Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Chrome kann nicht deinstalliert werden (Snap.do)

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 06.05.2014, 13:51   #1
Iphone4
 
Chrome kann nicht deinstalliert werden (Snap.do) - Standard

Chrome kann nicht deinstalliert werden (Snap.do)



Hallo, ich hatte vor langer Zeit "Snap" auf meinem Rechner, doch mit Eurer Hilfe habe ich geschafft - das "Programm" zu entfernen bzw. löschen.

Sooo, dabei hat sich 1. das Symbol von Chrome verändert (kein Symbol = weißes Blatt) und
2. ich kann es nicht deinstallieren Ich denke, dass Snap.do hierbei eine gewisse Rolle spielt - anders kann ich es mir nicht erklären...

wenn ich es deinstallieren will [Systemeinstellungen; Programme deinstallieren; Chrome auswählen], erscheint immer das Fenster - ich solle Google Chrome schließen

Wie soll ich vorgehen? Bitte helft mir
Danke im Voraus

Alt 06.05.2014, 15:53   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Chrome kann nicht deinstalliert werden (Snap.do) - Standard

Chrome kann nicht deinstalliert werden (Snap.do)



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 06.05.2014, 20:55   #3
Iphone4
 
Chrome kann nicht deinstalliert werden (Snap.do) - Standard

Chrome kann nicht deinstalliert werden (Snap.do)



Datei stellt für den PC eine Gefahr dar - Trotzdem ausführen oder nicht?

[CODE][
FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-05-2014
Ran by AMD (administrator) on HP on 06-05-2014 21:03:09
Running from C:\Users\AMD\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\36QW9BX7
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
( ) C:\Windows\System32\lxducoms.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe
(Microsoft) C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpyBrowserMaske.exe
(Facebook Inc.) C:\Users\AMD\AppData\Local\Facebook\Update\FacebookUpdate.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\Printer Pro Desktop\PrinterProDesktop.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\old_chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\Installer\setup.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi.exe
(Google) C:\Program Files\WindowsApps\GoogleInc.GoogleSearch_1.2.1.12_x64__yfg5n0ztvskxp\google-search.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-07-21] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-24] (Synaptics Incorporated)
HKLM\...\Run: [lxdumon.exe] => C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe [676520 2008-09-10] ()
HKLM\...\Run: [lxduamon] => C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduamon.exe [16040 2008-09-10] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491320 2012-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [580512 2012-07-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2011-08-26] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [MobileConnect] => C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2403840 2009-09-11] (Vodafone)
HKLM-x32\...\Run: [PowerDVD12DMREngine] => C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe [501544 2012-01-02] (CyberLink)
HKLM-x32\...\Run: [PowerDVD12Agent] => C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe [371256 2012-01-12] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2249352 2013-06-20] (Microsoft Corp.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-21] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [189480 2014-02-17] (Geek Software GmbH)
HKLM-x32\...\Run: [Lexmark 5600-6600 Series] => C:\Program Files (x86)\Lexmark 5600-6600 Series\fm3032.exe [311976 2008-09-10] ()
HKU\S-1-5-21-4168891922-4078455343-2189293659-1002\...\Run: [Driver Pro] => C:\Program Files (x86)\Driver Pro\DPLauncher.exe [340512 2012-10-30] (PC Utilities Pro)
HKU\S-1-5-21-4168891922-4078455343-2189293659-1002\...\Run: [BrowserMask] => C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpyBrowserMaske.exe [101328 2012-08-14] (Microsoft)
HKU\S-1-5-21-4168891922-4078455343-2189293659-1002\...\Run: [Facebook Update] => C:\Users\AMD\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-04-11] (Facebook Inc.)
HKU\S-1-5-21-4168891922-4078455343-2189293659-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20918432 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-4168891922-4078455343-2189293659-1002\...\Run: [PrinterProDesktop] => C:\Program Files (x86)\Printer Pro Desktop\PrinterProDesktop.exe [2132992 2012-02-02] ()
HKU\S-1-5-21-4168891922-4078455343-2189293659-1002\...\RunOnce: [Application Restart #0] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032 2014-04-24] (Google Inc.)
HKU\S-1-5-21-4168891922-4078455343-2189293659-1002\...\RunOnce: [Uninstall C:\Users\AMD\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64] - C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\AMD\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64"
HKU\S-1-5-21-4168891922-4078455343-2189293659-1002\...\RunOnce: [Uninstall C:\Users\AMD\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220] - C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\AMD\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220"
HKU\S-1-5-21-4168891922-4078455343-2189293659-1002\...\MountPoints2: {021262b5-776e-11e2-be73-38eaa7db6372} - "F:\setup_vmc_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-4168891922-4078455343-2189293659-1002\...\MountPoints2: {02126400-776e-11e2-be73-38eaa7db6372} - "F:\setup_vmc_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-4168891922-4078455343-2189293659-1002\...\MountPoints2: {021264be-776e-11e2-be73-38eaa7db6372} - "F:\setup_vmc_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-4168891922-4078455343-2189293659-1002\...\MountPoints2: {b5a1c80e-1eee-11e3-bea8-001e101fd32b} - "F:\setup_vmc_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-4168891922-4078455343-2189293659-1002\...\MountPoints2: {e7682d96-77a2-11e2-be74-38eaa7db6372} - "F:\setup_vmc_lite.exe" /checkApplicationPresence
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT13/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/4
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {28A1AFBC-2A66-4FD6-8237-7EAF11857F60} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 
BHO: Video downloader - {77BEC163-D389-42c1-91A4-C758846296A5} - C:\Program Files\Video downloader\Extension64.dll ()
BHO-x32: Lexmark Symbolleiste - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Video downloader - {77BEC163-D389-42c1-91A4-C758846296A5} - C:\Program Files\Video downloader\Extension32.dll ()
BHO-x32: LyricsNotes - {A444752C-F03B-4E19-B2CD-E80F1FC2809C} - C:\Program Files (x86)\LyricsNotes\116.dll No File
BHO-x32: Lexmark  - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Lexmark Symbolleiste - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
Toolbar: HKCU - No Name - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} -  No File
DPF: HKLM-x32 {E55FD215-A32E-43FE-A777-A7E8F165F561} hxxp://download.flatcast.net/objects/NpFv530.dll
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\AMD\AppData\Roaming\Mozilla\Firefox\Profiles\q0n3oqns.default
FF user.js: detected! => C:\Users\AMD\AppData\Roaming\Mozilla\Firefox\Profiles\q0n3oqns.default\user.js
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @Skype Technologies S.A..com/Skype Web Plugin - C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin64.dll (Skype)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Skype Technologies S.A..com/Skype Web Plugin - C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin.dll (Skype)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\AMD\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @www.flatcast.com/FlatViewer 5.2 - C:\Windows\DOWNLO~1\NpFv530.dll (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Users\AMD\AppData\Roaming\mozilla\plugins\NpFv530.dll (1 mal 1 Software GmbH)
FF HKLM\...\Firefox\Extensions: [{77BEC163-D389-42c1-91A4-C758846296A5}] - C:\Program Files\Video downloader\Firefox
FF Extension: Video downloader - C:\Program Files\Video downloader\Firefox [2013-03-29]
FF HKLM-x32\...\Firefox\Extensions: [{77BEC163-D389-42c1-91A4-C758846296A5}] - C:\Program Files\Video downloader\Firefox
FF Extension: Video downloader - C:\Program Files\Video downloader\Firefox [2013-03-29]
FF HKCU\...\Firefox\Extensions: [LyricsNotes@LonLyrics.co] - C:\Program Files (x86)\LyricsNotes\116.xpi
FF HKCU\...\Firefox\Extensions: [Lyrics@Lon.co] - C:\Program Files (x86)\LyricsNotes\125.xpi
FF Extension: LyricsNotes - C:\Program Files (x86)\LyricsNotes\125.xpi [2013-07-23]

Chrome: 
=======
CHR StartupUrls: "https://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Flatcast Viewer Plugin 5.3.0.784) - C:\Users\AMD\AppData\Roaming\Mozilla\plugins\NpFv530.dll (1 mal 1 Software GmbH)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Skype Web Plugin) - C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin.dll (Skype)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.16) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (Google Docs) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-07-27]
CHR Extension: (Google Drive) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-27]
CHR Extension: (YouTube) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-27]
CHR Extension: (Google-Suche) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-27]
CHR Extension: (AdBlock) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-09-08]
CHR Extension: (Google Wallet) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Google Mail) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-27]
CHR HKLM-x32\...\Chrome\Extension: [dbjmkjlcdkfccfpgpbieancamjhaclga] - C:\Program Files (x86)\LyricsNotes\125.crx [2013-07-22]

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-08] (Advanced Micro Devices, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-21] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-21] (Avira Operations GmbH & Co. KG)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-20] (Microsoft Corp.)
R2 CLHNServiceForPowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [87336 2012-01-12] (CyberLink Corp.)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [75048 2012-01-12] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [296232 2012-01-12] (CyberLink)
R2 hasplms; C:\Windows\system32\hasplms.exe [4412872 2012-08-23] (SafeNet Inc.)
S2 lxduCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxduserv.exe [29184 2009-10-16] (Lexmark International, Inc.)
R2 lxdu_device; C:\Windows\system32\lxducoms.exe [1039360 2009-10-16] ( )
R2 lxdu_device; C:\Windows\SysWOW64\lxducoms.exe [594600 2008-05-23] ( )
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1223704 2013-02-07] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660504 2013-02-07] (Secunia)
R2 VMCService; C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [9216 2009-09-11] (Vodafone)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-18] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 ewusbnet; C:\Windows\system32\DRIVERS\ewusbnet.sys [132608 2009-06-29] (Huawei Technologies Co., Ltd.)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [323584 2012-10-06] (SafeNet Inc.)
R2 ntk_PowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [82928 2011-10-27] (Cyberlink Corp.)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-02-07] (Secunia)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-04] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated)
S3 vwhid; C:\Windows\System32\drivers\vwhid.sys [27296 2013-01-28] (Windows (R) Win 7 DDK provider)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20288 2012-08-03] (Hewlett-Packard Development Company, L.P.)
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [146928 2012-01-11] (CyberLink Corp.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-06 21:03 - 2014-05-06 21:03 - 00000000 ____D () C:\FRST
2014-05-06 14:12 - 2014-05-06 14:12 - 00001305 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-05-06 14:12 - 2014-05-06 14:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-05-06 14:12 - 2014-05-06 14:12 - 00000000 ____D () C:\Windows\de
2014-05-06 14:10 - 2014-05-06 14:10 - 00000000 ____D () C:\Program Files\Windows Live
2014-05-06 14:04 - 2014-05-06 14:04 - 00002492 _____ () C:\Users\AMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2014-05-06 13:59 - 2014-05-06 13:59 - 00002251 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-05 22:45 - 2014-03-01 11:47 - 01258496 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-05-05 22:45 - 2014-03-01 11:47 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2014-05-05 22:45 - 2014-03-01 10:07 - 01075200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2014-05-05 22:45 - 2014-03-01 08:59 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-05 22:45 - 2014-02-27 01:40 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-05 22:45 - 2014-02-27 01:21 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-05 22:45 - 2014-02-27 01:18 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-05-05 22:45 - 2014-02-27 01:18 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-05-05 22:45 - 2014-02-27 01:18 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-05-05 22:45 - 2014-02-27 01:18 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-05-05 22:45 - 2014-02-15 06:15 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-05-05 22:23 - 2014-04-19 11:39 - 00628024 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-05-05 22:23 - 2014-04-19 10:45 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-05-05 22:23 - 2014-04-19 10:45 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-05 22:23 - 2014-04-19 08:57 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-05-05 22:23 - 2014-04-19 08:57 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-04 18:35 - 2014-05-06 13:59 - 00000494 _____ () C:\Users\AMD\Desktop\Neues Textdokument (2).txt
2014-05-04 17:43 - 2014-05-04 17:43 - 00000000 ____D () C:\Users\AMD\AppData\Roaming\SumatraPDF
2014-05-04 17:41 - 2014-05-04 17:41 - 05410328 _____ () C:\Users\AMD\Downloads\PrinterProDesktopSetup-1_3_3.exe
2014-05-03 13:51 - 2014-04-29 16:14 - 19275264 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-03 13:51 - 2014-04-29 14:47 - 14357504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-03 13:51 - 2014-04-29 14:36 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-03 13:51 - 2014-04-29 14:25 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-20 12:45 - 2014-04-20 13:23 - 972979917 _____ () C:\Users\AMD\Downloads\IMG_0332.MOV
2014-04-20 12:45 - 2014-04-20 13:10 - 449214554 _____ () C:\Users\AMD\Downloads\IMG_0331.MOV
2014-04-20 12:45 - 2014-04-20 12:56 - 164824372 _____ () C:\Users\AMD\Downloads\IMG_0333.MOV
2014-04-20 12:44 - 2014-04-20 13:37 - 1854702979 _____ () C:\Users\AMD\Downloads\IMG_0714 (1).MOV
2014-04-20 12:44 - 2014-04-20 13:07 - 359080152 _____ () C:\Users\AMD\Downloads\IMG_0717 (1).MOV
2014-04-17 00:49 - 2014-04-17 00:49 - 00000000 ____D () C:\Users\AMD\AppData\Local\Skype
2014-04-17 00:48 - 2014-04-17 00:48 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-17 00:48 - 2014-04-17 00:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-04-16 14:23 - 2014-03-07 02:48 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-16 14:23 - 2014-03-07 02:48 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-16 14:23 - 2014-03-07 02:47 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-16 14:23 - 2014-03-07 02:47 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-16 14:23 - 2014-03-07 02:47 - 02049536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-16 14:23 - 2014-03-07 02:47 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-16 14:23 - 2014-03-07 02:47 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-16 14:23 - 2014-03-07 02:47 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-16 14:23 - 2014-03-07 02:08 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-16 14:23 - 2014-03-07 02:08 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-16 14:23 - 2014-03-07 02:08 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-16 14:23 - 2014-03-07 02:08 - 02240000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-16 14:23 - 2014-03-07 02:08 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-16 14:23 - 2014-03-07 02:08 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-04-16 14:23 - 2014-03-07 02:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-16 14:23 - 2014-03-07 02:08 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-16 14:23 - 2014-03-07 02:08 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-16 14:20 - 2014-01-27 05:42 - 02232664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-04-16 14:20 - 2014-01-27 05:39 - 01939288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-16 14:20 - 2014-01-27 02:52 - 17561088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-04-16 14:20 - 2014-01-27 02:31 - 19752448 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-04-16 14:20 - 2014-01-11 08:48 - 05979648 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-04-16 14:20 - 2014-01-11 07:06 - 05092352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-04-16 14:20 - 2014-01-03 01:35 - 00365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-04-16 14:20 - 2014-01-03 01:32 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-04-16 14:19 - 2014-02-04 01:56 - 00332632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-16 14:19 - 2014-02-04 01:56 - 00278872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-16 14:19 - 2014-01-31 02:48 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2014-04-16 14:19 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-04-16 14:19 - 2014-01-31 02:06 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2014-04-16 14:19 - 2014-01-27 01:17 - 00386722 _____ () C:\Windows\system32\ApnDatabase.xml
2014-04-16 14:19 - 2014-01-16 01:42 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-04-11 21:02 - 2014-04-11 21:02 - 00000904 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4168891922-4078455343-2189293659-1002Core1cf55b8a2f9a244.job
2014-04-11 20:45 - 2014-04-11 20:46 - 00000000 ____D () C:\Users\AMD\AppData\Local\Facebook
2014-04-11 20:45 - 2014-04-11 20:45 - 00501248 _____ (Facebook Inc.) C:\Users\AMD\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00092672 _____ () C:\Users\AMD\Downloads\TS103131801.pub

