Windows 8.1 not-a-virus:AdWare.Win32.Linkury.a
Hallo,
ich hab mir da was eingefangen, von dem ich nicht genau weiss was es sein soll.
Kaspersky meldet ständig, dass es xy.dll Datei desinfiziert hat.
Objektname: not-a-virus:AdWare.Win32.Linkury.a
Jemand anderes hat schon heute nachmittag anscheinend ähnliches gepostet, weshalb ich gleich mal FRST runtergeladen habe und einen Scan damit vollzog.
Über ein wenig Hilfe würde ich mich natürlch sehr freuen.
Vielen Dank und liebe Grüße.
Jürgen
FRST Logfile:
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-02-2015
Ran by jurge_000 (administrator) on DOC on 05-02-2015 20:34:05
Running from C:\Users\jurge_000\Desktop
Loaded Profiles: jurge_000 (Available profiles: jurge_000 & Administrator)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
() C:\Program Files (x86)\LPT\srpts.exe
() C:\Users\jurge_000\AppData\Local\RGMService\RGMUpdater.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Users\jurge_000\AppData\Local\RGMService\RGMLoader.exe
() C:\Program Files (x86)\LPT\srptsl.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Pokki) C:\Users\jurge_000\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe
(Smartbar) C:\Users\jurge_000\AppData\Local\Smartbar\Application\Smartbar.exe
() C:\Users\jurge_000\AppData\Roaming\Search Protection\SP.exe
() C:\Program Files (x86)\hide.me VPN\Hide.me.exe
() C:\Program Files (x86)\ProgDVB\ProgLauncher.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Pokki) C:\Users\jurge_000\AppData\Local\Pokki\Engine\HostAppService.exe
(Pokki) C:\Users\jurge_000\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe
(Pokki) C:\Users\jurge_000\AppData\Local\Pokki\Engine\HostAppService.exe
(Zhorn Software) C:\Program Files (x86)\Stickies\stickies.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
() C:\Users\jurge_000\AppData\Roaming\Mozilla\Firefox\Profiles\2ngs26er.default\extensions\adbhelper@mozilla.org\win32\adb.exe
(Pokki) C:\Users\jurge_000\AppData\Local\Pokki\Engine\StartMenuIndexer.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
() C:\Users\jurge_000\AppData\Local\LPT\srptm.exe
() C:\Users\jurge_000\AppData\Local\Smartbar\Application\Lrcnta.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7546072 2014-03-10] (Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3957816 2014-03-01] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-01] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-01] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2811120 2014-03-13] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-03-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-02-13] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [475448 2014-03-04] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [IR_SERVER] => C:\Program Files (x86)\Realtek\REALTEK DTV USB DEVICE\IR_SERVER.exe
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2015-01-28] (Hewlett-Packard)
HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\...\Run: [Pokki] => "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\...\Run: [Browser Infrastructure Helper] => C:\Users\jurge_000\AppData\Local\Smartbar\Application\Smartbar.exe [29696 2014-08-27] (Smartbar)
HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\...\Run: [Search Protection] => C:\Users\jurge_000\AppData\Roaming\Search Protection\SP.EXE [1128760 2015-01-16] ()
HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\...\Run: [Browser Extensions] => C:\Users\jurge_000\AppData\Roaming\BrowserExtensions\BEHelper.exe [544720 2015-01-06] ()
HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\...\Run: [Hide.me] => C:\Program Files (x86)\hide.me VPN\Hide.me.exe [1071768 2014-11-26] ()
HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\...\Run: [ProgLauncher] => C:\Program Files (x86)\ProgDVB\ProgLauncher.exe [381888 2014-12-14] ()
HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\...\RunOnce: [Application Restart #3] => C:\Users\jurge_000\AppData\Local\Pokki\Engine\HostAppService.exe [7846216 2015-01-31] (Pokki)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Stickies.lnk
ShortcutTarget: Stickies.lnk -> C:\Program Files (x86)\Stickies\stickies.exe (Zhorn Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT14/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT14/4
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4
HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage-web.com/?s=online&m=start
HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4
HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxjFxd-cizaAI2jzB21nZsMHDaQL65QqL22G-LRbfOUv-5ocZEeQ41DWLCioPtn85ySygYCG9-VvHDd_eLqLg44BrSH1cmfNlqO0BH-ecbOUyeb1QtqA7ksKdOmNETbzZrkOKkoD5UGjMYG_3Q70trDdj21vWRfyhfhoSA,,&q={searchTerms}
HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxjFxd-cizaAI2jzB21nZsMHDaQL65QqL22G-LRbfOUv-5ocZEeQ41DWLCioPtn85ySygYCG9-VvHDd_eLqLg44BrSH1cmfNlqO0BH-ecbOUyeb1QtqA7ksKdOmNETbzZrkOKkoD5UGjMYG_3Q70trDdj21vWRfyhfhoSA,,&q={searchTerms}
SearchScopes: HKLM -> {F6305024-E578-4006-A05F-6B1A66BAE870} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxjFxd-cizaAI2jzB21nZsMHDaQL65QqL22G-LRbfOUv-5ocZEeQ41DWLCioPtn85ySygYCG9-VvHDd_eLqLg44BrSH1cmfNlqO0BH-ecbOUyeb1QtqA7ksKdOmNETbzZrkOKkoD5UGjMYG_3Q7xqIh4b2TTenZoGX3PHQ,,&q={searchTerms}
