5F6B6B4D99BEE7AF36 ft=1 fh=23a86629a9f2b83e vn="Variante von Win32/Toolbar.Perion.H evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\mjcm\5123\nsib.dll"
sh=E1F78B4540FCC254BF66324F6A846411AD86F79B ft=1 fh=283d488de8e01b58 vn="Variante von Win32/Toolbar.Perion.H evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\mjcm\5131\nsib.dll"
sh=52D2E7000C51C535BE065DBC04697148F2A91DA7 ft=1 fh=0a5709db6f26ac2f vn="Variante von Win32/Toolbar.Perion.H evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\mjcm\5132\nsib.dll"
sh=17BDCF1527C51AD2B09B8D4887B762F50384D8FA ft=1 fh=c880683b3780aef3 vn="Variante von Win32/Toolbar.Perion.H evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\mjcm\5152\nsib.dll"
sh=343835935AFCB46A3F8B1DC4BF181B6AEA2F109D ft=1 fh=adebf03d269e41b5 vn="Variante von Win32/Toolbar.Perion.H evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\mjcm\5154\nsib.dll"
sh=F2D83172D56E547255D9115BDCB869309F0EF581 ft=1 fh=20a01275a58657b2 vn="Variante von Win32/Toolbar.Perion.H evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\mjcm\dnkt.exe"
sh=C33FEDF1A60F25DC90A4754446535DF6924A9FDF ft=1 fh=017cd515e52a74e6 vn="Variante von Win32/Toolbar.Perion.H evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\mjcm\5108\nsib.dll"
sh=181241E6431887DC27F4E2B92159F77D82831893 ft=1 fh=80d13d017bfcdcc5 vn="Variante von Win32/Toolbar.Perion.H evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\mjcm\5113\nsib.dll"
sh=C0A6EE22B75DAB50FA3B2C6C71B7F3A2A6F470DC ft=1 fh=ef388b79d75014b6 vn="Variante von Win32/Toolbar.Perion.H evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\mjcm\5119\nsib.dll"
sh=D589418ED5B785A121824C5F6B6B4D99BEE7AF36 ft=1 fh=23a86629a9f2b83e vn="Variante von Win32/Toolbar.Perion.H evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\mjcm\5123\nsib.dll"
sh=E1F78B4540FCC254BF66324F6A846411AD86F79B ft=1 fh=283d488de8e01b58 vn="Variante von Win32/Toolbar.Perion.H evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\mjcm\5131\nsib.dll"
sh=52D2E7000C51C535BE065DBC04697148F2A91DA7 ft=1 fh=0a5709db6f26ac2f vn="Variante von Win32/Toolbar.Perion.H evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\mjcm\5132\nsib.dll"
sh=17BDCF1527C51AD2B09B8D4887B762F50384D8FA ft=1 fh=c880683b3780aef3 vn="Variante von Win32/Toolbar.Perion.H evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\mjcm\5152\nsib.dll"
sh=343835935AFCB46A3F8B1DC4BF181B6AEA2F109D ft=1 fh=adebf03d269e41b5 vn="Variante von Win32/Toolbar.Perion.H evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\mjcm\5154\nsib.dll"
sh=949EF54B592C9295FB23B0C5AF36D45759C79C85 ft=0 fh=0000000000000000 vn="Win32/PriceGong.B evtl. unerwünschte Anwendung" ac=I fn="D:\JÜRGEN-NOTEBOOK\Backup Set 2013-11-10 190000\Backup Files 2013-11-10 190000\Backup files 3.zip"
sh=B78E5C36D8B82B20C0B53AE518E4FA0ED806640D ft=0 fh=0000000000000000 vn="Variante von Win32/SweetIM.I evtl. unerwünschte Anwendung" ac=I fn="D:\JÜRGEN-NOTEBOOK\Backup Set 2013-11-10 190000\Backup Files 2013-11-10 190000\Backup files 4.zip"
