Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Snap.do Engine vollständig entfernen

Snap.do Engine vollständig entfernen


Plagegeister aller Art und deren Bekämpfung: Snap.do Engine vollständig entfernen

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 02.06.2014, 19:22   #4
juriq
 
Snap.do Engine vollständig entfernen - Standard

Snap.do Engine vollständig entfernen


FRST Teil 2:

Code:
ATTFilter
==================== One Month Modified Files and Folders =======

2014-06-02 10:41 - 2014-06-02 10:40 - 00019691 _____ () C:\Users\Ssteffi\Downloads\FRST.txt
2014-06-02 10:41 - 2013-10-24 00:30 - 00000000 ____D () C:\Users\Ssteffi\AppData\Local\Temp
2014-06-02 10:40 - 2014-06-02 10:40 - 02067456 _____ (Farbar) C:\Users\Ssteffi\Downloads\FRST64.exe
2014-06-02 10:40 - 2014-06-02 10:40 - 00000000 ____D () C:\FRST
2014-06-02 10:33 - 2013-10-24 00:44 - 01815827 _____ () C:\WINDOWS\WindowsUpdate.log
2014-06-02 10:23 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-06-02 07:16 - 2013-10-23 15:53 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2622106500-2011914131-1905752935-1001
2014-06-02 06:56 - 2013-10-23 17:21 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-06-02 06:47 - 2014-05-16 17:07 - 00000000 ____D () C:\Users\Ssteffi\AppData\Roaming\DropboxMaster
2014-06-02 06:47 - 2013-11-05 13:21 - 00001122 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-02 06:47 - 2013-10-23 17:14 - 00000000 ___RD () C:\Users\Ssteffi\Dropbox
2014-06-02 06:47 - 2013-10-23 17:12 - 00000000 ____D () C:\Users\Ssteffi\AppData\Roaming\Dropbox
2014-06-02 06:46 - 2014-04-01 20:16 - 00000000 ___RD () C:\Users\Ssteffi\SkyDrive
2014-06-01 23:00 - 2013-10-24 10:54 - 00021006 _____ () C:\WINDOWS\PFRO.log
2014-06-01 23:00 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-06-01 22:59 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-06-01 22:47 - 2013-12-20 20:38 - 00369152 ___SH () C:\Users\Ssteffi\Downloads\Thumbs.db
2014-06-01 22:46 - 2013-11-05 13:21 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-01 21:54 - 2014-06-01 21:54 - 00004772 _____ () C:\Users\Ssteffi\Desktop\JRT.txt
2014-06-01 21:46 - 2014-06-01 21:46 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-06-01 21:45 - 2014-06-01 21:45 - 01016261 _____ (Thisisu) C:\Users\Ssteffi\Downloads\JRT.exe
2014-06-01 21:38 - 2014-06-01 21:38 - 00000000 ____D () C:\Users\Ssteffi\AppData\Roaming\PDF Architect
2014-06-01 21:27 - 2014-06-01 21:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-01 21:21 - 2014-06-01 08:17 - 00030208 _____ () C:\Users\Ssteffi\Desktop\Tippspiel 2014 Steffi.xls
2014-06-01 17:35 - 2013-09-30 06:14 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-06-01 17:35 - 2013-09-30 05:56 - 00766620 _____ () C:\WINDOWS\system32\perfh007.dat
2014-06-01 17:35 - 2013-09-30 05:56 - 00159902 _____ () C:\WINDOWS\system32\perfc007.dat
2014-06-01 16:52 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-05-30 14:57 - 2013-10-24 10:55 - 00016964 _____ () C:\WINDOWS\setupact.log
2014-05-30 13:53 - 2014-05-30 13:52 - 00000000 ____D () C:\Users\Ssteffi\Desktop\Seminararbeit
2014-05-28 11:13 - 2013-10-23 17:13 - 00000000 ____D () C:\Users\Ssteffi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-28 11:13 - 2013-10-23 15:47 - 00000000 ___RD () C:\Users\Ssteffi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-27 18:30 - 2013-10-23 16:16 - 00000000 ____D () C:\Users\Ssteffi\AppData\Roaming\Spotify
2014-05-25 22:13 - 2013-10-24 09:56 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-05-24 17:07 - 2013-11-06 13:58 - 00000000 ____D () C:\Users\Ssteffi\Desktop\krimskrams
2014-05-24 17:01 - 2014-03-03 10:35 - 00000000 ____D () C:\Users\Ssteffi\Downloads\Elizabeth Haynes - Wofür du stirbst
2014-05-24 15:14 - 2013-11-06 09:32 - 00688640 ___SH () C:\Users\Ssteffi\Desktop\Thumbs.db
2014-05-24 14:55 - 2013-11-13 10:01 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-05-21 15:14 - 2014-05-08 10:03 - 00023040 _____ () C:\Users\Ssteffi\Desktop\Mai2014.xls
2014-05-20 12:46 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-05-19 12:49 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-05-19 12:41 - 2014-05-19 12:41 - 00000000 ____D () C:\TEMP
2014-05-17 11:13 - 2013-10-23 15:47 - 00000000 ___RD () C:\Users\Ssteffi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 22:47 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-05-16 22:47 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-16 22:47 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-16 22:47 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-05-16 22:47 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-16 22:47 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-15 16:22 - 2013-10-23 17:25 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-15 09:34 - 2013-10-23 16:16 - 00000000 ____D () C:\Users\Ssteffi\AppData\Local\Spotify
2014-05-14 19:20 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates
2014-05-14 19:20 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-05-14 19:19 - 2013-10-23 19:50 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-05-14 19:18 - 2013-10-23 19:50 - 93223848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-05-14 19:18 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-05-13 20:58 - 2014-01-09 12:12 - 00000000 ____D () C:\Users\Ssteffi\Desktop\photocase
