Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Snapdo entfernen

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 09.04.2014, 08:23   #1
mullewapp
 
Snapdo entfernen - Standard

Snapdo entfernen



Hallo und guten Morgen,

bei meiner Frau am Notebook hat sich mal wieder ein Trojaner eingeschlichen. Snapdo wurde bereits über die Systemsteuerung entfernt und mithilfe von CCleaner wurde versucht den Rest zu entfernen - bisher ohne Erfolg. Trotz der Vollversion von Avast und einem regelmäßigem Suchen konnte sich meine Frau nicht schützen.

Mozilla startet automatisch auf Snapdo und das nervt.
Könnt ihr uns helfen?

Alt 09.04.2014, 08:41   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Snapdo entfernen - Standard

Snapdo entfernen



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 10.04.2014, 13:29   #3
mullewapp
 
Snapdo entfernen - Standard

Snapdo entfernen



FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014  01 (ATTENTION: ====> FRST version is 27 days old and could be outdated)
Ran by mel (administrator) on MEL-PC on 09-04-2014 08:50:31
Running from C:\Users\mel\Downloads
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(B.H.A Corporation) C:\Windows\System32\bgsvcgen.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(devolo AG) C:\Program Files\devolo\dlan\devolonetsvc.exe
() C:\Program Files\Packard Bell\Packard Bell Recovery Management\Service\ETService.exe
(Nero AG) C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Prolific Technology Inc.) C:\Windows\system32\IoctlSvc.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdSync.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
(Packard Bell BV) C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [6265376 2008-08-04] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Windows\Skytel.exe [1833504 2008-08-04] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [HP Software Update] - C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM\...\Run: [Windows Mobile-based device management] - C:\Windows\WindowsMobile\wmdSync.exe [215552 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-03-25] (AVAST Software)
HKLM\...\Run: [AgentMonitor] - C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe [391040 2013-06-20] ()
HKU\S-1-5-21-3388527527-2323720586-789991275-1000\...\Run: [SmpcSys] - C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe [1038136 2008-07-07] (Packard Bell BV)
HKU\S-1-5-21-3388527527-2323720586-789991275-1000\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC0A615FC727ECB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect
URLSearchHook: HKCU - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} -  No File
SearchScopes: HKLM - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKLM - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKCU - {08215E9A-ED98-497B-8FB9-C7F2A0C9FACD} URL = hxxp://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\mel\AppData\Roaming\Mozilla\Firefox\Profiles\ob5vl5bk.default
FF Homepage: hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uywuT-4gdlO-xkuKtzfsTQg0vsTgwWcD3sttaWNI5RBkK_z706MA7_Ngv-2pTDP_G-crdRdUVWc3Af7-7SAafralkVMqVaFt2ERp1gv00EQiIZSSXIrPmQMY7CGntZC1yuxcQtIWmDoyZjbsT4Dwz1g,,
FF SelectedSearchEngine: Web Search
FF Keyword.URL: hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uywuT-4gdlO-xkuKtzfsTQg0vsTgwWcD3sttaWNI5RBkK_z706MA7_Ngv-2pTDP_G-crdRdUVWc3Af7-7SAafralob2TvMupeBOrYDlPmQpGsiW7aFFy3zNw3QonXqxM-z4mQAc69gUCAj4OBDHeGeQ,,&q=
FF NewTab: hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uywuT-4gdlO-xkuKtzfsTQg0vsTgwWcD3sttaWNI5RBkK_z706MA7_Ngv-2pTDP_G-crdRdUVWc3Af7-7SAafraliwdAEhQCHjAkA40XU2Rx5T7dnKo31NGNPT9UMV5t6Ei81TMHjkL-vqrNaQkK1gQ,,
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @facebook.com/FBPlugin,version=1.0.1 - C:\Users\mel\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll ( )
FF Plugin HKCU: @facebook.com/FBPlugin,version=1.0.3 - C:\Users\mel\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Users\mel\AppData\Roaming\Mozilla\Firefox\Profiles\ob5vl5bk.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Kaspersky URL Advisor - C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru [2013-12-11]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-11]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA} [2013-12-11]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-12-11]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-29]

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-24]
CHR Extension: (Google Drive) - C:\Users\mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-24]
CHR Extension: (YouTube) - C:\Users\mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-24]
CHR Extension: (Google-Suche) - C:\Users\mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-24]
CHR Extension: (avast! Online Security) - C:\Users\mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-11-09]
CHR Extension: (Skype Click to Call) - C:\Users\mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-10-24]
CHR Extension: (Google Wallet) - C:\Users\mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-24]
CHR Extension: (Google Mail) - C:\Users\mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-24]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-03-25]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-10-02]

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-03-25] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109048 2014-03-25] (AVAST Software)
R2 bgsvcgen; C:\Windows\System32\bgsvcgen.exe [145504 2007-06-15] (B.H.A Corporation)
R2 DevoloNetworkService; C:\Program Files\devolo\dlan\devolonetsvc.exe [3304768 2010-12-23] (devolo AG)
R2 ETService; C:\Program Files\Packard Bell\Packard Bell Recovery Management\Service\ETService.exe [24576 2008-07-16] ()
R2 HTCMonitorService; C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-18] (Nero AG)
S2 LPTSystemUpdater; C:\Program Files\LPT\srpts.exe [37920 2014-04-08] ()
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)

==================== Drivers (Whitelisted) ====================

R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [26136 2014-03-25] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-03-25] (AVAST Software)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12112 2012-07-13] (ALWIL Software)
R0 aswNdis2; C:\Windows\system32\Drivers\aswNdis2.sys [252208 2014-03-25] (AVAST Software)
R1 AswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2014-03-25] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-03-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [776976 2014-03-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411552 2014-03-25] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2014-03-25] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180760 2014-03-25] ()
R2 NPF_devolo; C:\Windows\system32\drivers\npf_devolo.sys [35840 2010-06-10] (CACE Technologies)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 catchme; \??\C:\Users\max\AppData\Local\Temp\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 RimUsb; System32\Drivers\RimUsb.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-09 08:50 - 2014-04-09 08:50 - 00016729 _____ () C:\Users\mel\Downloads\FRST.txt
2014-04-09 08:50 - 2014-04-09 08:50 - 00000000 ____D () C:\FRST
2014-04-09 08:49 - 2014-04-09 08:49 - 01145856 _____ (Farbar) C:\Users\mel\Downloads\FRST.exe
2014-04-09 08:48 - 2014-04-09 08:48 - 01431792 _____ (iMesh Inc) C:\Users\mel\Downloads\iMeshSetup-r1487-w-bf.exe
2014-04-09 08:48 - 2014-04-09 08:48 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-09 08:48 - 2014-04-09 08:48 - 00000000 _____ () C:\Windows\setupact.log
2014-04-09 07:08 - 2014-04-09 07:08 - 00000000 ____D () C:\Users\mel\.android
2014-04-08 23:51 - 2014-04-08 23:51 - 00000000 ____D () C:\Users\max\Downloads\Impactor_0.9.14
2014-04-08 23:49 - 2014-04-08 23:49 - 00000000 ____D () C:\Users\max\Downloads\adb
2014-04-08 23:44 - 2014-04-08 23:44 - 11937023 _____ () C:\Users\max\Downloads\Impactor_0.9.14.zip
2014-04-08 23:36 - 2014-04-08 23:36 - 00000000 ____D () C:\Users\max\Documents\Optimizer Pro
2014-04-08 23:33 - 2014-04-08 23:33 - 00000477 _____ () C:\Windows\wininit.ini
2014-04-08 23:30 - 2014-04-08 23:37 - 00000000 ____D () C:\Program Files\Optimizer Pro
2014-04-08 23:30 - 2014-04-08 23:30 - 00000000 ____D () C:\Program Files\LPT
2014-04-08 23:28 - 2014-04-08 23:28 - 00166632 _____ () C:\Users\max\Downloads\UnlockPhone_downloader_by_UnlockPhone.exe
2014-04-08 23:25 - 2014-04-08 23:25 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
2014-04-08 20:39 - 2014-04-08 20:40 - 00000000 ____D () C:\Users\max\Downloads\revoltunairie
2014-04-08 20:36 - 2014-04-08 23:15 - 00000000 ____D () C:\Users\max\AppData\Roaming\HTC
2014-04-08 20:27 - 2014-04-08 21:45 - 00000000 ____D () C:\Users\max\AppData\Local\HTC MediaHub
2014-04-08 20:27 - 2014-04-08 20:34 - 00000000 ____D () C:\Users\max\Documents\HTC
2014-04-08 20:27 - 2014-04-08 20:27 - 00000000 ____D () C:\Users\max\.android
2014-04-08 20:27 - 2014-04-08 20:27 - 00000000 ____D () C:\ProgramData\HTC
2014-04-08 20:26 - 2014-04-08 20:26 - 00001910 _____ () C:\Users\Public\Desktop\HTC Sync Manager.lnk
2014-04-08 20:07 - 2014-04-08 20:07 - 00000000 ____D () C:\Users\max\{a9506e87-a470-4bea-ae57-af1766891f12}
2014-04-08 20:06 - 2014-04-08 20:06 - 00000000 ___HD () C:\Users\max\Downloads\.ptmp866423
2014-04-08 20:04 - 2014-04-08 20:04 - 00000000 ____D () C:\Users\max\{0417b888-8b19-4ba0-a161-88089450ca9b}
2014-04-08 20:03 - 2014-04-08 20:26 - 00000000 ____D () C:\Program Files\HTC
2014-04-08 20:03 - 2014-04-08 20:03 - 00000000 ____D () C:\Program Files\Spirent Communications
2014-04-08 20:02 - 2014-04-08 20:02 - 00000000 ____D () C:\Users\max\AppData\Local\Downloaded Installations
2014-04-08 20:01 - 2014-04-08 20:01 - 136012136 _____ (HTC) C:\Users\max\Downloads\setup_3.0.52.0_htc.exe
2014-04-08 19:57 - 2014-04-08 19:57 - 01619991 _____ () C:\Users\max\Downloads\revolutionary-0.4pre4.zip
2014-03-25 23:55 - 2014-03-25 23:55 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-23 20:31 - 2014-03-23 23:12 - 00001000 _____ () C:\Users\max\Desktop\MailShield.der
2014-03-23 20:10 - 2014-03-23 18:54 - 00000823 _____ () C:\Users\max\Documents\indexfile.txt
2014-03-23 20:09 - 2014-03-23 20:09 - 00000826 _____ () C:\Users\Public\Desktop\MozBackup.lnk
2014-03-23 20:09 - 2014-03-23 20:09 - 00000000 ____D () C:\Program Files\MozBackup
2014-03-23 20:08 - 2014-03-23 20:08 - 01035926 _____ () C:\Users\max\Downloads\MozBackup-1.5.1-EN.exe
2014-03-23 17:58 - 2014-03-23 17:58 - 00000000 ____D () C:\Users\max\AppData\Roaming\Thunderbird
2014-03-23 17:58 - 2014-03-23 17:58 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-03-20 15:27 - 2014-03-20 15:27 - 00000000 ____D () C:\Users\mel\AppData\Local\Microsoft Help
2014-03-13 04:07 - 2014-02-23 07:50 - 12347904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-13 04:07 - 2014-02-23 07:47 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 04:07 - 2014-02-23 07:43 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 04:07 - 2014-02-23 07:41 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 04:07 - 2014-02-23 07:40 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 04:07 - 2014-02-23 07:39 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-13 04:07 - 2014-02-23 07:38 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-13 04:07 - 2014-02-23 07:38 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-13 04:07 - 2014-02-23 07:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 04:07 - 2014-02-23 07:37 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 04:07 - 2014-02-23 07:37 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-13 04:07 - 2014-02-23 07:37 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-13 04:07 - 2014-02-23 07:37 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-13 04:07 - 2014-02-23 07:36 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-13 04:07 - 2014-02-23 07:36 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-13 04:07 - 2014-02-23 07:35 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-12 05:08 - 2014-02-07 12:38 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 05:08 - 2014-02-03 12:37 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 05:08 - 2014-01-30 09:46 - 00876032 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 05:08 - 2013-11-13 02:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

