Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Awesomehp als Startseite löschen

Awesomehp als Startseite löschen


Log-Analyse und Auswertung: Awesomehp als Startseite löschen

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 17.02.2014, 14:06   #1
Ändria
 
Awesomehp als Startseite löschen - Standard

Awesomehp als Startseite löschen


Hallo,

ich bekomme Awesomehp als Startseite nicht mehr weg und ständig öffnen sich Werbeseiten auf meinem Rechner.
Würde mich freuen, wenn mir da jemand helfen kann!
Die logfiles hänge ich an. Gmer hat bei mir leider nicht funktioniert, der Laptop ist immer ausgegangen und hat mir danach nichts weiteres angezeigt.

Gruß
Ändria

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 12:32 on 17/02/2014 (andrea)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-02-2014
Ran by andrea (administrator) on ANDREA-PC on 17-02-2014 12:37:00
Running from C:\Users\andrea\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 7
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Agere Systems) C:\Windows\system32\agrsmsvc.exe
(Symantec Corporation) C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
(Secunia) C:\Program Files\Secunia\PSI\PSIA.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
(TOSHIBA Corporation) C:\Windows\system32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Conduit) C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe
(Conduit) C:\Program Files\SearchProtect\SearchProtect\bin\cltmng.exe
(Conduit) C:\Program Files\SearchProtect\UI\bin\cltmngui.exe
() C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Secunia) C:\Program Files\Secunia\PSI\sua.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynToshiba.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Somoto) C:\Program Files\FilesFrog Update Checker\update_checker.exe
(Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe
(Dropbox, Inc.) C:\Users\andrea\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Users\andrea\AppData\Local\Lollipop\Lollipop.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [KeNotify] - C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [34352 2006-11-06] ()
HKLM\...\Run: [SVPWUTIL] - C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [438272 2006-03-22] (TOSHIBA)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4489216 2007-06-13] (Realtek Semiconductor)
HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [411192 2007-03-29] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] - C:\Program Files\TOSHIBA\TBS\HSON.exe [55416 2006-12-07] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] - C:\Program Files\Toshiba\SmoothView\SmoothView.exe [509496 2007-05-23] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [538744 2007-05-22] (TOSHIBA Corporation)
HKLM\...\Run: [NDSTray.exe] - NDSTray.exe
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [90112 2006-11-10] ()
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [174872 2007-02-12] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [894512 2007-06-08] (Synaptics, Inc.)
HKLM\...\Run: [Skytel] - C:\Windows\Skytel.exe [1826816 2007-05-28] (Realtek Semiconductor Corp.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-06] (AVAST Software)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\.DEFAULT\...\Run: [Skype] - "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
HKU\S-1-5-21-1374351646-1889125612-2194041770-1000\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-1374351646-1889125612-2194041770-1000\...\Run: [SDP] - C:\Program Files\FilesFrog Update Checker\update_checker.exe [201808 2013-01-31] (Somoto)
HKU\S-1-5-21-1374351646-1889125612-2194041770-1000\...\Run: [NextLive] - C:\Windows\system32\rundll32.exe "C:\Users\andrea\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
AppInit_DLLs: C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [1047328 2014-02-06] (Conduit)
Startup: C:\Users\andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\andrea\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\lollipop.lnk
ShortcutTarget: lollipop.lnk -> C:\Users\andrea\AppData\Local\Lollipop\Lollipop.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.awesomehp.com/?type=hp&ts=1391976762&from=tugs&uid=TOSHIBAXMK2035GSS_97IIFGR3SXX97IIFGR3S
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?affID=119556&tt=300513_ctrl&babsrc=HP_ss&mntrId=9EA20013E8CB3E29
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1391976762&from=tugs&uid=TOSHIBAXMK2035GSS_97IIFGR3SXX97IIFGR3S
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.awesomehp.com/?type=hp&ts=1391976762&from=tugs&uid=TOSHIBAXMK2035GSS_97IIFGR3SXX97IIFGR3S
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1391976762&from=tugs&uid=TOSHIBAXMK2035GSS_97IIFGR3SXX97IIFGR3S
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1391976762&from=tugs&uid=TOSHIBAXMK2035GSS_97IIFGR3SXX97IIFGR3S&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1391976762&from=tugs&uid=TOSHIBAXMK2035GSS_97IIFGR3SXX97IIFGR3S&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.awesomehp.com/?type=sc&ts=1391976762&from=tugs&uid=TOSHIBAXMK2035GSS_97IIFGR3SXX97IIFGR3S
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1391976762&from=tugs&uid=TOSHIBAXMK2035GSS_97IIFGR3SXX97IIFGR3S&q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1391976762&from=tugs&uid=TOSHIBAXMK2035GSS_97IIFGR3SXX97IIFGR3S&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1391976762&from=tugs&uid=TOSHIBAXMK2035GSS_97IIFGR3SXX97IIFGR3S&q={searchTerms}
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1391976762&from=tugs&uid=TOSHIBAXMK2035GSS_97IIFGR3SXX97IIFGR3S&q={searchTerms}
BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO: Fortunitas - {c6f3fc7b-d607-44ec-9caf-2a41d547137f} - C:\Program Files\Fortunitas\FortunitasBHO.dll (Fortunitas)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\andrea\AppData\Roaming\Mozilla\Firefox\Profiles\4jlhvzgi.default
FF user.js: detected! => C:\Users\andrea\AppData\Roaming\Mozilla\Firefox\Profiles\4jlhvzgi.default\user.js
FF NewTab: hxxp://search.conduit.com/?ctid=CT3322287&octid=EB_ORIGINAL_CTID&SearchSource=69&CUI=&SSPV=&Lay=1&UM=4&UP=SP0FC0EE11-DA63-4526-AFA5-6FAB81EEBF6B
FF DefaultSearchEngine: Conduit Search
FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");
FF SelectedSearchEngine: awesomehp
FF Homepage: hxxp://search.conduit.com/?ctid=CT3322287&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP0FC0EE11-DA63-4526-AFA5-6FAB81EEBF6B&SSPV=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\andrea\AppData\Roaming\Mozilla\Firefox\Profiles\4jlhvzgi.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\andrea\AppData\Roaming\Mozilla\Firefox\Profiles\4jlhvzgi.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\andrea\AppData\Roaming\Mozilla\Firefox\Profiles\4jlhvzgi.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\andrea\AppData\Roaming\Mozilla\Firefox\Profiles\4jlhvzgi.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\andrea\AppData\Roaming\Mozilla\Firefox\Profiles\4jlhvzgi.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Lightning Speed Dial - C:\Users\andrea\AppData\Roaming\Mozilla\Firefox\Profiles\4jlhvzgi.default\Extensions\lightningnewtab@gmail.com [2014-02-14]
FF Extension: Extension_Protected - C:\Users\andrea\AppData\Roaming\Mozilla\Firefox\Profiles\4jlhvzgi.default\Extensions\jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack.xpi [2014-02-09]
FF Extension: Fortunitas - C:\Users\andrea\AppData\Roaming\Mozilla\Firefox\Profiles\4jlhvzgi.default\Extensions\{b8a90375-3b37-4954-86de-f96c458c4ce2}.xpi [2014-02-05]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-06-16]
FF HKLM\...\Firefox\Extensions: [lightningnewtab@gmail.com] - C:\Users\andrea\AppData\Roaming\Mozilla\Firefox\Profiles\4jlhvzgi.default\extensions\lightningnewtab@gmail.com.xpi