2014-05-13 20:56 - 2013-10-23 17:21 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-05-13 10:17 - 2014-01-19 19:12 - 00085328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2014-05-13 10:17 - 2013-10-23 16:08 - 01039096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2014-05-13 10:17 - 2013-10-23 16:08 - 00423240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-05-11 17:16 - 2014-05-11 17:16 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-05-11 17:16 - 2014-05-11 17:16 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-05-11 17:07 - 2013-08-22 16:44 - 00393800 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-05-11 13:38 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-05-11 13:37 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-05-11 13:37 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-05-11 13:37 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-05-11 13:37 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-11 13:37 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-11 13:37 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\zh-HK
2014-05-11 13:37 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\uk-UA
2014-05-11 13:37 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\tr-TR
2014-05-11 13:37 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\th-TH
2014-05-11 13:37 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2014-05-11 13:37 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-05-11 13:37 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-05-11 13:37 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sl-SI
2014-05-11 13:37 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sk-SK
2014-05-11 13:37 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\ro-RO
2014-05-11 13:37 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\migwiz
2014-05-11 13:37 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\lv-LV
2014-05-11 13:37 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\lt-LT
2014-05-11 13:37 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\hr-HR
2014-05-11 13:37 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\he-IL
2014-05-11 13:37 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\et-EE
2014-05-11 13:37 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2014-05-11 13:37 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\bg-BG
2014-05-11 13:37 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\ar-SA
2014-05-11 13:37 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-05-11 13:37 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-05-11 13:37 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-05-11 13:37 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-05-11 13:37 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-05-11 13:37 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
2014-05-11 13:37 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-05-11 13:37 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform
2014-05-11 13:37 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe
2014-05-11 13:37 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-05-11 13:37 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-05-11 13:37 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-05-11 13:37 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-05-11 13:37 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\servicing
2014-05-11 12:40 - 2014-05-11 12:40 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-05-11 12:40 - 2014-05-11 12:40 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-05-11 12:38 - 2014-05-11 12:38 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-05-11 12:38 - 2014-05-11 12:38 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-05-11 12:38 - 2014-05-11 12:38 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-05-11 12:38 - 2014-05-11 12:38 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-05-11 12:37 - 2014-05-11 12:37 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-05-11 12:37 - 2014-05-11 12:37 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-05-11 12:37 - 2014-05-11 12:37 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-05-11 12:37 - 2014-05-11 12:37 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-05-11 12:37 - 2014-05-11 12:37 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-05-11 12:36 - 2014-05-11 12:36 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-05-11 12:36 - 2014-05-11 12:36 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-05-11 11:03 - 2013-10-23 16:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-10 12:51 - 2014-03-31 09:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-08 10:02 - 2013-10-23 17:12 - 00000000 ____D () C:\Users\Ssteffi\Documents\Arbeit
2014-05-08 09:41 - 2013-11-05 13:21 - 00004098 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-08 09:41 - 2013-11-05 13:21 - 00003862 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-06 13:18 - 2013-10-23 15:47 - 00000000 ____D () C:\Users\Ssteffi\AppData\Roaming\Adobe
2014-05-06 10:52 - 2013-11-05 13:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-05-06 06:40 - 2014-05-14 08:09 - 23544320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-05-06 05:25 - 2014-05-14 08:09 - 17382912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-05-06 05:00 - 2014-05-14 08:09 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-14 08:09 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-05-03 19:45 - 2014-03-20 11:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird

Some content of TEMP:
====================
C:\Users\Ssteffi\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpoe7hfz.dll
C:\Users\Ssteffi\AppData\Local\Temp\htmlayout.dll
C:\Users\Ssteffi\AppData\Local\Temp\Quarantine.exe
C:\Users\Ssteffi\AppData\Local\Temp\WZCPlugin_VISTA.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-27 14:52

==================== End Of Log ============================
und noch Addition:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-06-2014 01
Ran by Ssteffi at 2014-06-02 10:41:43
Running from C:\Users\Ssteffi\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.1.0.9 - Absolute Software)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.2.3042.61510 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.2.3042.61510 - Alcor Micro Corp.) Hidden
Amazon Browser App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.0 - Amazon)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.06 - Piriform)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04072 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04072 - Cisco Systems, Inc.) Hidden
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.44.0 - Conexant)
digiCamControl (HKLM-x32\...\digiCamControl) (Version: 1.0.0 - Duka Istvan)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.3 - Lenovo)
Energy Management (x32 Version: 8.0.2.3 - Lenovo) Hidden
ExpressCache (HKLM\...\{2EBEFDA8-F905-4C39-AC1C-D5ABE7B3E0AE}) (Version: 1.0.86 - Diskeeper Corporation)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Drive (HKLM-x32\...\{418BAAD1-754D-48B4-B078-46EF4F25AF42}) (Version: 1.15.6556.8063 - Google, Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3379 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{0728A184-F899-4356-B93D-8228674F0DEB}) (Version: 2.6.1209.0268 - Motorola Solutions, Inc.)
Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 2.1.0.1002 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{EDBA2433-0910-4C72-8C5B-8FEDAE3EF18E}) (Version: 3.5.34.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{99FDAE3B-6905-45A6-8F73-595363AAD3D1}) (Version: 15.05.1000.1411 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
iTunes (HKLM\...\{A04DCB25-7040-4935-A30D-8E0A893ABF2D}) (Version: 11.1.2.32 - Apple Inc.)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 13.12.824.1 - Vimicro)
Lenovo MediaShow6 (HKLM-x32\...\InstallShield_{8FCCB703-3FBF-49e7-A43F-A81E27D9B07E}) (Version: 6.0.4019 - CyberLink Corp.)
Lenovo MediaShow6 (x32 Version: 6.0.4019 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.0710 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.0710 - CyberLink Corp.) Hidden
Lenovo Smart Update (HKLM-x32\...\{29B7C0EB-A1E6-4BC3-8344-70EDE4F189F1}) (Version: 1.5.75 - Lenovo Corporation)
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3127 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3127 - CyberLink Corp.) Hidden
LenovoDrv_x64 (HKLM\...\{83E68458-AF28-4CA4-8AFC-595A10307290}) (Version: 1.0.00 - Lenovo)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Small Business Edition 2003 (HKLM-x32\...\{90CA0407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.10.00.03 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.5.0 (x86 de)) (Version: 24.5.0 - Mozilla)
Nur Entfernen der CopyTrans Suite möglich (HKCU\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Snap.Do Engine (HKCU\...\{4ad9f49a-a29d-4878-91cc-c092bbf7090e}) (Version: 1.138.1.12546 - ReSoft Ltd.) <==== ATTENTION
Spotify (HKCU\...\Spotify) (Version: 0.9.10.14.g578d350b - Spotify AB)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.4.0 - Synaptics Incorporated)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.9 - Lenovo)
UserGuide (x32 Version: 1.0.0.9 - Lenovo) Hidden
Windows Driver Package - Lenovo (ACPIVPC) System  (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
Windows Driver Package - Lenovo Corporation (LAD) System  (06/08/2012 1.0.0.3) (HKLM\...\C48768A2A32F4649238F7DCF737A260911895FDE) (Version: 06/08/2012 1.0.0.3 - Lenovo Corporation)
XBMC (HKCU\...\XBMC) (Version:  - Team XBMC)