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxjFxd-cizaAI2jzB21nZsMHDaQL65QqL22G-LRbfOUv-5ocZEeQ41DWLCioPtn85ySygYCG9-VvHDd_eLqLg44BrSH1cmfNlqO0BH-ecbOUyeb1QtqA7ksKdOmNETbzZrkOKkoD5UGjMYG_3Q7xqIh4b2TTenZoGX3PHQ,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3178874078-4208927294-2124628208-1002 -> DefaultScope {2CC11A78-ABFC-11E4-829C-A02BB859D734} URL = hxxp://search.homepage-web.com/?src=omnibox&partner=online&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3178874078-4208927294-2124628208-1002 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxjFxd-cizaAI2jzB21nZsMHDaQL65QqL22G-LRbfOUv-5ocZEeQ41DWLCioPtn85ySygYCG9-VvHDd_eLqLg44BrSH1cmfNlqO0BH-ecbOUyeb1QtqA7ksKdOmNETbzZrkOKkoD5UGjMYG_3Q70trDdj21vWRfyhfhoSA,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3178874078-4208927294-2124628208-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3178874078-4208927294-2124628208-1002 -> {2CC11A78-ABFC-11E4-829C-A02BB859D734} URL = hxxp://search.homepage-web.com/?src=omnibox&partner=online&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3178874078-4208927294-2124628208-1002 -> {C5BA03B4-C5FB-47A7-A541-30A1C674009A} URL = https://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=386496&p={searchTerms}
BHO: Yahoo Community Smartbar (by Linkury)Engine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
BHO: Browser Extensions -> {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} -> C:\Users\jurge_000\AppData\Roaming\BrowserExtensions\Coupons64.dll ()
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: Yahoo Community Smartbar (by Linkury)Engine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Browser Extensions -> {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} -> C:\Users\jurge_000\AppData\Roaming\BrowserExtensions\Coupons.dll ()
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Toolbar: HKLM - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.99.99
FireFox:
========
FF ProfilePath: C:\Users\jurge_000\AppData\Roaming\Mozilla\Firefox\Profiles\2ngs26er.default
FF SelectedSearchEngine: Web Search
FF Homepage: google.de
FF Keyword.URL: https://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=386496&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3178874078-4208927294-2124628208-1002: pokki.com/PokkiDownloadHelper -> C:\Users\jurge_000\AppData\Local\Pokki\Download Helper\npPokkiDownloadHelper.1.2.0.78.dll (Pokki)
FF SearchPlugin: C:\Users\jurge_000\AppData\Roaming\Mozilla\Firefox\Profiles\2ngs26er.default\searchplugins\yahoo_ff.xml
FF Extension: ADB Helper - C:\Users\jurge_000\AppData\Roaming\Mozilla\Firefox\Profiles\2ngs26er.default\Extensions\adbhelper@mozilla.org [2014-12-22]
FF Extension: Adblock Plus - C:\Users\jurge_000\AppData\Roaming\Mozilla\Firefox\Profiles\2ngs26er.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-30]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [140288 2014-03-15] () [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-03-15] (Advanced Micro Devices, Inc.) [File not signed]
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [88064 2014-03-05] () [File not signed]
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-28] (WildTangent)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-01-13] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [469304 2014-03-04] (Hewlett-Packard Development Company, L.P.)
R2 LPTSystemUpdater; C:\Program Files (x86)\LPT\srpts.exe [34304 2014-08-27] () <==== ATTENTION
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-01] (Softex Inc.) [File not signed]
R2 RGMUpdater; C:\Users\jurge_000\AppData\Local\RGMService\RGMUpdater.exe [28160 2014-10-27] () [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [190704 2014-03-13] (Synaptics Incorporated)
R2 tbaseprovisioning; C:\Windows\SysWOW64\tbaseprovisioning.exe [51712 2014-02-25] (Advanced Micro Devices, Inc.)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-08-26] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17640 2013-10-24] (Advanced Micro Devices, INC.)
S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [85704 2014-02-25] (Advanced Micro Devices, Inc. )
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-14] (Advanced Micro Devices, Inc.)
R0 amdpsp; C:\Windows\System32\DRIVERS\amdpsp.sys [230088 2014-02-25] (Advanced Micro Devices, Inc. )
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2013-12-20] (Advanced Micro Devices)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [131584 2013-08-22] (Microsoft Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-04-21] (Microsoft Corporation)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [113280 2010-02-03] (ITE )
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-09-13] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29792 2014-09-13] (Kaspersky Lab)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [115296 2014-09-13] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625760 2014-09-13] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2014-09-13] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [65120 2014-09-13] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178272 2014-09-13] (Kaspersky Lab ZAO)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [291544 2014-01-04] (Realtek Semiconductor Corp.)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [558296 2014-01-06] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3379416 2014-03-22] (Realtek Semiconductor Corporation )
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [30448 2014-03-13] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [31472 2014-03-13] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
S3 GENERICDRV; \??\C:\swsetup\sp67235\amifldrv64.sys [X]
U3 McAPExe; No ImagePath
U3 McMPFSvc; No ImagePath
U3 McNaiAnn; No ImagePath
U3 mcpltsvc; No ImagePath
U3 McProxy; No ImagePath
U3 mfecore; No ImagePath
U3 MSK80Service; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-05 20:34 - 2015-02-05 20:34 - 00023278 _____ () C:\Users\jurge_000\Desktop\FRST.txt
2015-02-05 20:33 - 2015-02-05 20:34 - 00000000 ____D () C:\FRST
2015-02-05 20:31 - 2015-02-05 20:31 - 02131968 _____ (Farbar) C:\Users\jurge_000\Desktop\FRST64.exe