Chrome: 
=======
CHR HomePage: http:\/\/search.conduit.com\/?ctid=CT3322287&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP0FC0EE11-DA63-4526-AFA5-6FAB81EEBF6B&SSPV=
CHR RestoreOnStartup: "hxxp://www.awesomehp.com/?type=hp&ts=1391976762&from=tugs&uid=TOSHIBAXMK2035GSS_97IIFGR3SXX97IIFGR3S"],"startup_urls":["http:\/\/search.conduit.com\/?ctid=CT3322287&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP0FC0EE11-DA63-4526-AFA5-6FAB81EEBF6B&SSPV="
CHR DefaultSearchKeyword: conduit.search
CHR DefaultSearchURL: http:\/\/search.conduit.com\/Results.aspx?ctid=CT3322287&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP0FC0EE11-DA63-4526-AFA5-6FAB81EEBF6B&q={searchTerms}&SSPV=
CHR HKLM\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\andrea\AppData\Roaming\BabSolution\CR\Delta.crx []
CHR StartMenuInternet: Google Chrome - C:\Program Files\Google\Chrome\Application\chrome.exe hxxp://www.awesomehp.com/?type=sc&ts=1391976762&from=tugs&uid=TOSHIBAXMK2035GSS_97IIFGR3SXX97IIFGR3S

========================== Services (Whitelisted) =================

R2 Automatisches LiveUpdate - Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [554352 2007-09-26] (Symantec Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-06] (AVAST Software)
R2 CltMngSvc; C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe [2360608 2014-02-06] (Conduit)
S3 FirebirdServerMAGIXInstance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®)
S2 gupdate1c9e6e4bfd02130; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-06-06] (Google Inc.)
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [508016 2014-01-14] (Cherished Technololgy LIMITED)
S3 LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE [2999664 2007-09-26] (Symantec Corporation)
R2 LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [583048 2008-01-29] (Symantec Corporation)
R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1227800 2013-04-18] (Secunia)
R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [659992 2013-04-18] (Secunia)
S3 TuneUp.Defrag; C:\Windows\System32\TuneUpDefragService.exe [306432 2008-01-15] (TuneUp Software GmbH)
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.)
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [493568 2014-02-09] (Cherished Technololgy LIMITED)
S2 AntiVirMailService; C:\Program Files\AntiVir PersonalEdition Premium\avmailc.exe [X]
S2 AntiVirScheduler; "C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe" [X]
S2 AntiVirService; "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe" [X]
S2 AVEService; C:\Program Files\AntiVir PersonalEdition Premium\avesvc.exe [X]
S2 LiveUpdate Notice Ex; "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [X]
S2 TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [X]