==================== One Month Modified Files and Folders =======

2014-04-09 08:50 - 2014-04-09 08:50 - 00016729 _____ () C:\Users\mel\Downloads\FRST.txt
2014-04-09 08:50 - 2014-04-09 08:50 - 00000000 ____D () C:\FRST
2014-04-09 08:49 - 2014-04-09 08:49 - 01145856 _____ (Farbar) C:\Users\mel\Downloads\FRST.exe
2014-04-09 08:49 - 2009-03-03 13:15 - 01623149 _____ () C:\Windows\WindowsUpdate.log
2014-04-09 08:48 - 2014-04-09 08:48 - 01431792 _____ (iMesh Inc) C:\Users\mel\Downloads\iMeshSetup-r1487-w-bf.exe
2014-04-09 08:48 - 2014-04-09 08:48 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-09 08:48 - 2014-04-09 08:48 - 00000000 _____ () C:\Windows\setupact.log
2014-04-09 08:48 - 2010-12-11 18:58 - 00107384 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT
2014-04-09 08:48 - 2006-11-02 14:47 - 00003344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-09 08:48 - 2006-11-02 14:47 - 00003344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-09 08:45 - 2010-02-07 11:02 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-09 08:35 - 2012-04-23 06:33 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-09 07:56 - 2010-02-07 11:02 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-09 07:15 - 2008-01-21 09:16 - 01565124 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-09 07:08 - 2014-04-09 07:08 - 00000000 ____D () C:\Users\mel\.android
2014-04-09 07:08 - 2014-01-03 15:09 - 00000000 ____D () C:\Users\NeroMediaHomeUser.4
2014-04-09 07:08 - 2009-07-11 15:39 - 00000000 ____D () C:\Users\mel
2014-04-09 07:07 - 2009-03-03 13:22 - 00000000 _____ () C:\Windows\system32\LogConfigTemp.xml
2014-04-09 07:07 - 2006-11-02 14:47 - 00392776 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-09 07:06 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-09 00:17 - 2006-11-02 15:01 - 00032582 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-09 00:01 - 2009-03-03 13:29 - 00000000 ____D () C:\Program Files\Nero
2014-04-09 00:01 - 2009-03-03 13:29 - 00000000 ____D () C:\Program Files\Common Files\Nero
2014-04-08 23:51 - 2014-04-08 23:51 - 00000000 ____D () C:\Users\max\Downloads\Impactor_0.9.14
2014-04-08 23:49 - 2014-04-08 23:49 - 00000000 ____D () C:\Users\max\Downloads\adb
2014-04-08 23:44 - 2014-04-08 23:44 - 11937023 _____ () C:\Users\max\Downloads\Impactor_0.9.14.zip
2014-04-08 23:37 - 2014-04-08 23:30 - 00000000 ____D () C:\Program Files\Optimizer Pro
2014-04-08 23:36 - 2014-04-08 23:36 - 00000000 ____D () C:\Users\max\Documents\Optimizer Pro
2014-04-08 23:33 - 2014-04-08 23:33 - 00000477 _____ () C:\Windows\wininit.ini
2014-04-08 23:31 - 2009-07-11 23:07 - 00107384 _____ () C:\Users\max\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-08 23:30 - 2014-04-08 23:30 - 00000000 ____D () C:\Program Files\LPT
2014-04-08 23:28 - 2014-04-08 23:28 - 00166632 _____ () C:\Users\max\Downloads\UnlockPhone_downloader_by_UnlockPhone.exe
2014-04-08 23:25 - 2014-04-08 23:25 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
2014-04-08 23:15 - 2014-04-08 20:36 - 00000000 ____D () C:\Users\max\AppData\Roaming\HTC
2014-04-08 21:45 - 2014-04-08 20:27 - 00000000 ____D () C:\Users\max\AppData\Local\HTC MediaHub
2014-04-08 20:40 - 2014-04-08 20:39 - 00000000 ____D () C:\Users\max\Downloads\revoltunairie
2014-04-08 20:34 - 2014-04-08 20:27 - 00000000 ____D () C:\Users\max\Documents\HTC
2014-04-08 20:27 - 2014-04-08 20:27 - 00000000 ____D () C:\Users\max\.android
2014-04-08 20:27 - 2014-04-08 20:27 - 00000000 ____D () C:\ProgramData\HTC
2014-04-08 20:27 - 2009-11-14 18:33 - 00000000 ____D () C:\Users\max\AppData\Roaming\Apple Computer
2014-04-08 20:27 - 2009-11-14 18:33 - 00000000 ____D () C:\Users\max\AppData\Local\Apple Computer
2014-04-08 20:27 - 2009-07-11 23:06 - 00000000 ____D () C:\Users\max
2014-04-08 20:26 - 2014-04-08 20:26 - 00001910 _____ () C:\Users\Public\Desktop\HTC Sync Manager.lnk
2014-04-08 20:26 - 2014-04-08 20:03 - 00000000 ____D () C:\Program Files\HTC
2014-04-08 20:08 - 2013-12-11 00:00 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-04-08 20:08 - 2013-01-20 21:46 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-04-08 20:07 - 2014-04-08 20:07 - 00000000 ____D () C:\Users\max\{a9506e87-a470-4bea-ae57-af1766891f12}
2014-04-08 20:06 - 2014-04-08 20:06 - 00000000 ___HD () C:\Users\max\Downloads\.ptmp866423
2014-04-08 20:04 - 2014-04-08 20:04 - 00000000 ____D () C:\Users\max\{0417b888-8b19-4ba0-a161-88089450ca9b}
2014-04-08 20:03 - 2014-04-08 20:03 - 00000000 ____D () C:\Program Files\Spirent Communications
2014-04-08 20:02 - 2014-04-08 20:02 - 00000000 ____D () C:\Users\max\AppData\Local\Downloaded Installations
2014-04-08 20:01 - 2014-04-08 20:01 - 136012136 _____ (HTC) C:\Users\max\Downloads\setup_3.0.52.0_htc.exe
2014-04-08 19:57 - 2014-04-08 19:57 - 01619991 _____ () C:\Users\max\Downloads\revolutionary-0.4pre4.zip
2014-04-07 10:21 - 2009-01-08 18:34 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-25 23:56 - 2012-12-30 13:41 - 00001881 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-03-25 23:55 - 2014-03-25 23:55 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-25 23:55 - 2013-03-02 09:06 - 00180760 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-03-25 23:55 - 2013-03-02 09:06 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-03-25 23:55 - 2012-11-29 23:41 - 00776976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-03-25 23:55 - 2012-11-29 23:41 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-03-25 23:55 - 2012-11-29 23:41 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-03-25 23:55 - 2012-11-29 23:41 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-03-25 23:55 - 2012-11-29 23:41 - 00057672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2014-03-25 23:55 - 2012-11-29 23:41 - 00054832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2014-03-25 23:54 - 2012-12-30 13:40 - 00252208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswndis2.sys
2014-03-25 23:54 - 2012-12-30 13:40 - 00026136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-03-23 23:12 - 2014-03-23 20:31 - 00001000 _____ () C:\Users\max\Desktop\MailShield.der
2014-03-23 20:09 - 2014-03-23 20:09 - 00000826 _____ () C:\Users\Public\Desktop\MozBackup.lnk
2014-03-23 20:09 - 2014-03-23 20:09 - 00000000 ____D () C:\Program Files\MozBackup
2014-03-23 20:08 - 2014-03-23 20:08 - 01035926 _____ () C:\Users\max\Downloads\MozBackup-1.5.1-EN.exe
2014-03-23 18:54 - 2014-03-23 20:10 - 00000823 _____ () C:\Users\max\Documents\indexfile.txt
2014-03-23 17:58 - 2014-03-23 17:58 - 00000000 ____D () C:\Users\max\AppData\Roaming\Thunderbird
2014-03-23 17:58 - 2014-03-23 17:58 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-03-20 15:27 - 2014-03-20 15:27 - 00000000 ____D () C:\Users\mel\AppData\Local\Microsoft Help
2014-03-19 04:04 - 2013-08-16 03:15 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-19 04:01 - 2006-11-02 12:24 - 87350280 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-03-15 23:20 - 2009-07-11 23:07 - 00000000 ____D () C:\Users\max\AppData\Local\Google
2014-03-15 23:20 - 2009-01-08 18:41 - 00000000 ____D () C:\Program Files\Google
2014-03-13 04:48 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\rescache
2014-03-13 04:30 - 2009-11-17 23:38 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-13 04:03 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\de-DE
2014-03-12 02:35 - 2012-04-23 06:33 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-03-12 02:35 - 2011-05-19 18:53 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\max\AppData\Local\temp\appshat_generic.exe
C:\Users\max\AppData\Local\temp\Installer.exe
C:\Users\max\AppData\Local\temp\LiveSupport_setup.exe
C:\Users\max\AppData\Local\temp\OptimizerPro.exe
C:\Users\max\AppData\Local\temp\UpdateCheckerSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-09 07:19

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---
FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-03-2014  01
Ran by mel at 2014-04-09 08:51:08
Running from C:\Users\mel\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

Adobe AIR (HKLM\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
avast! Internet Security (HKLM\...\avast) (Version: 9.0.2016 - Avast Software)
Bonjour (HKLM\...\{07287123-B8AC-41CE-8346-3D777245C35B}) (Version: 1.0.106 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.06 - Piriform)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{92C42EDD-6524-4577-B2EB-6C68C63B6D4A}) (Version:  - Microsoft)
devolo dLAN Cockpit (HKLM\...\dlancockpit) (Version: 3.0.0.0 - devolo AG)
dLAN Cockpit (HKLM\...\Cockpit.92121A72F826FA9D0BD3A830E7F04987B31AFB22.1) (Version: 3 (23.12.2010) - devolo AG)
dLAN Cockpit (Version: 3.23.12 - devolo AG) Hidden
Facebook Plug-In (HKCU\...\Facebook Plug-In) (Version:  - Facebook, Inc.)
Garmin Training Center (HKLM\...\{F57DADA5-BF42-4AA8-9992-2F6B63F4F3AB}) (Version: 3.6.5 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM\...\{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden
HDRegDE (HKLM\...\{D359B12F-9B1A-46FD-B70C-F507B5B11590}) (Version: 2.0.0 - Acxiom)
HP FWUpdateEDO2 (HKLM\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet 6700 - Grundlegende Software für das Gerät (HKLM\...\{87B2E9C6-8AC1-43EF-9072-DB2EF0A49680}) (Version: 25.0.619.0 - Hewlett-Packard Co.)
HP Officejet 6700 Hilfe (HKLM\...\{50DA41E2-0701-43E2-A8BB-FAA0CB64B28B}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Update (HKLM\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.001 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
HTC Driver Installer (HKLM\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.10.0.001 - HTC Corporation)
HTC Sync Manager (HKLM\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.0.52.0 - HTC)
I.R.I.S. OCR (HKLM\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
LPT System Updater Service (HKLM\...\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}) (Version: 1.0.0.0 - LPT) <==== ATTENTION
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2000 Premium (HKLM\...\{00000407-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2816 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (Version: 9.7.0621 - Microsoft Corporation) Hidden
MozBackup 1.5.1 (HKLM\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 28.0 (x86 de) (HKLM\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Mozilla Thunderbird 24.4.0 (x86 de) (HKLM\...\Mozilla Thunderbird 24.4.0 (x86 de)) (Version: 24.4.0 - Mozilla)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 8 Essentials (HKLM\...\{3559CDE0-11FC-4D7B-A65C-D646035B1031}) (Version: 8.3.389 - Nero AG)
neroxml (Version: 1.0.0 - Nero AG) Hidden
Packard Bell ImageWriter (HKLM\...\{F4EA67C9-6748-4C1E-9AFF-04149AC75D95}) (Version: 1.00.0000 - )
Packard Bell Recovery Management (HKLM\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 3.1.3004 - Acer Incorporated)
Packard Bell Updator (HKLM\...\{CA786CFF-1D31-4804-B436-F3405B14357F}) (Version: 3.00.0000 - )
PeaZip 2.9 (HKLM\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version:  - Giorgio Tani)
PHOTOfunSTUDIO 5.1 HD Edition (HKLM\...\{959282E3-55A9-49D8-B885-D27CF8A2FD82}) (Version: 5.01.130 - Panasonic Corporation)
Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5678 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version:  - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version:  - Microsoft) Hidden
Setup My PC (HKLM\...\{28518520-F25C-48C3-A224-861F331602F4}) (Version: 3.00.0000 - )
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.3.11079 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Studie zur Verbesserung von HP Officejet 6700 Produkten (HKLM\...\{D0CA4233-2BAF-4947-8895-155AABE10721}) (Version: 25.0.619.0 - Hewlett-Packard Co.)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{81812245-FC84-426A-BC02-6659C88CC7B2}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2878227) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5D357893-40BA-4323-86BA-D97C66CD72F4}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}) (Version:  - Microsoft)
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
VTech Download Agent Library (Version: 1.00.0000 - VTech) Hidden
VTech Download Manager (HKLM\...\VTechDownloadManager) (Version:  - VTech)
Windows Driver Package - Dynastream Innovations (libusb0) LibUsbDevices  (07/07/2009 1.12.2) (HKLM\...\24DA573F901348FFDFF7717497830D45BE0C362E) (Version: 07/07/2009 1.12.2 - Dynastream Innovations)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin)
Windows Live Call (Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 14.0.8098.930 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 14.0.8093.805 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)

==================== Restore Points  =========================

08-04-2014 18:24:39 Installed HTC Sync Manager.
08-04-2014 21:37:25 Removed Snap.Do
08-04-2014 21:41:17 Removed Nero MediaHome 4 Essentials 4.4.9.0

==================== Hosts content: ==========================

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {1F577747-6E85-46F6-A899-8D0BD7EE9D21} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-09-19] (Piriform Ltd)
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {7133A487-A40E-4808-9E60-A8F7CA3610A3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-07] (Google Inc.)
Task: {76D205F7-58FB-4F86-B1EA-834C05E7078E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-03-25] (AVAST Software)
Task: {8D9826D2-AB5C-4022-9346-53DF0496D585} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {8D9B98D5-84E6-43BC-BF3F-17C0BEDD39C0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-07] (Google Inc.)
Task: {9AEC67AC-85F1-47B1-93FB-ADB451F41A14} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - mel => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {B158D38E-1AF1-41D6-AB34-AAE4982CF96D} - System32\Tasks\HPCustParticipation HP Officejet 6700 => C:\Program Files\HP\HP Officejet 6700\Bin\HPCustPartic.exe [2011-09-09] (Hewlett-Packard Co.)
Task: {E26E4C36-FB38-44A1-8851-C2D934057DCB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-04-08 23:14 - 2014-04-08 23:14 - 02189824 _____ () C:\Program Files\AVAST Software\Avast\defs\14040802\algo.dll
2009-03-03 13:22 - 2008-07-16 15:00 - 00024576 _____ () C:\Program Files\Packard Bell\Packard Bell Recovery Management\Service\ETService.exe
2009-03-03 13:22 - 2009-03-03 13:22 - 00032768 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Model.Controller\3.0.3010.0__14bcaafdb44b5951\Framework.Model.Controller.dll
2009-03-03 13:22 - 2009-03-03 13:22 - 00009216 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3010.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll
2009-03-03 13:22 - 2009-03-03 13:22 - 00061440 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3010.0__3036420f80dd6947\Framework.Library.dll
2009-03-03 13:22 - 2009-03-03 13:22 - 00015360 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Host\3.0.3010.0__672b450de5a7e94a\Framework.Host.dll
2009-03-03 13:22 - 2009-03-03 13:22 - 00006144 _____ () C:\Windows\assembly\GAC_MSIL\Framework.PluginInterface\3.0.3010.0__9ecdf03bb2054f94\Framework.PluginInterface.dll
2009-03-03 13:22 - 2009-03-03 13:22 - 00036864 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3010.0__4df5dcab8860d239\Framework.Utility.dll
2014-03-24 11:31 - 2014-03-24 11:31 - 00031080 _____ () C:\Program Files\HTC\HTC Sync Manager\DbAccess.dll
2014-03-24 11:32 - 2014-03-24 11:32 - 00607376 _____ () C:\Program Files\HTC\HTC Sync Manager\sqlite3.dll
2014-03-24 11:32 - 2014-03-24 11:32 - 00059752 _____ () C:\Program Files\HTC\HTC Sync Manager\NAdvLog.dll
2014-03-24 11:32 - 2014-03-24 11:32 - 00036216 _____ () C:\Program Files\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-03-24 11:32 - 2014-03-24 11:32 - 00080248 _____ () C:\Program Files\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-03-24 11:34 - 2014-03-24 11:34 - 00129376 _____ () C:\Program Files\HTC\HTC Sync Manager\zlib1.dll
2014-03-24 11:36 - 2014-03-24 11:36 - 00223592 _____ () C:\Program Files\HTC\HTC Sync Manager\DevConnMon.dll
2012-12-07 17:26 - 2012-12-07 17:26 - 00167424 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-10-24 00:52 - 2013-10-24 00:52 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-06-24 10:54 - 2013-06-20 09:58 - 00391040 _____ () C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
2013-06-24 10:54 - 2010-06-24 03:16 - 02150400 _____ () C:\Program Files\VTech\DownloadManager\System\QtCore4.dll
2013-06-24 10:54 - 2010-07-13 15:07 - 07826432 _____ () C:\Program Files\VTech\DownloadManager\System\QtGui4.dll
2013-06-24 10:54 - 2010-06-02 04:29 - 00934912 _____ () C:\Program Files\VTech\DownloadManager\System\QtNetwork4.dll
2013-06-24 10:54 - 2010-06-02 04:28 - 00335360 _____ () C:\Program Files\VTech\DownloadManager\System\QtXml4.dll
2013-06-24 10:54 - 2012-08-06 11:54 - 09843640 _____ () C:\Program Files\VTech\DownloadManager\System\QtWebKit4.dll
2013-06-24 10:54 - 2010-06-02 04:56 - 00232960 _____ () C:\Program Files\VTech\DownloadManager\System\phonon4.dll
2013-06-24 10:54 - 2010-06-02 04:54 - 02530816 _____ () C:\Program Files\VTech\DownloadManager\System\QtXmlPatterns4.dll
2013-06-24 10:54 - 2010-07-05 11:19 - 00116736 _____ () C:\Program Files\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll
2013-06-24 10:54 - 2010-11-11 11:24 - 00028160 _____ () C:\Program Files\VTech\DownloadManager\System\DACommCenter.dll
2013-06-24 10:54 - 2010-06-02 07:05 - 00025600 _____ () C:\Program Files\VTech\DownloadManager\System\imageformats\qgif4.dll
2013-06-24 10:54 - 2010-06-02 07:05 - 00119808 _____ () C:\Program Files\VTech\DownloadManager\System\imageformats\qjpeg4.dll
2013-12-11 00:00 - 2014-03-29 15:55 - 03642480 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/09/2014 07:54:05 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/09/2014 07:54:05 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/09/2014 07:08:46 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/09/2014 00:01:30 AM) (Source: Microsoft-Windows-RestartManager) (User: Mel-PC)
Description: 0NMMediaServerService.exeNero MediaHome 4 Service03026217825040

Error: (04/08/2014 11:59:54 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung Impactor.exe, Version 0.0.0.0, Zeitstempel 0x52745555, fehlerhaftes Modul Impactor.exe, Version 0.0.0.0, Zeitstempel 0x52745555, Ausnahmecode 0x40000015, Fehleroffset 0x0045dc28,
Prozess-ID 0x240c, Anwendungsstartzeit Impactor.exe0.