2015-02-05 13:40 - 2015-02-05 13:40 - 00326104 _____ () C:\WINDOWS\Minidump\020515-26484-01.dmp
2015-02-03 20:40 - 2015-02-03 20:41 - 00326104 _____ () C:\WINDOWS\Minidump\020315-27343-01.dmp
2015-02-03 17:42 - 2015-02-03 17:42 - 00326048 _____ () C:\WINDOWS\Minidump\020315-29312-01.dmp
2015-01-29 22:50 - 2015-01-29 22:50 - 00001014 _____ () C:\Users\jurge_000\Desktop\TinyPic.lnk
2015-01-29 22:50 - 2015-01-29 22:50 - 00000000 ____D () C:\Program Files (x86)\Tinypic
2015-01-28 22:01 - 2015-01-28 22:01 - 00000000 ____D () C:\Program Files (x86)\Lame For Audacity
2015-01-27 23:05 - 2015-01-28 22:03 - 00000000 ____D () C:\Users\jurge_000\AppData\Roaming\Audacity
2015-01-27 23:04 - 2015-01-27 23:04 - 00001042 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2015-01-27 23:04 - 2015-01-27 23:04 - 00001030 _____ () C:\Users\Public\Desktop\Audacity.lnk
2015-01-27 23:04 - 2015-01-27 23:04 - 00000000 ____D () C:\Program Files (x86)\Audacity
2015-01-27 14:19 - 2015-01-27 14:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-27 00:19 - 2014-12-06 07:43 - 14489797 _____ () C:\Users\jurge_000\Desktop\Wie Sie mehr fotografieren und weniger knipsen - Thomas Stephan.epub
2015-01-25 21:10 - 2015-01-25 21:10 - 00326048 _____ () C:\WINDOWS\Minidump\012515-24062-01.dmp
2015-01-24 23:07 - 2015-01-24 23:07 - 00326104 _____ () C:\WINDOWS\Minidump\012415-21953-01.dmp
2015-01-24 21:47 - 2015-01-24 21:48 - 00326048 _____ () C:\WINDOWS\Minidump\012415-26687-01.dmp
2015-01-22 10:19 - 2015-01-22 10:19 - 00000000 ____D () C:\Users\jurge_000\Desktop\HUK
2015-01-22 10:16 - 2015-01-22 10:16 - 00000472 _____ () C:\Users\jurge_000\Desktop\Volume (F) - Verknüpfung.lnk
2015-01-21 00:39 - 2015-01-21 00:39 - 00326160 _____ () C:\WINDOWS\Minidump\012115-29281-01.dmp
2015-01-18 11:36 - 2015-01-18 11:36 - 00001110 _____ () C:\Users\Public\Desktop\Terminplaner .Net.lnk
2015-01-18 11:36 - 2015-01-18 11:36 - 00000000 ____D () C:\Users\jurge_000\AppData\Roaming\RDecke
2015-01-18 11:36 - 2015-01-18 11:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Terminplaner.NET
2015-01-18 11:36 - 2015-01-18 11:36 - 00000000 ____D () C:\Program Files (x86)\Terminplaner.NET
2015-01-18 11:35 - 2015-01-18 11:34 - 04718515 _____ (Ronny Decke ) C:\Users\jurge_000\Downloads\setup_CB-DL-Manager [1].exe
2015-01-16 21:45 - 2015-02-04 00:27 - 00000000 ____D () C:\Users\jurge_000\AppData\Roaming\stickies
2015-01-16 21:45 - 2015-01-16 21:45 - 00000667 _____ () C:\WINDOWS\uninstallstickies.bat
2015-01-16 21:45 - 2015-01-16 21:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stickies
2015-01-16 21:45 - 2015-01-16 21:45 - 00000000 ____D () C:\Program Files (x86)\Stickies
2015-01-15 22:02 - 2015-01-15 22:02 - 00460040 _____ () C:\Users\jurge_000\Desktop\Unbenannt 1.odt
2015-01-15 09:54 - 2015-01-15 09:54 - 00000000 ___HD () C:\Users\jurge_000\Desktop\.picasaoriginals
2015-01-14 22:32 - 2015-01-15 11:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-01-14 22:00 - 2015-01-14 22:00 - 00001429 _____ () C:\Users\jurge_000\Desktop\bp - Verknüpfung.lnk
2015-01-14 11:47 - 2015-01-14 11:47 - 00001860 _____ () C:\Users\jurge_000\Desktop\PTEditor - Verknüpfung.lnk
2015-01-14 11:42 - 2015-01-14 11:42 - 00000000 ____D () C:\Users\jurge_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Power Tab Software
2015-01-14 11:42 - 2015-01-14 11:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Power Tab Software
2015-01-14 11:42 - 2015-01-14 11:42 - 00000000 ____D () C:\Program Files (x86)\Power Tab Software
2015-01-14 11:39 - 2015-01-14 11:39 - 05917258 _____ () C:\Users\jurge_000\Downloads\powertab1.7.zip
2015-01-14 08:53 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-01-14 08:53 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-01-14 08:53 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-01-14 08:53 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-01-14 08:53 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-01-14 08:53 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-01-14 08:53 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-01-14 08:53 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-01-14 08:53 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-01-14 08:53 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-01-14 08:53 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-01-14 08:53 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-01-14 08:53 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-01-14 08:53 - 2014-10-29 05:00 - 00465320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2015-01-14 08:53 - 2014-10-29 05:00 - 00139984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2015-01-14 08:53 - 2014-10-29 04:52 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-01-14 08:53 - 2014-10-29 04:52 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-01-14 08:53 - 2014-10-29 04:52 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-01-14 08:53 - 2014-10-29 04:52 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-01-14 08:53 - 2014-10-29 04:12 - 00413136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2015-01-14 08:53 - 2014-10-29 04:12 - 00136296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2015-01-14 08:53 - 2014-10-29 04:07 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-01-14 08:53 - 2014-10-29 04:07 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-01-14 08:53 - 2014-10-29 04:07 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-01-14 08:53 - 2014-10-29 03:44 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2015-01-14 08:53 - 2014-10-29 02:59 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2015-01-14 08:53 - 2014-10-29 02:02 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-01-14 08:52 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-01-14 08:52 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-01-14 08:52 - 2014-10-29 02:24 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2015-01-14 08:52 - 2014-10-29 02:01 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2015-01-07 23:38 - 2015-01-07 23:38 - 00326160 _____ () C:\WINDOWS\Minidump\010715-23000-01.dmp