==================== One Month Modified Files and Folders =======

2014-05-06 21:03 - 2014-05-06 21:03 - 00000000 ____D () C:\FRST
2014-05-06 21:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-05-06 18:42 - 2013-02-15 15:56 - 01193623 _____ () C:\Windows\WindowsUpdate.log
2014-05-06 14:16 - 2013-02-16 22:08 - 00000000 ____D () C:\Users\AMD\Tracing
2014-05-06 14:12 - 2014-05-06 14:12 - 00001305 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-05-06 14:12 - 2014-05-06 14:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-05-06 14:12 - 2014-05-06 14:12 - 00000000 ____D () C:\Windows\de
2014-05-06 14:11 - 2014-02-26 16:30 - 00002534 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2014-05-06 14:11 - 2013-02-16 22:31 - 00001490 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2014-05-06 14:11 - 2013-02-16 22:31 - 00001374 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-05-06 14:10 - 2014-05-06 14:10 - 00000000 ____D () C:\Program Files\Windows Live
2014-05-06 14:10 - 2012-08-24 12:56 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-05-06 14:10 - 2012-08-24 12:55 - 00002711 _____ () C:\Windows\DirectX.log
2014-05-06 14:09 - 2014-02-26 16:28 - 00002287 _____ () C:\Users\AMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2014-05-06 14:04 - 2014-05-06 14:04 - 00002492 _____ () C:\Users\AMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2014-05-06 14:01 - 2013-02-15 22:44 - 00000000 ____D () C:\Users\AMD\AppData\Roaming\Skype
2014-05-06 13:59 - 2014-05-06 13:59 - 00002251 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-06 13:59 - 2014-05-04 18:35 - 00000494 _____ () C:\Users\AMD\Desktop\Neues Textdokument (2).txt
2014-05-06 13:52 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-05 22:47 - 2012-07-26 07:26 - 01048576 ___SH () C:\Windows\system32\config\BBI
2014-05-05 22:28 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-05-04 17:43 - 2014-05-04 17:43 - 00000000 ____D () C:\Users\AMD\AppData\Roaming\SumatraPDF
2014-05-04 17:41 - 2014-05-04 17:41 - 05410328 _____ () C:\Users\AMD\Downloads\PrinterProDesktopSetup-1_3_3.exe
2014-05-03 13:32 - 2012-08-04 00:23 - 00229186 _____ () C:\Windows\PFRO.log
2014-04-29 16:14 - 2014-05-03 13:51 - 19275264 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 14:47 - 2014-05-03 13:51 - 14357504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 14:36 - 2014-05-03 13:51 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-29 14:25 - 2014-05-03 13:51 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-23 01:47 - 2013-11-16 16:09 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-23 01:47 - 2013-11-16 16:09 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-22 20:17 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-04-20 13:37 - 2014-04-20 12:44 - 1854702979 _____ () C:\Users\AMD\Downloads\IMG_0714 (1).MOV
2014-04-20 13:35 - 2013-03-29 22:21 - 00000000 ____D () C:\Users\AMD\Documents\Youcam
2014-04-20 13:23 - 2014-04-20 12:45 - 972979917 _____ () C:\Users\AMD\Downloads\IMG_0332.MOV
2014-04-20 13:10 - 2014-04-20 12:45 - 449214554 _____ () C:\Users\AMD\Downloads\IMG_0331.MOV
2014-04-20 13:07 - 2014-04-20 12:44 - 359080152 _____ () C:\Users\AMD\Downloads\IMG_0717 (1).MOV
2014-04-20 12:56 - 2014-04-20 12:45 - 164824372 _____ () C:\Users\AMD\Downloads\IMG_0333.MOV
2014-04-19 11:39 - 2014-05-05 22:23 - 00628024 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-04-19 10:45 - 2014-05-05 22:23 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-04-19 10:45 - 2014-05-05 22:23 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-19 08:57 - 2014-05-05 22:23 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-04-19 08:57 - 2014-05-05 22:23 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-17 13:51 - 2012-08-24 22:07 - 00830120 _____ () C:\Windows\system32\perfh007.dat
2014-04-17 13:51 - 2012-08-24 22:07 - 00188224 _____ () C:\Windows\system32\perfc007.dat
2014-04-17 13:51 - 2012-07-26 09:28 - 01949368 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-17 00:49 - 2014-04-17 00:49 - 00000000 ____D () C:\Users\AMD\AppData\Local\Skype
2014-04-17 00:49 - 2013-02-15 22:43 - 00000000 ____D () C:\ProgramData\Skype
2014-04-17 00:48 - 2014-04-17 00:48 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-17 00:48 - 2014-04-17 00:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-04-17 00:46 - 2013-02-15 16:00 - 00000000 ___RD () C:\Users\AMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-17 00:46 - 2013-02-15 16:00 - 00000000 ___RD () C:\Users\AMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-17 00:38 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData
2014-04-17 00:33 - 2013-10-07 13:55 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-17 00:30 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-04-13 20:06 - 2013-02-17 18:14 - 00000000 ____D () C:\ProgramData\Lx_cats
2014-04-11 21:02 - 2014-04-11 21:02 - 00000904 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4168891922-4078455343-2189293659-1002Core1cf55b8a2f9a244.job
2014-04-11 20:46 - 2014-04-11 20:45 - 00000000 ____D () C:\Users\AMD\AppData\Local\Facebook
2014-04-11 20:45 - 2014-04-11 20:45 - 00501248 _____ (Facebook Inc.) C:\Users\AMD\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00092672 _____ () C:\Users\AMD\Downloads\TS103131801.pub
2014-04-08 19:10 - 2014-02-25 18:56 - 00122880 ___SH () C:\Users\AMD\Desktop\Thumbs.db

Some content of TEMP:
====================
C:\Users\AMD\AppData\Local\Temp\-akngpqt.dll
C:\Users\AMD\AppData\Local\Temp\0ucsljgx.dll
C:\Users\AMD\AppData\Local\Temp\2i19uj-k.dll
C:\Users\AMD\AppData\Local\Temp\4mwrawfe.dll
C:\Users\AMD\AppData\Local\Temp\4yz1univ.dll
C:\Users\AMD\AppData\Local\Temp\5enkryob.dll
C:\Users\AMD\AppData\Local\Temp\6q95a9cr.dll
C:\Users\AMD\AppData\Local\Temp\6qfylljw.dll
C:\Users\AMD\AppData\Local\Temp\6sben-z3.dll
C:\Users\AMD\AppData\Local\Temp\7l_wa6qm.dll
C:\Users\AMD\AppData\Local\Temp\81koarpn.dll
C:\Users\AMD\AppData\Local\Temp\8ka-gxzp.dll
C:\Users\AMD\AppData\Local\Temp\a02hjdj_.dll
C:\Users\AMD\AppData\Local\Temp\abelssoft.setup.exe
C:\Users\AMD\AppData\Local\Temp\ajvnhhkh.dll
C:\Users\AMD\AppData\Local\Temp\AskSLib.dll
C:\Users\AMD\AppData\Local\Temp\avgnt.exe
C:\Users\AMD\AppData\Local\Temp\c9_74iyg.dll
C:\Users\AMD\AppData\Local\Temp\f4ba51ht.dll
C:\Users\AMD\AppData\Local\Temp\gpwofanc.dll
C:\Users\AMD\AppData\Local\Temp\hncwcoka.dll
C:\Users\AMD\AppData\Local\Temp\iqljv9_y.dll
C:\Users\AMD\AppData\Local\Temp\iu3lgqag.dll
C:\Users\AMD\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\AMD\AppData\Local\Temp\komkhbfk.dll
C:\Users\AMD\AppData\Local\Temp\kxvlhocp.dll
C:\Users\AMD\AppData\Local\Temp\Lynotestmp.exe
C:\Users\AMD\AppData\Local\Temp\mqvqlqpn.dll
C:\Users\AMD\AppData\Local\Temp\mrp6hihr.dll
C:\Users\AMD\AppData\Local\Temp\mwq7xat7.dll
C:\Users\AMD\AppData\Local\Temp\n3w2ojjn.dll
C:\Users\AMD\AppData\Local\Temp\o-qtghhh.dll
C:\Users\AMD\AppData\Local\Temp\pvqkc05y.dll
C:\Users\AMD\AppData\Local\Temp\px6qyjoi.dll
C:\Users\AMD\AppData\Local\Temp\q5_v-xy3.dll
C:\Users\AMD\AppData\Local\Temp\rl9pkzvi.dll
C:\Users\AMD\AppData\Local\Temp\rnydfheu.dll
C:\Users\AMD\AppData\Local\Temp\s1sgvxgr.dll
C:\Users\AMD\AppData\Local\Temp\sbi-6xnq.dll
C:\Users\AMD\AppData\Local\Temp\SkypeSetup.exe
C:\Users\AMD\AppData\Local\Temp\u1bbbqof.dll
C:\Users\AMD\AppData\Local\Temp\uduzeujn.dll
C:\Users\AMD\AppData\Local\Temp\unwise.exe
C:\Users\AMD\AppData\Local\Temp\uqs3jyll.dll
C:\Users\AMD\AppData\Local\Temp\vy5b4y2n.dll
C:\Users\AMD\AppData\Local\Temp\w0sfxw8i.dll
C:\Users\AMD\AppData\Local\Temp\wammmnlm.dll
C:\Users\AMD\AppData\Local\Temp\wzpxwteu.dll
C:\Users\AMD\AppData\Local\Temp\xvrnxitu.dll
C:\Users\AMD\AppData\Local\Temp\yhcqqgas.dll
C:\Users\AMD\AppData\Local\Temp\yoerplo0.dll
C:\Users\AMD\AppData\Local\Temp\zgds71mc.dll
C:\Users\AMD\AppData\Local\Temp\zjq9iyn8.dll
C:\Users\AMD\AppData\Local\Temp\zqx99iwa.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-31 22:53

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

--- --- ---
/CODE]