Error: (04/08/2014 11:45:22 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung Impactor.exe, Version 0.0.0.0, Zeitstempel 0x52745555, fehlerhaftes Modul AdbWinApi.dll, Version 6.0.6002.18881, Zeitstempel 0x51da3e27, Ausnahmecode 0xc0000135, Fehleroffset 0x00009f5d,
Prozess-ID 0x1d58, Anwendungsstartzeit Impactor.exe0.

Error: (04/08/2014 11:41:17 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {cf6cae1d-abf9-41cc-8e87-57a2641b0235}

Error: (04/08/2014 11:36:00 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung update_checker.exe, Version 4.3.0.0, Zeitstempel 0x525d9c67, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18881, Zeitstempel 0x51da3e27, Ausnahmecode 0xc0000005, Fehleroffset 0x00067450,
Prozess-ID 0x1144, Anwendungsstartzeit update_checker.exe0.

Error: (04/08/2014 08:38:30 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung revolutionary.exe, Version 0.0.0.0, Zeitstempel 0x4e4aeefd, fehlerhaftes Modul AdbWinApi.dll, Version 6.0.6002.18881, Zeitstempel 0x51da3e27, Ausnahmecode 0xc0000135, Fehleroffset 0x00009f5d,
Prozess-ID 0xbac, Anwendungsstartzeit revolutionary.exe0.

Error: (04/08/2014 08:33:14 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (04/09/2014 07:09:28 AM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (04/09/2014 07:08:50 AM) (Source: Service Control Manager) (User: )
Description: LPT System Updater Service%%1053

Error: (04/09/2014 07:08:50 AM) (Source: Service Control Manager) (User: )
Description: 30000LPT System Updater Service

Error: (04/09/2014 07:08:50 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (04/09/2014 07:06:45 AM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueue0.0.0.0:4482

Error: (04/08/2014 08:39:22 PM) (Source: Service Control Manager) (User: )
Description: Windows Update

Error: (04/08/2014 08:34:43 PM) (Source: Service Control Manager) (User: )
Description: 30000avast! Antivirus

Error: (04/08/2014 08:33:16 PM) (Source: Service Control Manager) (User: )
Description: Nero MediaHome 4 Service%%1053

Error: (04/08/2014 08:33:16 PM) (Source: Service Control Manager) (User: )
Description: 30000Nero MediaHome 4 Service

Error: (04/08/2014 08:33:16 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058


Microsoft Office Sessions:
=========================
Error: (04/09/2014 07:54:05 AM) (Source: SideBySide)(User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe

Error: (04/09/2014 07:54:05 AM) (Source: SideBySide)(User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe

Error: (04/09/2014 07:08:46 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/09/2014 00:01:30 AM) (Source: Microsoft-Windows-RestartManager)(User: Mel-PC)
Description: 0NMMediaServerService.exeNero MediaHome 4 Service03026217825040

Error: (04/08/2014 11:59:54 PM) (Source: Application Error)(User: )
Description: Impactor.exe0.0.0.052745555Impactor.exe0.0.0.052745555400000150045dc28240c01cf5375b2ecb4d0

Error: (04/08/2014 11:45:22 PM) (Source: Application Error)(User: )
Description: Impactor.exe0.0.0.052745555AdbWinApi.dll6.0.6002.1888151da3e27c000013500009f5d1d5801cf5373d6a0f190

Error: (04/08/2014 11:41:17 PM) (Source: VSS)(User: )
Description: 0x80070005

Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {cf6cae1d-abf9-41cc-8e87-57a2641b0235}

Error: (04/08/2014 11:36:00 PM) (Source: Application Error)(User: )
Description: update_checker.exe4.3.0.0525d9c67ntdll.dll6.0.6002.1888151da3e27c000000500067450114401cf53719fbdf530

Error: (04/08/2014 08:38:30 PM) (Source: Application Error)(User: )
Description: revolutionary.exe0.0.0.04e4aeefdAdbWinApi.dll6.0.6002.1888151da3e27c000013500009f5dbac01cf5359b9196144

Error: (04/08/2014 08:33:14 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2013-06-23 12:55:21.796
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-23 12:55:21.219
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-23 12:55:20.704
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-23 12:55:20.143
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-23 12:55:19.581
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Microsoft Security Client\Drivers\NisDrv\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-23 12:55:19.020
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Microsoft Security Client\Drivers\NisDrv\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-23 12:55:18.489
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Microsoft Security Client\Drivers\NisDrv\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-23 12:55:17.959
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Microsoft Security Client\Drivers\NisDrv\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-23 12:55:17.413
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Microsoft Security Client\Drivers\NisDrv\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-23 12:55:16.898
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Microsoft Security Client\Drivers\NisDrv\NisDrvWFP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 45%
Total physical RAM: 2999.98 MB
Available physical RAM: 1620.01 MB
Total Pagefile: 6222.22 MB
Available Pagefile: 4904.95 MB
Total Virtual: 2047.88 MB
Available Virtual: 1904.46 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:285.09 GB) (Free:155.59 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 240F65D6)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=285 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
--- --- ---


Könnt Ihr mir bitte weiterhelfen?

AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v3.023 - Bericht erstellt am 10/04/2014 um 13:12:05
# Aktualisiert 01/04/2014 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzername : mel - MEL-PC
# Gestartet von : C:\Users\mel\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : LPTSystemUpdater

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Program Files\LPT
Ordner Gelöscht : C:\Program Files\Optimizer Pro
Ordner Gelöscht : C:\Users\max\Documents\Optimizer Pro
Datei Gelöscht : C:\Users\mel\AppData\Roaming\Mozilla\Firefox\Profiles\ob5vl5bk.default\searchplugins\Web Search.xml

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\ilivid
Schlüssel Gelöscht : HKCU\Software\SearchCore for Browsers
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\mediabarim
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\iMesh 1 MediaBar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchCore for Browsers

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16540


-\\ Mozilla Firefox v28.0 (de)

[ Datei : C:\Users\mel\AppData\Roaming\Mozilla\Firefox\Profiles\ob5vl5bk.default\prefs.js ]

Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uywuT-4gdlO-xkuKtzfsTQg0vsTgwWcD3sttaWNI5RBkK_z706MA7_Ngv-2pTDP_G-crdRdUVWc3Af7-7SAafralkVMqVaFt2ERp[...]
Zeile gelöscht : user_pref("browser.search.selectedEngine", "Web Search");
Zeile gelöscht : user_pref("keyword.URL", "hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uywuT-4gdlO-xkuKtzfsTQg0vsTgwWcD3sttaWNI5RBkK_z706MA7_Ngv-2pTDP_G-crdRdUVWc3Af7-7SAafralob2TvMupeBOrYDlPmQpGsiW7a[...]
Zeile gelöscht : user_pref("browser.newtab.url", "hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uywuT-4gdlO-xkuKtzfsTQg0vsTgwWcD3sttaWNI5RBkK_z706MA7_Ngv-2pTDP_G-crdRdUVWc3Af7-7SAafraliwdAEhQCHjAkA40XU2[...]

[ Datei : C:\Users\max\AppData\Roaming\Mozilla\Firefox\Profiles\ba8te3p0.default\prefs.js ]

Zeile gelöscht : user_pref("extensions.helperbar.DockingPositionDown", false);
Zeile gelöscht : user_pref("extensions.helperbar.SmartbarDisabled", false);
Zeile gelöscht : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Zeile gelöscht : user_pref("extensions.helperbar.Visibility", true);
Zeile gelöscht : user_pref("extensions.helperbar.backPageCapacity", 3);
Zeile gelöscht : user_pref("extensions.helperbar.backPageCounter", 0);
Zeile gelöscht : user_pref("extensions.helperbar.backPageDay", 8);
Zeile gelöscht : user_pref("extensions.helperbar.backPageLastEvent", "1396819847906");
Zeile gelöscht : user_pref("extensions.helperbar.backPageMinInterval", 15);
Zeile gelöscht : user_pref("extensions.helperbar.barcodeid", "126634");
Zeile gelöscht : user_pref("extensions.helperbar.countryiso", "de");
Zeile gelöscht : user_pref("extensions.helperbar.downloadprovider", "somotoch");
Zeile gelöscht : user_pref("extensions.helperbar.fromautoupdate", "false");
Zeile gelöscht : user_pref("extensions.helperbar.installationid", "429958a2-1cf9-2e8e-a2f8-fac15a79be18");
Zeile gelöscht : user_pref("extensions.helperbar.installdate", "08/04/2014");
Zeile gelöscht : user_pref("extensions.helperbar.keepAliveLastevent", "1396992640");
Zeile gelöscht : user_pref("extensions.helperbar.publisher", "somoto");

-\\ Google Chrome v

[ Datei : C:\Users\mel\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [4953 octets] - [10/04/2014 13:10:03]
AdwCleaner[S0].txt - [4884 octets] - [10/04/2014 13:12:05]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4944 octets] ##########
         
--- --- ---
__________________

Alt 10.04.2014, 14:11   #4
mullewapp
 
Snapdo entfernen - Standard

Snapdo entfernen



OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 10.04.2014 13:32:41 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\mel\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,93 Gb Total Physical Memory | 1,76 Gb Available Physical Memory | 60,03% Memory free
6,08 Gb Paging File | 4,96 Gb Available in Paging File | 81,52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 285,09 Gb Total Space | 148,87 Gb Free Space | 52,22% Space Free | Partition Type: NTFS
 
Computer Name: MEL-PC | User Name: mel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\mel\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Programme\AVAST Software\Avast\afwServ.exe (AVAST Software)
PRC - C:\Programme\HTC\HTC Sync Manager\HTC Sync\adb.exe ()
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\HTC\HTC Sync Manager\HSMServiceEntry.exe (Nero AG)
PRC - C:\Programme\VTech\DownloadManager\System\AgentMonitor.exe ()
PRC - C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe ()
PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Programme\devolo\dlan\devolonetsvc.exe (devolo AG)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\PACKARD BELL\Packard Bell Recovery Management\Service\ETService.exe ()
PRC - C:\Programme\PACKARD BELL\SetUpMyPC\SmpSys.exe (Packard Bell BV)
PRC - C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
PRC - C:\Windows\System32\bgsvcgen.exe (B.H.A Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Programme\HTC\HTC Sync Manager\HTC Sync\adb.exe ()
MOD - C:\Programme\AVAST Software\Avast\libcef.dll ()
MOD - C:\Programme\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
MOD - C:\Programme\VTech\DownloadManager\System\AgentMonitor.exe ()
MOD - C:\Programme\VTech\DownloadManager\System\QtWebKit4.dll ()
MOD - C:\Programme\VTech\DownloadManager\System\DACommCenter.dll ()
MOD - C:\Programme\VTech\DownloadManager\System\QtGui4.dll ()
MOD - C:\Programme\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll ()
MOD - C:\Programme\VTech\DownloadManager\System\QtCore4.dll ()
MOD - C:\Programme\VTech\DownloadManager\System\imageformats\qgif4.dll ()
MOD - C:\Programme\VTech\DownloadManager\System\imageformats\qjpeg4.dll ()
MOD - C:\Programme\VTech\DownloadManager\System\phonon4.dll ()
MOD - C:\Programme\VTech\DownloadManager\System\QtXmlPatterns4.dll ()
MOD - C:\Programme\VTech\DownloadManager\System\QtNetwork4.dll ()
MOD - C:\Programme\VTech\DownloadManager\System\QtXml4.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (avast! Firewall) -- C:\Programme\AVAST Software\Avast\afwServ.exe (AVAST Software)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (HTCMonitorService) -- C:\Programme\HTC\HTC Sync Manager\HSMServiceEntry.exe (Nero AG)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (PassThru Service) -- C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe ()
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (DevoloNetworkService) -- C:\Programme\devolo\dlan\devolonetsvc.exe (devolo AG)
SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (fsssvc) -- C:\Programme\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (ETService) -- C:\Programme\PACKARD BELL\Packard Bell Recovery Management\Service\ETService.exe ()
SRV - (ezSharedSvc) -- C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (bgsvcgen) -- C:\Windows\System32\bgsvcgen.exe (B.H.A Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (RimUsb) -- System32\Drivers\RimUsb.sys File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (catchme) -- C:\Users\max\AppData\Local\Temp\catchme.sys File not found
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswsp.sys (AVAST Software)
DRV - (aswVmm) -- C:\Windows\System32\drivers\aswVmm.sys ()
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (AswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswRvrt) -- C:\Windows\System32\drivers\aswRvrt.sys ()
DRV - (aswKbd) -- C:\Windows\System32\drivers\aswKbd.sys (AVAST Software)
DRV - (aswNdis2) -- C:\Windows\System32\drivers\aswndis2.sys (AVAST Software)
DRV - (aswNdis) -- C:\Windows\System32\drivers\aswNdis.sys (ALWIL Software)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek                                            )
DRV - (NPF_devolo) -- C:\Windows\System32\drivers\npf_devolo.sys (CACE Technologies)
DRV - (HTCAND32) -- C:\Windows\System32\drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV - (winusb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (int15) -- C:\Windows\System32\drivers\int15.sys (Acer, Inc.)
DRV - (NETw5v32) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-3388527527-2323720586-789991275-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
IE - HKU\S-1-5-21-3388527527-2323720586-789991275-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3388527527-2323720586-789991275-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKU\S-1-5-21-3388527527-2323720586-789991275-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
IE - HKU\S-1-5-21-3388527527-2323720586-789991275-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-3388527527-2323720586-789991275-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C0 A6 15 FC 72 7E CB 01  [binary data]
IE - HKU\S-1-5-21-3388527527-2323720586-789991275-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3388527527-2323720586-789991275-1000\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-3388527527-2323720586-789991275-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IEFM1&src=IE-SearchBox
IE - HKU\S-1-5-21-3388527527-2323720586-789991275-1000\..\SearchScopes\{07CC685C-EC51-4366-A5A0-5CAF55286480}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACPW_deFR335
IE - HKU\S-1-5-21-3388527527-2323720586-789991275-1000\..\SearchScopes\{08215E9A-ED98-497B-8FB9-C7F2A0C9FACD}: "URL" = hxxp://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-3388527527-2323720586-789991275-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
IE - HKU\S-1-5-21-3388527527-2323720586-789991275-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1: C:\Users\mel\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll ( )
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\mel\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014.03.25 23:55:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.12.11 00:00:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014.01.16 17:19:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.4.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.4.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.12.11 00:00:55 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014.01.16 17:19:58 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 24.4.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 24.4.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
 