2015-01-07 23:01 - 2015-01-07 23:01 - 00326160 _____ () C:\WINDOWS\Minidump\010715-28203-01.dmp
2015-01-07 11:21 - 2015-01-07 11:21 - 00000000 ____D () C:\Users\jurge_000\AppData\Roaming\Guitar Pro 6
2015-01-07 11:21 - 2015-01-07 11:21 - 00000000 ____D () C:\ProgramData\Guitar Pro 6
2015-01-07 11:20 - 2015-01-07 11:20 - 00000991 _____ () C:\Users\Public\Desktop\Guitar Pro 6.lnk
2015-01-07 11:20 - 2015-01-07 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guitar Pro 6
2015-01-07 11:19 - 2015-01-07 11:20 - 00000000 ____D () C:\Program Files (x86)\Guitar Pro 6
2015-01-07 09:21 - 2015-01-07 09:21 - 00309776 _____ () C:\WINDOWS\Minidump\010715-24203-01.dmp
2015-01-07 08:59 - 2015-01-07 08:59 - 00305680 _____ () C:\WINDOWS\Minidump\010715-23218-01.dmp
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-05 20:32 - 2014-09-04 22:35 - 00000000 ____D () C:\Users\jurge_000\AppData\Local\Pokki
2015-02-05 20:29 - 2014-09-27 08:01 - 00003178 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForjurge_000
2015-02-05 20:29 - 2014-09-27 08:01 - 00000356 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForjurge_000.job
2015-02-05 20:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-02-05 20:23 - 2014-12-30 09:22 - 01693278 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-05 20:17 - 2014-09-12 21:44 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-02-05 20:08 - 2013-08-22 16:20 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-02-05 20:06 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-05 13:54 - 2014-09-04 22:49 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3178874078-4208927294-2124628208-1002
2015-02-05 13:42 - 2014-09-04 23:07 - 00002305 _____ () C:\Users\jurge_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-02-05 13:42 - 2014-08-28 11:52 - 00000000 ___DO () C:\Users\jurge_000\OneDrive
2015-02-05 13:41 - 2014-12-23 21:19 - 00000000 ____D () C:\Users\jurge_000\AppData\Local\RGMService
2015-02-05 13:41 - 2014-11-29 22:43 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-02-05 13:41 - 2014-05-12 12:05 - 02200258 _____ () C:\WINDOWS\SysWOW64\rootpa.e2e
2015-02-05 13:40 - 2014-12-30 09:23 - 00013853 _____ () C:\WINDOWS\setupact.log
2015-02-05 13:40 - 2014-12-29 23:52 - 534231311 _____ () C:\WINDOWS\MEMORY.DMP
2015-02-05 13:40 - 2014-10-06 21:27 - 00000000 ____D () C:\WINDOWS\Minidump
2015-02-05 13:40 - 2014-09-04 22:35 - 00000000 ____D () C:\Users\jurge_000
2015-02-05 13:40 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-04 22:41 - 2014-11-29 22:43 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-02-03 17:43 - 2014-12-28 22:36 - 00000000 ____D () C:\Users\jurge_000\AppData\Roaming\BrowserExtensions
2015-02-03 17:41 - 2014-09-04 23:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-03 09:45 - 2014-04-22 00:14 - 00800954 _____ () C:\WINDOWS\system32\perfh007.dat
2015-02-03 09:45 - 2014-04-22 00:14 - 00174458 _____ () C:\WINDOWS\system32\perfc007.dat
2015-02-03 09:45 - 2013-08-26 07:09 - 01921090 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-02 01:04 - 2014-09-05 21:03 - 00000000 ____D () C:\Users\jurge_000\AppData\Roaming\vlc
2015-01-30 19:24 - 2014-10-03 19:18 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2015-01-30 19:24 - 2014-09-26 21:01 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2015-01-28 01:31 - 2014-08-28 16:23 - 00000000 ____D () C:\Users\jurge_000\Documents\Calibre-Bibliothek
2015-01-27 18:43 - 2014-05-12 11:51 - 00065536 _____ () C:\WINDOWS\system32\spu_storage.bin
2015-01-27 18:43 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-26 20:35 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2015-01-24 21:20 - 2014-09-08 10:46 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-01-24 21:20 - 2014-09-08 10:46 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-24 20:42 - 2014-12-23 21:25 - 00000000 ____D () C:\Users\jurge_000\AppData\Local\Windows Live
2015-01-17 20:56 - 2013-08-22 15:44 - 00379016 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-01-17 20:55 - 2014-12-23 23:09 - 00000000 ____D () C:\Program Files (x86)\DivX
2015-01-16 22:39 - 2014-09-07 23:34 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-16 21:56 - 2014-09-07 23:34 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-01-15 09:28 - 2014-12-23 21:02 - 00000000 ____D () C:\Users\jurge_000\AppData\Roaming\DVD Flick
2015-01-14 22:08 - 2014-12-23 23:08 - 00000000 ____D () C:\ProgramData\DivX
2015-01-14 11:44 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help
2015-01-07 23:07 - 2014-09-16 22:19 - 00000000 ____D () C:\Users\jurge_000\AppData\Local\Adobe
==================== Files in the root of some directories =======
2014-12-23 21:07 - 2014-12-23 21:07 - 0092702 _____ () C:\Users\jurge_000\AppData\Local\349311A3_stp.CIS
2014-12-23 21:07 - 2014-12-23 21:07 - 0000289 _____ () C:\Users\jurge_000\AppData\Local\349311A3_stp.CIS.part
2014-12-23 21:07 - 2014-12-23 21:07 - 0000000 _____ () C:\Users\jurge_000\AppData\Local\5BFEE0EB_stp.EXE
2014-12-23 21:08 - 2014-12-23 21:08 - 0000203 _____ () C:\Users\jurge_000\AppData\Local\5BFEE0EB_stp.EXE.part
2014-12-23 21:07 - 2014-12-23 21:08 - 0178814 _____ () C:\Users\jurge_000\AppData\Local\6AD0D82B_stp.CIS
2014-12-23 21:08 - 2014-12-23 21:08 - 0000238 _____ () C:\Users\jurge_000\AppData\Local\6AD0D82B_stp.CIS.part