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-02-06] (AVAST Software)
R1 AswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2014-02-06] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-02-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2014-02-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410784 2014-02-06] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2014-02-06] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180248 2014-02-06] ()
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [75096 2009-05-27] (Avira GmbH)
R0 CplIR; C:\Windows\System32\DRIVERS\CplIR.SYS [14848 2007-03-06] (COMPAL ELECTRONIC INC.)
S3 dtscsi; C:\Windows\System32\Drivers\dtscsi.sys [223128 2008-01-15] (DT Soft Ltd.)
R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [19456 2006-07-28] (COMPAL ELECTRONIC INC.)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2013-04-18] (Secunia)
R4 sptd; C:\Windows\System32\Drivers\sptd.sys [685816 2008-01-15] ()
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [21248 2008-04-17] (AVIRA GmbH)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S1 avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [X]
S1 avgntdd; SYSTEM32\DRIVERS\avgntdd.sys [X]
S3 avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [X]
S0 avgntmgr; SYSTEM32\drivers\avgntmgr.sys [X]
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 catchme; \??\C:\Users\andrea\AppData\Local\Temp\catchme.sys [X]
S3 igfx; system32\DRIVERS\igdkmd32.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 Tosrfcom; No ImagePath
S3 TpChoice; system32\DRIVERS\TpChoice.sys [X]
S1 ygsnfvtx; \??\C:\Windows\system32\drivers\ygsnfvtx.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-17 12:37 - 2014-02-17 12:38 - 00023243 _____ () C:\Users\andrea\Desktop\FRST.txt
2014-02-17 12:36 - 2014-02-17 12:37 - 00000000 ____D () C:\FRST
2014-02-17 12:35 - 2014-02-17 12:35 - 01141248 _____ (Farbar) C:\Users\andrea\Desktop\FRST.exe
2014-02-17 12:31 - 2014-02-17 12:32 - 00000448 _____ () C:\Users\andrea\Desktop\defogger_disable.log
2014-02-17 12:31 - 2014-02-17 12:31 - 00000020 _____ () C:\Users\andrea\defogger_reenable
2014-02-17 12:28 - 2014-02-17 12:28 - 00050477 _____ () C:\Users\andrea\Desktop\Defogger.exe
2014-02-15 16:50 - 2014-02-15 16:51 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-14 17:34 - 2014-02-17 10:59 - 00000000 ____D () C:\Users\andrea\Desktop\Cd brenn
2014-02-14 17:34 - 2014-02-14 17:34 - 00000000 ____D () C:\Windows\system32\SearchProtect
2014-02-14 17:28 - 2014-02-14 17:35 - 00000000 ____D () C:\Program Files\SearchProtect
2014-02-14 17:28 - 2014-02-14 17:28 - 00002112 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-02-14 17:28 - 2014-02-14 17:28 - 00001037 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-02-14 17:27 - 2014-02-14 17:27 - 00000000 ____D () C:\Users\andrea\AppData\Roaming\OpenCandy
2014-02-14 17:18 - 2014-02-14 17:19 - 34008992 _____ (DVDVideoSoft Ltd. ) C:\Users\andrea\Desktop\FreeYouTubeToMP3Converter-3.12.20.1230.exe
2014-02-14 09:12 - 2014-02-14 09:13 - 00000000 ____D () C:\Users\andrea\Desktop\Hörbuch
2014-02-09 21:15 - 2014-02-17 12:07 - 00000360 _____ () C:\Windows\Tasks\AmiUpdXp.job
2014-02-09 21:15 - 2014-02-17 09:10 - 00000000 ____D () C:\Users\andrea\AppData\Roaming\newnext.me
2014-02-09 21:15 - 2014-02-10 09:24 - 00000000 ____D () C:\Users\andrea\AppData\Local\Mobogenie
2014-02-09 21:15 - 2014-02-09 21:19 - 00000000 ____D () C:\Users\andrea\AppData\Local\cache
2014-02-09 21:15 - 2014-02-09 21:16 - 00000000 ____D () C:\Users\andrea\.android
2014-02-09 21:15 - 2014-02-09 21:15 - 00000000 ____D () C:\Users\andrea\Documents\Optimizer Pro
2014-02-09 21:15 - 2014-02-09 21:15 - 00000000 ____D () C:\Users\andrea\Documents\Mobogenie
2014-02-09 21:15 - 2014-02-09 21:15 - 00000000 ____D () C:\Users\andrea\AppData\Local\SwvUpdater
2014-02-09 21:15 - 2014-02-09 21:15 - 00000000 ____D () C:\Users\andrea\AppData\Local\genienext
2014-02-09 21:15 - 2014-02-09 21:15 - 00000000 _____ () C:\Users\andrea\daemonprocess.txt
2014-02-09 21:14 - 2014-02-10 09:35 - 00000000 ____D () C:\Program Files\Optimizer Pro
2014-02-09 21:14 - 2014-02-10 09:17 - 00000000 ____D () C:\Program Files\Fortunitas
2014-02-09 21:14 - 2014-02-09 21:14 - 00000000 ____D () C:\ProgramData\WPM
2014-02-09 21:14 - 2014-02-09 21:14 - 00000000 ____D () C:\ProgramData\IePluginService
2014-02-09 21:14 - 2014-02-09 21:14 - 00000000 ____D () C:\Program Files\SupTab
2014-02-09 21:12 - 2014-02-17 12:37 - 00001769 _____ () C:\Users\andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lollipop.lnk
2014-02-09 21:12 - 2014-02-17 12:37 - 00000000 ____D () C:\Users\andrea\AppData\Local\Lollipop
2014-02-09 21:10 - 2014-02-14 17:29 - 00000000 ____D () C:\Users\andrea\AppData\Local\SearchProtect
2014-02-09 21:10 - 2014-02-09 21:10 - 00000000 _____ () C:\END
2014-02-09 20:11 - 2014-02-09 20:11 - 00000000 ____D () C:\Users\andrea\AppData\Roaming\AVAST Software