[2013.06.22 09:09:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mel\AppData\Roaming\mozilla\Extensions
[2010.08.31 15:06:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mel\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2014.04.10 10:51:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mel\AppData\Roaming\mozilla\Firefox\Profiles\ob5vl5bk.default\extensions
[2013.12.14 09:30:01 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2013.12.11 00:00:55 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.12.11 00:00:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}
[2013.12.11 00:00:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013.12.11 00:00:55 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Programme\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2013.12.11 00:00:54 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions
[2014.03.29 15:55:13 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! Online Security = C:\Users\mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2013.75_1\
CHR - Extension: Skype Click to Call = C:\Users\mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.0.14735.1561_0\
CHR - Extension: Google Wallet = C:\Users\mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Google Mail = C:\Users\mel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-3388527527-2323720586-789991275-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-3388527527-2323720586-789991275-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [AgentMonitor] C:\Programme\VTech\DownloadManager\System\AgentMonitor.exe ()
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3388527527-2323720586-789991275-1000..\Run: [SmpcSys] C:\Programme\PACKARD BELL\SetUpMyPC\SmpSys.exe (Packard Bell BV)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPath = 1
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 1.7.0_09)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 10.51.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0B4659BE-38CE-43A8-A295-283BB841CC6C}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C2387299-5ECE-470C-9281-BBB0DEF893C7}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: 
O24 - Desktop BackupWallPaper: 
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014.04.10 13:27:46 | 000,000,000 | ---D | C] -- C:\Users\mel\AppData\Local\Apple Computer
[2014.04.10 13:27:45 | 000,000,000 | ---D | C] -- C:\Users\mel\AppData\Roaming\Apple Computer
[2014.04.10 13:27:44 | 000,000,000 | ---D | C] -- C:\Users\mel\AppData\Local\HTC MediaHub
[2014.04.10 13:27:44 | 000,000,000 | ---D | C] -- C:\Users\mel\Documents\HTC
[2014.04.10 13:10:00 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.04.09 08:50:22 | 000,000,000 | ---D | C] -- C:\FRST
[2014.04.09 07:08:02 | 000,000,000 | ---D | C] -- C:\Users\mel\.android
[2014.04.08 23:36:46 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2014.04.08 20:27:02 | 000,000,000 | ---D | C] -- C:\ProgramData\HTC
[2014.04.08 20:03:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
[2014.04.08 20:03:28 | 000,000,000 | ---D | C] -- C:\Program Files\Spirent Communications
[2014.04.08 20:03:28 | 000,000,000 | ---D | C] -- C:\Program Files\HTC
[2014.03.25 23:55:14 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014.03.23 20:09:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup
[2014.03.23 20:09:38 | 000,000,000 | ---D | C] -- C:\Program Files\MozBackup
[2014.03.23 17:58:09 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
[2014.03.20 15:27:30 | 000,000,000 | ---D | C] -- C:\Users\mel\AppData\Local\Microsoft Help
[2014.03.13 04:07:28 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014.03.13 04:07:26 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014.03.13 04:07:26 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014.03.13 04:07:26 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014.03.13 04:07:25 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014.03.13 04:07:24 | 001,806,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014.03.13 04:07:24 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2014.03.13 04:07:21 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014.03.12 05:08:10 | 002,050,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2014.03.12 05:08:08 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2014.03.12 05:08:06 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2014.03.12 05:08:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
 
========== Files - Modified Within 30 Days ==========
 
[2014.04.10 13:35:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.04.10 13:27:33 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.04.10 13:22:54 | 000,673,574 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2014.04.10 13:22:54 | 000,633,784 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014.04.10 13:22:54 | 000,145,554 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2014.04.10 13:22:54 | 000,119,350 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014.04.10 13:15:18 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2014.04.10 13:14:32 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014.04.10 13:14:32 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014.04.10 13:14:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.04.10 12:46:01 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.04.09 07:07:26 | 000,392,776 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014.04.08 23:33:16 | 000,000,477 | ---- | M] () -- C:\Windows\wininit.ini
[2014.04.08 23:25:54 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
[2014.04.08 20:26:33 | 000,001,910 | ---- | M] () -- C:\Users\Public\Desktop\HTC Sync Manager.lnk
[2014.03.25 23:56:13 | 000,001,881 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2014.03.25 23:55:15 | 000,776,976 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014.03.25 23:55:15 | 000,411,552 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswsp.sys
[2014.03.25 23:55:15 | 000,180,760 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014.03.25 23:55:15 | 000,067,824 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014.03.25 23:55:15 | 000,057,672 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2014.03.25 23:55:15 | 000,054,832 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2014.03.25 23:55:15 | 000,049,944 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014.03.25 23:55:14 | 000,271,264 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014.03.25 23:55:14 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014.03.25 23:54:56 | 000,026,136 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswKbd.sys
[2014.03.25 23:54:49 | 000,252,208 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswndis2.sys
[2014.03.23 20:09:39 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\MozBackup.lnk
[2014.03.12 02:35:46 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014.03.12 02:35:46 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
 
========== Files Created - No Company Name ==========
 
[2014.04.08 23:33:16 | 000,000,477 | ---- | C] () -- C:\Windows\wininit.ini
[2014.04.08 23:25:54 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
[2014.04.08 20:26:33 | 000,001,910 | ---- | C] () -- C:\Users\Public\Desktop\HTC Sync Manager.lnk
[2014.03.23 20:09:39 | 000,000,826 | ---- | C] () -- C:\Users\Public\Desktop\MozBackup.lnk
[2013.12.25 11:09:51 | 000,000,789 | ---- | C] () -- C:\Users\mel\AppData\Local\cookies.ini
[2013.03.02 09:06:15 | 000,180,760 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013.03.02 09:06:14 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2012.09.25 22:16:33 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2009.12.18 16:17:33 | 000,000,680 | ---- | C] () -- C:\Users\mel\AppData\Local\d3d9caps.dat
[2009.07.23 18:06:54 | 000,035,328 | ---- | C] () -- C:\Users\mel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
         
--- --- ---
OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 10.04.2014 13:32:41 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\mel\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,93 Gb Total Physical Memory | 1,76 Gb Available Physical Memory | 60,03% Memory free
6,08 Gb Paging File | 4,96 Gb Available in Paging File | 81,52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 285,09 Gb Total Space | 148,87 Gb Free Space | 52,22% Space Free | Partition Type: NTFS
 
Computer Name: MEL-PC | User Name: mel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-3388527527-2323720586-789991275-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [+ Add to separate archive(s)] -- "C:\Program Files\PeaZip\PEAZIP.EXE" "-add2archive" "%1" (Giorgio Tani)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0109A02B-F0CD-4942-93B6-23ADF51A9C08}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{0133AB35-5583-4312-A842-454BFFDF0AE5}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery | 
"{1EBE5F27-2D1A-4082-A6BC-008FE99C4E95}" = lport=19375 | protocol=17 | dir=in | app=c:\program files\devolo\dlan\devolonetsvc.exe | 
"{3345614C-2B6A-4EA8-AD00-A85E9898182D}" = rport=137 | protocol=17 | dir=out | app=system | 
"{3788E45F-AF4B-4BFD-8FDC-CC0B9DB79443}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{38871025-016B-4615-9728-857CD651B156}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{3AEBFA10-64D2-4EC4-AE25-45B9884FADE5}" = lport=138 | protocol=17 | dir=in | app=system | 
"{43232BAD-B300-4238-9C7A-5108E9BBE1F1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{4E369134-3205-4E5A-A6E3-424E430EE65F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe | 
"{7296FF64-8F63-4C07-85F1-4AEC718FC473}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{780A30CB-9EF6-47C7-B4BD-084D2205B442}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{7C171875-2ABF-40B0-BEBB-7747BEA3D1F2}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{81237401-DDA9-4C14-9F79-EFF77D939C26}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{837ED2C9-F8F2-454E-AC1B-BA7473369B8B}" = lport=19376 | protocol=6 | dir=in | app=c:\program files\devolo\dlan\devolonetsvc.exe | 
"{8A2EB253-904D-452A-8A1A-DC8DF0503840}" = rport=445 | protocol=6 | dir=out | app=system | 
"{9580F6F3-A1FD-49A7-9397-3BB0346D69E5}" = rport=138 | protocol=17 | dir=out | app=system | 
"{A2AE11E8-4FC2-4EB0-BE0B-3F30838A4A5F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{AA384D2A-8BE3-458D-BE18-ED70C19BC196}" = lport=139 | protocol=6 | dir=in | app=system | 
"{ADCA13A5-AA9D-4BFA-9B17-842E08DB8650}" = rport=139 | protocol=6 | dir=out | app=system | 
"{B107DCA5-1CA7-4F24-B770-3DC6E9EE8AE1}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{BED49A88-5E18-4346-BC65-6AC9FCE3A759}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery | 
"{BF61A447-164B-412E-82B6-AE18149887F7}" = lport=445 | protocol=6 | dir=in | app=system | 
"{C99951BF-2673-4C41-9A2C-000686EF7CA6}" = lport=137 | protocol=17 | dir=in | app=system | 
"{D74E0116-72F5-4BA8-B15D-EDE1D433F0A1}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer | 
"{E4C9A481-7241-4263-B6C8-29F44B7E9556}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{E78EEE55-541B-4731-91E8-9FF77D45D477}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{F4739EE8-063F-4CC1-8A7A-506D33815D4E}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{063F7D4E-A636-4D35-AF26-32A911E8683C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{0A0DC493-141B-41A3-8097-F431BA586738}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{123C7692-8562-4A38-A4C4-D382F346E314}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{22A8B182-140C-4EA0-A68D-34C7058FE01C}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | 
"{2481F521-CAA5-4419-B479-735AC5E0256F}" = dir=in | app=c:\program files\hp\hp officejet 6700\bin\hpnetworkcommunicator.exe | 
"{26C24B4B-5F76-4EF9-ACA0-ECA214CA359B}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{45DB80AE-1FEC-4315-9B77-6F0942E7D88B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{4F05424D-D5CC-40FA-98E4-AAEDD852532F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{630EF2B2-9122-46EB-A462-7B88ACFC5E9C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{758EF5B6-216D-4C1F-B9D3-B3041FB656CF}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | 
"{7A5ED657-15E2-4124-8192-FE1C1A2CED91}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
"{86F032A7-0880-43D0-8C10-77CFDFAA18B4}" = dir=in | app=c:\program files\hp\hp officejet 6700\bin\devicesetup.exe | 
"{8EAE9A5C-95E4-436E-A3E0-0CF7DEED9DBD}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | 
"{90D5A159-B5B6-4318-8FEA-79394A86898E}" = dir=in | app=c:\program files\htc\htc sync manager\htcsyncmanager.exe | 
"{96FDAB92-1409-442E-B19B-E6C711CC4694}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | 
"{A7DE2DAF-9F2E-45BC-BFA7-51BC45A10A85}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{B3D73E24-5368-4992-AAB3-CD6B64B40400}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{C09CAF8B-DADF-4144-8AD3-958786B9A1D4}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{C62118A3-3060-4CAC-88C3-7104C25A3BCD}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{E00CF71F-6701-4A36-BECA-AFBE448182E8}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{EAC46B3A-140A-4570-B01E-8C0F3876D5DD}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"TCP Query User{0537244F-DDE7-4774-BC6D-1270C07D75E5}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{79DA53C2-242A-41AB-BB53-719DDC85C47F}C:\users\max\downloads\support_freeedition_ws79946756_de.exe" = protocol=6 | dir=in | app=c:\users\max\downloads\support_freeedition_ws79946756_de.exe | 
"TCP Query User{A5EA2D01-9C86-46A2-AB35-1E29498AB8E9}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{D3502D8B-2C7A-4AC7-83CD-4F81224BC47D}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{F7EFC44B-5536-484B-9919-7AAAD4E57598}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"UDP Query User{29B61E4F-91DD-42F7-B4A6-33E96FCF6E55}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"UDP Query User{6577A4B6-EEDE-46FC-8247-2FB2CB3570FF}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{751A73A2-EA17-4AEA-BFAD-7E9FF14D0E9A}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"UDP Query User{8A3D47E7-AAC4-4F5C-8A7E-4936CAD39BC6}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"UDP Query User{BDF7407C-FD03-4611-A79E-1669E7ADCC7D}C:\users\max\downloads\support_freeedition_ws79946756_de.exe" = protocol=17 | dir=in | app=c:\users\max\downloads\support_freeedition_ws79946756_de.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{231D0C79-98A6-4693-A366-36DE7D7346EC}" = HTC Sync Manager
"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 51
"{28518520-F25C-48C3-A224-861F331602F4}" = Setup My PC
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{3559CDE0-11FC-4D7B-A65C-D646035B1031}" = Nero 8 Essentials
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{40C4903E-EDFB-4CAE-A611-41FEBA585921}" = VTech Download Agent Library
"{415FA9AD-DA10-4ABE-97B6-5051D4795C90}" = HP FWUpdateEDO2
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}" = Google Earth Plug-in
"{4CEEE5D0-F905-4688-B9F9-ECC710507796}" = HTC Driver Installer
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client DE-DE Language Pack
"{50DA41E2-0701-43E2-A8BB-FAA0CB64B28B}" = HP Officejet 6700 Hilfe
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1" = PeaZip 2.9
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}" = Garmin USB Drivers
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Packard Bell Recovery Management
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{846E4C72-DF45-43ED-1680-EDF5F87F279E}" = dLAN Cockpit
"{87B2E9C6-8AC1-43EF-9072-DB2EF0A49680}" = HP Officejet 6700 - Grundlegende Software für das Gerät
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031" = Microsoft .NET Framework 4.5.1 (Deutsch)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{959282E3-55A9-49D8-B885-D27CF8A2FD82}" = PHOTOfunSTUDIO 5.1 HD Edition
"{97486FBE-A3FC-4783-8D55-EA37E9D171CC}" = HP Update
"{994223F3-A99B-4DDD-9E1D-0190A17C6860}" = Windows Live Family Safety
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E871D09-064D-3BC9-963B-3AB8ABE1273D}" = Microsoft .NET Framework 4.5.1 (DEU)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.9) - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B92C2C6C-F70E-497B-88A7-1FEF9888272B}" = Adobe AIR
"{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}" = LPT System Updater Service
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{CA786CFF-1D31-4804-B436-F3405B14357F}" = Packard Bell Updator
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0CA4233-2BAF-4947-8895-155AABE10721}" = Studie zur Verbesserung von HP Officejet 6700 Produkten
"{D359B12F-9B1A-46FD-B70C-F507B5B11590}" = HDRegDE
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4EA67C9-6748-4C1E-9AFF-04149AC75D95}" = Packard Bell ImageWriter
"{F57DADA5-BF42-4AA8-9992-2F6B63F4F3AB}" = Garmin Training Center
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"24DA573F901348FFDFF7717497830D45BE0C362E" = Windows Driver Package - Dynastream Innovations (libusb0) LibUsbDevices  (07/07/2009 1.12.2)
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"avast" = avast! Internet Security
"CCleaner" = CCleaner
"Cockpit.92121A72F826FA9D0BD3A830E7F04987B31AFB22.1" = dLAN Cockpit
"dlancockpit" = devolo dLAN Cockpit
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Photo Creations" = HP Photo Creations
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MozBackup" = MozBackup 1.5.1
"Mozilla Firefox 28.0 (x86 de)" = Mozilla Firefox 28.0 (x86 de)
"Mozilla Thunderbird 24.4.0 (x86 de)" = Mozilla Thunderbird 24.4.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"VLC media player" = VLC media player 2.1.0
"VTechDownloadManager" = VTech Download Manager
"WinLiveSuite_Wave3" = Windows Live Essentials
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-3388527527-2323720586-789991275-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 08.04.2014 17:41:17 | Computer Name = Mel-PC | Source = VSS | ID = 8194
Description = 
 