sh=AAC092FC5E759910780DFD3C2DE692E7C371A1F1 ft=0 fh=0000000000000000 vn="Win32/DealPly.B evtl. unerwünschte Anwendung" ac=I fn="D:\JÜRGEN-NOTEBOOK\Backup Set 2013-11-10 190000\Backup Files 2013-11-17 190001\Backup files 1.zip"
sh=0EAA55DEECF590B0AA8DC23B4BB9392DCC0C3EDB ft=0 fh=0000000000000000 vn="MSIL/DomaIQ.B evtl. unerwünschte Anwendung" ac=I fn="D:\JÜRGEN-NOTEBOOK\Backup Set 2013-11-10 190000\Backup Files 2013-11-17 190001\Backup files 2.zip"
sh=BA7766896AF5640DD16404AC66D2CBB1FDCEFFC6 ft=0 fh=0000000000000000 vn="Win32/DealPly.B evtl. unerwünschte Anwendung" ac=I fn="D:\JÜRGEN-NOTEBOOK\Backup Set 2013-12-02 122023\Backup Files 2013-12-02 122023\Backup files 1.zip"
sh=0B53B9FE02F58A763F7B005AF10288A6E4C4888B ft=0 fh=0000000000000000 vn="MSIL/DomaIQ.B evtl. unerwünschte Anwendung" ac=I fn="D:\JÜRGEN-NOTEBOOK\Backup Set 2013-12-02 122023\Backup Files 2013-12-02 122023\Backup files 4.zip"
sh=81D1BAAEB7AD756A1C7850B403379E5318D3BF73 ft=0 fh=0000000000000000 vn="MSIL/DomaIQ.B evtl. unerwünschte Anwendung" ac=I fn="D:\JÜRGEN-NOTEBOOK\Backup Set 2014-01-19 191335\Backup Files 2014-01-19 191335\Backup files 12.zip"
sh=91B7F3598FE32E3AFC68FA4BA2BD5AC3D047932F ft=0 fh=0000000000000000 vn="Win32/DealPly.B evtl. unerwünschte Anwendung" ac=I fn="D:\JÜRGEN-NOTEBOOK\Backup Set 2014-01-19 191335\Backup Files 2014-01-19 191335\Backup files 9.zip"
sh=30549312072A9BB4F1D4988243249B4E281B1CC6 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="D:\JÜRGEN-NOTEBOOK\Backup Set 2014-01-19 191335\Backup Files 2014-02-23 190002\Backup files 3.zip"
sh=CE48E07E998B7027BCDC7EBC35E9E3ACAC2FDA4B ft=0 fh=0000000000000000 vn="Win32/DealPly.B evtl. unerwünschte Anwendung" ac=I fn="D:\JÜRGEN-NOTEBOOK\Backup Set 2014-03-09 190001\Backup Files 2014-03-09 190001\Backup files 12.zip"
sh=B97D0D0662CF38B691AF2DDAE517B4BFE2F9190A ft=0 fh=0000000000000000 vn="Win32/Toolbar.Conduit.M evtl. unerwünschte Anwendung" ac=I fn="D:\JÜRGEN-NOTEBOOK\Backup Set 2014-03-09 190001\Backup Files 2014-03-09 190001\Backup files 16.zip"
sh=34EA47003051316D2D979122B1A55897BA05DB5A ft=0 fh=0000000000000000 vn="Win32/Toolbar.Conduit.R evtl. unerwünschte Anwendung" ac=I fn="D:\JÜRGEN-NOTEBOOK\Backup Set 2014-03-09 190001\Backup Files 2014-03-16 190001\Backup files 2.zip"
sh=094E9C26C2AADAD5FDB3D9ACA473C2788DC50027 ft=0 fh=0000000000000000 vn="Win32/DownWare.L evtl. unerwünschte Anwendung" ac=I fn="D:\JÜRGEN-NOTEBOOK\Backup Set 2014-03-09 190001\Backup Files 2014-03-16 190001\Backup files 5.zip"
sh=64DFB7DBBB4B5E5061689B20D298C93C4340324C ft=0 fh=0000000000000000 vn="Variante von Win32/SweetIM.I evtl. unerwünschte Anwendung" ac=I fn="D:\JÜRGEN-NOTEBOOK\Backup Set 2014-03-09 190001\Backup Files 2014-03-16 190001\Backup files 6.zip"
sh=DCC95F63A18AACC764EC9716F1553CE812A8ED13 ft=0 fh=0000000000000000 vn="Win32/DealPly.B evtl. unerwünschte Anwendung" ac=I fn="D:\JÜRGEN-NOTEBOOK\Backup Set 2014-03-31 121237\Backup Files 2014-03-31 121237\Backup files 13.zip"
sh=0071E8F053B5292D6DDE4C7B4F917821AA9F0417 ft=0 fh=0000000000000000 vn="Win32/DownWare.L evtl. unerwünschte Anwendung" ac=I fn="D:\JÜRGEN-NOTEBOOK\Backup Set 2014-03-31 121237\Backup Files 2014-03-31 121237\Backup files 18.zip"