==================== One Month Modified Files and Folders =======

2014-02-17 12:38 - 2014-02-17 12:37 - 00023243 _____ () C:\Users\andrea\Desktop\FRST.txt
2014-02-17 12:37 - 2014-02-17 12:36 - 00000000 ____D () C:\FRST
2014-02-17 12:37 - 2014-02-09 21:12 - 00001769 _____ () C:\Users\andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lollipop.lnk
2014-02-17 12:37 - 2014-02-09 21:12 - 00000000 ____D () C:\Users\andrea\AppData\Local\Lollipop
2014-02-17 12:35 - 2014-02-17 12:35 - 01141248 _____ (Farbar) C:\Users\andrea\Desktop\FRST.exe
2014-02-17 12:33 - 2009-07-02 15:11 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-17 12:32 - 2014-02-17 12:31 - 00000448 _____ () C:\Users\andrea\Desktop\defogger_disable.log
2014-02-17 12:31 - 2014-02-17 12:31 - 00000020 _____ () C:\Users\andrea\defogger_reenable
2014-02-17 12:31 - 2008-01-04 11:24 - 00000000 ____D () C:\Users\andrea
2014-02-17 12:28 - 2014-02-17 12:28 - 00050477 _____ () C:\Users\andrea\Desktop\Defogger.exe
2014-02-17 12:07 - 2014-02-09 21:15 - 00000360 _____ () C:\Windows\Tasks\AmiUpdXp.job
2014-02-17 11:40 - 2012-04-24 16:32 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-17 11:07 - 2006-11-02 13:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-17 11:07 - 2006-11-02 13:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-17 10:59 - 2014-02-14 17:34 - 00000000 ____D () C:\Users\andrea\Desktop\Cd brenn
2014-02-17 10:50 - 2011-07-14 11:23 - 00000000 ____D () C:\Users\andrea\AppData\Roaming\vlc
2014-02-17 09:16 - 2012-05-07 19:28 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-17 09:16 - 2008-01-04 10:10 - 01064686 _____ () C:\Windows\WindowsUpdate.log
2014-02-17 09:11 - 2009-11-04 13:36 - 00000000 ___RD () C:\Users\andrea\Documents\My Dropbox
2014-02-17 09:11 - 2009-11-04 13:34 - 00000000 ____D () C:\Users\andrea\AppData\Roaming\Dropbox
2014-02-17 09:11 - 2008-01-04 11:43 - 00000420 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{929C5347-AE8B-4470-A617-D957BEE3A63C}.job
2014-02-17 09:10 - 2014-02-09 21:15 - 00000000 ____D () C:\Users\andrea\AppData\Roaming\newnext.me
2014-02-17 09:07 - 2009-07-02 15:11 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-17 09:07 - 2008-04-16 11:59 - 00000435 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-02-17 09:07 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-15 18:56 - 2006-11-02 14:01 - 00032534 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-15 16:51 - 2014-02-15 16:50 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-15 15:48 - 2008-04-17 16:57 - 01514930 _____ () C:\Windows\PFRO.log
2014-02-14 17:35 - 2014-02-14 17:28 - 00000000 ____D () C:\Program Files\SearchProtect
2014-02-14 17:34 - 2014-02-14 17:34 - 00000000 ____D () C:\Windows\system32\SearchProtect
2014-02-14 17:29 - 2014-02-09 21:10 - 00000000 ____D () C:\Users\andrea\AppData\Local\SearchProtect
2014-02-14 17:29 - 2011-09-16 14:04 - 00000000 ____D () C:\Users\andrea\AppData\Roaming\DVDVideoSoft
2014-02-14 17:29 - 2010-12-18 15:08 - 00000000 ____D () C:\Program Files\DVDVideoSoft
2014-02-14 17:28 - 2014-02-14 17:28 - 00002112 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-02-14 17:28 - 2014-02-14 17:28 - 00001037 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-02-14 17:28 - 2008-08-31 10:25 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2014-02-14 17:27 - 2014-02-14 17:27 - 00000000 ____D () C:\Users\andrea\AppData\Roaming\OpenCandy
2014-02-14 17:20 - 2011-09-19 16:14 - 00000000 ____D () C:\Users\andrea\Desktop\Programme
2014-02-14 17:20 - 2008-01-15 12:33 - 00000392 _____ () C:\Windows\Tasks\1-Klick-Wartung.job
2014-02-14 17:19 - 2014-02-14 17:18 - 34008992 _____ (DVDVideoSoft Ltd. ) C:\Users\andrea\Desktop\FreeYouTubeToMP3Converter-3.12.20.1230.exe
2014-02-14 12:09 - 2008-01-11 15:09 - 00000017 ____H () C:\Windows\system32\servdat.slm
2014-02-14 10:06 - 2013-08-14 09:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-14 10:01 - 2006-11-02 11:24 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-02-14 09:14 - 2013-11-03 19:10 - 00000000 ____D () C:\Users\andrea\Desktop\change
2014-02-14 09:14 - 2013-10-16 13:48 - 00000000 ____D () C:\Users\andrea\Desktop\ebay bilder
2014-02-14 09:13 - 2014-02-14 09:12 - 00000000 ____D () C:\Users\andrea\Desktop\Hörbuch
2014-02-14 09:13 - 2013-05-31 12:08 - 00000000 ____D () C:\Users\andrea\Documents\Band
2014-02-13 17:15 - 2008-11-16 15:36 - 00002631 _____ () C:\Users\andrea\Desktop\Microsoft Office Word 2007.lnk
2014-02-13 13:32 - 2009-06-06 21:23 - 00001052 _____ () C:\Windows\Tasks\Google Software Updater.job
2014-02-10 09:37 - 2007-04-16 06:18 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-02-10 09:37 - 2006-11-02 11:23 - 00000137 _____ () C:\Windows\win.ini
2014-02-10 09:35 - 2014-02-09 21:14 - 00000000 ____D () C:\Program Files\Optimizer Pro
2014-02-10 09:24 - 2014-02-09 21:15 - 00000000 ____D () C:\Users\andrea\AppData\Local\Mobogenie
2014-02-10 09:17 - 2014-02-09 21:14 - 00000000 ____D () C:\Program Files\Fortunitas
2014-02-09 21:19 - 2014-02-09 21:15 - 00000000 ____D () C:\Users\andrea\AppData\Local\cache
2014-02-09 21:16 - 2014-02-09 21:15 - 00000000 ____D () C:\Users\andrea\.android
2014-02-09 21:15 - 2014-02-09 21:15 - 00000000 ____D () C:\Users\andrea\Documents\Optimizer Pro
2014-02-09 21:15 - 2014-02-09 21:15 - 00000000 ____D () C:\Users\andrea\Documents\Mobogenie
2014-02-09 21:15 - 2014-02-09 21:15 - 00000000 ____D () C:\Users\andrea\AppData\Local\SwvUpdater
2014-02-09 21:15 - 2014-02-09 21:15 - 00000000 ____D () C:\Users\andrea\AppData\Local\genienext
2014-02-09 21:15 - 2014-02-09 21:15 - 00000000 _____ () C:\Users\andrea\daemonprocess.txt
2014-02-09 21:14 - 2014-02-09 21:14 - 00000000 ____D () C:\ProgramData\WPM
2014-02-09 21:14 - 2014-02-09 21:14 - 00000000 ____D () C:\ProgramData\IePluginService
2014-02-09 21:14 - 2014-02-09 21:14 - 00000000 ____D () C:\Program Files\SupTab
2014-02-09 21:12 - 2010-08-07 21:34 - 00001156 _____ () C:\Users\andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-09 21:12 - 2008-03-13 13:15 - 00001931 _____ () C:\Users\andrea\Desktop\Mozilla Firefox.lnk
2014-02-09 21:10 - 2014-02-09 21:10 - 00000000 _____ () C:\END
2014-02-09 20:40 - 2012-04-24 16:32 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-02-09 20:40 - 2011-10-08 12:51 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-02-09 20:11 - 2014-02-09 20:11 - 00000000 ____D () C:\Users\andrea\AppData\Roaming\AVAST Software
2014-02-06 08:45 - 2013-06-16 10:50 - 00001878 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-02-06 08:44 - 2013-06-16 10:50 - 00775952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-02-06 08:44 - 2013-06-16 10:50 - 00410784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-02-06 08:44 - 2013-06-16 10:50 - 00270240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-02-06 08:44 - 2013-06-16 10:50 - 00180248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-02-06 08:44 - 2013-06-16 10:50 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-02-06 08:44 - 2013-06-16 10:50 - 00057672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2014-02-06 08:44 - 2013-06-16 10:50 - 00054832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2014-02-06 08:44 - 2013-06-16 10:50 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-02-06 08:44 - 2013-06-16 10:48 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-02-06 08:39 - 2013-06-16 10:47 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-02-06 08:38 - 2006-11-02 11:23 - 00002577 _____ () C:\Windows\system32\config.nt
2014-01-22 19:25 - 2006-11-02 11:33 - 01445116 _____ () C:\Windows\system32\PerfStringBackup.INI