Error - 08.04.2014 17:45:22 | Computer Name = Mel-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Impactor.exe, Version 0.0.0.0, Zeitstempel 0x52745555,
 fehlerhaftes Modul AdbWinApi.dll, Version 6.0.6002.18881, Zeitstempel 0x51da3e27,
 Ausnahmecode 0xc0000135, Fehleroffset 0x00009f5d,  Prozess-ID 0x1d58, Anwendungsstartzeit
 01cf5373d6a0f190.
 
Error - 08.04.2014 17:59:54 | Computer Name = Mel-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Impactor.exe, Version 0.0.0.0, Zeitstempel 0x52745555,
 fehlerhaftes Modul Impactor.exe, Version 0.0.0.0, Zeitstempel 0x52745555, Ausnahmecode
 0x40000015, Fehleroffset 0x0045dc28,  Prozess-ID 0x240c, Anwendungsstartzeit 01cf5375b2ecb4d0.
 
Error - 08.04.2014 18:01:30 | Computer Name = Mel-PC | Source = Microsoft-Windows-RestartManager | ID = 10007
Description = 
 
Error - 09.04.2014 01:08:46 | Computer Name = Mel-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 09.04.2014 01:54:05 | Computer Name = Mel-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 09.04.2014 01:54:05 | Computer Name = Mel-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 10.04.2014 03:01:12 | Computer Name = Mel-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung firefox.exe, Version 28.0.0.5186, Zeitstempel
 0x53240e37, fehlerhaftes Modul xul.dll, Version 28.0.0.5186, Zeitstempel 0x53240e04,
 Ausnahmecode 0xc0000005, Fehleroffset 0x00184729,  Prozess-ID 0xca4, Anwendungsstartzeit
 01cf548a0b4e61e0.
 
Error - 10.04.2014 03:01:36 | Computer Name = Mel-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 10.04.2014 07:15:25 | Computer Name = Mel-PC | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 08.04.2014 14:34:43 | Computer Name = Mel-PC | Source = Service Control Manager | ID = 7011
Description = 
 
Error - 08.04.2014 14:39:22 | Computer Name = Mel-PC | Source = Service Control Manager | ID = 7022
Description = 
 
Error - 09.04.2014 01:06:45 | Computer Name = Mel-PC | Source = HTTP | ID = 15021
Description = 
 
Error - 09.04.2014 01:08:50 | Computer Name = Mel-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 09.04.2014 01:08:50 | Computer Name = Mel-PC | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 09.04.2014 01:08:50 | Computer Name = Mel-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 09.04.2014 01:09:28 | Computer Name = Mel-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 09.04.2014 06:07:18 | Computer Name = Mel-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 10.04.2014 07:14:32 | Computer Name = Mel-PC | Source = HTTP | ID = 15021
Description = 
 
Error - 10.04.2014 07:15:26 | Computer Name = Mel-PC | Source = Service Control Manager | ID = 7000
Description = 
 
 
< End of report >
         
--- --- ---

Alt 11.04.2014, 07:40   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Snapdo entfernen - Standard

Snapdo entfernen



Revo Uninstaller - Download - Filepony
Damit alles deinstallieren was Du in der Additional.txt findest mit dem Zusatz <== ATTENTION

Mit Revo auch Moderat die Reste entfernen lassen.



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.



Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 15.04.2014, 16:00   #6
mullewapp
 
Snapdo entfernen - Standard

Snapdo entfernen



Malwarebytes Anti-Malware
Malwarebytes | Free Anti-Malware & Internet Security Software

Suchlauf Datum: 15.04.2014
Suchlauf-Zeit: 10:22:36
Logdatei: mbam-log-text20140414.txt
Administrator: Ja

Version: 2.00.1.1004
Malware Datenbank: v2014.04.15.03
Rootkit Datenbank: v2014.03.27.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows Vista Service Pack 2
CPU: x86
Dateisystem: NTFS
Benutzer: max

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 319420
Verstrichene Zeit: 2 Std, 46 Min, 2 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 6
PUP.Optional.Somoto.A, C:\Users\max\AppData\Local\temp\appshat_generic.exe, In Quarantäne, [c23e41bfed1301ffca5262c0fa061be5],
PUP.Optional.Somoto, C:\Users\max\AppData\Local\temp\UpdateCheckerSetup.exe, In Quarantäne, [0bf5e41cf010ef115994dd49966a2ad6],
PUP.Optional.Tarma, C:\Users\max\Downloads\Scarlet.Young.Sexy.Lady.Gangbang.Style.German.XXX.DVDRiP.x264-TattooLovers.exe, In Quarantäne, [b947f10f49b718e83f79c784e71afc04],
PUP.Optional.Somoto.A, C:\Users\max\Downloads\UnlockPhone_downloader_by_UnlockPhone.exe, In Quarantäne, [b848b94717e9dc2496710533e818738d],
PUP.Optional.Bandoo.A, C:\Users\mel\Downloads\iMeshSetup-r1487-w-bf.exe, In Quarantäne, [dc2404fc000020e004d343e4c9386f91],
Backdoor.ProRat, C:\Windows\temp\peydjoti.tmp, In Quarantäne, [6997cf3144bc21df2cbcf1e230d22bd5],

Physische Sektoren: 0
(No malicious items detected)


(end)JRT Logfile:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows Vista (TM) Home Premium x86
Ran by max on 15.04.2014 at 15:39:40,80
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smartbar