FRSTlog

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-02-2015
Ran by Jürgen (administrator) on JÜRGEN-NOTEBOOK on 01-03-2015 09:59:04
Running from C:\Users\Jürgen\Desktop
Loaded Profiles: UpdatusUser & Jürgen (Available profiles: UpdatusUser & Jürgen & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Akamai Technologies, Inc.) C:\Users\Jürgen\AppData\Local\Akamai\netsession_win.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Akamai Technologies, Inc.) C:\Users\Jürgen\AppData\Local\Akamai\netsession_win.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\SAMSUNG\SW Update Service\SWMAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Jürgen\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\Run: [EPLTarget\P0000000000000001] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE [283232 2012-11-11] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\Run: [SlimCleaner Plus] => "C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe" /minimize
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\Run: [GoogleChromeAutoLaunch_B841313E84CA8B8B9216D49316EC9E85] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592 2015-02-17] (Google Inc.)
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\MountPoints2: {6e36cb99-290b-11e2-a34a-b80305d05830} - F:\LGAutoRun.exe
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: , c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
Startup: C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (No File)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1656143743-13120863-1912775482-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/?gws_rd=ssl
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1656143743-13120863-1912775482-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Samsung BHO Class -> {AA609D72-8482-4076-8991-8CDAE5B93BCB} -> C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKU\S-1-5-21-1656143743-13120863-1912775482-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-1656143743-13120863-1912775482-1001 -> No Name - {4F524A2D-5354-2D53-5045-7A786E7484D7} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HomePage: Profile 1 -> hxxp://google.de/
CHR StartupUrls: Profile 1 -> "hxxp://google.de/"
CHR DefaultSuggestURL: Profile 1 -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\beckihifaobcggnkcokhhnmcimkmdfco [2015-01-15]
CHR Profile: C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-15]
CHR Extension: (Adblock Plus) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-02-27]
CHR Extension: (Google Wallet) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-15]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2014-12-15] ()
R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [921664 2011-11-14] (Intel Corporation) [File not signed]
R3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1355840 2011-11-14] (Intel Corporation) [File not signed]
R2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [995392 2011-11-14] (Intel Corporation) [File not signed]
S2 libusbd; C:\Windows\SysWOW64\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2014-05-30] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] () [File not signed]
S3 Samsung UPD Service2; C:\windows\System32\SUPDSvc2.exe [165456 2011-12-02] (Samsung Electronics)
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3018800 2013-10-21] (Samsung Electronics CO., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2014-10-11] ()
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] () [File not signed]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2014-10-11] ()
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-28] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-07-30] (Windows (R) 2003 DDK 3790 provider)
R2 SGDrv; C:\Windows\System32\DRIVERS\SGdrv64.sys [7680 2011-04-11] (Phoenix Technologies Ltd.)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-09-26] ()
S3 AthBTPort; system32\DRIVERS\btath_flt.sys [X]
S3 athr; system32\DRIVERS\athrx.sys [X]
S3 BTATH_A2DP; system32\drivers\btath_a2dp.sys [X]
S3 btath_avdt; system32\drivers\btath_avdt.sys [X]
S3 BTATH_BUS; system32\DRIVERS\btath_bus.sys [X]
S3 BTATH_HCRP; system32\DRIVERS\btath_hcrp.sys [X]
S3 BTATH_LWFLT; system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; system32\DRIVERS\btath_rcp.sys [X]
S3 BtFilter; system32\DRIVERS\btfilter.sys [X]
S3 cpuz134; \??\C:\Users\JRGEN~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 SBIOSIO; \??\C:\Users\JRGEN~1\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys [X]
S3 wolf; \??\C:\AeriaGames\WolfTeam-DE\avital\wolf64.sys [X]
S3 xhunter1; \??\C:\windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-01 01:02 - 2015-03-01 01:02 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-03-01 00:53 - 2015-03-01 00:53 - 02347384 _____ (ESET) C:\Users\Jürgen\Desktop\esetsmartinstaller_deu.exe
2015-02-25 23:18 - 2015-03-01 09:58 - 00000000 ____D () C:\Users\Jürgen\Desktop\FRST-OlderVersion
2015-02-25 14:50 - 2015-01-09 00:44 - 00419936 _____ () C:\windows\SysWOW64\locale.nls
2015-02-25 14:50 - 2015-01-09 00:43 - 00419936 _____ () C:\windows\system32\locale.nls
2015-02-25 01:09 - 2015-02-25 00:12 - 00018694 _____ () C:\Users\Jürgen\Desktop\AdwCleaner[S0].txt
2015-02-25 01:09 - 2015-02-25 00:08 - 00021301 _____ () C:\Users\Jürgen\Desktop\AdwCleaner[R0].txt
2015-02-25 01:03 - 2015-02-25 01:03 - 00006534 _____ () C:\Users\Jürgen\Desktop\mbam.txt
2015-02-25 00:16 - 2015-02-28 23:15 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-25 00:16 - 2015-02-25 00:16 - 00001062 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-02-25 00:16 - 2015-02-25 00:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-02-25 00:16 - 2015-02-25 00:16 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-02-25 00:16 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-02-25 00:16 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-02-25 00:16 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-02-25 00:15 - 2015-02-25 00:15 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-25 00:13 - 2015-02-25 00:14 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Jürgen\Desktop\mbam-setup-2.0.4.1028.exe
2015-02-25 00:07 - 2015-02-25 00:09 - 00000000 ____D () C:\AdwCleaner
2015-02-25 00:05 - 2015-02-25 00:05 - 02126848 _____ () C:\Users\Jürgen\Desktop\AdwCleaner_4.111.exe
2015-02-24 23:57 - 2015-02-24 23:57 - 00001224 _____ () C:\Users\Jürgen\Desktop\Revo Uninstaller.lnk
2015-02-24 23:57 - 2015-02-24 23:57 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-02-24 23:56 - 2015-02-24 23:57 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Jürgen\Desktop\revosetup95.exe
2015-02-24 21:10 - 2015-02-24 21:10 - 00039779 _____ () C:\Users\Jürgen\Desktop\Gmer.txt
2015-02-24 20:55 - 2015-02-24 20:55 - 641903775 _____ () C:\windows\MEMORY.DMP
2015-02-24 20:55 - 2015-02-24 20:55 - 00262144 _____ () C:\windows\Minidump\022415-18127-01.dmp
2015-02-24 20:33 - 2015-02-24 20:33 - 00380416 _____ () C:\Users\Jürgen\Desktop\Gmer-19357.exe
2015-02-24 20:31 - 2015-02-26 00:07 - 00042695 _____ () C:\Users\Jürgen\Desktop\Addition.txt
2015-02-24 20:24 - 2015-03-01 09:59 - 00017658 _____ () C:\Users\Jürgen\Desktop\FRST.txt
2015-02-24 20:24 - 2015-03-01 09:59 - 00000000 ____D () C:\FRST
2015-02-24 20:23 - 2015-03-01 09:58 - 02092544 _____ (Farbar) C:\Users\Jürgen\Desktop\FRST64.exe
2015-02-24 20:22 - 2015-02-24 20:22 - 00000474 _____ () C:\Users\Jürgen\Desktop\defogger_disable.log
2015-02-24 20:22 - 2015-02-24 20:22 - 00000000 _____ () C:\Users\Jürgen\defogger_reenable
2015-02-24 20:20 - 2015-02-24 20:20 - 00050477 _____ () C:\Users\Jürgen\Desktop\Defogger.exe
2015-02-24 20:11 - 2015-02-24 20:11 - 00000000 ____D () C:\Users\Jürgen\Desktop\Neuer Ordner
2015-02-23 22:19 - 2015-01-29 17:49 - 113756392 _____ (Microsoft Corporation) C:\windows\SysWOW64\MRT.exe
2015-02-23 20:23 - 2015-02-23 20:23 - 00000564 _____ () C:\windows\wmsetup.log
2015-02-23 20:23 - 2015-02-23 20:23 - 00000000 ____D () C:\Users\Jürgen\Documents\Riptide
2015-02-23 20:23 - 2015-02-23 20:23 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Chromium
2015-02-23 18:48 - 2015-02-23 18:48 - 00002259 _____ () C:\Users\Jürgen\Desktop\Chrome App Launcher.lnk