==================== Restore Points  =========================

14-05-2014 17:16:32 Windows Update
24-05-2014 13:01:57 Geplanter Prüfpunkt
01-06-2014 19:26:45 Removed Need for Speed(TM) Hot Pursuit

==================== Hosts content: ==========================

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {32AFF50F-C3D2-4ECB-A85E-9319DEE7733D} - System32\Tasks\REGSERVO => C:\Program Files\REGSERVO\RegSERVO.exe <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3C0F5DE7-8E51-49C3-A9C7-AD7CD9692582} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {3C435CD0-EB2E-40C4-810D-C51B53044F15} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-04-24] (AVAST Software)
Task: {4679A802-D03D-40F7-A26F-E3BE0AFAC8C5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-05-14] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4A37DF96-164F-4DEB-99D7-D273D50899BC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-05] (Google Inc.)
Task: {4B0A59B2-F681-4CA8-9A59-A00E5B83F113} - \Plus-HD-2.8-firefoxinstaller No Task File <==== ATTENTION
Task: {5207865A-C3BE-4AC5-9385-4E4C6E1EC481} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {5C50E7C6-4A1D-4049-B24C-BCE409F257A6} - \Plus-HD-2.8-updater No Task File <==== ATTENTION
Task: {6868DAAB-B362-4AD1-A575-BA58B14871F0} - \Plus-HD-2.8-enabler No Task File <==== ATTENTION
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7858DD4F-9887-4AF6-9F84-159F7A155D4C} - \Plus-HD-2.8-codedownloader No Task File <==== ATTENTION
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8E6E25AB-FF67-4602-902F-D8D4CE87029D} - System32\Tasks\OFFICE2010ACT => C:\ProgramData\Microsoft\Windows\OFFICEICON.vbs [2012-03-08] ()
Task: {9AC842AE-33E7-4530-BDF2-3B4E75689FE7} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A99F8184-6A82-4C41-926D-2E9CE803B540} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {B76C1133-27AD-4C57-9DCD-B52A3AC209F7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-05] (Google Inc.)
Task: {CD90EA40-A080-45E5-8B5A-8CC4872ADF0F} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DDC45BE9-06B4-4B24-B28E-D11F150FF677} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [2012-08-13] (Intel)
Task: {DF56637D-217C-4ED2-BA12-0CAA0C403C1A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-09-19] (Piriform Ltd)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F630C2D8-0604-4DCE-8963-EE134A357E27} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {FE0F3F33-3684-457E-A526-225CFD028070} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\REGSERVO.job => C:\Program Files\REGSERVO\REGSERVO.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2011-06-22 06:48 - 2011-06-22 06:48 - 00034304 _____ () C:\WINDOWS\System32\ssp7ml6.dll
2013-10-27 10:53 - 2013-10-27 10:53 - 00230240 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
2012-10-15 05:36 - 2010-10-26 06:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2013-10-03 23:42 - 2013-10-03 23:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-03-25 10:15 - 2014-03-25 10:15 - 00323072 _____ () C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobePhotoshopExpress_1.2.0.20_x64__ynb6jyjzte8ga\PSExpress.exe
2014-05-12 15:55 - 2014-05-12 15:55 - 01937920 _____ () C:\Users\Ssteffi\AppData\Local\Packages\AdobeSystemsIncorporated.AdobePhotoshopExpress_ynb6jyjzte8ga\AC\Microsoft\CLR_v4.0\NativeImages\PSExpress\3a15cbebbaa398879d524a24d40412c4\PSExpress.ni.exe
2014-05-14 19:16 - 2014-05-14 19:16 - 05185024 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.UI.Xaml\58afb3c922fe504503f07ade2e88ccfb\Windows.UI.Xaml.ni.dll
2014-05-14 19:16 - 2014-05-14 19:16 - 01782784 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\43b92b6dbc9eb61983817ea32346d510\Windows.ApplicationModel.ni.dll