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\drivergenius"



~~~ FireFox

Successfully deleted the following from C:\Users\max\AppData\Roaming\mozilla\firefox\profiles\ba8te3p0.default\prefs.js

user_pref("google.toolbar.button_option.cached.gtbSearchBlogs", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchBlogs\" t
user_pref("google.toolbar.button_option.cached.gtbSearchPhotos", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchPhotos\"
user_pref("google.toolbar.button_option.cached.gtbSearchScholar", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchScholar
user_pref("google.toolbar.button_option.cached.gtbstoolbar-google-com_CTK0Y7F4MTG6NKYH03WT-xml", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.o
user_pref("google.toolbar.button_option.cached.gtbstoolbar-google-com_J66T77NJDBMW4FEUU7FA-xml", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.o
Emptied folder: C:\Users\max\AppData\Roaming\mozilla\firefox\profiles\ba8te3p0.default\minidumps [14 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15.04.2014 at 15:46:54,48
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
--- --- ---



FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-04-2014
Ran by max (administrator) on MEL-PC on 15-04-2014 15:59:08
Running from C:\Users\max\Downloads
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(B.H.A Corporation) C:\Windows\System32\bgsvcgen.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(devolo AG) C:\Program Files\devolo\dlan\devolonetsvc.exe
() C:\Program Files\Packard Bell\Packard Bell Recovery Management\Service\ETService.exe
(Nero AG) C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Prolific Technology Inc.) C:\Windows\system32\IoctlSvc.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
() C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdSync.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
(Packard Bell BV) C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Macrovision Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdSync.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Packard Bell BV) C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Windows\system32\LogonUI.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6265376 2008-08-04] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [150040 2008-08-12] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe [170520 2008-08-12] (Intel Corporation)
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe [145944 2008-08-12] (Intel Corporation)
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1833504 2008-08-04] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdSync.exe [215552 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-03-25] (AVAST Software)
HKLM\...\Run: [AgentMonitor] => C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe [391040 2013-06-20] ()
HKU\S-1-5-21-3388527527-2323720586-789991275-1000\...\Run: [SmpcSys] => C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe [1038136 2008-07-07] (Packard Bell BV)
HKU\S-1-5-21-3388527527-2323720586-789991275-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-3388527527-2323720586-789991275-1001\...\Run: [SmpcSys] => C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe [1038136 2008-07-07] (Packard Bell BV)
HKU\S-1-5-21-3388527527-2323720586-789991275-1001\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-3388527527-2323720586-789991275-1001\...\Run: [ISUSPM] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [206112 2008-10-24] (Macrovision Corporation)
HKU\S-1-5-21-3388527527-2323720586-789991275-1001\...\Run: [HP Officejet 6700 (NET)] => C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [1804648 2011-09-09] (Hewlett-Packard Co.)
HKU\S-1-5-21-3388527527-2323720586-789991275-1001\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKU\S-1-5-21-3388527527-2323720586-789991275-1001\...\Run: [Nero MediaHome 4] => "C:\Program Files\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN
HKU\S-1-5-21-3388527527-2323720586-789991275-1001\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Microsoft Corporation
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x10F92A9F7E8CCA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com/search?q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} -  No File
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\max\AppData\Roaming\Mozilla\Firefox\Profiles\ba8te3p0.default
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Keyword.URL: hxxp://www.google.com/search?rls=org.mozilla:en-US:official&client=firefox-a&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Kaspersky URL Advisor - C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru [2013-12-11]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-11]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA} [2013-12-11]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-12-11]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-29]

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-03-25] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109048 2014-03-25] (AVAST Software)
R2 bgsvcgen; C:\Windows\System32\bgsvcgen.exe [145504 2007-06-15] (B.H.A Corporation)
R2 DevoloNetworkService; C:\Program Files\devolo\dlan\devolonetsvc.exe [3304768 2010-12-23] (devolo AG)
R2 ETService; C:\Program Files\Packard Bell\Packard Bell Recovery Management\Service\ETService.exe [24576 2008-07-16] ()
R2 HTCMonitorService; C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-18] (Nero AG)
R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)

==================== Drivers (Whitelisted) ====================

R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [26136 2014-03-25] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-03-25] (AVAST Software)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12112 2012-07-13] (ALWIL Software)
R0 aswNdis2; C:\Windows\system32\Drivers\aswNdis2.sys [252208 2014-03-25] (AVAST Software)
R1 AswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2014-03-25] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-03-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [776976 2014-03-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411552 2014-03-25] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2014-03-25] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180760 2014-03-25] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-04-03] (Malwarebytes Corporation)
U4 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [107736 2014-04-15] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51416 2014-04-03] (Malwarebytes Corporation)
R2 NPF_devolo; C:\Windows\system32\drivers\npf_devolo.sys [35840 2010-06-10] (CACE Technologies)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 catchme; \??\C:\Users\max\AppData\Local\Temp\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 RimUsb; System32\Drivers\RimUsb.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-15 15:59 - 2014-04-15 15:59 - 00017529 _____ () C:\Users\max\Downloads\FRST.txt
2014-04-15 15:58 - 2014-04-15 15:58 - 01042944 _____ (Farbar) C:\Users\max\Downloads\FRST.exe
2014-04-15 15:46 - 2014-04-15 15:46 - 00001910 _____ () C:\Users\max\Desktop\JRT.txt
2014-04-15 10:33 - 2014-04-15 10:33 - 01016261 _____ (Thisisu) C:\Users\max\Downloads\JRT.exe
2014-04-15 10:24 - 2014-04-15 10:24 - 00001650 _____ () C:\Windows\PFRO.log
2014-04-15 07:34 - 2014-04-15 12:57 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-15 07:33 - 2014-04-15 07:33 - 00000901 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-15 07:33 - 2014-04-15 07:33 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-04-15 07:33 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-15 07:33 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-15 07:33 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-15 07:32 - 2014-04-15 07:32 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\max\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-15 07:24 - 2014-04-15 07:24 - 00001059 _____ () C:\Users\max\Desktop\Revo Uninstaller.lnk
2014-04-15 07:24 - 2014-04-15 07:24 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-04-15 07:23 - 2014-04-15 07:23 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\max\Downloads\revosetup95.exe
2014-04-10 14:16 - 2014-03-08 01:51 - 12347904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-10 14:16 - 2014-03-08 01:20 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-10 14:16 - 2014-03-08 01:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-10 14:16 - 2014-03-08 01:03 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-10 14:16 - 2014-03-08 01:02 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-10 14:16 - 2014-03-08 01:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-10 14:16 - 2014-03-08 01:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-10 14:16 - 2014-03-08 00:59 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-10 14:16 - 2014-03-08 00:57 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-10 14:16 - 2014-03-08 00:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-10 14:16 - 2014-03-08 00:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-10 14:16 - 2014-03-08 00:54 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-10 14:16 - 2014-03-08 00:53 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-10 14:16 - 2014-03-08 00:52 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-10 14:16 - 2014-03-08 00:52 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-10 14:16 - 2014-03-08 00:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-10 14:10 - 2014-04-10 14:10 - 04892480 _____ (WinZip International LLC ) C:\Users\mel\Downloads\wzmp_8.exe
2014-04-10 13:42 - 2014-04-10 13:42 - 00051698 _____ () C:\Users\mel\Downloads\Extras.Txt
2014-04-10 13:41 - 2014-04-10 13:41 - 00066866 _____ () C:\Users\mel\Downloads\OTL.Txt
2014-04-10 13:30 - 2014-04-10 13:30 - 00602112 _____ (OldTimer Tools) C:\Users\mel\Downloads\OTL.exe
2014-04-10 13:27 - 2014-04-10 18:19 - 00000000 ____D () C:\Users\mel\AppData\Local\HTC MediaHub
2014-04-10 13:27 - 2014-04-10 13:27 - 00000000 ____D () C:\Users\mel\Documents\HTC
2014-04-10 13:27 - 2014-04-10 13:27 - 00000000 ____D () C:\Users\mel\AppData\Roaming\Apple Computer
2014-04-10 13:27 - 2014-04-10 13:27 - 00000000 ____D () C:\Users\mel\AppData\Local\Apple Computer
2014-04-10 13:10 - 2014-04-10 13:12 - 00000000 ____D () C:\AdwCleaner
2014-04-10 13:09 - 2014-04-10 13:09 - 01426178 _____ () C:\Users\mel\Downloads\adwcleaner(1).exe
2014-04-10 13:08 - 2014-04-10 13:08 - 01426178 _____ () C:\Users\mel\Downloads\adwcleaner.exe
2014-04-10 11:52 - 2014-02-06 03:56 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 08:51 - 2014-04-09 08:51 - 00035927 _____ () C:\Users\mel\Downloads\Addition.txt
2014-04-09 08:50 - 2014-04-15 15:59 - 00000000 ____D () C:\FRST
2014-04-09 08:50 - 2014-04-09 08:51 - 00031751 _____ () C:\Users\mel\Downloads\FRST.txt
2014-04-09 08:49 - 2014-04-09 08:49 - 01145856 _____ (Farbar) C:\Users\mel\Downloads\FRST.exe
2014-04-09 08:48 - 2014-04-09 08:48 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-09 08:48 - 2014-04-09 08:48 - 00000000 _____ () C:\Windows\setupact.log
2014-04-09 07:08 - 2014-04-09 07:08 - 00000000 ____D () C:\Users\mel\.android
2014-04-08 23:51 - 2014-04-08 23:51 - 00000000 ____D () C:\Users\max\Downloads\Impactor_0.9.14
2014-04-08 23:49 - 2014-04-08 23:49 - 00000000 ____D () C:\Users\max\Downloads\adb
2014-04-08 23:44 - 2014-04-08 23:44 - 11937023 _____ () C:\Users\max\Downloads\Impactor_0.9.14.zip
2014-04-08 23:33 - 2014-04-08 23:33 - 00000477 _____ () C:\Windows\wininit.ini
2014-04-08 23:25 - 2014-04-08 23:25 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
2014-04-08 20:39 - 2014-04-08 20:40 - 00000000 ____D () C:\Users\max\Downloads\revoltunairie
2014-04-08 20:36 - 2014-04-08 23:15 - 00000000 ____D () C:\Users\max\AppData\Roaming\HTC
2014-04-08 20:27 - 2014-04-15 11:36 - 00000000 ____D () C:\Users\max\AppData\Local\HTC MediaHub
2014-04-08 20:27 - 2014-04-08 20:34 - 00000000 ____D () C:\Users\max\Documents\HTC
2014-04-08 20:27 - 2014-04-08 20:27 - 00000000 ____D () C:\Users\max\.android
2014-04-08 20:27 - 2014-04-08 20:27 - 00000000 ____D () C:\ProgramData\HTC
2014-04-08 20:26 - 2014-04-08 20:26 - 00001910 _____ () C:\Users\Public\Desktop\HTC Sync Manager.lnk
2014-04-08 20:07 - 2014-04-08 20:07 - 00000000 ____D () C:\Users\max\{a9506e87-a470-4bea-ae57-af1766891f12}
2014-04-08 20:06 - 2014-04-08 20:06 - 00000000 ___HD () C:\Users\max\Downloads\.ptmp866423
2014-04-08 20:04 - 2014-04-08 20:04 - 00000000 ____D () C:\Users\max\{0417b888-8b19-4ba0-a161-88089450ca9b}
2014-04-08 20:03 - 2014-04-08 20:26 - 00000000 ____D () C:\Program Files\HTC
2014-04-08 20:03 - 2014-04-08 20:03 - 00000000 ____D () C:\Program Files\Spirent Communications
2014-04-08 20:02 - 2014-04-08 20:02 - 00000000 ____D () C:\Users\max\AppData\Local\Downloaded Installations
2014-04-08 20:01 - 2014-04-08 20:01 - 136012136 _____ (HTC) C:\Users\max\Downloads\setup_3.0.52.0_htc.exe
2014-04-08 19:57 - 2014-04-08 19:57 - 01619991 _____ () C:\Users\max\Downloads\revolutionary-0.4pre4.zip
2014-03-25 23:55 - 2014-03-25 23:55 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-23 20:31 - 2014-03-23 23:12 - 00001000 _____ () C:\Users\max\Desktop\MailShield.der
2014-03-23 20:10 - 2014-03-23 18:54 - 00000823 _____ () C:\Users\max\Documents\indexfile.txt
2014-03-23 20:09 - 2014-03-23 20:09 - 00000826 _____ () C:\Users\Public\Desktop\MozBackup.lnk
2014-03-23 20:09 - 2014-03-23 20:09 - 00000000 ____D () C:\Program Files\MozBackup
2014-03-23 20:08 - 2014-03-23 20:08 - 01035926 _____ () C:\Users\max\Downloads\MozBackup-1.5.1-EN.exe
2014-03-23 17:58 - 2014-03-23 17:58 - 00000000 ____D () C:\Users\max\AppData\Roaming\Thunderbird
2014-03-23 17:58 - 2014-03-23 17:58 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-03-20 15:27 - 2014-03-20 15:27 - 00000000 ____D () C:\Users\mel\AppData\Local\Microsoft Help

==================== One Month Modified Files and Folders =======

2014-04-15 15:59 - 2014-04-15 15:59 - 00017529 _____ () C:\Users\max\Downloads\FRST.txt
2014-04-15 15:59 - 2014-04-09 08:50 - 00000000 ____D () C:\FRST
2014-04-15 15:58 - 2014-04-15 15:58 - 01042944 _____ (Farbar) C:\Users\max\Downloads\FRST.exe
2014-04-15 15:46 - 2014-04-15 15:46 - 00001910 _____ () C:\Users\max\Desktop\JRT.txt
2014-04-15 15:45 - 2010-02-07 11:02 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-15 15:35 - 2012-04-23 06:33 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-15 14:51 - 2006-11-02 14:47 - 00003344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-15 14:51 - 2006-11-02 14:47 - 00003344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-15 12:57 - 2014-04-15 07:34 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-15 12:32 - 2010-02-07 11:02 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-15 11:36 - 2014-04-08 20:27 - 00000000 ____D () C:\Users\max\AppData\Local\HTC MediaHub
2014-04-15 11:29 - 2009-03-03 13:15 - 02001890 _____ () C:\Windows\WindowsUpdate.log
2014-04-15 10:52 - 2009-03-03 13:22 - 00000000 _____ () C:\Windows\system32\LogConfigTemp.xml
2014-04-15 10:51 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-15 10:50 - 2006-11-02 15:01 - 00032582 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-15 10:37 - 2008-01-21 09:16 - 01565124 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-15 10:33 - 2014-04-15 10:33 - 01016261 _____ (Thisisu) C:\Users\max\Downloads\JRT.exe
2014-04-15 10:24 - 2014-04-15 10:24 - 00001650 _____ () C:\Windows\PFRO.log
2014-04-15 10:22 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Resources
2014-04-15 07:33 - 2014-04-15 07:33 - 00000901 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-15 07:33 - 2014-04-15 07:33 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-04-15 07:33 - 2012-11-30 01:41 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-15 07:32 - 2014-04-15 07:32 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\max\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-15 07:24 - 2014-04-15 07:24 - 00001059 _____ () C:\Users\max\Desktop\Revo Uninstaller.lnk
2014-04-15 07:24 - 2014-04-15 07:24 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-04-15 07:23 - 2014-04-15 07:23 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\max\Downloads\revosetup95.exe
2014-04-11 23:06 - 2012-04-23 06:33 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-04-11 23:06 - 2011-05-19 18:53 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-04-10 18:19 - 2014-04-10 13:27 - 00000000 ____D () C:\Users\mel\AppData\Local\HTC MediaHub
2014-04-10 14:19 - 2009-01-08 18:34 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-10 14:14 - 2013-08-16 03:15 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-10 14:14 - 2006-11-02 12:24 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-04-10 14:10 - 2014-04-10 14:10 - 04892480 _____ (WinZip International LLC ) C:\Users\mel\Downloads\wzmp_8.exe
2014-04-10 13:42 - 2014-04-10 13:42 - 00051698 _____ () C:\Users\mel\Downloads\Extras.Txt
2014-04-10 13:41 - 2014-04-10 13:41 - 00066866 _____ () C:\Users\mel\Downloads\OTL.Txt
2014-04-10 13:30 - 2014-04-10 13:30 - 00602112 _____ (OldTimer Tools) C:\Users\mel\Downloads\OTL.exe
2014-04-10 13:27 - 2014-04-10 13:27 - 00000000 ____D () C:\Users\mel\Documents\HTC
2014-04-10 13:27 - 2014-04-10 13:27 - 00000000 ____D () C:\Users\mel\AppData\Roaming\Apple Computer
2014-04-10 13:27 - 2014-04-10 13:27 - 00000000 ____D () C:\Users\mel\AppData\Local\Apple Computer
2014-04-10 13:12 - 2014-04-10 13:10 - 00000000 ____D () C:\AdwCleaner
2014-04-10 13:09 - 2014-04-10 13:09 - 01426178 _____ () C:\Users\mel\Downloads\adwcleaner(1).exe
2014-04-10 13:08 - 2014-04-10 13:08 - 01426178 _____ () C:\Users\mel\Downloads\adwcleaner.exe
2014-04-09 08:51 - 2014-04-09 08:51 - 00035927 _____ () C:\Users\mel\Downloads\Addition.txt
2014-04-09 08:51 - 2014-04-09 08:50 - 00031751 _____ () C:\Users\mel\Downloads\FRST.txt
2014-04-09 08:49 - 2014-04-09 08:49 - 01145856 _____ (Farbar) C:\Users\mel\Downloads\FRST.exe
2014-04-09 08:48 - 2014-04-09 08:48 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-09 08:48 - 2014-04-09 08:48 - 00000000 _____ () C:\Windows\setupact.log
2014-04-09 08:48 - 2010-12-11 18:58 - 00107384 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT
2014-04-09 07:08 - 2014-04-09 07:08 - 00000000 ____D () C:\Users\mel\.android
2014-04-09 07:08 - 2014-01-03 15:09 - 00000000 ____D () C:\Users\NeroMediaHomeUser.4
2014-04-09 07:08 - 2009-07-11 15:39 - 00000000 ____D () C:\Users\mel
2014-04-09 07:07 - 2006-11-02 14:47 - 00392776 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-09 00:01 - 2009-03-03 13:29 - 00000000 ____D () C:\Program Files\Nero
2014-04-09 00:01 - 2009-03-03 13:29 - 00000000 ____D () C:\Program Files\Common Files\Nero
2014-04-08 23:51 - 2014-04-08 23:51 - 00000000 ____D () C:\Users\max\Downloads\Impactor_0.9.14
2014-04-08 23:49 - 2014-04-08 23:49 - 00000000 ____D () C:\Users\max\Downloads\adb
2014-04-08 23:44 - 2014-04-08 23:44 - 11937023 _____ () C:\Users\max\Downloads\Impactor_0.9.14.zip
2014-04-08 23:33 - 2014-04-08 23:33 - 00000477 _____ () C:\Windows\wininit.ini
2014-04-08 23:31 - 2009-07-11 23:07 - 00107384 _____ () C:\Users\max\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-08 23:25 - 2014-04-08 23:25 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
2014-04-08 23:15 - 2014-04-08 20:36 - 00000000 ____D () C:\Users\max\AppData\Roaming\HTC
2014-04-08 20:40 - 2014-04-08 20:39 - 00000000 ____D () C:\Users\max\Downloads\revoltunairie
2014-04-08 20:34 - 2014-04-08 20:27 - 00000000 ____D () C:\Users\max\Documents\HTC
2014-04-08 20:27 - 2014-04-08 20:27 - 00000000 ____D () C:\Users\max\.android
2014-04-08 20:27 - 2014-04-08 20:27 - 00000000 ____D () C:\ProgramData\HTC
2014-04-08 20:27 - 2009-11-14 18:33 - 00000000 ____D () C:\Users\max\AppData\Roaming\Apple Computer
2014-04-08 20:27 - 2009-11-14 18:33 - 00000000 ____D () C:\Users\max\AppData\Local\Apple Computer
2014-04-08 20:27 - 2009-07-11 23:06 - 00000000 ____D () C:\Users\max
2014-04-08 20:26 - 2014-04-08 20:26 - 00001910 _____ () C:\Users\Public\Desktop\HTC Sync Manager.lnk
2014-04-08 20:26 - 2014-04-08 20:03 - 00000000 ____D () C:\Program Files\HTC
2014-04-08 20:08 - 2013-12-11 00:00 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-04-08 20:08 - 2013-01-20 21:46 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-04-08 20:07 - 2014-04-08 20:07 - 00000000 ____D () C:\Users\max\{a9506e87-a470-4bea-ae57-af1766891f12}
2014-04-08 20:06 - 2014-04-08 20:06 - 00000000 ___HD () C:\Users\max\Downloads\.ptmp866423
2014-04-08 20:04 - 2014-04-08 20:04 - 00000000 ____D () C:\Users\max\{0417b888-8b19-4ba0-a161-88089450ca9b}
2014-04-08 20:03 - 2014-04-08 20:03 - 00000000 ____D () C:\Program Files\Spirent Communications
2014-04-08 20:02 - 2014-04-08 20:02 - 00000000 ____D () C:\Users\max\AppData\Local\Downloaded Installations
2014-04-08 20:01 - 2014-04-08 20:01 - 136012136 _____ (HTC) C:\Users\max\Downloads\setup_3.0.52.0_htc.exe
2014-04-08 19:57 - 2014-04-08 19:57 - 01619991 _____ () C:\Users\max\Downloads\revolutionary-0.4pre4.zip
2014-04-03 09:51 - 2014-04-15 07:33 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-15 07:33 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-15 07:33 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-25 23:56 - 2012-12-30 13:41 - 00001881 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-03-25 23:55 - 2014-03-25 23:55 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-25 23:55 - 2013-03-02 09:06 - 00180760 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-03-25 23:55 - 2013-03-02 09:06 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-03-25 23:55 - 2012-11-29 23:41 - 00776976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-03-25 23:55 - 2012-11-29 23:41 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-03-25 23:55 - 2012-11-29 23:41 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-03-25 23:55 - 2012-11-29 23:41 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-03-25 23:55 - 2012-11-29 23:41 - 00057672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2014-03-25 23:55 - 2012-11-29 23:41 - 00054832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2014-03-25 23:54 - 2012-12-30 13:40 - 00252208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswndis2.sys
2014-03-25 23:54 - 2012-12-30 13:40 - 00026136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-03-23 23:12 - 2014-03-23 20:31 - 00001000 _____ () C:\Users\max\Desktop\MailShield.der
2014-03-23 20:09 - 2014-03-23 20:09 - 00000826 _____ () C:\Users\Public\Desktop\MozBackup.lnk
2014-03-23 20:09 - 2014-03-23 20:09 - 00000000 ____D () C:\Program Files\MozBackup
2014-03-23 20:08 - 2014-03-23 20:08 - 01035926 _____ () C:\Users\max\Downloads\MozBackup-1.5.1-EN.exe
2014-03-23 18:54 - 2014-03-23 20:10 - 00000823 _____ () C:\Users\max\Documents\indexfile.txt
2014-03-23 17:58 - 2014-03-23 17:58 - 00000000 ____D () C:\Users\max\AppData\Roaming\Thunderbird
2014-03-23 17:58 - 2014-03-23 17:58 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-03-20 15:27 - 2014-03-20 15:27 - 00000000 ____D () C:\Users\mel\AppData\Local\Microsoft Help

Some content of TEMP:
====================
C:\Users\max\AppData\Local\temp\Installer.exe
C:\Users\max\AppData\Local\temp\LiveSupport_setup.exe
C:\Users\max\AppData\Local\temp\OptimizerPro.exe
C:\Users\mel\AppData\Local\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-15 11:08

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Alt 16.04.2014, 19:41   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Snapdo entfernen - Standard

Snapdo entfernen




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 17.04.2014, 11:38   #8
mullewapp
 
Snapdo entfernen - Standard

Snapdo entfernen



ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=a35fad4900b35b4db137edd3949b4a26
# engine=17919
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-17 07:55:18
# local_time=2014-04-17 09:55:18 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=772 16777213 83 82 1940251 55541216 0 0
# compatibility_mode=1282 16774142 0 63 110205162 135976762 0 0
# compatibility_mode=5892 16776574 100 100 171093 235254046 0 0
# scanned=185688
# found=2
# cleaned=0
# scan_time=5655
sh=2254251B50CFF746256CA77BEFC342F3DAC888FF ft=1 fh=ebd261af6f63890d vn="Win32/SpeedingUpMyPC.I application" ac=I fn="C:\Users\max\AppData\Local\temp\OptimizerPro.exe"
sh=7C8B36D36CA0D38C4883B850F43613381A9410B9 ft=1 fh=80db3572c576075a vn="multiple threats" ac=I fn="C:\Users\max\AppData\Local\temp\{7857F986-3672-4CD0-BEEB-C6DA3655B706}\setup.exe"

Results of screen317's Security Check version 0.99.81
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 9
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
CCleaner
Java 7 Update 51
Adobe Flash Player 12.0.0.77
Adobe Reader 9 Adobe Reader out of Date!
Adobe Reader 10.1.9 Adobe Reader out of Date!
Mozilla Firefox (28.0)
Mozilla Thunderbird (24.4.0)
````````Process Check: objlist.exe by Laurent````````
system32 AvastSvc.exe -?-
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 17-04-2014
Ran by max (administrator) on MEL-PC on 17-04-2014 11:35:21
Running from C:\Users\max\Downloads
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(B.H.A Corporation) C:\Windows\System32\bgsvcgen.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(devolo AG) C:\Program Files\devolo\dlan\devolonetsvc.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Prolific Technology Inc.) C:\Windows\system32\IoctlSvc.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdSync.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
(Packard Bell BV) C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Macrovision Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6265376 2008-08-04] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1833504 2008-08-04] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdSync.exe [215552 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-03-25] (AVAST Software)
HKLM\...\Run: [AgentMonitor] => C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe [391040 2013-06-20] ()
HKU\S-1-5-21-3388527527-2323720586-789991275-1001\...\Run: [SmpcSys] => C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe [1038136 2008-07-07] (Packard Bell BV)
HKU\S-1-5-21-3388527527-2323720586-789991275-1001\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-3388527527-2323720586-789991275-1001\...\Run: [ISUSPM] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [206112 2008-10-24] (Macrovision Corporation)
HKU\S-1-5-21-3388527527-2323720586-789991275-1001\...\Run: [HP Officejet 6700 (NET)] => C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [1804648 2011-09-09] (Hewlett-Packard Co.)
HKU\S-1-5-21-3388527527-2323720586-789991275-1001\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKU\S-1-5-21-3388527527-2323720586-789991275-1001\...\Run: [Nero MediaHome 4] => "C:\Program Files\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN
HKU\S-1-5-21-3388527527-2323720586-789991275-1001\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Microsoft Corporation
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x10F92A9F7E8CCA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com/search?q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} -  No File
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\max\AppData\Roaming\Mozilla\Firefox\Profiles\ba8te3p0.default
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Keyword.URL: hxxp://www.google.com/search?rls=org.mozilla:en-US:official&client=firefox-a&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Kaspersky URL Advisor - C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru [2013-12-11]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-11]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA} [2013-12-11]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-12-11]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-29]