2015-02-23 18:48 - 2015-02-23 18:48 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-21 16:13 - 2015-02-21 16:13 - 00000274 _____ () C:\Users\Jürgen\AppData\Roaming\removeAllComponents.bat
2015-02-21 16:13 - 2015-02-21 16:13 - 00000143 _____ () C:\Users\Jürgen\AppData\Roaming\tmp_unregister.bat
2015-02-21 14:41 - 2015-02-21 14:41 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Steam
2015-02-20 16:27 - 2015-02-20 16:27 - 00000000 _____ () C:\windows\SysWOW64\sho602D.tmp
2015-02-19 23:20 - 2015-02-19 23:21 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\{77A394FF-250E-450A-AB1E-D87C5A2C591B}
2015-02-19 16:12 - 2015-02-19 16:12 - 00000000 ____D () C:\Program Files (x86)\metalmouth voice browser
2015-02-19 16:02 - 2015-02-19 16:03 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Risen
2015-02-19 15:49 - 2015-02-19 15:49 - 00000000 ____D () C:\Program Files (x86)\Deep Silver
2015-02-12 23:23 - 2015-02-12 23:23 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\{1C7F2C48-3377-4EA1-8991-C137FA78B7FC}
2015-02-12 13:33 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-02-12 13:33 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-02-12 13:33 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-02-12 13:33 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-02-11 14:56 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-02-11 14:56 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-02-11 14:56 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-02-11 14:56 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-02-11 14:56 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-02-11 14:56 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-02-11 14:56 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-02-11 14:56 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2015-02-11 14:56 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-02-11 14:55 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-02-11 14:55 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-02-11 14:55 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-02-11 14:55 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-02-11 14:55 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-02-11 14:55 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-02-11 14:55 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-02-11 14:55 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-02-11 14:55 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-02-11 14:55 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-02-11 14:55 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-02-11 14:55 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-02-11 14:55 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-02-11 14:55 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-02-11 14:55 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-02-11 14:55 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-02-11 14:55 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-02-11 14:55 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-02-11 14:55 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-02-11 14:55 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 14:55 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-02-11 14:55 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-02-11 14:55 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-02-11 14:55 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-02-11 14:55 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-02-11 14:55 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-02-11 14:55 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-02-11 14:55 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-02-11 14:55 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-02-11 14:55 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-02-11 14:55 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-02-11 14:55 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-02-11 14:55 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-02-11 14:55 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-02-11 14:55 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-02-11 14:55 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-02-11 14:55 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-02-11 14:55 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-02-11 14:55 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 14:55 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-02-11 14:55 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-02-11 14:55 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-02-11 14:55 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-02-11 14:55 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-02-11 14:55 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-02-11 14:55 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-02-11 14:55 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-02-11 14:55 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-02-11 14:55 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-02-11 14:55 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-02-11 14:55 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-02-11 14:55 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-02-11 14:54 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-02-11 14:54 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-02-11 14:54 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-02-11 14:54 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-02-11 14:54 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-02-11 14:54 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-02-11 14:54 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-02-11 14:54 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-02-11 14:54 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-02-11 14:54 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-02-11 14:54 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-02-11 14:54 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-02-11 14:54 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-02-11 14:54 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-02-11 14:54 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-02-11 14:54 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-02-11 14:54 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-02-11 14:54 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-02-11 14:54 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-02-11 14:54 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2015-02-11 14:53 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-02-11 14:53 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2015-02-11 14:53 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2015-02-11 14:53 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2015-02-11 14:53 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2015-02-11 14:53 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2015-02-11 14:52 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2015-02-11 14:52 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2015-02-11 14:50 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-02-11 14:50 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-02-11 14:50 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-02-11 14:50 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-02-11 14:50 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-02-11 14:50 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-02-11 14:50 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-02-11 14:50 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2015-02-11 14:50 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll
2015-02-11 14:49 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-02-07 08:09 - 2015-02-07 08:09 - 00000020 _____ () C:\Users\Gast\AppData\Roaming\appdataFr3.bin
2015-02-04 22:29 - 2015-02-28 10:48 - 00000020 _____ () C:\Users\Jürgen\AppData\Roaming\appdataFr3.bin
2015-02-04 22:01 - 2015-02-04 22:01 - 00000000 ____D () C:\ProgramData\cheap-o
2015-02-04 16:40 - 2015-02-28 19:36 - 00005501 _____ () C:\windows\setupact.log
2015-02-04 16:40 - 2015-02-04 16:40 - 00000000 _____ () C:\windows\setuperr.log
2015-02-04 13:54 - 2015-02-04 13:54 - 00000000 ____D () C:\Program Files (x86)\Utime