Some content of TEMP:
====================
C:\Users\andrea\AppData\Local\Temp\FLVPlayerUpdate_downloader_by_FLVPlayerUpdate.exe
C:\Users\andrea\AppData\Local\Temp\nsdBEDE.exe
C:\Users\andrea\AppData\Local\Temp\nsdEACB.exe
C:\Users\andrea\AppData\Local\Temp\nsiA479.exe
C:\Users\andrea\AppData\Local\Temp\nsiB3C6.exe
C:\Users\andrea\AppData\Local\Temp\nsiDE6B.exe
C:\Users\andrea\AppData\Local\Temp\nsyD334.exe
C:\Users\andrea\AppData\Local\Temp\SPSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-17 09:26

==================== End Of Log ============================
--- --- ---
FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 16-02-2014
Ran by andrea at 2014-02-17 12:39:58
Running from C:\Users\andrea\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

7-Zip 9.20 (Version: - )
Adobe Flash Player 12 ActiveX (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.03) - Deutsch (Version: 11.0.03 - Adobe Systems Incorporated)
ATI Catalyst Install Manager (Version: 3.0.641.0 - ATI Technologies, Inc.)
avast! Free Antivirus (Version: 9.0.2013 - Avast Software)
AVI Media Player 1.0.1 (Version: - vsevensoft.com)
Bluetooth Stack for Windows by Toshiba (Version: v5.10.06(T) - )
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Bundled software uninstaller (Version: - ) <==== ATTENTION
Camera RAW Plug-In for EPSON Creativity Suite (Version: 2.1.0.0 - )
Catalyst Control Center - Branding (Version: 1.00.0000 - ATI)
Catalyst Control Center Core Implementation (Version: 2007.0621.1715.28924 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (Version: 2007.0621.1715.28924 - ATI) Hidden
Catalyst Control Center Graphics Full New (Version: 2007.0621.1715.28924 - ATI) Hidden
Catalyst Control Center Graphics Light (Version: 2007.0621.1715.28924 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2007.0621.1715.28924 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (Version: 2007.0621.1715.28924 - ATI) Hidden
Catalyst Control Center Localization Chinese Standard (Version: 2007.0621.1715.28924 - ATI) Hidden
Catalyst Control Center Localization Chinese Traditional (Version: 2007.0621.1715.28924 - ATI) Hidden
Catalyst Control Center Localization Czech (Version: 2007.0621.1715.28924 - ATI) Hidden
Catalyst Control Center Localization Danish (Version: 2007.0621.1715.28924 - ATI) Hidden
Catalyst Control Center Localization Dutch (Version: 2007.0621.1715.28924 - ATI) Hidden
Catalyst Control Center Localization Finnish (Version: 2007.0621.1715.28924 - ATI) Hidden
Catalyst Control Center Localization French (Version: 2007.0621.1715.28924 - ATI) Hidden
Catalyst Control Center Localization German (Version: 2007.0621.1715.28924 - ATI) Hidden
Catalyst Control Center Localization Greek (Version: 2007.0621.1715.28924 - ATI) Hidden
Catalyst Control Center Localization Hungarian (Version: 2007.0621.1715.28924 - ATI) Hidden
Catalyst Control Center Localization Italian (Version: 2007.0621.1715.28924 - ATI) Hidden
Catalyst Control Center Localization Japanese (Version: 2007.0621.1715.28924 - ATI) Hidden
Catalyst Control Center Localization Korean (Version: 2007.0621.1715.28924 - ATI) Hidden
Catalyst Control Center Localization Norwegian (Version: 2007.0621.1715.28924 - ATI) Hidden
Catalyst Control Center Localization Polish (Version: 2007.0621.1715.28924 - ATI) Hidden
Catalyst Control Center Localization Portuguese (Version: 2007.0621.1715.28924 - ATI) Hidden
Catalyst Control Center Localization Russian (Version: 2007.0621.1715.28924 - ATI) Hidden
Catalyst Control Center Localization Spanish (Version: 2007.0621.1715.28924 - ATI) Hidden
Catalyst Control Center Localization Swedish (Version: 2007.0621.1715.28924 - ATI) Hidden
Catalyst Control Center Localization Thai (Version: 2007.0621.1715.28924 - ATI) Hidden
Catalyst Control Center Localization Turkish (Version: 2007.0621.1715.28924 - ATI) Hidden
CCC Help Chinese Standard (Version: 2007.0621.1714.28924 - ATI) Hidden
CCC Help Chinese Traditional (Version: 2007.0621.1714.28924 - ATI) Hidden
CCC Help Czech (Version: 2007.0621.1714.28924 - ATI) Hidden
CCC Help Danish (Version: 2007.0621.1714.28924 - ATI) Hidden
CCC Help Dutch (Version: 2007.0621.1714.28924 - ATI) Hidden
CCC Help English (Version: 2007.0621.1714.28924 - ATI) Hidden
CCC Help Finnish (Version: 2007.0621.1714.28924 - ATI) Hidden
CCC Help French (Version: 2007.0621.1714.28924 - ATI) Hidden
CCC Help German (Version: 2007.0621.1714.28924 - ATI) Hidden
CCC Help Greek (Version: 2007.0621.1714.28924 - ATI) Hidden
CCC Help Hungarian (Version: 2007.0621.1714.28924 - ATI) Hidden
CCC Help Italian (Version: 2007.0621.1714.28924 - ATI) Hidden
CCC Help Japanese (Version: 2007.0621.1714.28924 - ATI) Hidden
CCC Help Korean (Version: 2007.0621.1714.28924 - ATI) Hidden
CCC Help Norwegian (Version: 2007.0621.1714.28924 - ATI) Hidden
CCC Help Polish (Version: 2007.0621.1714.28924 - ATI) Hidden
CCC Help Portuguese (Version: 2007.0621.1714.28924 - ATI) Hidden
CCC Help Russian (Version: 2007.0621.1714.28924 - ATI) Hidden
CCC Help Spanish (Version: 2007.0621.1714.28924 - ATI) Hidden
CCC Help Swedish (Version: 2007.0621.1714.28924 - ATI) Hidden
CCC Help Thai (Version: 2007.0621.1714.28924 - ATI) Hidden
CCC Help Turkish (Version: 2007.0621.1714.28924 - ATI) Hidden