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-03-25] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109048 2014-03-25] (AVAST Software)
R2 bgsvcgen; C:\Windows\System32\bgsvcgen.exe [145504 2007-06-15] (B.H.A Corporation)
R2 DevoloNetworkService; C:\Program Files\devolo\dlan\devolonetsvc.exe [3304768 2010-12-23] (devolo AG)
S2 ETService; C:\Program Files\Packard Bell\Packard Bell Recovery Management\Service\ETService.exe [24576 2008-07-16] ()
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)

==================== Drivers (Whitelisted) ====================

R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [26136 2014-03-25] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-03-25] (AVAST Software)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12112 2012-07-13] (ALWIL Software)
R0 aswNdis2; C:\Windows\system32\Drivers\aswNdis2.sys [252208 2014-03-25] (AVAST Software)
R1 AswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2014-03-25] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-03-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [776976 2014-03-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411552 2014-03-25] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2014-03-25] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180760 2014-03-25] ()
S4 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [107736 2014-04-17] (Malwarebytes Corporation)
R2 NPF_devolo; C:\Windows\system32\drivers\npf_devolo.sys [35840 2010-06-10] (CACE Technologies)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 catchme; \??\C:\Users\max\AppData\Local\Temp\catchme.sys [X]
S3 HTCAND32; System32\Drivers\ANDROIDUSB.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 RimUsb; System32\Drivers\RimUsb.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-17 11:35 - 2014-04-17 11:35 - 00000000 ____D () C:\Users\max\Downloads\FRST-OlderVersion
2014-04-17 10:36 - 2014-04-17 10:36 - 00987448 _____ () C:\Users\max\Desktop\SecurityCheck.exe
2014-04-17 08:19 - 2014-04-17 08:19 - 00000000 ____D () C:\Program Files\ESET
2014-04-17 08:15 - 2014-04-17 08:15 - 02347384 _____ (ESET) C:\Users\max\Downloads\esetsmartinstaller_enu.exe
2014-04-16 11:45 - 2014-04-16 11:45 - 01070840 _____ (Solid State Networks) C:\Users\max\Downloads\install_flashplayer13x32au_mssd_aaa_aih.exe
2014-04-16 07:20 - 2014-04-16 07:20 - 00000005 _____ () C:\Windows\system32\lMMLDeleteUserData42107612FX.tmp
2014-04-16 07:04 - 2014-04-16 07:05 - 00013542 _____ () C:\Windows\DPINST.LOG
2014-04-15 15:59 - 2014-04-17 11:35 - 00015070 _____ () C:\Users\max\Downloads\FRST.txt
2014-04-15 15:58 - 2014-04-17 11:35 - 01146880 _____ (Farbar) C:\Users\max\Downloads\FRST.exe
2014-04-15 15:46 - 2014-04-15 15:46 - 00001910 _____ () C:\Users\max\Desktop\JRT.txt
2014-04-15 10:33 - 2014-04-15 10:33 - 01016261 _____ (Thisisu) C:\Users\max\Downloads\JRT.exe
2014-04-15 10:24 - 2014-04-15 10:24 - 00001650 _____ () C:\Windows\PFRO.log
2014-04-15 07:34 - 2014-04-17 08:11 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-15 07:32 - 2014-04-15 07:32 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\max\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-15 07:24 - 2014-04-15 07:24 - 00001059 _____ () C:\Users\max\Desktop\Revo Uninstaller.lnk
2014-04-15 07:24 - 2014-04-15 07:24 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-04-15 07:23 - 2014-04-15 07:23 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\max\Downloads\revosetup95.exe
2014-04-10 14:16 - 2014-03-08 01:51 - 12347904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-10 14:16 - 2014-03-08 01:20 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-10 14:16 - 2014-03-08 01:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-10 14:16 - 2014-03-08 01:03 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-10 14:16 - 2014-03-08 01:02 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-10 14:16 - 2014-03-08 01:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-10 14:16 - 2014-03-08 01:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-10 14:16 - 2014-03-08 00:59 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-10 14:16 - 2014-03-08 00:57 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-10 14:16 - 2014-03-08 00:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-10 14:16 - 2014-03-08 00:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-10 14:16 - 2014-03-08 00:54 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-10 14:16 - 2014-03-08 00:53 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-10 14:16 - 2014-03-08 00:52 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-10 14:16 - 2014-03-08 00:52 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-10 14:16 - 2014-03-08 00:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-10 14:10 - 2014-04-10 14:10 - 04892480 _____ (WinZip International LLC ) C:\Users\mel\Downloads\wzmp_8.exe
2014-04-10 13:42 - 2014-04-10 13:42 - 00051698 _____ () C:\Users\mel\Downloads\Extras.Txt
2014-04-10 13:41 - 2014-04-10 13:41 - 00066866 _____ () C:\Users\mel\Downloads\OTL.Txt
2014-04-10 13:30 - 2014-04-10 13:30 - 00602112 _____ (OldTimer Tools) C:\Users\mel\Downloads\OTL.exe
2014-04-10 13:27 - 2014-04-15 18:22 - 00000000 ____D () C:\Users\mel\AppData\Local\HTC MediaHub
2014-04-10 13:27 - 2014-04-10 13:27 - 00000000 ____D () C:\Users\mel\Documents\HTC
2014-04-10 13:27 - 2014-04-10 13:27 - 00000000 ____D () C:\Users\mel\AppData\Roaming\Apple Computer
2014-04-10 13:27 - 2014-04-10 13:27 - 00000000 ____D () C:\Users\mel\AppData\Local\Apple Computer
2014-04-10 13:10 - 2014-04-10 13:12 - 00000000 ____D () C:\AdwCleaner
2014-04-10 13:09 - 2014-04-10 13:09 - 01426178 _____ () C:\Users\mel\Downloads\adwcleaner(1).exe
2014-04-10 13:08 - 2014-04-10 13:08 - 01426178 _____ () C:\Users\mel\Downloads\adwcleaner.exe
2014-04-10 11:52 - 2014-02-06 03:56 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 08:51 - 2014-04-09 08:51 - 00035927 _____ () C:\Users\mel\Downloads\Addition.txt
2014-04-09 08:50 - 2014-04-17 11:35 - 00000000 ____D () C:\FRST
2014-04-09 08:50 - 2014-04-09 08:51 - 00031751 _____ () C:\Users\mel\Downloads\FRST.txt
2014-04-09 08:49 - 2014-04-09 08:49 - 01145856 _____ (Farbar) C:\Users\mel\Downloads\FRST.exe
2014-04-09 08:48 - 2014-04-09 08:48 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-09 08:48 - 2014-04-09 08:48 - 00000000 _____ () C:\Windows\setupact.log
2014-04-09 07:08 - 2014-04-09 07:08 - 00000000 ____D () C:\Users\mel\.android
2014-04-08 23:51 - 2014-04-08 23:51 - 00000000 ____D () C:\Users\max\Downloads\Impactor_0.9.14
2014-04-08 23:49 - 2014-04-08 23:49 - 00000000 ____D () C:\Users\max\Downloads\adb
2014-04-08 23:44 - 2014-04-08 23:44 - 11937023 _____ () C:\Users\max\Downloads\Impactor_0.9.14.zip
2014-04-08 23:33 - 2014-04-08 23:33 - 00000477 _____ () C:\Windows\wininit.ini
2014-04-08 23:25 - 2014-04-08 23:25 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
2014-04-08 20:39 - 2014-04-08 20:40 - 00000000 ____D () C:\Users\max\Downloads\revoltunairie
2014-04-08 20:36 - 2014-04-16 07:23 - 00000000 ____D () C:\Users\max\AppData\Roaming\HTC
2014-04-08 20:27 - 2014-04-16 07:23 - 00000000 ____D () C:\ProgramData\HTC
2014-04-08 20:27 - 2014-04-08 20:34 - 00000000 ____D () C:\Users\max\Documents\HTC
2014-04-08 20:27 - 2014-04-08 20:27 - 00000000 ____D () C:\Users\max\.android
2014-04-08 20:07 - 2014-04-08 20:07 - 00000000 ____D () C:\Users\max\{a9506e87-a470-4bea-ae57-af1766891f12}
2014-04-08 20:06 - 2014-04-08 20:06 - 00000000 ___HD () C:\Users\max\Downloads\.ptmp866423
2014-04-08 20:04 - 2014-04-08 20:04 - 00000000 ____D () C:\Users\max\{0417b888-8b19-4ba0-a161-88089450ca9b}
2014-04-08 20:03 - 2014-04-16 07:05 - 00000000 ____D () C:\Program Files\HTC
2014-04-08 20:02 - 2014-04-08 20:02 - 00000000 ____D () C:\Users\max\AppData\Local\Downloaded Installations
2014-04-08 20:01 - 2014-04-08 20:01 - 136012136 _____ (HTC) C:\Users\max\Downloads\setup_3.0.52.0_htc.exe
2014-04-08 19:57 - 2014-04-08 19:57 - 01619991 _____ () C:\Users\max\Downloads\revolutionary-0.4pre4.zip
2014-03-25 23:55 - 2014-03-25 23:55 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-23 20:31 - 2014-03-23 23:12 - 00001000 _____ () C:\Users\max\Desktop\MailShield.der
2014-03-23 20:10 - 2014-03-23 18:54 - 00000823 _____ () C:\Users\max\Documents\indexfile.txt
2014-03-23 20:09 - 2014-03-23 20:09 - 00000826 _____ () C:\Users\Public\Desktop\MozBackup.lnk
2014-03-23 20:09 - 2014-03-23 20:09 - 00000000 ____D () C:\Program Files\MozBackup
2014-03-23 20:08 - 2014-03-23 20:08 - 01035926 _____ () C:\Users\max\Downloads\MozBackup-1.5.1-EN.exe
2014-03-23 17:58 - 2014-03-23 17:58 - 00000000 ____D () C:\Users\max\AppData\Roaming\Thunderbird
2014-03-23 17:58 - 2014-03-23 17:58 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-03-20 15:27 - 2014-03-20 15:27 - 00000000 ____D () C:\Users\mel\AppData\Local\Microsoft Help