2014-12-23 23:22 - 2014-12-23 23:22 - 0007680 _____ () C:\Users\jurge_000\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-28 22:59 - 2014-09-28 22:59 - 0002063 _____ () C:\Users\jurge_000\AppData\Local\recently-used.xbel
2014-09-18 08:32 - 2014-09-18 08:32 - 0001534 _____ () C:\ProgramData\ss.ini
Some content of TEMP:
====================
C:\Users\jurge_000\AppData\Local\Temp\-meblazn.dll
C:\Users\jurge_000\AppData\Local\Temp\0hgn9bp4.dll
C:\Users\jurge_000\AppData\Local\Temp\2cvjg2ui.dll
C:\Users\jurge_000\AppData\Local\Temp\6utolcnp.dll
C:\Users\jurge_000\AppData\Local\Temp\73celdui.dll
C:\Users\jurge_000\AppData\Local\Temp\75crf8bq.dll
C:\Users\jurge_000\AppData\Local\Temp\bfntpetm.dll
C:\Users\jurge_000\AppData\Local\Temp\bswjrtpw.dll
C:\Users\jurge_000\AppData\Local\Temp\ceaqyslu.dll
C:\Users\jurge_000\AppData\Local\Temp\e-mlvuyr.dll
C:\Users\jurge_000\AppData\Local\Temp\e6jz9of_.dll
C:\Users\jurge_000\AppData\Local\Temp\f0hameyt.dll
C:\Users\jurge_000\AppData\Local\Temp\fddto3ya.dll
C:\Users\jurge_000\AppData\Local\Temp\kgltleq3.dll
C:\Users\jurge_000\AppData\Local\Temp\kszb4xaf.dll
C:\Users\jurge_000\AppData\Local\Temp\lnztk08r.dll
C:\Users\jurge_000\AppData\Local\Temp\mkbvhnur.dll
C:\Users\jurge_000\AppData\Local\Temp\ndpkfgcn.dll
C:\Users\jurge_000\AppData\Local\Temp\nywbxm0o.dll
C:\Users\jurge_000\AppData\Local\Temp\o3sbkbok.dll
C:\Users\jurge_000\AppData\Local\Temp\oct7F93.tmp.exe
C:\Users\jurge_000\AppData\Local\Temp\octA4B3.tmp.exe
C:\Users\jurge_000\AppData\Local\Temp\octBDA5.tmp.exe
C:\Users\jurge_000\AppData\Local\Temp\p077xjfc.dll
C:\Users\jurge_000\AppData\Local\Temp\pg93yw8i.dll
C:\Users\jurge_000\AppData\Local\Temp\qj-iiie1.dll
C:\Users\jurge_000\AppData\Local\Temp\SearchProtectionSetup.exe
C:\Users\jurge_000\AppData\Local\Temp\sltr_ugu.dll
C:\Users\jurge_000\AppData\Local\Temp\uadakbsc.dll
C:\Users\jurge_000\AppData\Local\Temp\ule4l8cl.dll
C:\Users\jurge_000\AppData\Local\Temp\upkx7dkr.dll
C:\Users\jurge_000\AppData\Local\Temp\v53idcfd.dll
C:\Users\jurge_000\AppData\Local\Temp\xk9w7_gr.dll
C:\Users\jurge_000\AppData\Local\Temp\yntr8xkm.dll
C:\Users\jurge_000\AppData\Local\Temp\zna2d3-v.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-29 23:32
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-02-2015
Ran by jurge_000 at 2015-02-05 20:35:54
Running from C:\Users\jurge_000\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Anti-Virus (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adblock Plus für IE (32-Bit- und 64-Bit) (HKLM\...\{123A22CB-6D84-4135-A71F-886C9119E996}) (Version: 99.9 - Eyeo GmbH)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{C3E5B3AF-12F2-9E42-B493-9490DC745953}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
BestPractice (remove only) (HKLM-x32\...\BestPractice) (Version: - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Browser Extensions (HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\...\{3A787631-66A2-4634-B928-A37E73B58FB6}) (Version: 2.6 - Spigot, Inc.) <==== ATTENTION
Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden
Building the Great Wall of China Collector's Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden
calibre (HKLM-x32\...\{AB116F72-C91A-40F2-A25A-949B5D065EBB}) (Version: 2.3.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
ClearProg 1.6.1 Beta 7 (HKLM-x32\...\ClearProg) (Version: 1.6.1 Beta 7 - Sven Hoffman)
Crazy Chicken Soccer (x32 Version: 2.2.0.110 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Drakensang Online (HKLM-x32\...\Drakensang Online) (Version: - )
DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
DVDStyler v2.8 (HKLM-x32\...\DVDStyler_is1) (Version: - )
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
FreeRIP MP3 Converter 4.5.3 (HKLM-x32\...\{501451DE-5808-4599-B544-8BD0915B6B24}_is1) (Version: 4.5.3 - GreenTree Applications SRL)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Guitar Pro 6 (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version: - Arobas Music)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
hide.me VPN Version 1.0.5 (HKLM-x32\...\{0E00BDA5-7998-4889-BE4B-39A4BBD2EDFB}_is1) (Version: 1.0.5 - eVenture Limited)
Host App Service (HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\...\Pokki) (Version: 0.269.5.460 - Pokki)
HP 3D DriveGuard (HKLM-x32\...\{F90A86C9-7779-47DD-AC06-8EE832C55F55}) (Version: 6.0.18.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{E2C8D0C2-1C97-4C05-939A-5B13A0FE655C}) (Version: 2.20.31 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{082B1425-0F24-43FA-9B64-E8F617B0AD3B}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7493.4758 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.08 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{8C696B4B-6AB1-44BC-9416-96EAC474CABE}) (Version: 7.5.2.12 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{E9FA2CA2-B7B2-43E6-8449-A1618B042EAE}) (Version: 1.1.3 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{B7B82520-8ECE-4743-BFD7-93B16C64B277}) (Version: 2.4.2 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Inst5675 (Version: 8.01.08 - Softex Inc.) Hidden
Inst5676 (Version: 8.01.08 - Softex Inc.) Hidden
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LPT System Updater Service (x32 Version: 1.0.0.0 - LPT) Hidden <==== ATTENTION
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.2 - Mozilla)
Mozilla Thunderbird 31.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.4.0 (x86 de)) (Version: 31.4.0 - Mozilla)
MuseScore 1.3 (HKLM-x32\...\MuseScore) (Version: 1.3.0 - Werner Schweer and Others)
Naviextras Toolbox Prerequesities (HKLM-x32\...\{537575D6-3B96-474C-BD8F-DFF667363DBD}) (Version: 1.0.0 - NNG Llc.)