2014-05-12 12:14 - 2014-05-12 12:14 - 01459712 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.UI\926020eb508f6968545d6a51fb661fad\Windows.UI.ni.dll
2014-05-12 15:55 - 2014-05-12 15:55 - 01525248 _____ () C:\Users\Ssteffi\AppData\Local\Packages\AdobeSystemsIncorporated.AdobePhotoshopExpress_ynb6jyjzte8ga\AC\Microsoft\CLR_v4.0\NativeImages\OzComponent\d341a77f845252ceeeac5c7dd35178b4\OzComponent.ni.dll
2014-05-12 12:14 - 2014-05-12 12:14 - 00363520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\057b7043f4868b76c209d9c426b80743\Windows.Foundation.ni.dll
2014-05-12 15:55 - 2014-05-12 15:55 - 00226816 _____ () C:\Users\Ssteffi\AppData\Local\Packages\AdobeSystemsIncorporated.AdobePhotoshopExpress_ynb6jyjzte8ga\AC\Microsoft\CLR_v4.0\NativeImages\PSExpressUtf6b179d3#\623e1b4e8269f2910ceaea40e0222d80\PSExpressUtilityComponent.ni.dll
2014-05-12 12:14 - 2014-05-12 12:14 - 01278464 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Storage\ba65f033632f4fc480cc45bc72bf25e4\Windows.Storage.ni.dll
2014-05-12 15:55 - 2014-05-12 15:55 - 00092160 _____ () C:\Users\Ssteffi\AppData\Local\Packages\AdobeSystemsIncorporated.AdobePhotoshopExpress_ynb6jyjzte8ga\AC\Microsoft\CLR_v4.0\NativeImages\PSXEditor\f2a4074ccfff3711f265ce7710fdf481\PSXEditor.ni.dll
2014-05-12 12:14 - 2014-05-12 12:14 - 00632320 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Security\00ce12e0481a881d419350afd79395ef\Windows.Security.ni.dll
2014-05-12 12:14 - 2014-05-12 12:14 - 02019840 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Devices\0b4b3f23bdebd1d056b32b31e2f746bb\Windows.Devices.ni.dll
2014-05-12 12:14 - 2014-05-12 12:14 - 01259520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Networking\8f6e236cd6041c81411f85852722670b\Windows.Networking.ni.dll
2014-03-25 10:15 - 2014-03-25 10:15 - 09568768 _____ () C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobePhotoshopExpress_1.2.0.20_x64__ynb6jyjzte8ga\PSXEditor.dll
2014-05-12 12:14 - 2014-05-12 12:14 - 00467456 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Graphics\ea818a24554fc2db9a73de1e79afb286\Windows.Graphics.ni.dll
2014-05-25 13:12 - 2014-05-25 13:12 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\ErrorReporting.dll
2013-10-10 18:48 - 2013-10-10 18:48 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-06-01 19:46 - 2014-06-01 19:46 - 02259456 _____ () C:\Program Files\AVAST Software\Avast\defs\14060101\algo.dll
2013-09-13 20:51 - 2013-09-13 20:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 20:51 - 2013-09-13 20:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-06-02 06:46 - 2014-06-02 06:46 - 00043008 _____ () c:\users\ssteffi\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpoe7hfz.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Ssteffi\AppData\Roaming\Dropbox\bin\libcef.dll
2014-05-12 15:56 - 2014-05-12 15:56 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\bccb0a1f2d36a70793a6f123ca0ef953\PSIClient.ni.dll
2012-10-15 05:56 - 2012-07-18 23:27 - 00021072 _____ () C:\Program Files (x86)\Lenovo\Lenovo Smart Update\HookDll.dll
2013-10-23 16:08 - 2013-10-23 16:08 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-10-15 05:20 - 2012-06-25 04:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-03-20 11:00 - 2014-05-03 19:45 - 03019888 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-03-20 11:00 - 2014-05-03 19:45 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-03-20 11:00 - 2014-05-03 19:45 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2014-03-31 09:22 - 2014-05-10 12:51 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Ssteffi\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Ssteffi\SkyDrive.old:ms-properties