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-05-2014
Ran by AMD at 2014-05-06 21:05:00
Running from C:\Users\AMD\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\36QW9BX7
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.2146.41621 - ABBYY Software House)
Adobe Flash Player 11 Plugin (HKLM-x32\...\{A2497A20-8029-4AB9-B4A5-9DAAB3DBF177}) (Version: 11.8.800.168 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\{0099B484-C24C-4D5F-8167-B0F6DF196E72}) (Version: 12.0.3.133 - Adobe Systems, Inc)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Aero QLaunch Pro (HKLM\...\{260090FD-0FA6-46A2-A19F-A566FDC401E8}) (Version: 1.2.22 - CK16)
AMD Accelerated Video Transcoding (Version: 12.5.100.20808 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{D01E0B82-7D6E-F9AC-9A7D-C6076264F419}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2012.0808.1024.16666 - Ihr Firmenname) Hidden
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.3.26.0 - AppEx Networks)
AMD VISION Engine Control Center (x32 Version: 2012.0808.1024.16666 - Ihr Firmenname) Hidden
AntiBrowserSpy (HKLM-x32\...\{F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1) (Version: 4.0.110 - Abelssoft)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 2013 v.11.0.5 (HKLM-x32\...\Ashampoo Burning Studio 2013_is1) (Version: 11.0.5 - Ashampoo GmbH & Co. KG)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Bing Bar (HKLM-x32\...\{449CE12D-E2C7-4B97-B19E-55D163EA9435}) (Version: 7.0.619.0 - Microsoft Corporation)
Bing-Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.171.0 - Microsoft Corporation)
Blender (HKLM\...\Blender) (Version: 2.64-release - Blender Foundation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BrowserProtect (HKLM-x32\...\BrowserProtect) (Version:  - ) <==== ATTENTION
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0808.1024.16666 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0808.1024.16666 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0808.1024.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0808.1024.16666 - Advanced Micro Devices, Inc.) Hidden
Connected Music powered by Universal Music Group version 1.0 (HKLM-x32\...\{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1) (Version: 1.0 - Snowite)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5407 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1.5407 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.1.1916 - CyberLink Corp.) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3119 - CyberLink Corp.)
CyberLink PhotoDirector (x32 Version: 2.0.1.3119 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1926 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.1.1926 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1925 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.6.4319 - CyberLink Corp.) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.1312.54 - CyberLink Corp.)
CyberLink PowerDVD 12 (x32 Version: 12.0.1312.54 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.4.5527 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Driver Pro v3.0 (HKLM-x32\...\Driver Pro_is1) (Version: 3.0 - PC Utilities Pro)
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Flatcast Producer Plugin 5.0.356 (HKLM-x32\...\Flatcast_is1) (Version:  - 1 mal 1 Software GmbH)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Audio Converter version 5.0.23.320 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.23.320 - DVDVideoSoft Ltd.)
German Truck Simulator 1.00 (HKLM-x32\...\German Truck Simulator) (Version: 1.00 - )
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{E7EB0FFE-B5E3-4163-A2A1-DD329380664A}) (Version: 4.2.5.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKCU\...\HPConnectedMusic) (Version: 1.1 (build 37) hp - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{16B7BDA1-B967-4D2D-8B27-E12727C28350}) (Version: 2.10.3 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{18DE31AE-70D0-43A7-9E3C-2ED7283ECE8A}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Postscript Converter (Version: 3.1.3554 - Hewlett-Packard) Hidden
HP Quick Launch (HKLM-x32\...\{4ED7050C-9332-4FB2-AB07-E94F25A53D39}) (Version: 3.0.3 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 7.00 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{94BB4B4F-BD6D-4166-A580-F868C8384CA6}) (Version: 4.6.8.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{B8019B54-F9BE-490A-9619-6D06F18F129F}) (Version: 7.0.32.44 - Hewlett-Packard Company)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.5.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6417.0 - IDT)
Internet Turbo (HKLM-x32\...\{608FB285-F572-48DE-AE44-28ABFF3F6BF9}) (Version: 1.6.1.938 - ReSoft Ltd.)
Internet Turbo Engine (HKCU\...\{79c60d07-63bb-40e2-8e4c-572f350a3cac}) (Version: 1.6.1.938 - ReSoft Ltd.)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kingsoft Office 2013 (9.1.0.4246) (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.4246 - Kingsoft Corp.)
K-Lite Codec Pack 6.0.4 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.0.4 - )
Lexmark  (HKLM-x32\...\{D2C5E510-BE6D-42CC-9F61-E4F939078474}) (Version: 1.0.0.0 - )
Lexmark 5600-6600 Series (HKLM\...\Lexmark 5600-6600 Series) (Version:  - Lexmark International, Inc.)
Lexmark Symbolleiste (HKLM-x32\...\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}) (Version: 4.0.53.0 - )
LyricsNotes (HKLM-x32\...\Lyrics@Lon.co) (Version:  - LonLyrics) <==== ATTENTION
LyricsNotes (HKLM-x32\...\LyricsNotes@LonLyrics.co) (Version:  - LonLyrics) <==== ATTENTION
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC100_CRT_x86 (HKLM-x32\...\{6FDDB201-2CA0-42BD-973F-7B2C4A61EA3F}) (Version: 1.0.0 - Microsoft)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
PDF24 Creator (HKLM-x32\...\{3CB29F1E-FF6F-40EC-88FC-09BCBEC97662}) (Version: 6.3.2 - www.pdf24.org)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Printer Pro Desktop (HKLM-x32\...\PrinterProDesktop) (Version:  - Readdle)
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version:  - Punk Software)
Secunia PSI (3.0.0.6005) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.6005 - Secunia)
Skype Web Plugin (HKLM-x32\...\{B51DD93B-3CB5-4D9D-BFF2-FD19DBBBFD9A}) (Version: 2.9.13008.18866 - Skype Technologies S.A.)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SoftwareUpdater (HKLM-x32\...\SoftwareUpdater) (Version:  - )
Solid Edge ST6 (HKLM-x32\...\{E7AA3093-4539-45AB-9BFC-7FD7D2D174FB}) (Version: 106.00.00100 - Siemens)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated)
Video downloader 2.0.0.432 (HKLM\...\{77BEC163-D389-42c1-91A4-C758846296A5}_is1) (Version: 2.0.0.432 - Southstarco)
Vodafone Mobile Connect Lite (HKLM-x32\...\{79A64F98-1796-4FA2-B5FF-C90F83D8BACD}) (Version: 9.4.3.17550 - Vodafone)
Westermann Karibu 1 (HKCU\...\Karibu1) (Version:  - )
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
YouTube Song Downloader (HKLM-x32\...\{4281435C-AD1D-4C8A-B9C0-3961C11EF142}_is1) (Version: 10.1 - Abelssoft) <==== ATTENTION

==================== Restore Points  =========================

19-03-2014 21:28:14 Windows Update
16-04-2014 22:27:26 Windows Update
05-05-2014 20:23:48 Windows Update

==================== Hosts content: ==========================

2012-07-26 07:26 - 2013-02-24 10:29 - 00000895 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.google-analytics.com
127.0.0.1 google-analytics.com


==================== Scheduled Tasks (whitelisted) =============

Task: {03F5082D-3D35-4990-A046-785548A45A85} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2012-07-13] (Hewlett-Packard)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1C043522-5539-45E0-A382-12E503D05E2D} - System32\Tasks\DealPlyUpdate => C:\Program Files (x86)\DealPly\DealPlyUpdate.exe <==== ATTENTION
Task: {1D012446-30E3-4DAE-8FDB-D012C8506DDA} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\SymErr.exe
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {25C95593-A8E7-4B30-89CF-C7E1D609F756} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-11] (Google Inc.)
Task: {303F8905-767A-4F23-BD7D-82823ED048D3} - System32\Tasks\4391 => Wscript.exe C:\Users\AMD\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {390728EF-ED14-46DE-A9A1-19B64B2C05FE} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {6896EB00-0EAA-4002-A909-B9CCEB5209A6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-10] (Hewlett-Packard Company)
Task: {70B9E759-08BD-4C77-BD92-60880B931BA6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Critical Actions Pending => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-10] (Hewlett-Packard Company)
Task: {74887749-DB3F-4127-BB54-BF715915AB88} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\SymErr.exe
Task: {75100AAB-F328-413E-B8C9-9B18802C7C72} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {7B2929BE-AA59-41F0-901C-5953559D6E04} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-11] (Google Inc.)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {A899EDAF-682B-4D67-AB7A-AE4E147C33D4} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {ADDCC35D-66A2-496B-8371-60DBCD20FA6E} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink)
Task: {C0E94222-C810-4657-BA3F-29FC6CFF9DF9} - System32\Tasks\DealPly => C:\Users\AMD\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {D46B877B-EF17-4E89-8403-A4700FE0E9BF} - System32\Tasks\Installation App Launcher => C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduamon.exe [2008-09-10] ()
Task: {DFE183EA-1C76-4613-99AD-54FB8FCEF448} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-10] (Hewlett-Packard Company)
Task: {E1F0D46C-72FB-407D-970A-1C2ACDAA79B0} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\WSCStub.exe
Task: {E4B6BD47-E956-4255-9895-192B4F48B0F5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-08-07] (Hewlett-Packard Company)
Task: {E973EE65-F4F2-41F3-A916-C8E44994D242} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-26] (Adobe Systems Incorporated)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F6DEDE38-E7E7-4683-9195-7BD8090828C3} - System32\Tasks\LyricsNotes Update => C:\Program Files (x86)\LyricsNotes\LyricsNotesUP.exe [2013-07-22] () <==== ATTENTION
Task: {FEA773BC-BB17-4C97-BAD1-628DE8BBA569} - System32\Tasks\WpsUpdateTask_AMD => C:\Program Files (x86)\Kingsoft\Kingsoft Office\office6\wpsupdate.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4168891922-4078455343-2189293659-1002Core1cf55b8a2f9a244.job => C:\Users\AMD\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf4c36cc89b9b4.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\LyricsNotes Update.job => C:\Program Files (x86)\LyricsNotes\LyricsNotesUP.exe <==== ATTENTION
Task: C:\Windows\Tasks\WpsUpdateTask_AMD.job => C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsupdate.exe

==================== Loaded Modules (whitelisted) =============

2013-02-17 18:09 - 2008-05-01 02:44 - 00045568 _____ () C:\Windows\System32\LXDUPMON.DLL
2013-02-17 18:09 - 2008-09-10 11:43 - 00086016 _____ () C:\Windows\System32\LXDUOEM.DLL
2014-02-25 21:57 - 2008-09-10 11:41 - 00081408 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\ipcmt64.dll
2014-02-25 21:48 - 2009-10-16 17:07 - 00186880 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxdudrpp.dll
2012-08-08 11:36 - 2012-08-08 11:36 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-02-25 21:56 - 2008-09-10 13:11 - 00676520 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe
2013-02-21 21:03 - 2012-08-14 17:19 - 07027664 _____ () C:\Program Files (x86)\AntiBrowserSpy\Commons.dll
2013-02-21 21:03 - 2012-08-14 17:19 - 00177616 _____ () C:\Program Files (x86)\AntiBrowserSpy\AbBrowserLibs.dll
2013-02-21 21:03 - 2012-08-14 17:19 - 00028112 _____ () C:\Program Files (x86)\AntiBrowserSpy\VersionInfo.dll
2013-02-21 21:03 - 2012-08-14 17:19 - 00012752 _____ () C:\Program Files (x86)\AntiBrowserSpy\AbProcessManager.dll
2012-02-02 18:22 - 2012-02-02 18:22 - 02132992 _____ () C:\Program Files (x86)\Printer Pro Desktop\PrinterProDesktop.exe
2012-08-08 11:36 - 2012-08-08 11:36 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2012-08-08 11:22 - 2012-08-08 11:22 - 00369664 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2012-07-25 22:44 - 2012-07-25 22:35 - 00613888 _____ () C:\Windows\system32\WinMetadata\Windows.UI.Xaml.winmd
2012-07-25 22:44 - 2012-07-25 22:35 - 00074240 _____ () C:\Windows\system32\WinMetadata\Windows.ApplicationModel.winmd
2012-07-25 22:44 - 2012-07-25 22:35 - 00022016 _____ () C:\Windows\system32\WinMetadata\Windows.Foundation.winmd
2012-07-25 22:44 - 2012-07-25 22:35 - 00036864 _____ () C:\Windows\system32\WinMetadata\Windows.Data.winmd
2012-07-25 22:44 - 2012-07-25 22:35 - 00129024 _____ () C:\Windows\system32\WinMetadata\Windows.UI.winmd
2012-07-25 22:44 - 2012-07-25 22:35 - 00018432 _____ () C:\Windows\system32\WinMetadata\Windows.System.winmd
2012-07-25 22:44 - 2012-07-25 22:35 - 00080384 _____ () C:\Windows\system32\WinMetadata\Windows.Storage.winmd
2012-07-25 22:44 - 2012-07-25 22:35 - 00049664 _____ () C:\Windows\system32\WinMetadata\Windows.Devices.winmd
2012-07-25 22:44 - 2012-07-25 22:35 - 00031744 _____ () C:\Windows\system32\WinMetadata\Windows.Globalization.winmd
2013-07-28 05:23 - 2013-07-28 05:23 - 00004608 _____ () C:\Program Files\WindowsApps\GoogleInc.GoogleSearch_1.2.1.12_x64__yfg5n0ztvskxp\SpeechServer.winmd
2013-07-28 05:23 - 2013-07-28 05:23 - 01353728 _____ () C:\Program Files\WindowsApps\GoogleInc.GoogleSearch_1.2.1.12_x64__yfg5n0ztvskxp\SpeechCaptureServerComponent.dll
2012-07-25 22:44 - 2012-07-25 22:35 - 00031232 _____ () C:\Windows\system32\WinMetadata\Windows.Web.winmd
2012-07-25 22:44 - 2012-07-25 22:35 - 00046592 _____ () C:\Windows\system32\WinMetadata\Windows.Graphics.winmd
2013-04-21 12:49 - 2013-04-21 12:44 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-09-13 20:51 - 2013-09-13 20:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 20:51 - 2013-09-13 20:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-02-25 21:56 - 2008-09-10 11:56 - 00380928 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduscw.dll
2014-02-25 21:56 - 2008-05-23 14:02 - 00188416 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdudatr.dll
2014-02-25 21:56 - 2008-05-23 14:02 - 00073728 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxducats.dll
2014-02-25 21:56 - 2008-09-10 11:56 - 01036288 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduDRS.dll
2014-02-25 21:56 - 2008-09-10 11:56 - 00081920 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxducaps.dll
2014-02-25 21:56 - 2008-09-10 11:40 - 00069632 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxducnv4.dll
2013-02-18 19:29 - 2012-01-02 04:21 - 00374056 _____ () C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\CLNetMediaDMA.dll
2014-04-30 21:40 - 2014-04-24 02:33 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
2014-05-05 22:38 - 2014-05-05 22:38 - 15116800 _____ () C:\Program Files (x86)\Secunia\PSI\psires.dll
2013-03-29 20:43 - 2013-06-23 17:53 - 00166744 _____ () C:\Program Files\Video downloader\Extension32.dll
2014-02-25 21:56 - 2008-09-10 11:57 - 00180224 _____ () C:\Program Files\Lexmark Printable Web\bho.dll
2014-02-25 21:56 - 2008-09-10 11:57 - 00458752 _____ () C:\Program Files\Lexmark Printable Web\resource.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:373E1720

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/06/2014 09:05:33 PM) (Source: Software Protection Platform Service) (User: ) (EventID: 16385)
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2114-04-12T19:05:33Z. Fehlercode: 0x80040154.

Error: (05/06/2014 09:05:03 PM) (Source: Software Protection Platform Service) (User: ) (EventID: 16385)
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2114-04-12T19:05:03Z. Fehlercode: 0x80040154.

Error: (05/06/2014 09:04:33 PM) (Source: Software Protection Platform Service) (User: ) (EventID: 16385)
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2114-04-12T19:04:33Z. Fehlercode: 0x80040154.

Error: (05/06/2014 09:04:03 PM) (Source: Software Protection Platform Service) (User: ) (EventID: 16385)
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2114-04-12T19:04:03Z. Fehlercode: 0x80040154.

Error: (05/06/2014 09:03:33 PM) (Source: Software Protection Platform Service) (User: ) (EventID: 16385)
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2114-04-12T19:03:33Z. Fehlercode: 0x80040154.

Error: (05/06/2014 09:03:03 PM) (Source: Software Protection Platform Service) (User: ) (EventID: 16385)
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2114-04-12T19:03:03Z. Fehlercode: 0x80040154.

Error: (05/06/2014 09:02:33 PM) (Source: Software Protection Platform Service) (User: ) (EventID: 16385)
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2114-04-12T19:02:33Z. Fehlercode: 0x80040154.

Error: (05/06/2014 09:02:03 PM) (Source: Software Protection Platform Service) (User: ) (EventID: 16385)
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2114-04-12T19:02:03Z. Fehlercode: 0x80040154.