OEM Application Profile (HKLM-x32\...\{315F1A48-D883-B234-7C79-15873574ACC1}) (Version: 1.00.0000 - Ihr Firmenname)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.51 - WildTangent) Hidden
Pokki Download Helper (HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\...\PokkiDownloadHelper) (Version: 1.3.1.282 - Pokki)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Power Tab Editor 1.7 (HKLM-x32\...\{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}) (Version: 1.7.0 - Power Tab Software)
ProgDVB (HKLM-x32\...\ProgDVB) (Version: 7.x - Prog)
Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.6 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.)
REALTEK DTV USB DEVICE (HKLM-x32\...\{DDBB7C89-1A09-441E-AA0F-6AA465755C17}) (Version: 1.00.0000 - Realtek)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7195 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.00.13.1216 - REALTEK Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung Universal Print Driver 2 (HKLM-x32\...\Samsung Universal Print Driver 2) (Version: 2.50.05.00 - Samsung Electronics Co., Ltd.)
Search Protection (HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\...\Search Protection) (Version: 10.8.0.1 - Spigot, Inc.) <==== ATTENTION
Startmenü (HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\...\Pokki_Start_Menu) (Version: 0.269.5.460 - Pokki)
Stickies 8.0b (HKLM-x32\...\ZhornStickies) (Version: - Zhorn Software)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.5.2 - Synaptics Incorporated)
Terminplaner .Net (HKLM-x32\...\{AFC4FEEE-6E08-4CC9-815E-5CEDF2C15E2E}_is1) (Version: - Ronny Decke)
Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
Torchlight 2 (HKLM-x32\...\{049FF5E4-EB02-4c42-8DB0-226E2F7A9E53}) (Version: 1.9.2.1 - )
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
UnderCoverXP 1.23 (HKLM-x32\...\UnderCoverXP_is1) (Version: - Wicked & Wild Inc.)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden
VirtualDJ 8 (HKLM-x32\...\{9ADBBA93-4625-4898-BB0D-BCE7EA9F8B4A}) (Version: 8.0.0 - Atomix Productions)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Warhammer 40,000: Dawn Of War - Gold Edition (HKLM-x32\...\{D0B36BAF-3E9D-423E-8821-ED238C18DB0A}) (Version: 1.51 - THQ)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App für HP (x32 Version: 4.0.11.2 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Youda Jewel Shop (x32 Version: 3.0.2.51 - WildTangent) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
28-01-2015 23:14:09 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1E5F545C-3E53-4CA6-B6DD-F9468D990F15} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {2595D899-3540-46DF-9B78-8F72E3C1BB4A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)
Task: {366065F9-548E-4649-A41D-CE201FCA2E2A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-01-16] (Microsoft Corporation)
Task: {5E9E3CCA-3E56-426D-869F-2887A3F1CFBF} - System32\Tasks\arp_flush => C:\Program Files (x86)\hide.me VPN\FlushArpCache.exe [2014-11-26] ()
Task: {72535254-1F4B-4441-8985-5D973E0A9A7C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {748AFF38-E65C-433E-ABBF-1B96A97DE684} - System32\Tasks\HPCeeScheduleForjurge_000 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {7605FDD8-C91D-46F6-B3D4-B8B886B65688} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-01-21] (Hewlett-Packard)
Task: {783FB339-C2A9-4C97-9225-8886277D380D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)
Task: {7BFA62DA-E2B5-4499-BDE4-6596E6DBB0AA} - System32\Tasks\Chrome => C:\Users\jurge_000\AppData\Local\Temp\Rau\PackerV2.exe <==== ATTENTION
Task: {7DC3868F-F8C4-48C3-BBE6-712B4ACFBBC1} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-11-01] (Hewlett-Packard Development Company, L.P.)