==================== One Month Modified Files and Folders =======

2014-04-17 11:35 - 2014-04-17 11:35 - 00000000 ____D () C:\Users\max\Downloads\FRST-OlderVersion
2014-04-17 11:35 - 2014-04-15 15:59 - 00015070 _____ () C:\Users\max\Downloads\FRST.txt
2014-04-17 11:35 - 2014-04-15 15:58 - 01146880 _____ (Farbar) C:\Users\max\Downloads\FRST.exe
2014-04-17 11:35 - 2014-04-09 08:50 - 00000000 ____D () C:\FRST
2014-04-17 11:35 - 2012-04-23 06:33 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-17 11:08 - 2006-11-02 14:47 - 00003344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-17 11:08 - 2006-11-02 14:47 - 00003344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-17 10:45 - 2010-02-07 11:02 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-17 10:36 - 2014-04-17 10:36 - 00987448 _____ () C:\Users\max\Desktop\SecurityCheck.exe
2014-04-17 08:19 - 2014-04-17 08:19 - 00000000 ____D () C:\Program Files\ESET
2014-04-17 08:15 - 2014-04-17 08:15 - 02347384 _____ (ESET) C:\Users\max\Downloads\esetsmartinstaller_enu.exe
2014-04-17 08:11 - 2014-04-15 07:34 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-17 07:21 - 2009-03-03 13:15 - 02037435 _____ () C:\Windows\WindowsUpdate.log
2014-04-16 19:45 - 2010-02-07 11:02 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-16 11:45 - 2014-04-16 11:45 - 01070840 _____ (Solid State Networks) C:\Users\max\Downloads\install_flashplayer13x32au_mssd_aaa_aih.exe
2014-04-16 07:23 - 2014-04-08 20:36 - 00000000 ____D () C:\Users\max\AppData\Roaming\HTC
2014-04-16 07:23 - 2014-04-08 20:27 - 00000000 ____D () C:\ProgramData\HTC
2014-04-16 07:22 - 2009-03-03 13:29 - 00000000 ____D () C:\Program Files\Common Files\Nero
2014-04-16 07:20 - 2014-04-16 07:20 - 00000005 _____ () C:\Windows\system32\lMMLDeleteUserData42107612FX.tmp
2014-04-16 07:05 - 2014-04-16 07:04 - 00013542 _____ () C:\Windows\DPINST.LOG
2014-04-16 07:05 - 2014-04-08 20:03 - 00000000 ____D () C:\Program Files\HTC
2014-04-15 18:22 - 2014-04-10 13:27 - 00000000 ____D () C:\Users\mel\AppData\Local\HTC MediaHub
2014-04-15 18:19 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-15 17:36 - 2009-03-03 13:22 - 00000000 _____ () C:\Windows\system32\LogConfigTemp.xml
2014-04-15 17:34 - 2006-11-02 15:01 - 00032582 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-15 15:46 - 2014-04-15 15:46 - 00001910 _____ () C:\Users\max\Desktop\JRT.txt
2014-04-15 10:37 - 2008-01-21 09:16 - 01565124 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-15 10:33 - 2014-04-15 10:33 - 01016261 _____ (Thisisu) C:\Users\max\Downloads\JRT.exe
2014-04-15 10:24 - 2014-04-15 10:24 - 00001650 _____ () C:\Windows\PFRO.log
2014-04-15 10:22 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Resources
2014-04-15 07:33 - 2012-11-30 01:41 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-15 07:32 - 2014-04-15 07:32 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\max\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-15 07:24 - 2014-04-15 07:24 - 00001059 _____ () C:\Users\max\Desktop\Revo Uninstaller.lnk
2014-04-15 07:24 - 2014-04-15 07:24 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-04-15 07:23 - 2014-04-15 07:23 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\max\Downloads\revosetup95.exe
2014-04-11 23:06 - 2012-04-23 06:33 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-04-11 23:06 - 2011-05-19 18:53 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-04-10 14:19 - 2009-01-08 18:34 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-10 14:16 - 2013-08-16 03:15 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-10 14:14 - 2006-11-02 12:24 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-04-10 14:10 - 2014-04-10 14:10 - 04892480 _____ (WinZip International LLC ) C:\Users\mel\Downloads\wzmp_8.exe
2014-04-10 13:42 - 2014-04-10 13:42 - 00051698 _____ () C:\Users\mel\Downloads\Extras.Txt
2014-04-10 13:41 - 2014-04-10 13:41 - 00066866 _____ () C:\Users\mel\Downloads\OTL.Txt
2014-04-10 13:30 - 2014-04-10 13:30 - 00602112 _____ (OldTimer Tools) C:\Users\mel\Downloads\OTL.exe
2014-04-10 13:27 - 2014-04-10 13:27 - 00000000 ____D () C:\Users\mel\Documents\HTC
2014-04-10 13:27 - 2014-04-10 13:27 - 00000000 ____D () C:\Users\mel\AppData\Roaming\Apple Computer
2014-04-10 13:27 - 2014-04-10 13:27 - 00000000 ____D () C:\Users\mel\AppData\Local\Apple Computer
2014-04-10 13:12 - 2014-04-10 13:10 - 00000000 ____D () C:\AdwCleaner
2014-04-10 13:09 - 2014-04-10 13:09 - 01426178 _____ () C:\Users\mel\Downloads\adwcleaner(1).exe
2014-04-10 13:08 - 2014-04-10 13:08 - 01426178 _____ () C:\Users\mel\Downloads\adwcleaner.exe
2014-04-09 08:51 - 2014-04-09 08:51 - 00035927 _____ () C:\Users\mel\Downloads\Addition.txt
2014-04-09 08:51 - 2014-04-09 08:50 - 00031751 _____ () C:\Users\mel\Downloads\FRST.txt
2014-04-09 08:49 - 2014-04-09 08:49 - 01145856 _____ (Farbar) C:\Users\mel\Downloads\FRST.exe
2014-04-09 08:48 - 2014-04-09 08:48 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-09 08:48 - 2014-04-09 08:48 - 00000000 _____ () C:\Windows\setupact.log
2014-04-09 08:48 - 2010-12-11 18:58 - 00107384 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT
2014-04-09 07:08 - 2014-04-09 07:08 - 00000000 ____D () C:\Users\mel\.android
2014-04-09 07:08 - 2014-01-03 15:09 - 00000000 ____D () C:\Users\NeroMediaHomeUser.4
2014-04-09 07:08 - 2009-07-11 15:39 - 00000000 ____D () C:\Users\mel
2014-04-09 07:07 - 2006-11-02 14:47 - 00392776 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-09 00:01 - 2009-03-03 13:29 - 00000000 ____D () C:\Program Files\Nero
2014-04-08 23:51 - 2014-04-08 23:51 - 00000000 ____D () C:\Users\max\Downloads\Impactor_0.9.14
2014-04-08 23:49 - 2014-04-08 23:49 - 00000000 ____D () C:\Users\max\Downloads\adb
2014-04-08 23:44 - 2014-04-08 23:44 - 11937023 _____ () C:\Users\max\Downloads\Impactor_0.9.14.zip
2014-04-08 23:33 - 2014-04-08 23:33 - 00000477 _____ () C:\Windows\wininit.ini
2014-04-08 23:31 - 2009-07-11 23:07 - 00107384 _____ () C:\Users\max\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-08 23:25 - 2014-04-08 23:25 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
2014-04-08 20:40 - 2014-04-08 20:39 - 00000000 ____D () C:\Users\max\Downloads\revoltunairie
2014-04-08 20:34 - 2014-04-08 20:27 - 00000000 ____D () C:\Users\max\Documents\HTC
2014-04-08 20:27 - 2014-04-08 20:27 - 00000000 ____D () C:\Users\max\.android
2014-04-08 20:27 - 2009-11-14 18:33 - 00000000 ____D () C:\Users\max\AppData\Roaming\Apple Computer
2014-04-08 20:27 - 2009-11-14 18:33 - 00000000 ____D () C:\Users\max\AppData\Local\Apple Computer
2014-04-08 20:27 - 2009-07-11 23:06 - 00000000 ____D () C:\Users\max
2014-04-08 20:08 - 2013-12-11 00:00 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-04-08 20:08 - 2013-01-20 21:46 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-04-08 20:07 - 2014-04-08 20:07 - 00000000 ____D () C:\Users\max\{a9506e87-a470-4bea-ae57-af1766891f12}
2014-04-08 20:06 - 2014-04-08 20:06 - 00000000 ___HD () C:\Users\max\Downloads\.ptmp866423
2014-04-08 20:04 - 2014-04-08 20:04 - 00000000 ____D () C:\Users\max\{0417b888-8b19-4ba0-a161-88089450ca9b}
2014-04-08 20:02 - 2014-04-08 20:02 - 00000000 ____D () C:\Users\max\AppData\Local\Downloaded Installations
2014-04-08 20:01 - 2014-04-08 20:01 - 136012136 _____ (HTC) C:\Users\max\Downloads\setup_3.0.52.0_htc.exe
2014-04-08 19:57 - 2014-04-08 19:57 - 01619991 _____ () C:\Users\max\Downloads\revolutionary-0.4pre4.zip
2014-03-25 23:56 - 2012-12-30 13:41 - 00001881 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-03-25 23:55 - 2014-03-25 23:55 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-25 23:55 - 2013-03-02 09:06 - 00180760 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-03-25 23:55 - 2013-03-02 09:06 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-03-25 23:55 - 2012-11-29 23:41 - 00776976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-03-25 23:55 - 2012-11-29 23:41 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-03-25 23:55 - 2012-11-29 23:41 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-03-25 23:55 - 2012-11-29 23:41 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-03-25 23:55 - 2012-11-29 23:41 - 00057672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2014-03-25 23:55 - 2012-11-29 23:41 - 00054832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2014-03-25 23:54 - 2012-12-30 13:40 - 00252208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswndis2.sys
2014-03-25 23:54 - 2012-12-30 13:40 - 00026136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-03-23 23:12 - 2014-03-23 20:31 - 00001000 _____ () C:\Users\max\Desktop\MailShield.der
2014-03-23 20:09 - 2014-03-23 20:09 - 00000826 _____ () C:\Users\Public\Desktop\MozBackup.lnk
2014-03-23 20:09 - 2014-03-23 20:09 - 00000000 ____D () C:\Program Files\MozBackup
2014-03-23 20:08 - 2014-03-23 20:08 - 01035926 _____ () C:\Users\max\Downloads\MozBackup-1.5.1-EN.exe
2014-03-23 18:54 - 2014-03-23 20:10 - 00000823 _____ () C:\Users\max\Documents\indexfile.txt
2014-03-23 17:58 - 2014-03-23 17:58 - 00000000 ____D () C:\Users\max\AppData\Roaming\Thunderbird
2014-03-23 17:58 - 2014-03-23 17:58 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-03-20 15:27 - 2014-03-20 15:27 - 00000000 ____D () C:\Users\mel\AppData\Local\Microsoft Help

Some content of TEMP:
====================
C:\Users\max\AppData\Local\temp\Installer.exe
C:\Users\max\AppData\Local\temp\LiveSupport_setup.exe
C:\Users\max\AppData\Local\temp\OptimizerPro.exe
C:\Users\mel\AppData\Local\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-15 18:26

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Alt 18.04.2014, 10:47   #9
schrauber
/// the machine
/// TB-Ausbilder
 

Snapdo entfernen - Standard

Snapdo entfernen



Adobe updaten.


Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Snapdo entfernen
automatisch, backdoor.prorat, bereits, ccleaner, entfern, entferne, entfernt, guten, morgen, notebook, pup.optional.bandoo.a, pup.optional.somoto, pup.optional.somoto.a, pup.optional.tarma, schütze, snapdo, starte, suche, systems, systemsteuerung, troja, trojaner, versuch, versucht, win32/speedingupmypc.i



Ähnliche Themen: Snapdo entfernen


  1. Ärger mit snapdo Suchmaschine
    Plagegeister aller Art und deren Bekämpfung - 11.04.2015 (11)
  2. Snapdo.inspsearch.com entfernen
    Anleitungen, FAQs & Links - 06.10.2014 (2)
  3. PUP.Optional.Snapdo.T gefunden
    Plagegeister aller Art und deren Bekämpfung - 08.09.2014 (11)
  4. Snapdo wieder entdeckt
    Plagegeister aller Art und deren Bekämpfung - 06.08.2014 (9)
  5. search.snapdo lässt sich nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 25.04.2014 (15)
  6. Win 7: Snapdo, plötzliches System-Shutdown
    Log-Analyse und Auswertung - 08.04.2014 (23)
  7. snapdo entfernen google chrome
    Plagegeister aller Art und deren Bekämpfung - 20.03.2014 (16)
  8. Win7: Snapdo deinstalieren
    Log-Analyse und Auswertung - 28.12.2013 (7)
  9. SnapDo Google Chrome Problem
    Log-Analyse und Auswertung - 21.12.2013 (14)
  10. Befall mit Snapdo.
    Plagegeister aller Art und deren Bekämpfung - 19.12.2013 (5)
  11. Snapdo, Feven und Trojaner, kurz: PC infiziert
    Log-Analyse und Auswertung - 28.11.2013 (17)
  12. rvzr-a.akamaihd.net snapdo.com
    Plagegeister aller Art und deren Bekämpfung - 18.11.2013 (3)
  13. http://search.snapdo.com/?st=hp&q=
    Log-Analyse und Auswertung - 07.11.2013 (15)
  14. Snapdo Problem
    Plagegeister aller Art und deren Bekämpfung - 01.09.2013 (1)
  15. Search.Snapdo.com - wie lösche ich diesen?
    Log-Analyse und Auswertung - 04.08.2013 (9)
  16. Google chrome snapdo entfernen
    Plagegeister aller Art und deren Bekämpfung - 02.08.2013 (15)
  17. snapdo und searchnu nerven extrem
    Plagegeister aller Art und deren Bekämpfung - 03.06.2013 (17)

Zum Thema Snapdo entfernen - Hallo und guten Morgen, bei meiner Frau am Notebook hat sich mal wieder ein Trojaner eingeschlichen. Snapdo wurde bereits über die Systemsteuerung entfernt und mithilfe von CCleaner wurde versucht den - Snapdo entfernen...
Archiv
Du betrachtest: Snapdo entfernen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.