Error: (05/06/2014 09:01:33 PM) (Source: Software Protection Platform Service) (User: ) (EventID: 16385)
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2114-04-12T19:01:33Z. Fehlercode: 0x80040154.

Error: (05/06/2014 09:01:03 PM) (Source: Software Protection Platform Service) (User: ) (EventID: 16385)
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2114-04-12T19:01:03Z. Fehlercode: 0x80040154.


System errors:
=============
Error: (05/05/2014 10:49:44 PM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: Der Dienst "lxduCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (05/05/2014 10:49:44 PM) (Source: Service Control Manager) (User: ) (EventID: 7009)
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst lxduCATSCustConnectService erreicht.

Error: (05/05/2014 10:30:30 PM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: Der Dienst "lxduCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (05/05/2014 10:30:30 PM) (Source: Service Control Manager) (User: ) (EventID: 7009)
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst lxduCATSCustConnectService erreicht.

Error: (05/05/2014 10:28:12 PM) (Source: DCOM) (User: HP) (EventID: 10010)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (05/05/2014 10:28:12 PM) (Source: DCOM) (User: HP) (EventID: 10010)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (05/05/2014 10:28:12 PM) (Source: DCOM) (User: HP) (EventID: 10010)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (05/05/2014 06:23:33 AM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (05/05/2014 06:23:33 AM) (Source: Service Control Manager) (User: ) (EventID: 7009)
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Media Player-Netzwerkfreigabedienst erreicht.

Error: (05/05/2014 06:18:39 AM) (Source: Service Control Manager) (User: ) (EventID: 7011)
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst HPWMISVC erreicht.


Microsoft Office Sessions:
=========================
Error: (05/06/2014 09:05:33 PM) (Source: Software Protection Platform Service) (User: ) (EventID: 16385)
Description: 0x800401542114-04-12T19:05:33Z

Error: (05/06/2014 09:05:03 PM) (Source: Software Protection Platform Service) (User: ) (EventID: 16385)
Description: 0x800401542114-04-12T19:05:03Z

Error: (05/06/2014 09:04:33 PM) (Source: Software Protection Platform Service) (User: ) (EventID: 16385)
Description: 0x800401542114-04-12T19:04:33Z

Error: (05/06/2014 09:04:03 PM) (Source: Software Protection Platform Service) (User: ) (EventID: 16385)
Description: 0x800401542114-04-12T19:04:03Z

Error: (05/06/2014 09:03:33 PM) (Source: Software Protection Platform Service) (User: ) (EventID: 16385)
Description: 0x800401542114-04-12T19:03:33Z

Error: (05/06/2014 09:03:03 PM) (Source: Software Protection Platform Service) (User: ) (EventID: 16385)
Description: 0x800401542114-04-12T19:03:03Z

Error: (05/06/2014 09:02:33 PM) (Source: Software Protection Platform Service) (User: ) (EventID: 16385)
Description: 0x800401542114-04-12T19:02:33Z

Error: (05/06/2014 09:02:03 PM) (Source: Software Protection Platform Service) (User: ) (EventID: 16385)
Description: 0x800401542114-04-12T19:02:03Z

Error: (05/06/2014 09:01:33 PM) (Source: Software Protection Platform Service) (User: ) (EventID: 16385)
Description: 0x800401542114-04-12T19:01:33Z

Error: (05/06/2014 09:01:03 PM) (Source: Software Protection Platform Service) (User: ) (EventID: 16385)
Description: 0x800401542114-04-12T19:01:03Z


CodeIntegrity Errors:
===================================
  Date: 2014-05-06 21:02:26.425
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-06 21:02:08.402
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-06 21:01:59.928
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-06 18:49:43.334
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-06 18:49:43.245
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-06 18:49:43.121
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-06 18:49:43.025
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-06 18:32:07.835
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-06 18:31:49.256
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-06 18:30:43.723
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Percentage of memory in use: 55%
Total physical RAM: 3554.26 MB
Available physical RAM: 1585.63 MB
Total Pagefile: 4898.26 MB
Available Pagefile: 2399.34 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:448.57 GB) (Free:372.54 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:16.42 GB) (Free:2.1 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: B726B7B9)

Partition: GPT Partition Type.

==================== End Of Log ============================
         
Jetzt habt ihr alle Daten, die auf meinem Rechner sind :/
__________________

Alt 07.05.2014, 13:33   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Chrome kann nicht deinstalliert werden (Snap.do) - Standard

Chrome kann nicht deinstalliert werden (Snap.do)



Zitat:
Jetzt habt ihr alle Daten, die auf meinem Rechner sind :/
Schwachsinn. Ich seh höchstens was an Programmen installiert ist.


Revo Uninstaller - Download - Filepony
Damit alles deinstallieren was Du in der Additional.txt findest mit dem Zusatz <== ATTENTION

Mit Revo auch Moderat die Reste entfernen lassen.




Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 07.05.2014, 19:01   #5
Iphone4
 
Chrome kann nicht deinstalliert werden (Snap.do) - Standard

Chrome kann nicht deinstalliert werden (Snap.do)



Malwarebytes Anti-Malware
Malwarebytes | Free Anti-Malware & Internet Security Software


Protection, 07.05.2014 16:47:35, SYSTEM, HP, Protection, Malware Protection, Starting,
Protection, 07.05.2014 16:47:35, SYSTEM, HP, Protection, Malware Protection, Started,
Protection, 07.05.2014 16:47:35, SYSTEM, HP, Protection, Malicious Website Protection, Starting,
Protection, 07.05.2014 16:47:36, SYSTEM, HP, Protection, Malicious Website Protection, Started,
Update, 07.05.2014 16:48:00, SYSTEM, HP, Manual, Rootkit Database, 2014.2.20.1, 2014.3.27.1,
Update, 07.05.2014 16:48:49, SYSTEM, HP, Manual, Malware Database, 2014.3.4.9, 2014.5.7.4,
Protection, 07.05.2014 16:48:51, SYSTEM, HP, Protection, Refresh, Starting,
Protection, 07.05.2014 16:48:51, SYSTEM, HP, Protection, Malicious Website Protection, Stopping,
Protection, 07.05.2014 16:48:52, SYSTEM, HP, Protection, Malicious Website Protection, Stopped,
Protection, 07.05.2014 16:48:59, SYSTEM, HP, Protection, Refresh, Success,
Protection, 07.05.2014 16:48:59, SYSTEM, HP, Protection, Malicious Website Protection, Starting,
Protection, 07.05.2014 16:49:00, SYSTEM, HP, Protection, Malicious Website Protection, Started,
Update, 07.05.2014 16:49:30, SYSTEM, HP, Manual, Malware Database, 2014.5.7.4, 2014.5.7.5,
Protection, 07.05.2014 16:49:31, SYSTEM, HP, Protection, Refresh, Starting,
Protection, 07.05.2014 16:49:31, SYSTEM, HP, Protection, Malicious Website Protection, Stopping,
Protection, 07.05.2014 16:49:32, SYSTEM, HP, Protection, Malicious Website Protection, Stopped,
Protection, 07.05.2014 16:49:39, SYSTEM, HP, Protection, Refresh, Success,
Protection, 07.05.2014 16:49:39, SYSTEM, HP, Protection, Malicious Website Protection, Starting,
Protection, 07.05.2014 16:49:39, SYSTEM, HP, Protection, Malicious Website Protection, Started,
Protection, 07.05.2014 17:58:54, SYSTEM, HP, Protection, Malware Protection, Starting,
Protection, 07.05.2014 17:58:54, SYSTEM, HP, Protection, Malware Protection, Started,
Protection, 07.05.2014 17:58:54, SYSTEM, HP, Protection, Malicious Website Protection, Starting,
Protection, 07.05.2014 18:01:00, SYSTEM, HP, Protection, Malicious Website Protection, Started,

(end)

AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v3.207 - Bericht erstellt am 07/05/2014 um 18:40:04
# Aktualisiert 05/05/2014 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : AMD - HP
# Gestartet von : C:\Users\AMD\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\36QW9BX7\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Pro
Ordner Gelöscht : C:\Program Files (x86)\Driver Pro
Ordner Gelöscht : C:\Program Files (x86)\Uniblue
Ordner Gelöscht : C:\Program Files (x86)\WinZip Registry Optimizer
Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\Users\AMD\AppData\Roaming\Driver Pro
Datei Gelöscht : C:\Users\AMD\AppData\Roaming\Mozilla\Firefox\Profiles\q0n3oqns.default\user.js
Datei Gelöscht : C:\Windows\System32\Tasks\Dealply
Datei Gelöscht : C:\Windows\System32\Tasks\DealPlyUpdate

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Driver Pro]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gelöscht : HKCU\Software\Blabbers       
Schlüssel Gelöscht : HKCU\Software\Driver Pro
Schlüssel Gelöscht : HKLM\Software\SoftwareUpdater
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\Software\Video downloader
Schlüssel Gelöscht : HKLM\Software\Vittalia
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{608FB285-F572-48DE-AE44-28ABFF3F6BF9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Driver Pro_is1
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Video downloader

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16537


-\\ Mozilla Firefox v

[ Datei : C:\Users\AMD\AppData\Roaming\Mozilla\Firefox\Profiles\q0n3oqns.default\prefs.js ]


-\\ Google Chrome v

[ Datei : C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2880 octets] - [07/05/2014 18:11:58]
AdwCleaner[S0].txt - [2562 octets] - [07/05/2014 18:40:04]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2622 octets] ##########
         
--- --- ---

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8 x64
Ran by AMD on 07.05.2014 at 19:21:48.57
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\lyricsnotes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4168891922-4078455343-2189293659-1002\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4168891922-4078455343-2189293659-1002\Software\video downloader



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\AMD\appdata\local\{D90818C5-E632-4A1A-B18A-9AC179AF1ED6}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07.05.2014 at 19:32:54.57
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Danke jetzt ist Google Chrome weg

ouhh aber jetzt kann ich keine Videos angucken (YouTube)?

ok es hat sich geklärt nochmals Danke


Alt 08.05.2014, 16:00   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Chrome kann nicht deinstalliert werden (Snap.do) - Standard

Chrome kann nicht deinstalliert werden (Snap.do)




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
--> Chrome kann nicht deinstalliert werden (Snap.do)

Alt 09.05.2014, 17:23   #7
Iphone4
 
Chrome kann nicht deinstalliert werden (Snap.do) - Standard

Chrome kann nicht deinstalliert werden (Snap.do)



Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=251a18825e2ba84dbe429d64311af3ec
# engine=13609
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-04-13 04:12:59
# local_time=2013-04-13 06:12:59 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT 
# compatibility_mode=3591 16777213 100 91 24409 128422964 0 0
# compatibility_mode=5893 16776574 100 94 1162012 25332490 0 0
# scanned=272030
# found=1
# cleaned=0
# scan_time=10547
sh=D4BD507F917917B829EB9FCE79A29047635E3668 ft=1 fh=6a4bd6f73db15183 vn="a variant of Win32/Adware.SpeedingUpMyPC.C application" ac=I fn="C:\Program Files (x86)\Driver Pro\DPSmartScan.exe"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=251a18825e2ba84dbe429d64311af3ec
# engine=18195
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-05-09 04:05:46
# local_time=2014-05-09 06:05:46 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode=1799 16775165 100 96 42605 33110785 35326 0
# compatibility_mode=5893 16776574 100 94 4390097 59157657 0 0
# scanned=329216
# found=1
# cleaned=0
# scan_time=7951
sh=D4BD507F917917B829EB9FCE79A29047635E3668 ft=1 fh=6a4bd6f73db15183 vn="Win32/Adware.SpeedingUpMyPC.C Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Driver Pro\DPSmartScan.exe.vir"
         
Results of screen317's Security Check version 0.99.82
x64 (UAC is enabled)
Internet Explorer 10 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Windows Defender
Avira Desktop
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
AntiBrowserSpy
Secunia PSI (3.0.0.6005)
Java 7 Update 45
Java version out of Date!
Adobe Flash Player 11.8.800.168 Flash Player out of Date!
Adobe Reader XI
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbam.exe
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````

"Noch Probleme?" Nee, denke nicht mehr. Vielen Dank nochmals -Thread schließen-

Alt 10.05.2014, 17:31   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Chrome kann nicht deinstalliert werden (Snap.do) - Standard

Chrome kann nicht deinstalliert werden (Snap.do)



Wir sind noch nicht fertig

Java und Flash updaten. Frisches FRST log fehlt.

Downloade dir bitte Farbar Service Scanner Farbar Service Scanner
  • Starte das Tool mit Doppelklick auf die FSS.exe
  • Gehe sicher, dass folgende Optionen angehakt sind.
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Klicke auf Scan.
  • Wenn das Tool fertig ist, wird es eine FSS.txt in dem Verzeichnis erstellen, wo das Tool gelaufen ist.

Poste bitte den Inhalt hier.