Task: {AE65EE86-DE40-4F81-9EF9-97F606D399EB} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
Task: {CBCBF33A-327C-4E89-9654-A454F3F17EC2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {D61F64F2-D634-494C-8ADB-4A8DB675B301} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-01-21] (Hewlett-Packard)
Task: {E8AD23A2-1FC5-4477-8255-3438445694AD} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForjurge_000.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Loaded Modules (whitelisted) ==============
2014-03-01 17:38 - 2014-03-01 17:38 - 02110464 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-03-01 17:34 - 2014-03-01 17:34 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-03-01 17:34 - 2014-03-01 17:34 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2014-03-01 17:34 - 2014-03-01 17:34 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-03-01 17:52 - 2014-03-01 17:52 - 00367504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-03-01 17:52 - 2014-03-01 17:52 - 00712592 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2008-09-09 10:22 - 2008-09-09 10:22 - 00022016 _____ () C:\WINDOWS\System32\sst1cl6.dll
2014-09-09 20:46 - 2014-04-16 09:22 - 00029184 _____ () C:\WINDOWS\System32\usp01l.dll
2014-03-15 01:21 - 2014-03-15 01:21 - 00140288 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2014-03-15 01:20 - 2014-03-15 01:20 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-05-12 12:00 - 2014-03-05 17:09 - 00088064 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2014-08-27 15:24 - 2014-08-27 15:24 - 00034304 _____ () C:\Program Files (x86)\LPT\srpts.exe
2014-10-27 16:04 - 2014-10-27 16:04 - 00028160 _____ () C:\Users\jurge_000\AppData\Local\RGMService\RGMUpdater.exe
2014-12-01 17:01 - 2014-12-01 17:01 - 00974848 _____ () C:\Users\jurge_000\AppData\Local\RGMService\RGMLoader.exe
2014-08-27 15:24 - 2014-08-27 15:29 - 00036352 _____ () C:\Program Files (x86)\LPT\srptsl.exe
2014-03-01 17:41 - 2014-03-01 17:41 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2015-01-16 10:30 - 2015-01-16 10:30 - 01128760 _____ () C:\Users\jurge_000\AppData\Roaming\Search Protection\SP.exe
2014-12-30 00:07 - 2014-11-26 11:40 - 01071768 _____ () C:\Program Files (x86)\hide.me VPN\Hide.me.exe
2014-12-14 12:07 - 2014-12-14 12:07 - 00381888 _____ () C:\Program Files (x86)\ProgDVB\ProgLauncher.exe
2014-09-25 19:44 - 2014-09-25 19:44 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-12-22 08:18 - 2014-12-22 08:18 - 00818176 _____ () C:\Users\jurge_000\AppData\Roaming\Mozilla\Firefox\Profiles\2ngs26er.default\extensions\adbhelper@mozilla.org\win32\adb.exe
2014-08-27 15:29 - 2014-08-27 15:29 - 00024576 _____ () C:\Users\jurge_000\AppData\Local\LPT\srptm.exe
2014-08-27 15:28 - 2014-08-27 15:28 - 00025088 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\Lrcnta.exe
2013-06-17 11:35 - 2013-06-17 11:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\dblite.dll
2013-05-08 13:52 - 2013-05-08 13:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\kpcengine.2.3.dll
2014-08-27 15:24 - 2014-08-27 15:29 - 00044032 _____ () C:\Program Files (x86)\LPT\srptc.dll
2014-08-27 15:23 - 2014-08-27 15:28 - 00018944 _____ () C:\Program Files (x86)\LPT\Smartbar.Common.dll
2014-12-01 17:01 - 2014-12-01 17:01 - 01686016 _____ () C:\Users\jurge_000\AppData\Local\RGMService\RGMHost.dll
2014-12-01 17:01 - 2014-12-01 17:01 - 02745856 _____ () C:\Users\jurge_000\AppData\Local\RGMService\MonetizationToolsManager.dll
2014-12-01 17:02 - 2014-12-01 17:02 - 01592832 _____ () C:\Users\jurge_000\AppData\Local\RGMService\ProtectorsManager.dll
2014-08-27 15:24 - 2014-08-27 15:29 - 00071680 _____ () C:\Program Files (x86)\LPT\srut.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00052224 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00087552 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\srau.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00167424 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 02426880 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00068608 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\spbl.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00160256 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-08-27 15:28 - 2014-08-27 15:28 - 00015872 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\siem.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00069120 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\sppsm.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00698368 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00016384 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00080384 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00028672 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00071680 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\srut.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00031232 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\srsbs.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00075264 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\smsp.dll
2014-08-27 15:28 - 2014-08-27 15:28 - 00011776 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\sidc.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00032256 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\smtu.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00040448 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\smta.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00032768 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\srom.dll
2014-08-27 15:28 - 2014-08-27 15:28 - 00025600 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\sgml.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00152064 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\smti.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00063488 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00026624 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\srpdm.dll
2014-08-27 15:28 - 2014-08-27 15:28 - 00045056 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2014-08-27 15:24 - 2014-08-27 15:24 - 00026624 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00036864 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00257024 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\srns.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00049152 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\srbu.dll
2014-12-30 00:07 - 2014-11-26 11:34 - 00102400 _____ () C:\Program Files (x86)\hide.me VPN\de-DE\Hide.me.resources.dll
2015-01-27 14:19 - 2015-01-27 14:19 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2015-01-04 05:06 - 2015-01-04 05:06 - 00569856 _____ () C:\Users\jurge_000\AppData\Local\Pokki\Engine\ppGoogleNaClPluginChrome.dll
2015-01-04 05:06 - 2015-01-04 05:06 - 01400846 _____ () C:\Users\jurge_000\AppData\Local\Pokki\Engine\avcodec-54.dll