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-01 09:32 - 2012-11-14 16:59 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-03-01 09:32 - 2012-03-08 23:10 - 01599567 _____ () C:\windows\WindowsUpdate.log
2015-03-01 00:43 - 2013-02-17 18:12 - 00001106 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-28 22:54 - 2014-09-24 21:54 - 00000368 _____ () C:\windows\Tasks\SlimCleaner Plus (Scheduled Scan - Jürgen).job
2015-02-28 21:04 - 2009-07-14 05:45 - 00028624 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-28 21:04 - 2009-07-14 05:45 - 00028624 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-28 10:54 - 2012-03-08 22:43 - 00700134 _____ () C:\windows\system32\perfh007.dat
2015-02-28 10:54 - 2012-03-08 22:43 - 00149984 _____ () C:\windows\system32\perfc007.dat
2015-02-28 10:54 - 2009-07-14 06:13 - 01622300 _____ () C:\windows\system32\PerfStringBackup.INI
2015-02-28 10:49 - 2013-05-13 21:07 - 00000443 _____ () C:\windows\system32\Drivers\etc\hosts.ics
2015-02-28 10:47 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-02-26 00:46 - 2013-02-17 18:13 - 00002135 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-26 00:38 - 2013-02-17 18:12 - 00004106 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-26 00:38 - 2013-02-17 18:12 - 00003854 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-26 00:38 - 2013-02-17 18:12 - 00001110 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-26 00:05 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-02-25 22:47 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\NDF
2015-02-25 15:09 - 2010-11-21 04:47 - 00909966 _____ () C:\windows\PFRO.log
2015-02-25 00:59 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\Resources
2015-02-25 00:56 - 2015-01-29 19:26 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\com
2015-02-25 00:18 - 2012-11-07 20:27 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\CrashDumps
2015-02-25 00:09 - 2014-07-08 18:01 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\Common
2015-02-25 00:08 - 2012-11-07 16:11 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\SoftGrid Client
2015-02-24 21:14 - 2012-11-15 14:28 - 00000000 ____D () C:\Users\Jürgen\Desktop\Eigene Dateien
2015-02-24 20:55 - 2015-01-24 16:55 - 00000000 ____D () C:\windows\Minidump
2015-02-24 20:22 - 2012-11-07 12:45 - 00000000 ____D () C:\Users\Jürgen
2015-02-24 18:03 - 2014-01-19 19:09 - 01132544 ___SH () C:\Users\Jürgen\Desktop\Thumbs.db
2015-02-24 17:55 - 2014-01-06 03:01 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-24 12:29 - 2015-01-28 17:29 - 00000000 ____D () C:\Users\Jürgen\Downloads\Spiele
2015-02-23 22:08 - 2013-11-08 16:29 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-23 22:08 - 2013-11-08 16:28 - 00000000 ____D () C:\Program Files (x86)\Java
2015-02-23 22:06 - 2014-08-18 16:57 - 00272296 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2015-02-23 22:06 - 2014-08-18 16:56 - 00176552 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2015-02-23 22:06 - 2014-08-18 16:56 - 00176552 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2015-02-23 22:06 - 2013-11-08 16:29 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2015-02-23 20:22 - 2012-03-08 07:20 - 00231465 _____ () C:\windows\DirectX.log
2015-02-23 18:46 - 2015-01-27 14:06 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-02-23 17:43 - 2009-07-14 06:32 - 00000000 ____D () C:\windows\system32\FxsTmp
2015-02-21 16:16 - 2012-03-08 07:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-02-21 16:11 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-21 16:10 - 2013-10-15 17:42 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-02-21 14:48 - 2013-04-27 14:02 - 00000000 ___RD () C:\Users\Jürgen\Desktop\Colin
2015-02-21 14:44 - 2014-06-19 17:53 - 00000000 ____D () C:\Program Files (x86)\Ubi Soft
2015-02-21 12:36 - 2009-07-14 06:08 - 00032632 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2015-02-19 15:48 - 2012-03-08 06:14 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-13 20:19 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\rescache
2015-02-11 19:11 - 2009-07-14 05:45 - 00471704 _____ () C:\windows\system32\FNTCACHE.DAT
2015-02-11 19:09 - 2014-12-10 18:41 - 00000000 ____D () C:\windows\system32\appraiser
2015-02-11 19:09 - 2014-05-06 11:58 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-02-11 15:44 - 2012-11-09 19:21 - 00001912 _____ () C:\windows\epplauncher.mif
2015-02-11 15:43 - 2013-08-15 09:47 - 00000000 ____D () C:\windows\system32\MRT
2015-02-11 15:43 - 2012-11-09 19:21 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-02-11 15:43 - 2012-11-09 19:21 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-02-11 15:43 - 2012-11-09 19:21 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2015-02-11 14:30 - 2012-11-07 13:05 - 00122928 _____ () C:\Users\Jürgen\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-07 08:08 - 2015-01-05 16:37 - 00122928 _____ () C:\Users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-06 19:24 - 2015-01-28 17:32 - 00000000 ____D () C:\Users\Jürgen\Downloads\Papa
2015-02-06 19:24 - 2014-06-21 18:02 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Adobe
2015-02-05 18:32 - 2012-11-14 16:59 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-02-05 18:32 - 2012-11-14 16:59 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-05 18:32 - 2012-11-14 16:59 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-02-01 14:28 - 2013-11-12 16:50 - 00000232 _____ () C:\Users\Jürgen\AppData\Roaming\WB.CFG