__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 10.05.2014, 22:31   #9
Iphone4
 
Chrome kann nicht deinstalliert werden (Snap.do) - Standard

Chrome kann nicht deinstalliert werden (Snap.do)



[CODE][
FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-05-2014
Ran by AMD (administrator) on HP on 10-05-2014 21:00:45
Running from C:\Users\AMD\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3QC2W1UP
Platform: Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
( ) C:\Windows\System32\lxducoms.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe
(Microsoft) C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpyBrowserMaske.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Facebook Inc.) C:\Users\AMD\AppData\Local\Facebook\Update\FacebookUpdate.exe
() C:\Program Files (x86)\Printer Pro Desktop\PrinterProDesktop.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Eyeo GmbH) C:\Program Files\Adblock Plus for IE\AdblockPlusEngine.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Zhuhai Kingsoft Office Software Co.,Ltd) C:\Program Files (x86)\Kingsoft\Kingsoft Office\office6\wps.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-07-21] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-24] (Synaptics Incorporated)
HKLM\...\Run: [lxdumon.exe] => C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe [676520 2008-09-10] ()
HKLM\...\Run: [lxduamon] => C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduamon.exe [16040 2008-09-10] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491320 2012-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [580512 2012-07-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2011-08-26] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [MobileConnect] => C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2403840 2009-09-11] (Vodafone)
HKLM-x32\...\Run: [PowerDVD12DMREngine] => C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe [501544 2012-01-02] (CyberLink)
HKLM-x32\...\Run: [PowerDVD12Agent] => C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe [371256 2012-01-12] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2249352 2013-06-20] (Microsoft Corp.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-21] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [189480 2014-02-17] (Geek Software GmbH)
HKLM-x32\...\Run: [Lexmark 5600-6600 Series] => C:\Program Files (x86)\Lexmark 5600-6600 Series\fm3032.exe [311976 2008-09-10] ()
HKU\S-1-5-21-4168891922-4078455343-2189293659-1002\...\Run: [BrowserMask] => C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpyBrowserMaske.exe [101328 2012-08-14] (Microsoft)
HKU\S-1-5-21-4168891922-4078455343-2189293659-1002\...\Run: [Facebook Update] => C:\Users\AMD\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-04-11] (Facebook Inc.)
HKU\S-1-5-21-4168891922-4078455343-2189293659-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20918432 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-4168891922-4078455343-2189293659-1002\...\Run: [PrinterProDesktop] => C:\Program Files (x86)\Printer Pro Desktop\PrinterProDesktop.exe [2132992 2012-02-02] ()
HKU\S-1-5-21-4168891922-4078455343-2189293659-1002\...\RunOnce: [Application Restart #0] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  -user-agent="Mozilla/5.0 (Windows; U; Windows NT 6.2; de) AppleWebKit/533.4 (KHTML, like Gecko) Chrome/29.0.1547.66 Chrome anonymized by Abelssoft 821229603" --flag-switches-begin --flag-switches-end --restore-last-session
HKU\S-1-5-21-4168891922-4078455343-2189293659-1002\...\MountPoints2: {021262b5-776e-11e2-be73-38eaa7db6372} - "F:\setup_vmc_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-4168891922-4078455343-2189293659-1002\...\MountPoints2: {02126400-776e-11e2-be73-38eaa7db6372} - "F:\setup_vmc_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-4168891922-4078455343-2189293659-1002\...\MountPoints2: {021264be-776e-11e2-be73-38eaa7db6372} - "F:\setup_vmc_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-4168891922-4078455343-2189293659-1002\...\MountPoints2: {b5a1c80e-1eee-11e3-bea8-001e101fd32b} - "F:\setup_vmc_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-4168891922-4078455343-2189293659-1002\...\MountPoints2: {e7682d96-77a2-11e2-be74-38eaa7db6372} - "F:\setup_vmc_lite.exe" /checkApplicationPresence
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT13/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/4
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {28A1AFBC-2A66-4FD6-8237-7EAF11857F60} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 
BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: Lexmark Symbolleiste - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Lexmark  - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Lexmark Symbolleiste - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
Toolbar: HKCU - No Name - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} -  No File
DPF: HKLM-x32 {E55FD215-A32E-43FE-A777-A7E8F165F561} hxxp://download.flatcast.net/objects/NpFv530.dll
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\AMD\AppData\Roaming\Mozilla\Firefox\Profiles\q0n3oqns.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @Skype Technologies S.A..com/Skype Web Plugin - C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin64.dll (Skype)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Skype Technologies S.A..com/Skype Web Plugin - C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin.dll (Skype)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\AMD\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @www.flatcast.com/FlatViewer 5.2 - C:\Windows\DOWNLO~1\NpFv530.dll (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Users\AMD\AppData\Roaming\mozilla\plugins\NpFv530.dll (1 mal 1 Software GmbH)
FF HKCU\...\Firefox\Extensions: [LyricsNotes@LonLyrics.co] - C:\Program Files (x86)\LyricsNotes\116.xpi
FF HKCU\...\Firefox\Extensions: [Lyrics@Lon.co] - C:\Program Files (x86)\LyricsNotes\125.xpi

Chrome: 
=======
CHR HomePage: 
CHR StartupUrls: "https://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Flatcast Viewer Plugin 5.3.0.784) - C:\Users\AMD\AppData\Roaming\Mozilla\plugins\NpFv530.dll (1 mal 1 Software GmbH)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Skype Web Plugin) - C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin.dll (Skype)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.16) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (Google Docs) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-07-27]
CHR Extension: (Google Drive) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-27]
CHR Extension: (YouTube) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-27]
CHR Extension: (Google-Suche) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-27]
CHR Extension: (AdBlock) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-09-08]
CHR Extension: (Google Wallet) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Google Mail) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-27]
CHR HKLM-x32\...\Chrome\Extension: [dbjmkjlcdkfccfpgpbieancamjhaclga] - C:\Program Files (x86)\LyricsNotes\125.crx [2013-07-27]

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-08] (Advanced Micro Devices, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-21] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-21] (Avira Operations GmbH & Co. KG)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-20] (Microsoft Corp.)
R2 CLHNServiceForPowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [87336 2012-01-12] (CyberLink Corp.)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [75048 2012-01-12] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [296232 2012-01-12] (CyberLink)
R2 hasplms; C:\Windows\system32\hasplms.exe [4412872 2012-08-23] (SafeNet Inc.)
S2 lxduCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxduserv.exe [29184 2009-10-16] (Lexmark International, Inc.)
R2 lxdu_device; C:\Windows\system32\lxducoms.exe [1039360 2009-10-16] ( )
R2 lxdu_device; C:\Windows\SysWOW64\lxducoms.exe [594600 2008-05-23] ( )
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1223704 2013-02-07] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660504 2013-02-07] (Secunia)
R2 VMCService; C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [9216 2009-09-11] (Vodafone)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-18] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 ewusbnet; C:\Windows\system32\DRIVERS\ewusbnet.sys [132608 2009-06-29] (Huawei Technologies Co., Ltd.)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [323584 2012-10-06] (SafeNet Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-10] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R2 ntk_PowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [82928 2011-10-27] (Cyberlink Corp.)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-02-07] (Secunia)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-04] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated)
S3 vwhid; C:\Windows\System32\drivers\vwhid.sys [27296 2013-01-28] (Windows (R) Win 7 DDK provider)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20288 2012-08-03] (Hewlett-Packard Development Company, L.P.)
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [146928 2012-01-11] (CyberLink Corp.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-10 10:32 - 2014-05-10 11:15 - 00000065 _____ () C:\Users\AMD\Desktop\Neues Textdokument (3).txt
2014-05-10 09:59 - 2014-05-10 09:59 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf6c25d08dc8af.job
2014-05-09 22:01 - 2014-05-09 22:02 - 00000000 ____D () C:\Users\AMD\Desktop\Jobs
2014-05-09 18:19 - 2014-05-09 18:19 - 00855379 _____ () C:\Users\AMD\Desktop\SecurityCheck.exe
2014-05-09 15:19 - 2014-05-09 15:20 - 02347384 _____ (ESET) C:\Users\AMD\Desktop\esetsmartinstaller_deu.exe
2014-05-08 10:39 - 2014-05-08 10:39 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-05-07 19:32 - 2014-05-07 19:32 - 00001200 _____ () C:\Users\AMD\Desktop\JRT.txt
2014-05-07 18:12 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-07 18:11 - 2014-05-07 19:01 - 00000000 ____D () C:\AdwCleaner
2014-05-07 18:09 - 2014-05-07 18:09 - 00002187 _____ () C:\Users\AMD\Desktop\mbam.txt
2014-05-07 16:47 - 2014-05-10 20:48 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-07 16:47 - 2014-05-07 16:47 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-07 16:47 - 2014-05-07 16:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-07 16:47 - 2014-05-07 16:47 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-07 16:47 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-07 16:47 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-07 16:47 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-07 16:25 - 2014-05-07 16:25 - 00001268 _____ () C:\Users\AMD\Desktop\Revo Uninstaller.lnk
2014-05-07 16:25 - 2014-05-07 16:25 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-07 13:34 - 2014-05-07 13:34 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-07 13:34 - 2014-05-07 13:34 - 00000000 ____D () C:\Program Files\Adblock Plus for IE
2014-05-06 21:03 - 2014-05-10 21:00 - 00000000 ____D () C:\FRST
2014-05-06 14:12 - 2014-05-06 14:12 - 00001305 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-05-06 14:12 - 2014-05-06 14:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-05-06 14:12 - 2014-05-06 14:12 - 00000000 ____D () C:\Windows\de
2014-05-06 14:10 - 2014-05-06 14:10 - 00000000 ____D () C:\Program Files\Windows Live
2014-05-05 22:45 - 2014-03-01 11:47 - 01258496 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-05-05 22:45 - 2014-03-01 11:47 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2014-05-05 22:45 - 2014-03-01 10:07 - 01075200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2014-05-05 22:45 - 2014-03-01 08:59 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-05 22:45 - 2014-02-27 01:40 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-05 22:45 - 2014-02-27 01:21 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-05 22:45 - 2014-02-27 01:18 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-05-05 22:45 - 2014-02-27 01:18 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-05-05 22:45 - 2014-02-27 01:18 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-05-05 22:45 - 2014-02-27 01:18 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-05-05 22:45 - 2014-02-15 06:15 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-05-05 22:23 - 2014-04-19 11:39 - 00628024 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-05-05 22:23 - 2014-04-19 10:45 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-05-05 22:23 - 2014-04-19 10:45 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-05 22:23 - 2014-04-19 08:57 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-05-05 22:23 - 2014-04-19 08:57 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-04 18:35 - 2014-05-06 13:59 - 00000494 _____ () C:\Users\AMD\Desktop\Neues Textdokument (2).txt
2014-05-04 17:43 - 2014-05-04 17:43 - 00000000 ____D () C:\Users\AMD\AppData\Roaming\SumatraPDF
2014-05-04 17:41 - 2014-05-04 17:41 - 05410328 _____ () C:\Users\AMD\Downloads\PrinterProDesktopSetup-1_3_3.exe
2014-05-03 13:51 - 2014-04-29 16:14 - 19275264 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-03 13:51 - 2014-04-29 14:47 - 14357504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-03 13:51 - 2014-04-29 14:36 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-03 13:51 - 2014-04-29 14:25 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-20 12:45 - 2014-04-20 13:23 - 972979917 _____ () C:\Users\AMD\Downloads\IMG_0332.MOV
2014-04-20 12:45 - 2014-04-20 13:10 - 449214554 _____ () C:\Users\AMD\Downloads\IMG_0331.MOV
2014-04-20 12:45 - 2014-04-20 12:56 - 164824372 _____ () C:\Users\AMD\Downloads\IMG_0333.MOV
2014-04-20 12:44 - 2014-04-20 13:37 - 1854702979 _____ () C:\Users\AMD\Downloads\IMG_0714 (1).MOV
2014-04-20 12:44 - 2014-04-20 13:07 - 359080152 _____ () C:\Users\AMD\Downloads\IMG_0717 (1).MOV
2014-04-17 00:49 - 2014-04-17 00:49 - 00000000 ____D () C:\Users\AMD\AppData\Local\Skype
2014-04-17 00:48 - 2014-04-17 00:48 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-17 00:48 - 2014-04-17 00:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-04-16 14:23 - 2014-03-07 02:48 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-16 14:23 - 2014-03-07 02:48 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-16 14:23 - 2014-03-07 02:47 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-16 14:23 - 2014-03-07 02:47 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-16 14:23 - 2014-03-07 02:47 - 02049536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-16 14:23 - 2014-03-07 02:47 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-16 14:23 - 2014-03-07 02:47 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-16 14:23 - 2014-03-07 02:47 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-16 14:23 - 2014-03-07 02:08 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-16 14:23 - 2014-03-07 02:08 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-16 14:23 - 2014-03-07 02:08 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-16 14:23 - 2014-03-07 02:08 - 02240000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-16 14:23 - 2014-03-07 02:08 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-16 14:23 - 2014-03-07 02:08 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-04-16 14:23 - 2014-03-07 02:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-16 14:23 - 2014-03-07 02:08 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-16 14:23 - 2014-03-07 02:08 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-16 14:20 - 2014-01-27 05:42 - 02232664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-04-16 14:20 - 2014-01-27 05:39 - 01939288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-16 14:20 - 2014-01-27 02:52 - 17561088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-04-16 14:20 - 2014-01-27 02:31 - 19752448 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-04-16 14:20 - 2014-01-11 08:48 - 05979648 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-04-16 14:20 - 2014-01-11 07:06 - 05092352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-04-16 14:20 - 2014-01-03 01:35 - 00365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-04-16 14:20 - 2014-01-03 01:32 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-04-16 14:19 - 2014-02-04 01:56 - 00332632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-16 14:19 - 2014-02-04 01:56 - 00278872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-16 14:19 - 2014-01-31 02:48 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2014-04-16 14:19 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-04-16 14:19 - 2014-01-31 02:06 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2014-04-16 14:19 - 2014-01-27 01:17 - 00386722 _____ () C:\Windows\system32\ApnDatabase.xml
2014-04-16 14:19 - 2014-01-16 01:42 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-04-11 21:02 - 2014-04-11 21:02 - 00000904 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4168891922-4078455343-2189293659-1002Core1cf55b8a2f9a244.job
2014-04-11 20:45 - 2014-04-11 20:46 - 00000000 ____D () C:\Users\AMD\AppData\Local\Facebook
2014-04-11 20:45 - 2014-04-11 20:45 - 00501248 _____ (Facebook Inc.) C:\Users\AMD\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00092672 _____ () C:\Users\AMD\Downloads\TS103131801.pub