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: USB-IF xHCI USB Host Controller
Description: USB-IF xHCI USB Host Controller
Class Guid: {8a2edc79-c759-46f2-88af-9d4efe3b5eee}
Manufacturer: Intel Corporation
Service: XHCIPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/01/2014 11:01:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14453

Error: (06/01/2014 11:01:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14453

Error: (06/01/2014 11:01:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (06/02/2014 06:46:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (06/02/2014 06:46:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (06/02/2014 06:46:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (06/02/2014 06:46:10 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (06/01/2014 11:01:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (06/01/2014 11:01:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (06/01/2014 11:01:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (06/01/2014 11:01:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (06/01/2014 11:01:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127

Error: (06/01/2014 11:00:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%127


Microsoft Office Sessions:
=========================
Error: (06/01/2014 11:01:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14453

Error: (06/01/2014 11:01:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14453

Error: (06/01/2014 11:01:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


==================== Memory info =========================== 

Percentage of memory in use: 76%
Total physical RAM: 3954.66 MB
Available physical RAM: 933.49 MB
Total Pagefile: 6002.66 MB
Available Pagefile: 2617.96 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:418.09 GB) (Free:233.68 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.04 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 22 GB) (Disk ID: 2CA36623)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 466 GB) (Disk ID: 2CA3663E)

Partition: GPT Partition Type.

==================== End Of Log ============================

 

Themen zu Snap.do Engine vollständig entfernen
aktuelle, engine, entferne, entfernen, erfolgreich, hallo zusammen, hartnäckig, lässt sich nicht entfernen, löschen, programme, programmen, schonmal, sitzt, snap.do, systems, systemsteuerung, thread, versuch, versucht, vollständig, vollständig entfernen, weniger, woche, wochen, zusammen


« Online Banking gesperrt wg. Phishing | fehler beim Laden des moduls »


Ähnliche Themen: Snap.do Engine vollständig entfernen


  1. Mysearch-engine.net redirect entfernen
    Anleitungen, FAQs & Links - 01.11.2015 (2)
  2. Kann Snap.do & Snap.do engine gar nicht deinstallieren?
    Plagegeister aller Art und deren Bekämpfung - 12.09.2015 (3)
  3. Snap.do / Snap.do engine entdeckt
    Log-Analyse und Auswertung - 23.05.2015 (9)
  4. Snap.Do Engine lässt sich unter Systemsteuerung nicht deinstallieren
    Plagegeister aller Art und deren Bekämpfung - 03.09.2014 (9)
  5. Snap.do und Sanp.do engine lassen sich nicht aus Systemsteuerung entfernen
    Plagegeister aller Art und deren Bekämpfung - 21.04.2014 (7)
  6. Win32:Malware-gen [Engine B] und Trojan.GenericKDZ.18343 [Engine A] u.a.
    Log-Analyse und Auswertung - 02.11.2013 (24)
  7. Snap.do vollständig löschen, auch aus Systemsteuerung...
    Plagegeister aller Art und deren Bekämpfung - 28.10.2013 (11)
  8. Snap.Do Engine läßt sich nicht deinstallieren
    Plagegeister aller Art und deren Bekämpfung - 27.10.2013 (19)
  9. Windows 8 u. IE: snap.do engine lässt sich nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 27.10.2013 (13)
  10. snap.do engine lässt sich nicht aus der Programmliste entfernen
    Log-Analyse und Auswertung - 20.10.2013 (19)
  11. Snap.do Engine lässt sich nicht deinstallieren
    Plagegeister aller Art und deren Bekämpfung - 16.10.2013 (23)
  12. Snap.Do Engine Deinstallieren
    Log-Analyse und Auswertung - 05.08.2013 (9)
  13. snap.do entfernen
    Log-Analyse und Auswertung - 31.07.2013 (11)
  14. snap do entfernen
    Plagegeister aller Art und deren Bekämpfung - 14.05.2013 (2)
  15. Infizierte Webseite: Trojan.JS.Agent.EUZ (Engine A), HTML:ImgHack-A [Trj] (Engine B)
    Log-Analyse und Auswertung - 31.01.2012 (1)
  16. Smart Engine entfernen
    Anleitungen, FAQs & Links - 11.10.2010 (2)
  17. My Security Engine entfernen
    Anleitungen, FAQs & Links - 24.04.2010 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Snap.do Engine vollständig entfernen - FRST Teil 2: Code: Alles auswählen Aufklappen ATTFilter ==================== One Month Modified Files and Folders ======= 2014-06-02 10:41 - 2014-06-02 10:40 - 00019691 _____ () C:\Users\Ssteffi\Downloads\FRST.txt 2014-06-02 10:41 - 2013-10-24 - Snap.do Engine vollständig entfernen...
Archiv
Du betrachtest: Snap.do Engine vollständig entfernen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131