==================== Files in the root of some directories =======

2015-02-04 22:29 - 2015-02-28 10:48 - 0000020 _____ () C:\Users\Jürgen\AppData\Roaming\appdataFr3.bin
2015-02-21 16:13 - 2015-02-21 16:13 - 0000274 _____ () C:\Users\Jürgen\AppData\Roaming\removeAllComponents.bat
2014-07-08 18:01 - 2014-07-08 18:01 - 0000138 _____ () C:\Users\Jürgen\AppData\Roaming\tmp_register.bat
2015-02-21 16:13 - 2015-02-21 16:13 - 0000143 _____ () C:\Users\Jürgen\AppData\Roaming\tmp_unregister.bat
2013-11-12 16:50 - 2015-02-01 14:28 - 0000232 _____ () C:\Users\Jürgen\AppData\Roaming\WB.CFG
2013-11-12 16:50 - 2013-11-21 14:50 - 0000006 _____ () C:\Users\Jürgen\AppData\Roaming\WBPU-TTL.DAT
2014-05-11 21:26 - 2014-05-11 21:26 - 0000000 ___SH () C:\Users\Jürgen\AppData\Local\LumaEmu
2014-10-15 01:27 - 2014-10-15 01:27 - 0000906 _____ () C:\Users\Jürgen\AppData\Local\recently-used.xbel
2012-11-08 13:20 - 2012-11-08 13:20 - 0000017 _____ () C:\Users\Jürgen\AppData\Local\resmon.resmoncfg
2012-03-08 07:48 - 2012-03-08 07:48 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2012-03-08 07:43 - 2012-03-08 07:43 - 0000113 _____ () C:\ProgramData\{34FBC7C4-CD31-4D93-A428-0E524EAC4586}.log
2012-03-08 07:46 - 2012-03-08 07:46 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-03-08 07:43 - 2012-03-08 07:45 - 0000106 _____ () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log
2012-03-08 07:46 - 2012-03-08 07:48 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log

Some content of TEMP:
====================
C:\Users\Jürgen\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Jürgen\AppData\Local\Temp\Quarantine.exe
C:\Users\Jürgen\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-24 08:25

==================== End Of Log ============================

--- --- ---

Addition:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-02-2015
Ran by Jürgen at 2015-03-01 09:59:58
Running from C:\Users\Jürgen\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Disabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Disabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-1656143743-13120863-1912775482-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Benutzerhandbuch EPSON SX235 Series (HKLM-x32\...\EPSON SX235 Series Useg) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.)
CyberLink Media+ Player10 (HKLM-x32\...\InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}) (Version: 10.0.1110.00 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1130a - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3306 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.5016 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dead Island Riptide (HKLM-x32\...\Steam App 216250) (Version:  - Techland)
Easy File Share (HKLM-x32\...\{12F81925-F3C1-40DB-91F7-777817974319}) (Version: 1.3.1 - Samsung Electronics CO., LTD.)
Easy Migration (HKLM-x32\...\{AD86049C-3D9C-43E1-BE73-643F57D83D50}) (Version: 1.0 - Samsung Electronics Co., Ltd.)
Easy Settings (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 1.1 - Samsung Electronics CO., LTD.)
Easy Support Center (HKLM\...\{0738F5F1-8E70-49A6-8692-F5722E1E5A4D}) (Version: 1.2.32 - Samsung Electronics CO., LTD.)
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung)
Epson Easy Photo Print 2 (HKLM-x32\...\{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}) (Version: 2.2.4.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON SX235 Series Printer Uninstall (HKLM\...\EPSON SX235 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2622 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{90F00673-A276-4A58-B675-B426D39D1E09}) (Version: 15.3.0.0398 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{077BF055-512A-4D48-B3C2-44AD860FEB0A}) (Version: 1.3.0.0621 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.5.1001 - Intel Corporation)
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{ECE5B218-A086-4E18-A362-D11181681457}) (Version: 15.03.1000.1637 - Intel Corporation)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.2.11.20121025 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{5DB849D6-9392-4FB7-9ABB-87ED433152E5}) (Version: 3.8.1 - LG Electronics)
LibUSB-Win32-0.1.10.1 (HKLM-x32\...\LibUSB-Win32_is1) (Version: 0.1.10.1 - LibUSB-Win32)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version:  - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version:  - )
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Multimedia POP (HKLM-x32\...\{331ECF61-69AF-4F57-AC35-AFED610231C3}) (Version: 1.0 - )
Netzwerkhandbuch EPSON SX235 Series (HKLM-x32\...\EPSON SX235 Series Netg) (Version:  - )
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.44.421.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6413 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Risen (HKLM-x32\...\{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}) (Version: 1.00.0000 - Deep Silver)
S Agent (Version: 1.1.45 - Samsung Electronics CO., LTD.) Hidden
Samsung AllShare (HKLM-x32\...\InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}) (Version: 2.1.0.12013_8 - Samsung Electronics Co., Ltd.)
Samsung AllShare (x32 Version: 2.1.0.12013_8 - Samsung Electronics Co., Ltd.) Hidden
Samsung AnyWeb Print (HKLM-x32\...\{318DBE01-1E6B-4243-84B0-210391FE789A}) (Version: 2.0.67.1 - Samsung Electronics Co., Ltd.)
Samsung Recovery Solution 5 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.6.0.2 - Samsung Electronics CO., LTD.)
Samsung Universal Print Driver (HKLM-x32\...\Samsung Universal Print Driver) (Version: 2.03.01.00:36 - Samsung Electronics Co., Ltd.)
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.6.0 - Samsung Electronics Co., Ltd.)
Software Launcher (HKLM-x32\...\{B750B5C2-CC17-4967-905B-29F4EB986131}) (Version: 1.0.2 - Samsung)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
SW Update (HKLM-x32\...\{DA06101F-FD76-4BF0-88BD-B26A197005E3}) (Version: 2.1.21 - Samsung Electronics CO., LTD.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.7.0 - Synaptics Incorporated)
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.3 - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
WinRAR 5.01 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