ccc-core-static (Version: 2007.0621.1715.28924 - Ihr Firmenname) Hidden
ccc-utility (Version: 2007.0621.1715.28924 - ATI) Hidden
CD/DVD Drive Acoustic Silencer (Version: 2.00.02 - TOSHIBA)
DMUninstaller (Version: - ) <==== ATTENTION
Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)
DVD MovieFactory for TOSHIBA (Version: 5.3 - Ulead Systems, Inc.)
DVD Shrink 3.2 (Version: - DVD Shrink)
Emdedded IR Driver (Version: 0.0.0.6C - Compal Electronics, Inc.)
Emdedded IR Driver (Version: 0.0.0.6C - Compal Electronics, Inc.) Hidden
Fahren Lernen Offline 1.2 (Version: - Verlag Heinrich Vogel - Springer Transport Media GmbH)
FilesFrog Update Checker (Version: - ) <==== ATTENTION
Firebird SQL Server - MAGIX Edition 2.0.0.1 (D) (Version: 2.0.0.1 - MAGIX AG)
FLV Player (HKCU Version: 1.0 - Somoto Ltd.) <==== ATTENTION
Fortunitas (Version: 2014.02.05.222251 - Fortunitas)
Free YouTube to MP3 Converter version 3.12.20.1230 (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
Google Chrome (Version: 32.0.1700.107 - Google Inc.)
Google Update Helper (Version: 1.3.22.5 - Google Inc.) Hidden
Google Updater (Version: 2.4.2432.1652 - Google Inc.)
IePluginService12.27.0.3326 (Version: 12.27.0.3326 - Cherished Technololgy LIMITED) <==== ATTENTION
Intel Matrix Storage Manager (Version: - )
Java 7 Update 45 (Version: 7.0.450 - Oracle)
Java(TM) SE Runtime Environment 6 (Version: 1.6.0.0 - Sun Microsystems, Inc.)
LiveUpdate 3.2 (Symantec Corporation) (Version: 3.2.0.68 - Symantec Corporation)
LiveUpdate Notice (Symantec Corporation) (Version: 1.4.5 - Symantec Corporation)
Lollipop (HKCU Version: - Lollipop Network, S.L.) <==== ATTENTION
MAGIX Digital Foto Maker SE 4.1.0.835 (D) (Version: 4.1.0.835 - MAGIX AG)
MAGIX Foto Suite 1.12.0.89 (D) (Version: 1.12.0.89 - MAGIX AG)
MAGIX Online Druck Service 2.3.2.0 (D) (Version: 2.3.2.0 - MAGIX AG)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XML Parser (Version: 8.0.7820.0 - Microsoft Corporation) Hidden
Microsoft XML Parser (Version: 8.20.8730.4 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0.1 (x86 de) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (Version: 27.0.1 - Mozilla)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Premium (Version: 7.02.9753 - Nero AG)
neroxml (Version: 1.0.0 - Nero AG) Hidden
PDF-XChange 3 (Version: - Tracker Software)
phase6_19 (Version: 1.90.0000 - phase6)
QuickTime (Version: 7.74.80.86 - Apple Inc.)
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (Version: 6.0.1.5433 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.0.5 (Version: 3.0.5 - VS Revo Group, Ltd.)
Search Protect (Version: 2.10.20.64 - Conduit) <==== ATTENTION
Secunia PSI (3.0.0.7009) (Version: 3.0.0.7009 - Secunia)
Skins (Version: 2007.0621.1715.28924 - ATI) Hidden
Software Version Updater (Version: 1.1.3.8 - ) <==== ATTENTION
SPSS 15.0 für Windows [Auswertung Version] (Version: 15.0.1 - SPSS Inc.)
SupTab (Version: 1.1.1.0 - ) <==== ATTENTION
Synaptics Pointing Device Driver (Version: 10.0.1.0 - Synaptics)
Texas Instruments PCIxx21/x515/xx12 drivers. (Version: 2.00.0001 - Ihr Firmenname)
TIPCI (Version: 2.00.0001 - Ihr Firmenname) Hidden
TOSHIBA Assist (Version: 2.01.02 - )
TOSHIBA ConfigFree (Version: 7.00.29 - TOSHIBA)
TOSHIBA Disc Creator (Version: 2.0.0.8 - TOSHIBA Corporation)
TOSHIBA DVD PLAYER (Version: 1.00.24A - TOSHIBA Corporation)
TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.01.00 - Toshiba)
TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.01.00 - Toshiba) Hidden
TOSHIBA Flash Cards Support Utility (Version: 1.48.0.3C - TOSHIBA)
TOSHIBA Flash Cards Support Utility (Version: 1.48.0.3C - TOSHIBA) Hidden
TOSHIBA Hardware Setup (Version: 1.48.0.11C - TOSHIBA)
TOSHIBA Hardware Setup (Version: 1.48.0.11C - TOSHIBA) Hidden
Toshiba Online Product Information (Version: 1.00.0009 - TOSHIBA)
TOSHIBA SD Memory Utilities (Version: 1.8.1.1 - TOSHIBA)
TOSHIBA Software Modem (Version: 2.1.77 (SM2177ALD03) - Agere Systems)
TOSHIBA Supervisor Password (Version: 1.48.0.8C - TOSHIBA) Hidden
TOSHIBA Supervisorkennwort (Version: 1.48.0.8C - TOSHIBA)
TOSHIBA Value Added Package (Version: 1.0.24 - TOSHIBA Corporation)
TOSHIBA Value Added Package (Version: 1.0.24 - TOSHIBA Corporation) Hidden
TuneUp Utilities 2008 (Version: 7.0.7986 - TuneUp Software)
Uninstall 1.0.0.1 (Version: - )
Update for 2007 Microsoft Office System (KB967642) (Version: - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (Version: - Microsoft)
Utility Common Driver (Version: 0.0.1.1C - TOSHIBA) Hidden
VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden
VLC media player 2.1.0 (Version: 2.1.0 - VideoLAN)
Windows Media Encoder 9-Reihe (Version: - )
Windows Media Encoder 9-Reihe (Version: 9.00.3374 - Microsoft Corporation) Hidden
WinRAR (Version: - )
WPM17.8.0.3325 (Version: 17.8.0.3325 - Cherished Technololgy LIMITED) <==== ATTENTION

==================== Restore Points =========================

06-02-2014 07:39:40 avast! antivirus system restore point
09-02-2014 19:19:30 Windows Update
10-02-2014 08:32:44 Removed MobileMe Control Panel
10-02-2014 08:36:36 Entfernt USB2.0 UVC WebCam
13-02-2014 12:36:10 Windows Update
14-02-2014 07:39:36 Windows Update
14-02-2014 09:00:14 Windows Update