==================== One Month Modified Files and Folders =======

2014-05-10 21:00 - 2014-05-06 21:03 - 00000000 ____D () C:\FRST
2014-05-10 21:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-05-10 20:48 - 2014-05-07 16:47 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-10 20:46 - 2013-02-15 22:44 - 00000000 ____D () C:\Users\AMD\AppData\Roaming\Skype
2014-05-10 13:08 - 2013-03-06 20:16 - 00000000 ____D () C:\Users\AMD\AppData\Local\CrashDumps
2014-05-10 11:15 - 2014-05-10 10:32 - 00000065 _____ () C:\Users\AMD\Desktop\Neues Textdokument (3).txt
2014-05-10 10:44 - 2013-02-16 22:08 - 00000000 ____D () C:\Users\AMD\Tracing
2014-05-10 09:59 - 2014-05-10 09:59 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf6c25d08dc8af.job
2014-05-09 22:02 - 2014-05-09 22:01 - 00000000 ____D () C:\Users\AMD\Desktop\Jobs
2014-05-09 18:19 - 2014-05-09 18:19 - 00855379 _____ () C:\Users\AMD\Desktop\SecurityCheck.exe
2014-05-09 15:20 - 2014-05-09 15:19 - 02347384 _____ (ESET) C:\Users\AMD\Desktop\esetsmartinstaller_deu.exe
2014-05-08 19:21 - 2012-08-24 22:07 - 00830120 _____ () C:\Windows\system32\perfh007.dat
2014-05-08 19:21 - 2012-08-24 22:07 - 00188224 _____ () C:\Windows\system32\perfc007.dat
2014-05-08 19:21 - 2012-07-26 09:28 - 01949368 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-08 10:39 - 2014-05-08 10:39 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-05-07 19:32 - 2014-05-07 19:32 - 00001200 _____ () C:\Users\AMD\Desktop\JRT.txt
2014-05-07 19:30 - 2013-02-15 15:56 - 01347886 _____ () C:\Windows\WindowsUpdate.log
2014-05-07 19:21 - 2013-04-13 16:16 - 00000000 ____D () C:\Windows\ERUNT
2014-05-07 19:11 - 2012-08-04 00:23 - 00243328 _____ () C:\Windows\PFRO.log
2014-05-07 19:11 - 2012-07-26 07:26 - 01048576 ___SH () C:\Windows\system32\config\BBI
2014-05-07 19:01 - 2014-05-07 18:11 - 00000000 ____D () C:\AdwCleaner
2014-05-07 18:09 - 2014-05-07 18:09 - 00002187 _____ () C:\Users\AMD\Desktop\mbam.txt
2014-05-07 17:57 - 2012-07-26 09:52 - 00000000 ____D () C:\Windows\ShellNew
2014-05-07 16:47 - 2014-05-07 16:47 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-07 16:47 - 2014-05-07 16:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-07 16:47 - 2014-05-07 16:47 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-07 16:47 - 2013-04-13 02:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-07 16:33 - 2013-02-18 19:25 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-07 16:25 - 2014-05-07 16:25 - 00001268 _____ () C:\Users\AMD\Desktop\Revo Uninstaller.lnk
2014-05-07 16:25 - 2014-05-07 16:25 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-07 13:34 - 2014-05-07 13:34 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-07 13:34 - 2014-05-07 13:34 - 00000000 ____D () C:\Program Files\Adblock Plus for IE
2014-05-06 14:12 - 2014-05-06 14:12 - 00001305 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-05-06 14:12 - 2014-05-06 14:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-05-06 14:12 - 2014-05-06 14:12 - 00000000 ____D () C:\Windows\de
2014-05-06 14:11 - 2014-02-26 16:30 - 00002534 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2014-05-06 14:11 - 2013-02-16 22:31 - 00001490 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2014-05-06 14:11 - 2013-02-16 22:31 - 00001374 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-05-06 14:10 - 2014-05-06 14:10 - 00000000 ____D () C:\Program Files\Windows Live
2014-05-06 14:10 - 2012-08-24 12:56 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-05-06 14:10 - 2012-08-24 12:55 - 00002711 _____ () C:\Windows\DirectX.log
2014-05-06 14:09 - 2014-02-26 16:28 - 00002287 _____ () C:\Users\AMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2014-05-06 13:59 - 2014-05-04 18:35 - 00000494 _____ () C:\Users\AMD\Desktop\Neues Textdokument (2).txt
2014-05-06 13:52 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-05 22:28 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-05-04 17:43 - 2014-05-04 17:43 - 00000000 ____D () C:\Users\AMD\AppData\Roaming\SumatraPDF
2014-05-04 17:41 - 2014-05-04 17:41 - 05410328 _____ () C:\Users\AMD\Downloads\PrinterProDesktopSetup-1_3_3.exe
2014-04-29 16:14 - 2014-05-03 13:51 - 19275264 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 14:47 - 2014-05-03 13:51 - 14357504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 14:36 - 2014-05-03 13:51 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-29 14:25 - 2014-05-03 13:51 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-23 01:47 - 2013-11-16 16:09 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-23 01:47 - 2013-11-16 16:09 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-22 20:17 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-04-20 13:37 - 2014-04-20 12:44 - 1854702979 _____ () C:\Users\AMD\Downloads\IMG_0714 (1).MOV
2014-04-20 13:35 - 2013-03-29 22:21 - 00000000 ____D () C:\Users\AMD\Documents\Youcam
2014-04-20 13:23 - 2014-04-20 12:45 - 972979917 _____ () C:\Users\AMD\Downloads\IMG_0332.MOV
2014-04-20 13:10 - 2014-04-20 12:45 - 449214554 _____ () C:\Users\AMD\Downloads\IMG_0331.MOV
2014-04-20 13:07 - 2014-04-20 12:44 - 359080152 _____ () C:\Users\AMD\Downloads\IMG_0717 (1).MOV
2014-04-20 12:56 - 2014-04-20 12:45 - 164824372 _____ () C:\Users\AMD\Downloads\IMG_0333.MOV
2014-04-19 11:39 - 2014-05-05 22:23 - 00628024 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-04-19 10:45 - 2014-05-05 22:23 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-04-19 10:45 - 2014-05-05 22:23 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-19 08:57 - 2014-05-05 22:23 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-04-19 08:57 - 2014-05-05 22:23 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-17 00:49 - 2014-04-17 00:49 - 00000000 ____D () C:\Users\AMD\AppData\Local\Skype
2014-04-17 00:49 - 2013-02-15 22:43 - 00000000 ____D () C:\ProgramData\Skype
2014-04-17 00:48 - 2014-04-17 00:48 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-17 00:48 - 2014-04-17 00:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-04-17 00:46 - 2013-02-15 16:00 - 00000000 ___RD () C:\Users\AMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-17 00:46 - 2013-02-15 16:00 - 00000000 ___RD () C:\Users\AMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-17 00:38 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData
2014-04-17 00:33 - 2013-10-07 13:55 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-17 00:30 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-04-13 20:06 - 2013-02-17 18:14 - 00000000 ____D () C:\ProgramData\Lx_cats
2014-04-11 21:02 - 2014-04-11 21:02 - 00000904 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4168891922-4078455343-2189293659-1002Core1cf55b8a2f9a244.job
2014-04-11 20:46 - 2014-04-11 20:45 - 00000000 ____D () C:\Users\AMD\AppData\Local\Facebook
2014-04-11 20:45 - 2014-04-11 20:45 - 00501248 _____ (Facebook Inc.) C:\Users\AMD\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe
2014-04-10 21:51 - 2014-04-10 21:51 - 00092672 _____ () C:\Users\AMD\Downloads\TS103131801.pub

Some content of TEMP:
====================
C:\Users\AMD\AppData\Local\Temp\-akngpqt.dll
C:\Users\AMD\AppData\Local\Temp\0ucsljgx.dll
C:\Users\AMD\AppData\Local\Temp\2i19uj-k.dll
C:\Users\AMD\AppData\Local\Temp\4mwrawfe.dll
C:\Users\AMD\AppData\Local\Temp\4yz1univ.dll
C:\Users\AMD\AppData\Local\Temp\5enkryob.dll
C:\Users\AMD\AppData\Local\Temp\6q95a9cr.dll
C:\Users\AMD\AppData\Local\Temp\6qfylljw.dll
C:\Users\AMD\AppData\Local\Temp\6sben-z3.dll
C:\Users\AMD\AppData\Local\Temp\7l_wa6qm.dll
C:\Users\AMD\AppData\Local\Temp\81koarpn.dll
C:\Users\AMD\AppData\Local\Temp\8ka-gxzp.dll
C:\Users\AMD\AppData\Local\Temp\a02hjdj_.dll
C:\Users\AMD\AppData\Local\Temp\abelssoft.setup.exe
C:\Users\AMD\AppData\Local\Temp\ajvnhhkh.dll
C:\Users\AMD\AppData\Local\Temp\AskSLib.dll
C:\Users\AMD\AppData\Local\Temp\avgnt.exe
C:\Users\AMD\AppData\Local\Temp\c9_74iyg.dll
C:\Users\AMD\AppData\Local\Temp\f4ba51ht.dll
C:\Users\AMD\AppData\Local\Temp\gpwofanc.dll
C:\Users\AMD\AppData\Local\Temp\hncwcoka.dll
C:\Users\AMD\AppData\Local\Temp\iqljv9_y.dll
C:\Users\AMD\AppData\Local\Temp\iu3lgqag.dll
C:\Users\AMD\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\AMD\AppData\Local\Temp\komkhbfk.dll
C:\Users\AMD\AppData\Local\Temp\kxvlhocp.dll
C:\Users\AMD\AppData\Local\Temp\mqvqlqpn.dll
C:\Users\AMD\AppData\Local\Temp\mrp6hihr.dll
C:\Users\AMD\AppData\Local\Temp\mwq7xat7.dll
C:\Users\AMD\AppData\Local\Temp\n3w2ojjn.dll
C:\Users\AMD\AppData\Local\Temp\o-qtghhh.dll
C:\Users\AMD\AppData\Local\Temp\pvqkc05y.dll
C:\Users\AMD\AppData\Local\Temp\px6qyjoi.dll
C:\Users\AMD\AppData\Local\Temp\q5_v-xy3.dll
C:\Users\AMD\AppData\Local\Temp\Quarantine.exe
C:\Users\AMD\AppData\Local\Temp\rl9pkzvi.dll
C:\Users\AMD\AppData\Local\Temp\rnydfheu.dll
C:\Users\AMD\AppData\Local\Temp\s1sgvxgr.dll
C:\Users\AMD\AppData\Local\Temp\sbi-6xnq.dll
C:\Users\AMD\AppData\Local\Temp\SkypeSetup.exe
C:\Users\AMD\AppData\Local\Temp\u1bbbqof.dll
C:\Users\AMD\AppData\Local\Temp\uduzeujn.dll
C:\Users\AMD\AppData\Local\Temp\unwise.exe
C:\Users\AMD\AppData\Local\Temp\uqs3jyll.dll
C:\Users\AMD\AppData\Local\Temp\vy5b4y2n.dll
C:\Users\AMD\AppData\Local\Temp\w0sfxw8i.dll
C:\Users\AMD\AppData\Local\Temp\wammmnlm.dll
C:\Users\AMD\AppData\Local\Temp\wzpxwteu.dll
C:\Users\AMD\AppData\Local\Temp\xvrnxitu.dll
C:\Users\AMD\AppData\Local\Temp\yhcqqgas.dll
C:\Users\AMD\AppData\Local\Temp\yoerplo0.dll
C:\Users\AMD\AppData\Local\Temp\zgds71mc.dll
C:\Users\AMD\AppData\Local\Temp\zjq9iyn8.dll
C:\Users\AMD\AppData\Local\Temp\zqx99iwa.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-31 22:53

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---
/CODE]

Farbar Service Scanner Version: 03-05-2014
Ran by AMD (administrator) on 10-05-2014 at 21:34:48
Running from "C:\Users\AMD\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3QC2W1UP"
Microsoft Windows 8 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is set to Demand. The default start type is Auto.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv: "C:\Windows\system32\wuaueng.dll".


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend: ""%ProgramFiles%\Windows Defender\MsMpEng.exe"".


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys
[2013-11-15 17:51] - [2013-09-04 05:11] - 0576512 ____A (Microsoft Corporation) 7C0E0EDF18D6CC565D7BFBB451709FA5

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2014-04-16 14:20] - [2014-01-27 05:42] - 2232664 ____A (Microsoft Corporation) B23882881EFD9404B62993906BC38709

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll
[2014-01-20 15:09] - [2013-10-31 07:56] - 0915968 ____A (Microsoft Corporation) 9DE3341BD4E14BC5FADFCAD3019F2D0D

C:\Windows\System32\bfe.dll
[2013-11-15 17:51] - [2013-10-10 11:20] - 0723968 ____A (Microsoft Corporation) 53AA55632B94622F2DC3695E86EF9363

C:\Windows\System32\drivers\mpsdrv.sys
[2014-01-20 15:09] - [2013-10-31 05:42] - 0074752 ____A (Microsoft Corporation) 4CCBBD4944777CA100B9A6C2F149A46F

C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll
[2013-12-14 23:07] - [2013-10-09 00:27] - 3279872 ____A (Microsoft Corporation) 311E5E1976E0BD9110A88B93158055D5

C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll
[2014-03-13 15:41] - [2013-10-25 00:34] - 1571328 ____A (Microsoft Corporation) 8077537B1600AF493E7EE1A7A5C90799

C:\Program Files\Windows Defender\MsMpEng.exe
[2014-03-13 15:41] - [2013-10-25 09:34] - 0016048 ____A (Microsoft Corporation) 0BB1CEE3514CE93A0A4E6376A9038EFF

C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

Java und Flash kann ich aus irgendeinem Grund nicht updaten!? Woran liegt das?

Alt 11.05.2014, 16:47   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Chrome kann nicht deinstalliert werden (Snap.do) - Standard

Chrome kann nicht deinstalliert werden (Snap.do)



Deinstallieren und neu installieren.

Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.


http://www.trojaner-board.de/126216-...epair-aio.html
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 11.05.2014, 20:25   #11
Iphone4
 
Chrome kann nicht deinstalliert werden (Snap.do) - Standard

Chrome kann nicht deinstalliert werden (Snap.do)



Die Anleitung ist falsch. Auf der verlinkten Site befindet sich eine ältere Version von "Tweaking". Step 2 (optional) gibt es nicht und "Do it" auch nicht. Auf dem Desktop sind jetzt irgendwelche Dateien aufgrund TFC. Ist das normal? Soll ich TFC deinstallieren?

Alt 12.05.2014, 16:23   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Chrome kann nicht deinstalliert werden (Snap.do) - Standard

Chrome kann nicht deinstalliert werden (Snap.do)



TFC brauch man nicht deinstallieren, einfach löschen. Das sind Dateien die normal versteckt sind, verstecken wir nachher wieder, einfach in Ruhe lassen

Windows All in One ausgeführt trotz bissl alter Bilder oder noch nicht?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 12.05.2014, 17:58   #13
Iphone4
 
Chrome kann nicht deinstalliert werden (Snap.do) - Standard

Chrome kann nicht deinstalliert werden (Snap.do)



nee noch nicht, weil ich nicht weiß wie ich vorgehen soll.