28-02-2015 21:02:50 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {154ACA5C-B2CB-4012-B7F4-08A7966C760A} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2012-10-30] (SEC)
Task: {1EC0E643-3FDF-4482-9A1E-AFD67DEC9349} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {20C1BA12-2C1B-42D8-B3A2-1F8DCDD1569D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {29159C05-0D5C-4838-9A27-7484269528CB} - System32\Tasks\{1007D56E-DACF-48DF-98D8-92D1F0C7B371} => pcalua.exe -a "C:\Users\Jürgen\Downloads\setupd (1).exe" -d C:\Users\Jürgen\Downloads
Task: {2E6E4566-BACF-4871-8E17-8D0D60B225C2} - System32\Tasks\{B7691239-6637-4059-AE84-128E03EFA274} => pcalua.exe -a "C:\Program Files (x86)\Search Extensions\uninstall.exe" -c /u=true /UserID=f2a5958a-3552-45f3-b697-cb2dc159f52f /SourceID=browsersafeguard-rockettab-solimba /ImplementationID=browsersafeguard-rockettab-solimba /UC=20141225
Task: {31BFE392-27B1-4953-9240-7BCE4F2783C3} - System32\Tasks\EasySupportCenter => C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe [2013-01-22] (Samsung Electronics CO., LTD.)
Task: {38962509-F7EE-4278-A3CA-4357210F5917} - System32\Tasks\SCCSpeedBoot => C:\Program Files (x86)\Samsung\Easy Settings\SCCSpeedBoot.exe [2012-03-27] (Samsung Electronics Co., Ltd.)
Task: {3E96A105-F9BD-48B0-AE88-E632C5F5699D} - System32\Tasks\{157764D6-4363-43FE-B3D3-9EB2EB7E3027} => pcalua.exe -a C:\Users\Jürgen\Downloads\LCGenericName02.exe -d C:\Users\Jürgen\Downloads
Task: {403FBC0B-0C4C-499F-89BF-320F820ABDEA} - System32\Tasks\RPC => C:\Program Files (x86)\RPC\Reg Pro Cleaner\RegProCleaner.exe
Task: {48F3E295-8257-4978-BF75-420B3A76D6DC} - System32\Tasks\{62D67987-52D3-469A-B426-43188359DAFA} => pcalua.exe -a E:\aoesetup.exe -d E:\ -c /autorun
Task: {55D4A1FF-D900-4B12-93C0-28BFDFC7038A} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe [2012-05-30] (Samsung Electronics Co., Ltd.)
Task: {58C08D85-B437-4727-8F60-9A04043458D7} - System32\Tasks\{FBA6B7CE-3DCD-405E-846A-6B291C3206F5} => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
Task: {5CB1B98D-4D4B-4CDE-91A3-D8695836D54A} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {6AAC3FF0-BB3A-4525-BC76-C9B467FD617C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {6F745946-47CC-4608-AF3D-2584C31346E5} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {78A1129F-5E0C-4229-83B8-0947C56CE8B6} - System32\Tasks\{B7FC3AFD-FD63-4F26-B64C-30C13B877806} => pcalua.exe -a E:\setup.exe -d E:\
Task: {86BE6832-E0F5-464D-92E8-26378B547BE4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {94B986E6-7DE3-428C-BBF3-0946C6B2B552} - System32\Tasks\SlimCleaner Plus (Scheduled Scan - Jürgen) => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
Task: {A2794569-2F71-45BD-9E57-E6CCBB23A9DE} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe [2012-04-25] (Samsung Electronics Co., Ltd.)
Task: {BDDF89D9-6935-419F-BCF0-C43D7A55F098} - System32\Tasks\{6B06DBE3-F059-49DA-A6AB-84A7544D3BA1} => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
Task: {C03ECA6F-42A1-4B72-A8A0-6BB8C4D5B800} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\Easy Settings\EBM\EasyBatteryMgr4.exe [2011-11-18] (SAMSUNG Electronics co., LTD.)
Task: {D27874E7-CFAF-47BE-9BF4-C934FD7D40A3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E4B313C7-4014-4CCF-8220-FC9FE067AA69} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-12-17] (Oracle Corporation)
Task: {E638EA23-D45A-4F72-BA0C-584704B65E8E} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2013-10-16] (Samsung Electronics CO., LTD.)
Task: {E8D09EFF-C572-44FC-B708-C336FBE54019} - System32\Tasks\{B2FBFA09-4198-423A-860B-6621750308AB} => pcalua.exe -a C:\PROGRA~2\NOMAN'~1\UNINST~1\UNWISE.EXE -c C:\PROGRA~2\NOMAN'~1\UNINST~1\INSTALL.LOG
Task: {F02744B9-B972-450E-B54F-4BC8DBB06B8A} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-02-16] (CyberLink)
Task: {F7A95637-326D-469D-81BE-96F2AE0550A6} - System32\Tasks\{6A1035E6-5B36-42A2-871E-E82F6A8994E5} => pcalua.exe -a C:\Users\Jürgen\Desktop\libusb-win32-filter-bin-0.1.10.1.exe -d C:\Users\Jürgen\Desktop
Task: {FBCF6554-C387-4CD1-9EA0-26DC552B9D7C} - System32\Tasks\{49AF95F3-123B-4086-8E03-231AA0DD39CA} => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\SlimCleaner Plus (Scheduled Scan - Jürgen).job => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe

==================== Loaded Modules (whitelisted) ==============

2012-11-07 14:27 - 2013-08-29 23:43 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-04-11 14:26 - 2011-04-11 14:26 - 00034304 _____ () C:\windows\System32\spd__l.dll
2014-05-29 18:51 - 2014-05-30 11:05 - 00076888 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2012-03-08 07:45 - 2009-12-01 08:21 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2011-01-27 15:28 - 2011-01-27 15:28 - 00706048 _____ () C:\windows\system32\SnMinDrv.dll
2011-07-21 06:51 - 2010-12-16 10:37 - 00094208 _____ () C:\windows\system32\IccLibDll_x64.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-11-08 20:38 - 2011-02-17 01:03 - 00203776 _____ () C:\Program Files (x86)\Samsung\Easy Settings\WinCRT.dll
2012-11-08 20:38 - 2006-08-12 12:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Settings\HookDllPS2.dll
2012-11-08 20:29 - 2011-09-08 19:40 - 01645056 _____ () C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll
2009-11-02 06:20 - 2009-11-02 06:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 06:23 - 2009-11-02 06:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1656143743-13120863-1912775482-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-1656143743-13120863-1912775482-500 - Administrator - Disabled)
Gast (S-1-5-21-1656143743-13120863-1912775482-501 - Limited - Enabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-1656143743-13120863-1912775482-1003 - Limited - Enabled)
Jürgen (S-1-5-21-1656143743-13120863-1912775482-1001 - Administrator - Enabled) => C:\Users\Jürgen
UpdatusUser (S-1-5-21-1656143743-13120863-1912775482-1000 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/01/2015 09:57:15 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/01/2015 09:49:38 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (03/01/2015 08:08:41 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (03/01/2015 01:06:59 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (03/01/2015 01:06:23 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/01/2015 01:06:21 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/01/2015 01:06:21 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/01/2015 01:02:34 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/01/2015 01:02:31 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/01/2015 01:02:30 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (02/28/2015 08:53:10 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{7175F74E-B701-42C9-B8D3-303291C51D18}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (02/28/2015 10:48:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LibUsb-Win32 - Daemon, Version 0.1.10.1" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (02/28/2015 10:47:45 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\libusb0.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (02/28/2015 10:47:45 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\libusb0.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (02/28/2015 10:47:45 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\libusb0.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (02/28/2015 10:47:45 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\libusb0.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (02/28/2015 10:47:44 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\libusb0.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (02/28/2015 10:47:43 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\libusb0.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (02/28/2015 10:47:43 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\libusb0.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (02/27/2015 06:59:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LibUsb-Win32 - Daemon, Version 0.1.10.1" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (03/01/2015 09:57:15 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (03/01/2015 09:49:38 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe

Error: (03/01/2015 08:08:41 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe

Error: (03/01/2015 01:06:59 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe

Error: (03/01/2015 01:06:23 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Jürgen\Desktop\esetsmartinstaller_deu.exe

Error: (03/01/2015 01:06:21 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Jürgen\Desktop\esetsmartinstaller_deu.exe

Error: (03/01/2015 01:06:21 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Jürgen\Desktop\esetsmartinstaller_deu.exe

Error: (03/01/2015 01:02:34 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Jürgen\Desktop\esetsmartinstaller_deu.exe

Error: (03/01/2015 01:02:31 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Jürgen\Desktop\esetsmartinstaller_deu.exe

Error: (03/01/2015 01:02:30 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Jürgen\Desktop\esetsmartinstaller_deu.exe


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) CPU B960 @ 2.20GHz
Percentage of memory in use: 37%
Total physical RAM: 4009.55 MB
Available physical RAM: 2502.16 MB
Total Pagefile: 8017.28 MB
Available Pagefile: 5855.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:177 GB) (Free:77.88 GB) NTFS
Drive d: () (Fixed) (Total:265.39 GB) (Free:0 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 3882832C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=177 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=265.4 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=23.3 GB) - (Type=27)

==================== End Of Log ============================

Grüße Colin

25.02.2015, 15:35	#4
Bootsektor Ruhe in Frieden † 2019	Im Internet werden Wörter blau markiert + Hyperlinks / Viel Werbung Hallo, ich brauche unbedingt noch die FRST.txt, bittte poste mir diese noch. __________________ Grüße stolzes Mitglied von UNITE Du hast Lob oder Verbesserungsvorschläge? Du findest unsere Arbeit gut und möchtest uns finanziell unterstützen? -> Spende

Im Internet werden Wörter blau markiert + Hyperlinks / Viel Werbung

Log-Analyse und Auswertung: Im Internet werden Wörter blau markiert + Hyperlinks / Viel Werbung