==================== Hosts content: ==========================

2006-11-02 11:23 - 2013-05-27 16:00 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {04EA6FB6-52AD-47DB-9F0D-8312F05814F7} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-09-12] (Google)
Task: {114D1E93-FA3F-45C8-B831-FBC7CEA6B8C3} - System32\Tasks\EPUpdater => C:\Users\andrea\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe <==== ATTENTION
Task: {1BAC6B07-A612-44E5-AC18-05F3F7B6FE96} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1374351646-1889125612-2194041770-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {29B7EC2B-6ED5-4BD8-BF34-DB5521EBCEDC} - System32\Tasks\AmiUpdXp => C:\Users\andrea\AppData\Local\SwvUpdater\Updater.exe [2014-02-09] () <==== ATTENTION
Task: {2AA4801D-B808-417F-BA0A-4C0B9B571518} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-02-06] (AVAST Software)
Task: {36031F49-5F33-45C8-9F01-21FDC838019E} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - andrea => C:\Program Files\Windows Calendar\wincal.exe [2008-01-19] (Microsoft Corporation)
Task: {38ABD035-BFFA-43F3-8A57-A59AFD3FAA38} - \Microsoft\Windows Defender\MP Scheduled Scan No Task File
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {521CF8E0-7970-49D4-A885-FC25B223DCA8} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {67FFD943-1043-4DB1-ADE2-CFA41DB2180B} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1374351646-1889125612-2194041770-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {7FDD6E18-58BB-4DA3-B1F0-B7F9FF4515C0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-06-06] (Google Inc.)
Task: {7FFBACD1-D797-4A6A-B384-C2B1E16FDFC2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-09] (Adobe Systems Incorporated)
Task: {9DFA2232-1262-4948-AA0F-B33FFF40C1DE} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-19] (Microsoft Corporation)
Task: {A21497F6-E012-4FF4-BBF4-7E23EB3C944B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-06-06] (Google Inc.)
Task: {A2DA75BB-A69A-4391-B1C5-17526F433BC3} - System32\Tasks\{CA20E123-678B-46C2-9817-92E031F5FF78} => C:\Program Files\Skype\Phone\Skype.exe
Task: {C6FD9A21-7C23-42CB-8BBA-6683A764BA38} - System32\Tasks\BrowserProtect => Sc.exe start BrowserProtect <==== ATTENTION
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: {F1F29547-962E-4D99-B474-14B7540FC645} - System32\Tasks\1-Klick-Wartung => C:\Program Files\TuneUp Utilities 2008\OneClick.exe [2007-12-14] (TuneUp Software GmbH)
Task: C:\Windows\Tasks\1-Klick-Wartung.job => C:\Program Files\TuneUp Utilities 2008\OneClick.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\andrea\AppData\Local\SwvUpdater\Updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{929C5347-AE8B-4470-A617-D957BEE3A63C}.job => C:\Windows\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============

2007-07-12 09:54 - 2007-06-21 10:27 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
2008-01-11 14:12 - 2007-09-20 18:34 - 00129024 _____ () C:\Program Files\WinRAR\rarext.dll
2006-11-06 16:14 - 2006-11-06 16:14 - 00034352 _____ () C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
2007-05-31 15:38 - 2007-05-31 15:38 - 00958464 _____ () C:\Program Files\TOSHIBA\FlashCards\de\TCrdMain.resources.dll
2006-11-09 17:27 - 2006-11-09 17:27 - 00090112 _____ () C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll
2007-07-12 09:40 - 2006-10-10 10:44 - 00009728 _____ () C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll
2006-11-08 18:08 - 2006-11-08 18:08 - 00009216 _____ () C:\Program Files\Toshiba\PCDiag\NotifyPCD.dll
2007-07-12 09:34 - 2007-04-23 09:38 - 00009216 _____ () C:\Program Files\Toshiba\ConfigFree\NotifyCFF.dll
2006-10-07 11:57 - 2006-10-07 11:57 - 00053248 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
2006-12-01 17:55 - 2006-12-01 17:55 - 00009216 _____ () C:\Program Files\Toshiba\TBS\NotifyTBS.dll
2014-02-06 08:44 - 2014-02-06 08:44 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\andrea\AppData\Roaming\Dropbox\bin\libcef.dll
2014-02-09 21:12 - 2014-02-09 21:12 - 01321504 _____ () C:\Users\andrea\AppData\Local\Lollipop\Lollipop.exe
2007-05-31 10:12 - 2007-05-31 10:12 - 00016384 ____R () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2014-02-15 16:50 - 2014-02-15 16:51 - 03578992 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-02-09 20:40 - 2014-02-09 20:40 - 16287624 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll
2012-09-23 19:43 - 2012-09-23 19:43 - 00313992 _____ () C:\Program Files\Adobe\Reader 11.0\Reader\sqlite.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader - Schnellstart.lnk => C:\Windows\pss\Adobe Reader - Schnellstart.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^p6_19_erinnerung.lnk => C:\Windows\pss\p6_19_erinnerung.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^andrea^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^BilligflugScan.lnk => C:\Windows\pss\BilligflugScan.lnk.Startup
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SynTPEnh => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Tun-Miniportadapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunmp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/15/2014 06:55:43 PM) (Source: EventSystem) (User: )
Description: d:\vistasp1_gdr\com\complus\src\events\tier2\security.cpp78800706e5

Error: (02/14/2014 05:41:29 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung iexplore.exe, Version 7.0.6001.18639, Zeitstempel 0x4db02c95, fehlerhaftes Modul aswWebRepIE.dll, Version 9.0.2013.75, Zeitstempel 0x52d6c48c, Ausnahmecode 0xc0000005, Fehleroffset 0x0001555c,
Prozess-ID 0x1f7c, Anwendungsstartzeit iexplore.exe0.

Error: (02/14/2014 05:38:29 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung iexplore.exe, Version 7.0.6001.18639, Zeitstempel 0x4db02c95, fehlerhaftes Modul aswWebRepIE.dll, Version 9.0.2013.75, Zeitstempel 0x52d6c48c, Ausnahmecode 0xc0000005, Fehleroffset 0x0001555c,
Prozess-ID 0xed8, Anwendungsstartzeit iexplore.exe0.