2015-01-04 05:06 - 2015-01-04 05:06 - 00151054 _____ () C:\Users\jurge_000\AppData\Local\Pokki\Engine\avutil-51.dll
2015-01-04 05:06 - 2015-01-04 05:06 - 00222734 _____ () C:\Users\jurge_000\AppData\Local\Pokki\Engine\avformat-54.dll
2015-01-14 22:32 - 2015-01-14 22:32 - 03347056 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2015-01-14 22:32 - 2015-01-14 22:32 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-01-14 22:32 - 2015-01-14 22:32 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00083968 _____ () C:\Users\jurge_000\AppData\Local\LPT\srpt.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00044032 _____ () C:\Users\jurge_000\AppData\Local\LPT\srptc.dll
2014-08-27 15:28 - 2014-08-27 15:28 - 00018944 _____ () C:\Users\jurge_000\AppData\Local\LPT\Smartbar.Common.dll
2014-08-27 15:28 - 2014-08-27 15:28 - 00034816 _____ () C:\Users\jurge_000\AppData\Local\Smartbar\Application\lrcnt.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData:gs5sys
AlternateDataStreams: C:\Users\jurge_000:gs5sys
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\ProgramData\Temp:10894A2E
AlternateDataStreams: C:\ProgramData\Vorlagen:gs5sys
AlternateDataStreams: C:\Users\jurge_000\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\Users\jurge_000\Cookies:gs5sys
AlternateDataStreams: C:\Users\jurge_000\Lokale Einstellungen:gs5sys
AlternateDataStreams: C:\Users\jurge_000\OneDrive:ms-properties
AlternateDataStreams: C:\Users\jurge_000\Vorlagen:gs5sys
AlternateDataStreams: C:\Users\jurge_000\Desktop\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\jurge_000\AppData\Local:gs5sys
AlternateDataStreams: C:\Users\jurge_000\AppData\Roaming:gs5sys
AlternateDataStreams: C:\Users\jurge_000\AppData\Local\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\Users\jurge_000\AppData\Local\Verlauf:gs5sys
AlternateDataStreams: C:\Users\jurge_000\Documents\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Registry Areas =====================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3178874078-4208927294-2124628208-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\jurge_000\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-3178874078-4208927294-2124628208-500 - Administrator - Disabled) => C:\Users\Administrator
Gast (S-1-5-21-3178874078-4208927294-2124628208-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3178874078-4208927294-2124628208-1004 - Limited - Enabled)
jurge_000 (S-1-5-21-3178874078-4208927294-2124628208-1002 - Administrator - Enabled) => C:\Users\jurge_000
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/05/2015 08:31:49 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Error: (02/05/2015 08:06:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 20605250
Error: (02/05/2015 08:06:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 20605250
Error: (02/05/2015 08:06:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/05/2015 08:06:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 20603562
Error: (02/05/2015 08:06:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 20603562
Error: (02/05/2015 08:06:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/05/2015 02:22:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4781
Error: (02/05/2015 02:22:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4781
Error: (02/05/2015 02:22:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
System errors:
=============
Error: (02/05/2015 01:39:58 PM) (Source: Microsoft-Windows-HAL) (EventID: 13) (User: NT-AUTORITÄT)
Description: Der Systemüberwachungszeitgeber wurde ausgelöst.
Error: (02/05/2015 01:40:27 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000007e (0xffffffffc0000005, 0xfffff80134999efb, 0xffffd000203e4128, 0xffffd000203e3930)C:\WINDOWS\MEMORY.DMP020515-26484-01
Error: (02/05/2015 01:40:26 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 05.02.2015 um 11:57:32 unerwartet heruntergefahren.
Error: (02/04/2015 00:24:50 AM) (Source: DCOM) (EventID: 10010) (User: DOC)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
Error: (02/04/2015 00:24:50 AM) (Source: DCOM) (EventID: 10010) (User: DOC)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
Error: (02/04/2015 00:24:46 AM) (Source: DCOM) (EventID: 10010) (User: DOC)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
Error: (02/03/2015 08:41:03 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000007e (0xffffffffc0000005, 0xfffff8008dd6cefb, 0xffffd0006c4aa128, 0xffffd0006c4a9930)C:\WINDOWS\MEMORY.DMP020315-27343-01
Error: (02/03/2015 08:41:02 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 03.02.2015 um 19:49:48 unerwartet heruntergefahren.
Error: (02/03/2015 05:41:39 PM) (Source: Microsoft-Windows-HAL) (EventID: 13) (User: NT-AUTORITÄT)
Description: Der Systemüberwachungszeitgeber wurde ausgelöst.
Error: (02/03/2015 05:42:11 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000019 (0x000000000000000d, 0xffffe000341f9e5f, 0xd08d195661e3f769, 0x91d08d195661e3c8)C:\WINDOWS\MEMORY.DMP020315-29312-01
Microsoft Office Sessions:
=========================
Error: (02/05/2015 08:31:49 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Users\jurge_000\AppData\Local\Pokki\Engine\HostAppService.exe
Error: (02/05/2015 08:06:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 20605250
Error: (02/05/2015 08:06:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 20605250
Error: (02/05/2015 08:06:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/05/2015 08:06:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 20603562
Error: (02/05/2015 08:06:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 20603562
Error: (02/05/2015 08:06:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/05/2015 02:22:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4781
Error: (02/05/2015 02:22:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4781
Error: (02/05/2015 02:22:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
==================== Memory info ===========================
Processor: AMD A8-6410 APU with AMD Radeon R5 Graphics
Percentage of memory in use: 67%
Total physical RAM: 3519.68 MB
Available physical RAM: 1133.63 MB
Total Pagefile: 7103.68 MB
Available Pagefile: 3975.96 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:71.31 GB) (Free:27.95 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:22.33 GB) (Free:2.2 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (Volume) (Fixed) (Total:346.68 GB) (Free:143.64 GB) NTFS
Drive g: (Volume) (Fixed) (Total:24.41 GB) (Free:20.02 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 55152BDD)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
AdwCleaner auf deinen Desktop.
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
dann auf 
und dann auf 
. 