Alt 13.05.2014, 13:37   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Chrome kann nicht deinstalliert werden (Snap.do) - Standard

Chrome kann nicht deinstalliert werden (Snap.do)



Alle Schritte abarbeiten, beim letzten Bild auf Startklicken, dann kommt das Fenster mit den Häkchen setzen.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 14.05.2014, 13:07   #15
Iphone4
 
Chrome kann nicht deinstalliert werden (Snap.do) - Standard

Chrome kann nicht deinstalliert werden (Snap.do)



ok werde ich machen, aber habe jetzt ein anderes Problem:

Ein Abbruchfehler, auch als Bluescreen-Fehler bezeichnet, hat ein abruptes Herunterfahren Ihres PC bewirkt, um diesen vor der möglichen Beschädigung oder dem Verlust von Daten zu schützen.

Eine neuere Version von AMD Quick Stream Technology driver (appexdrv.sys) steht zum Download bereit, die dieses Problem möglicherweise behebt.

Was soll ich machen?? Ich weiß nicht was ich downloaden soll

repair Windows scannt schon 4h 30min. Ist das normal?

[CODE][
System Variables
--------------------------------------------------------------------------------
OS: Windows 8
OS Architecture: 64-bit
OS Version: 6.2.9200
OS Service Pack:
Computer Name: HP
Windows Drive: C:\
Windows Path: C:\Windows
Current Profile: C:\Users\AMD
Current Profile SID: S-1-5-21-4168891922-4078455343-2189293659-1002
Current Profile Classes: S-1-5-21-4168891922-4078455343-2189293659-1002_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\Windows\ServiceProfiles
Local Settings AppData: C:\Users\AMD\AppData\Local
--------------------------------------------------------------------------------

System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 01:57:56

Process Count: 89
Commit Total: 1.97 GB
Commit Limit: 6.97 GB
Commit Peak: 2.46 GB
Handle Count: 26560
Kernel Total: 442.21 MB
Kernel Paged: 382.16 MB
Kernel Non Paged: 60.05 MB
System Cache: 1.78 GB
Thread Count: 980
--------------------------------------------------------------------------------

Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 3.47 GB
Memory Used: 1.69 GB(48.6897%)
Memory Avail.: 1.78 GB
--------------------------------------------------------------------------------

Cleaning Memory Before Starting Repairs...

Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 3.47 GB
Memory Used: 1.41 GB(40.5181%)
Memory Avail.: 2.06 GB
--------------------------------------------------------------------------------

Starting Repairs...
Start (13.05.2014 17:07:17)

01 - Reset Registry Permissions 01/03
HKEY_CURRENT_USER & Sub Keys
Start (13.05.2014 17:07:20)
Running Repair Under Current User Account
Done (13.05.2014 17:07:30)

01 - Reset Registry Permissions 02/03
HKEY_LOCAL_MACHINE & Sub Keys
Start (13.05.2014 17:07:30)
Running Repair Under System Account
Done (13.05.2014 17:12:18)

01 - Reset Registry Permissions 03/03
HKEY_CLASSES_ROOT & Sub Keys
Start (13.05.2014 17:12:18)
Running Repair Under System Account
Done (13.05.2014 17:13:20)

02 - Reset File Permissions: C:
C: & Sub Folders
Start (13.05.2014 17:13:21)
Running Repair Under System Account
Done (13.05.2014 17:32:24)

02 - Reset File Permissions: D:
D: & Sub Folders
Start (13.05.2014 17:32:24)
Running Repair Under System Account
Done (13.05.2014 17:32:28)

02 - Reset File Permissions: All Profiles
C:\Users & Sub Folders
Start (13.05.2014 17:32:28)
Running Repair Under System Account
Done (13.05.2014 17:35:19)

02 - Reset File Permissions: Current Profile
C:\Users\AMD & Sub Folders
Start (13.05.2014 17:35:19)
Running Repair Under System Account
Done (13.05.2014 17:36:22)

02 - Reset File Permissions: Cleanup
Repairing Restricted Folders Permissions To Avoid Infinite Loops
Start (13.05.2014 17:36:28)
Running Repair Under System Account
Processing ACL of: <\\?\C:\Documents and Settings>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Desktop>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Documents>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Favorites>
Reading the SD from <\\?\C:\ProgramData\Favorites> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\ProgramData\Start Menu>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Templates>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Desktop>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Documents>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Favorites>
Reading the SD from <\\?\C:\Users\All Users\Favorites> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\All Users\Start Menu>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Templates>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default User>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Cookies>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Local Settings>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\My Documents>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\NetHood>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\PrintHood>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Recent>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\SendTo>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Start Menu>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Templates>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\AppData\Local\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\AppData\Local\History>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\AppData\Local\Temporary Internet Files>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Documents\My Music>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Documents\My Pictures>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Documents\My Videos>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Public\Documents\My Music>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Public\Documents\My Pictures>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Public\Documents\My Videos>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\AMD\Application Data>
Reading the SD from <\\?\C:\Users\AMD\Application Data> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\AMD\Cookies>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\AMD\Local Settings>
Reading the SD from <\\?\C:\Users\AMD\Local Settings> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\AMD\My Documents>
Reading the SD from <\\?\C:\Users\AMD\My Documents> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\AMD\NetHood>
Reading the SD from <\\?\C:\Users\AMD\NetHood> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\AMD\PrintHood>
Reading the SD from <\\?\C:\Users\AMD\PrintHood> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\AMD\Recent>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\AMD\SendTo>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\AMD\Start Menu>
Reading the SD from <\\?\C:\Users\AMD\Start Menu> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\AMD\Templates>
Reading the SD from <\\?\C:\Users\AMD\Templates> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\AMD\AppData\Local\Application Data>
Reading the SD from <\\?\C:\Users\AMD\AppData\Local\Application Data> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\AMD\AppData\Local\History>
Reading the SD from <\\?\C:\Users\AMD\AppData\Local\History> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\AMD\AppData\Local\Temporary Internet Files>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\AMD\Documents\My Music>
Reading the SD from <\\?\C:\Users\AMD\Documents\My Music> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\AMD\Documents\My Pictures>
Reading the SD from <\\?\C:\Users\AMD\Documents\My Pictures> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\AMD\Documents\My Videos>
Reading the SD from <\\?\C:\Users\AMD\Documents\My Videos> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Done (13.05.2014 17:36:33)

03 - Register System Files
Start (13.05.2014 17:36:33)
Running Repair Under Current User Account
Running Repair Under System Account
Done (13.05.2014 17:37:45)

04 - Repair WMI
Start (13.05.2014 17:37:45)

Starting Security Center So We Can Export The Security Info.

Exporting Antivirus Info...
Windows Defender Exported.
Avira Desktop Exported.

Exporting AntiSpyware Info...
Avira Desktop Exported.
Windows Defender Exported.

Exporting 3rd Party Firewall Info...
No Firewall Products Reported.

Running Repair Under Current User Account
Done (13.05.2014 17:42:05)

05 - Repair Windows Firewall
Start (13.05.2014 17:42:05)
Running Repair Under Current User Account
Running Repair Under System Account
Done (13.05.2014 17:42:43)

06 - Repair Internet Explorer
Start (13.05.2014 17:42:43)
Running Repair Under Current User Account
Running Repair Under System Account
Done (13.05.2014 17:43:33)

07 - Repair MDAC/MS Jet
Start (13.05.2014 17:43:33)
Running Repair Under Current User Account
Running Repair Under System Account
Done (13.05.2014 17:43:51)

08 - Repair Hosts File
Start (13.05.2014 17:43:51)
Running Repair Under System Account
Done (13.05.2014 17:43:53)

09 - Remove Policies Set By Infections
Start (13.05.2014 17:43:53)
Running Repair Under Current User Account
Running Repair Under System Account
Done (13.05.2014 17:43:58)

10 - Repair Start Menu Icons Removed By Infections
Start (13.05.2014 17:43:58)
Running Repair Under System Account
Done (13.05.2014 17:44:01)

11 - Repair Icons
Start (13.05.2014 17:44:01)
Running Repair Under Current User Account
Done (13.05.2014 17:44:03)

12 - Repair Winsock & DNS Cache
Start (13.05.2014 17:44:03)
Running Repair Under Current User Account
Running Repair Under System Account
Done (13.05.2014 17:44:29)

13 - Remove Temp Files
Start (13.05.2014 17:44:29)
Running Repair Under System Account
Done (13.05.2014 17:44:55)

14 - Repair Proxy Settings
Start (13.05.2014 17:44:55)
Running Repair Under Current User Account
Running Repair Under System Account
Done (13.05.2014 17:45:00)

15 - Unhide Non System Files
Start (13.05.2014 17:45:00)
C:\ - Total Files Unhidden: 779 - Check Unhidden_Files.txt for list of files unhidden
D:\ - Total Files Unhidden: 0 - Check Unhidden_Files.txt for list of files unhidden
Done (13.05.2014 17:47:29)

16 - Repair Windows Updates
Start (13.05.2014 17:47:29)
Running Repair Under Current User Account
Running Repair Under System Account
Done (13.05.2014 17:47:56)

17 - Repair CD/DVD Missing/Not Working
Start (13.05.2014 17:47:56)
iTunes was found, adding UpperFilters for iTunes Reg Key
UpperFilters added?: True
Done (13.05.2014 17:47:56)

18 - Repair Volume Shadow Copy Service
Start (13.05.2014 17:47:56)
Running Repair Under Current User Account
Running Repair Under System Account
Done (13.05.2014 17:48:08)

19 - Repair Windows Sidebar/Gadgets
Start (13.05.2014 17:48:08)
Running Repair Under Current User Account
Running Repair Under System Account
Done (13.05.2014 17:48:12)

20 - Repair MSI (Windows Installer)
Start (13.05.2014 17:48:12)
Running Repair Under Current User Account
Running Repair Under System Account
Done (13.05.2014 17:48:27)

21 - Repair Windows Snipping Tool
Start (13.05.2014 17:48:27)
Running Repair Under Current User Account
Running Repair Under System Account
Done (13.05.2014 17:48:32)

22.01 - Repair bat Association
Start (13.05.2014 17:48:32)
Running Repair Under Current User Account
Running Repair Under System Account
Done (13.05.2014 17:48:37)

22.02 - Repair cmd Association
Start (13.05.2014 17:48:37)
Running Repair Under Current User Account
Running Repair Under System Account
Done (13.05.2014 17:48:41)

22.03 - Repair com Association
Start (13.05.2014 17:48:42)
Running Repair Under Current User Account
Running Repair Under System Account
Done (13.05.2014 17:48:46)

22.04 - Repair Directory Association
Start (13.05.2014 17:48:46)
Running Repair Under Current User Account
Running Repair Under System Account
Done (13.05.2014 17:48:51)

22.05 - Repair Drive Association
Start (13.05.2014 17:48:51)
Running Repair Under Current User Account
Running Repair Under System Account
Done (13.05.2014 17:48:56)

22.06 - Repair exe Association
Start (13.05.2014 17:48:56)
Running Repair Under Current User Account
Running Repair Under System Account
Done (13.05.2014 17:49:01)

22.07 - Repair Folder Association
Start (13.05.2014 17:49:01)
Running Repair Under Current User Account
Running Repair Under System Account
Done (13.05.2014 17:49:06)

22.08 - Repair inf Association
Start (13.05.2014 17:49:06)
Running Repair Under Current User Account
Running Repair Under System Account
Done (13.05.2014 17:49:10)

22.09 - Repair lnk (Shortcuts) Association
Start (13.05.2014 17:49:10)
Running Repair Under Current User Account
Running Repair Under System Account
Done (13.05.2014 17:49:15)

22.10 - Repair msc Association
Start (13.05.2014 17:49:15)
Running Repair Under Current User Account
Running Repair Under System Account
Done (13.05.2014 17:49:20)

22.11 - Repair reg Association
Start (13.05.2014 17:49:20)
Running Repair Under Current User Account
Running Repair Under System Account
Done (13.05.2014 17:49:25)

22.12 - Repair scr Association
Start (13.05.2014 17:49:25)
Running Repair Under Current User Account
Running Repair Under System Account
Done (13.05.2014 17:49:30)

23 - Repair Windows Safe Mode
Start (13.05.2014 17:49:30)
Running Repair Under Current User Account
Running Repair Under System Account
Done (13.05.2014 17:49:34)

24 - Repair Print Spooler
Start (13.05.2014 17:49:34)
Running Repair Under Current User Account
Running Repair Under System Account
Done (13.05.2014 17:49:52)

25 - Restore Important Windows Services
Start (13.05.2014 17:49:52)
Running Repair Under Current User Account
Running Repair Under System Account
Done (13.05.2014 17:50:24)

26 - Set Windows Services To Default Startup
Start (13.05.2014 17:50:24)
Running Repair Under Current User Account
Running Repair Under System Account
Done (13.05.2014 17:50:33)

27 - Repair Windows 8 App Store
Start (13.05.2014 17:50:33)
Running Repair Under System Account
Running Repair Under Current User Account
Done (13.05.2014 17:53:16)

28 - Repair Windows 8 Component Store
Start (13.05.2014 17:53:17)
Running Repair Under Current User Account
Done (14.05.2014 01:25:07)

29 - Restore Windows 8 COM+ Unmarshalers
Start (14.05.2014 01:25:07)
Running Repair Under System Account
Done (14.05.2014 01:25:10)

Cleaning up empty logs...

All Selected Repairs Done.
Done (14.05.2014 01:25:11)
Total Repair Time: 08:17:56


...YOU MUST RESTART YOUR SYSTEM...
Running Repair Under Current User Account
/CODE]

Code:
ATTFilter
System Variables
--------------------------------------------------------------------------------
OS: Windows 8
OS Architecture: 64-bit
OS Version: 6.2.9200
OS Service Pack: 
Computer Name: HP
Windows Drive: C:\
Windows Path: C:\Windows
Current Profile: C:\Users\AMD
Current Profile SID: S-1-5-21-4168891922-4078455343-2189293659-1002
Current Profile Classes: S-1-5-21-4168891922-4078455343-2189293659-1002_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\Windows\ServiceProfiles
Local Settings AppData: C:\Users\AMD\AppData\Local
--------------------------------------------------------------------------------

System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 01:57:56

Process Count: 89
Commit Total: 1.97 GB
Commit Limit: 6.97 GB
Commit Peak: 2.46 GB
Handle Count: 26560
Kernel Total: 442.21 MB
Kernel Paged: 382.16 MB
Kernel Non Paged: 60.05 MB
System Cache: 1.78 GB
Thread Count: 980
--------------------------------------------------------------------------------

Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 3.47 GB
Memory Used: 1.69 GB(48.6897%)
Memory Avail.: 1.78 GB
--------------------------------------------------------------------------------

Cleaning Memory Before Starting Repairs...

Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 3.47 GB
Memory Used: 1.41 GB(40.5181%)
Memory Avail.: 2.06 GB
--------------------------------------------------------------------------------

Starting Repairs...
   Start (13.05.2014 17:07:17)

01 - Reset Registry Permissions 01/03
   HKEY_CURRENT_USER & Sub Keys
   Start (13.05.2014 17:07:20)
   Running Repair Under Current User Account
   Done (13.05.2014 17:07:30)

01 - Reset Registry Permissions 02/03
   HKEY_LOCAL_MACHINE & Sub Keys
   Start (13.05.2014 17:07:30)
   Running Repair Under System Account
   Done (13.05.2014 17:12:18)

01 - Reset Registry Permissions 03/03
   HKEY_CLASSES_ROOT & Sub Keys
   Start (13.05.2014 17:12:18)
   Running Repair Under System Account
   Done (13.05.2014 17:13:20)

02 - Reset File Permissions: C:
   C: & Sub Folders
   Start (13.05.2014 17:13:21)
   Running Repair Under System Account
   Done (13.05.2014 17:32:24)

02 - Reset File Permissions: D:
   D: & Sub Folders
   Start (13.05.2014 17:32:24)
   Running Repair Under System Account
   Done (13.05.2014 17:32:28)

02 - Reset File Permissions: All Profiles
   C:\Users & Sub Folders
   Start (13.05.2014 17:32:28)
   Running Repair Under System Account
   Done (13.05.2014 17:35:19)

02 - Reset File Permissions: Current Profile
   C:\Users\AMD & Sub Folders
   Start (13.05.2014 17:35:19)
   Running Repair Under System Account
   Done (13.05.2014 17:36:22)

02 - Reset File Permissions: Cleanup
   Repairing Restricted Folders Permissions To Avoid Infinite Loops
   Start (13.05.2014 17:36:28)
   Running Repair Under System Account
Processing ACL of: <\\?\C:\Documents and Settings>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Desktop>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Documents>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Favorites>
Reading the SD from <\\?\C:\ProgramData\Favorites> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s): 
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\ProgramData\Start Menu>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Templates>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Desktop>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Documents>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Favorites>
Reading the SD from <\\?\C:\Users\All Users\Favorites> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s): 
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\All Users\Start Menu>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Templates>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default User>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Cookies>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Local Settings>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\My Documents>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\NetHood>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\PrintHood>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Recent>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\SendTo>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Start Menu>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Templates>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\AppData\Local\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\AppData\Local\History>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\AppData\Local\Temporary Internet Files>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Documents\My Music>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Documents\My Pictures>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Documents\My Videos>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Public\Documents\My Music>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Public\Documents\My Pictures>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Public\Documents\My Videos>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\AMD\Application Data>
Reading the SD from <\\?\C:\Users\AMD\Application Data> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s): 
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\AMD\Cookies>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\AMD\Local Settings>
Reading the SD from <\\?\C:\Users\AMD\Local Settings> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s): 
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\AMD\My Documents>
Reading the SD from <\\?\C:\Users\AMD\My Documents> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s): 
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\AMD\NetHood>
Reading the SD from <\\?\C:\Users\AMD\NetHood> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s): 
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\AMD\PrintHood>
Reading the SD from <\\?\C:\Users\AMD\PrintHood> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s): 
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\AMD\Recent>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\AMD\SendTo>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\AMD\Start Menu>
Reading the SD from <\\?\C:\Users\AMD\Start Menu> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s): 
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\AMD\Templates>
Reading the SD from <\\?\C:\Users\AMD\Templates> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s): 
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\AMD\AppData\Local\Application Data>
Reading the SD from <\\?\C:\Users\AMD\AppData\Local\Application Data> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s): 
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\AMD\AppData\Local\History>
Reading the SD from <\\?\C:\Users\AMD\AppData\Local\History> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s): 
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\AMD\AppData\Local\Temporary Internet Files>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\AMD\Documents\My Music>
Reading the SD from <\\?\C:\Users\AMD\Documents\My Music> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s): 
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\AMD\Documents\My Pictures>
Reading the SD from <\\?\C:\Users\AMD\Documents\My Pictures> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s): 
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\AMD\Documents\My Videos>
Reading the SD from <\\?\C:\Users\AMD\Documents\My Videos> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s): 
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

   Done (13.05.2014 17:36:33)

03 - Register System Files
   Start (13.05.2014 17:36:33)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (13.05.2014 17:37:45)

04 - Repair WMI
   Start (13.05.2014 17:37:45)

   Starting Security Center So We Can Export The Security Info.

   Exporting Antivirus Info...
   Windows Defender Exported.
   Avira Desktop Exported.

   Exporting AntiSpyware Info...
   Avira Desktop Exported.
   Windows Defender Exported.

   Exporting 3rd Party Firewall Info...
   No Firewall Products Reported.

   Running Repair Under Current User Account
   Done (13.05.2014 17:42:05)

05 - Repair Windows Firewall
   Start (13.05.2014 17:42:05)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (13.05.2014 17:42:43)

06 - Repair Internet Explorer
   Start (13.05.2014 17:42:43)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (13.05.2014 17:43:33)

07 - Repair MDAC/MS Jet
   Start (13.05.2014 17:43:33)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (13.05.2014 17:43:51)

08 - Repair Hosts File
   Start (13.05.2014 17:43:51)
   Running Repair Under System Account
   Done (13.05.2014 17:43:53)

09 - Remove Policies Set By Infections
   Start (13.05.2014 17:43:53)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (13.05.2014 17:43:58)

10 - Repair Start Menu Icons Removed By Infections
   Start (13.05.2014 17:43:58)
   Running Repair Under System Account
   Done (13.05.2014 17:44:01)

11 - Repair Icons
   Start (13.05.2014 17:44:01)
   Running Repair Under Current User Account
   Done (13.05.2014 17:44:03)

12 - Repair Winsock & DNS Cache
   Start (13.05.2014 17:44:03)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (13.05.2014 17:44:29)

13 - Remove Temp Files
   Start (13.05.2014 17:44:29)
   Running Repair Under System Account
   Done (13.05.2014 17:44:55)

14 - Repair Proxy Settings
   Start (13.05.2014 17:44:55)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (13.05.2014 17:45:00)

15 - Unhide Non System Files
   Start (13.05.2014 17:45:00)
   C:\ - Total Files Unhidden: 779 - Check Unhidden_Files.txt for list of files unhidden
   D:\ - Total Files Unhidden: 0 - Check Unhidden_Files.txt for list of files unhidden
   Done (13.05.2014 17:47:29)

16 - Repair Windows Updates
   Start (13.05.2014 17:47:29)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (13.05.2014 17:47:56)

17 - Repair CD/DVD Missing/Not Working
   Start (13.05.2014 17:47:56)
   iTunes was found, adding UpperFilters for iTunes Reg Key
   UpperFilters added?: True
   Done (13.05.2014 17:47:56)

18 - Repair Volume Shadow Copy Service
   Start (13.05.2014 17:47:56)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (13.05.2014 17:48:08)

19 - Repair Windows Sidebar/Gadgets
   Start (13.05.2014 17:48:08)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (13.05.2014 17:48:12)

20 - Repair MSI (Windows Installer)
   Start (13.05.2014 17:48:12)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (13.05.2014 17:48:27)

21 - Repair Windows Snipping Tool
   Start (13.05.2014 17:48:27)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (13.05.2014 17:48:32)

22.01 - Repair bat Association
   Start (13.05.2014 17:48:32)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (13.05.2014 17:48:37)

22.02 - Repair cmd Association
   Start (13.05.2014 17:48:37)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (13.05.2014 17:48:41)

22.03 - Repair com Association
   Start (13.05.2014 17:48:42)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (13.05.2014 17:48:46)

22.04 - Repair Directory Association
   Start (13.05.2014 17:48:46)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (13.05.2014 17:48:51)

22.05 - Repair Drive Association
   Start (13.05.2014 17:48:51)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (13.05.2014 17:48:56)

22.06 - Repair exe Association
   Start (13.05.2014 17:48:56)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (13.05.2014 17:49:01)

22.07 - Repair Folder Association
   Start (13.05.2014 17:49:01)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (13.05.2014 17:49:06)

22.08 - Repair inf Association
   Start (13.05.2014 17:49:06)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (13.05.2014 17:49:10)

22.09 - Repair lnk (Shortcuts) Association
   Start (13.05.2014 17:49:10)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (13.05.2014 17:49:15)

22.10 - Repair msc Association
   Start (13.05.2014 17:49:15)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (13.05.2014 17:49:20)

22.11 - Repair reg Association
   Start (13.05.2014 17:49:20)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (13.05.2014 17:49:25)

22.12 - Repair scr Association
   Start (13.05.2014 17:49:25)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (13.05.2014 17:49:30)

23 - Repair Windows Safe Mode
   Start (13.05.2014 17:49:30)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (13.05.2014 17:49:34)

24 - Repair Print Spooler
   Start (13.05.2014 17:49:34)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (13.05.2014 17:49:52)

25 - Restore Important Windows Services
   Start (13.05.2014 17:49:52)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (13.05.2014 17:50:24)

26 - Set Windows Services To Default Startup
   Start (13.05.2014 17:50:24)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (13.05.2014 17:50:33)

27 - Repair Windows 8 App Store
   Start (13.05.2014 17:50:33)
   Running Repair Under System Account
   Running Repair Under Current User Account
   Done (13.05.2014 17:53:16)

28 - Repair Windows 8 Component Store
   Start (13.05.2014 17:53:17)
   Running Repair Under Current User Account
   Done (14.05.2014 01:25:07)

29 - Restore Windows 8 COM+ Unmarshalers
   Start (14.05.2014 01:25:07)
   Running Repair Under System Account
   Done (14.05.2014 01:25:10)

Cleaning up empty logs...

All Selected Repairs Done.
   Done (14.05.2014 01:25:11)
   Total Repair Time: 08:17:56


...YOU MUST RESTART YOUR SYSTEM...
   Running Repair Under Current User Account
         
tut mir Leid, hab zweimal das Gleiche gepostet

Antwort

Themen zu Chrome kann nicht deinstalliert werden (Snap.do)
bla, deinstalliere, deinstallieren, deinstalliert, entferne, entfernen, erschein, erscheint, fenster, gen, gewisse, google, helft, hierbei, langer, programm, programme, rechner, schließe, spiel, symbol, systemeinstellungen, verändert, vorgehen, weißes



Ähnliche Themen: Chrome kann nicht deinstalliert werden (Snap.do)


  1. Kann Snap.do & Snap.do engine gar nicht deinstallieren?
    Plagegeister aller Art und deren Bekämpfung - 12.09.2015 (3)
  2. Windows 8.1 (64-Bit): Zombie Invasion kann nicht deinstalliert werden
    Plagegeister aller Art und deren Bekämpfung - 28.06.2015 (18)
  3. Windows 7: snap-in konnte nicht geladen oder initialisiert werden
    Plagegeister aller Art und deren Bekämpfung - 16.12.2014 (7)
  4. Windows 7: Advanced-System Protector kann nicht deinstalliert werden
    Log-Analyse und Auswertung - 16.11.2014 (13)
  5. Windows 7: Werbewebseiten werden ungefragt angezeigt. Addons von Chrome und Firefoc können nicht entfernt werden. IE startet nicht
    Plagegeister aller Art und deren Bekämpfung - 22.08.2014 (22)
  6. Omiga-Plus Spyware Addon gefunden; kann nicht deinstalliert werden
    Log-Analyse und Auswertung - 16.07.2014 (1)
  7. Websearch Uninstaller kann nicht richtig deinstalliert werden
    Plagegeister aller Art und deren Bekämpfung - 13.07.2014 (1)
  8. Snap Do, Winzip Registry Optimizer und so Zeug eingefangen, deinstalliert, doch PC weiterhin langsam
    Plagegeister aller Art und deren Bekämpfung - 23.05.2014 (27)
  9. Search Protect - Conduit kann nicht deinstalliert werden
    Plagegeister aller Art und deren Bekämpfung - 08.02.2014 (15)
  10. ich kann snap.do nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 03.02.2014 (16)
  11. Snap.do kann nicht gelöscht werden
    Plagegeister aller Art und deren Bekämpfung - 15.01.2014 (4)
  12. Lollipop kann nicht deinstalliert werden, Windows 7 (?) (das mit den Kacheln)
    Log-Analyse und Auswertung - 24.11.2013 (16)
  13. Win 8.1 x64: Yontoo 2.052 kann nicht deinstalliert werden
    Plagegeister aller Art und deren Bekämpfung - 24.10.2013 (9)
  14. Win8: Optimizer Pro kann nicht deinstalliert werden
    Log-Analyse und Auswertung - 17.08.2013 (6)
  15. Snap.de toolbar kann nicht deinstalliert werden
    Plagegeister aller Art und deren Bekämpfung - 16.07.2013 (14)
  16. Hamachi kann nicht deinstalliert werden.
    Netzwerk und Hardware - 29.04.2013 (1)
  17. Messenger Plus Live 5 kann nicht deinstalliert werden
    Alles rund um Windows - 16.04.2011 (3)

Zum Thema Chrome kann nicht deinstalliert werden (Snap.do) - Hallo, ich hatte vor langer Zeit "Snap" auf meinem Rechner, doch mit Eurer Hilfe habe ich geschafft - das "Programm" zu entfernen bzw. löschen. Sooo, dabei hat sich 1. das - Chrome kann nicht deinstalliert werden (Snap.do)...
Archiv
Du betrachtest: Chrome kann nicht deinstalliert werden (Snap.do) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.