Error: (02/14/2014 05:36:05 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung iexplore.exe, Version 7.0.6001.18639, Zeitstempel 0x4db02c95, fehlerhaftes Modul aswWebRepIE.dll, Version 9.0.2013.75, Zeitstempel 0x52d6c48c, Ausnahmecode 0xc0000005, Fehleroffset 0x0001555c,
Prozess-ID 0x10e0, Anwendungsstartzeit iexplore.exe0.

Error: (02/14/2014 05:31:36 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung iexplore.exe, Version 7.0.6001.18639, Zeitstempel 0x4db02c95, fehlerhaftes Modul aswWebRepIE.dll, Version 9.0.2013.75, Zeitstempel 0x52d6c48c, Ausnahmecode 0xc0000005, Fehleroffset 0x0001555c,
Prozess-ID 0x1870, Anwendungsstartzeit iexplore.exe0.

Error: (02/14/2014 02:42:50 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7040341

Error: (02/14/2014 02:42:50 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7040341

Error: (02/14/2014 02:42:49 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/14/2014 00:24:48 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\ANDREA\APPDATA\ROAMING\MICROSOFT\WINDOWS\RECENT\EXERCISE.LNK> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext: Anwendung, SystemIndex Katalog


Details:
    Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)

Error: (02/14/2014 00:24:48 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\ANDREA\APPDATA\ROAMING\MICROSOFT\WINDOWS\RECENT\EXERCISE.LNK> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext: Anwendung, SystemIndex Katalog


Details:
    Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)


System errors:
=============
Error: (02/17/2014 09:07:56 AM) (Source: ipnathlp) (User: )
Description: Die DHCP-Zuweisung wurde für IP-Adresse 192.168.2.114 deaktiviert, da die IP-Adresse außerhalb des Bereichs 192.168.0.0/255.255.255.0 liegt, von der die Adressen DHCP-Clients zu gewiesen werden. Ändern Sie den Bereich, sodass die IP-Adresse mit einbezogen wird, oder ändern Sie die IP-Adresse, sodass sie innerhalb dieses Bereichs liegt, um die DHCP-Zuweisung zu aktivieren.

Error: (02/17/2014 09:07:56 AM) (Source: ipnathlp) (User: )
Description: ICS_IPV6 konnte den IPv6-Stapel nicht konfigurieren.

Error: (02/17/2014 09:07:46 AM) (Source: Service Control Manager) (User: )
Description: avgio
avgntdd
avgntmgr

Error: (02/17/2014 09:07:38 AM) (Source: Service Control Manager) (User: )
Description: AntiVir PersonalEdition Premium MailGuardAntiVir PersonalEdition Premium MailGuard Hilfsdienst%%2

Error: (02/17/2014 09:07:38 AM) (Source: Service Control Manager) (User: )
Description: TOSHIBA Bluetooth Service%%2

Error: (02/17/2014 09:07:38 AM) (Source: Service Control Manager) (User: )
Description: AntiVir PersonalEdition Premium MailGuard Hilfsdienst%%2

Error: (02/17/2014 09:07:38 AM) (Source: Service Control Manager) (User: )
Description: AntiVir PersonalEdition Classic Planer%%2

Error: (02/17/2014 09:07:38 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (02/17/2014 09:07:38 AM) (Source: Service Control Manager) (User: )
Description: AntiVir PersonalEdition Classic Guard%%2

Error: (02/17/2014 09:07:23 AM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueueKerberos


Microsoft Office Sessions:
=========================
Error: (11/05/2013 02:15:32 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 6460 seconds with 3180 seconds of active time. This session ended with a crash.

Error: (09/07/2011 11:27:25 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1741 seconds with 1260 seconds of active time. This session ended with a crash.

Error: (07/05/2010 08:08:42 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 33 seconds with 0 seconds of active time. This session ended with a crash.

Error: (06/02/2009 04:28:03 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 396 seconds with 360 seconds of active time. This session ended with a crash.


CodeIntegrity Errors:
===================================
Date: 2014-02-17 12:38:31.570
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-02-17 12:38:31.026
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-02-17 12:38:30.154
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-02-17 12:38:29.404
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-02-17 12:38:28.677
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-02-17 12:38:28.011
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-02-17 12:38:27.376
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-02-17 12:38:26.290
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-07-10 09:25:44.714
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-07-10 09:25:44.455
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 61%
Total physical RAM: 2045.69 MB
Available physical RAM: 792 MB
Total Pagefile: 4328.64 MB
Available Pagefile: 2343.21 MB
Total Virtual: 2047.88 MB
Available Virtual: 1898.69 MB

==================== Drives ================================

Drive c: (Vista) (Fixed) (Total:93.16 GB) (Free:18.85 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Data) (Fixed) (Total:91.69 GB) (Free:91.49 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 186 GB) (Disk ID: 612EBEDC)
Partition 1: (Not Active) - (Size=1 GB) - (Type=27)
Partition 2: (Active) - (Size=93 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=92 GB) - (Type=07 NTFS)

==================== End Of Log ============================
--- --- ---
 

Themen zu Awesomehp als Startseite löschen
4d36e972-e325-11ce-bfc1-08002be10318, awesomehp, awesomehp entfernen, branding, device driver, dvdvideosoft ltd., iexplore.exe, installation, lightning, lollipop network, mobogenie, mobogenie entfernen, nationzoom, nationzoom entfernen, newtab, nextlive, pup.optional.awesomehp.a, pup.optional.bundleinstaller.a, pup.optional.conduit.a, pup.optional.delta.a, pup.optional.fortunitas.a, pup.optional.iepluginservice.a, pup.optional.lightning.a, pup.optional.nextlive.a, pup.optional.pcspeedup.a, pup.optional.searchprotect.a, pup.optional.somoto, pup.optional.suptab.a, pup.optional.sweetim, pup.optional.wpmanager.a, secunia psi, teredo, tracker, ändern


« Windows 7: Websiten werden auf Werbung umgeleitet | Windows 7: Plötzlich sehr hohe Arbeitsspeicherauslastung »


Ähnliche Themen: Awesomehp als Startseite löschen


  1. ich werde die Startseite awesomehp nicht los, was kann ich noch tun?
    Plagegeister aller Art und deren Bekämpfung - 14.04.2014 (19)
  2. Awesomehp.com
    Plagegeister aller Art und deren Bekämpfung - 13.04.2014 (9)
  3. Browser streikt - awesomehp Startseite virus
    Log-Analyse und Auswertung - 31.03.2014 (6)
  4. Awesomehp als Startseite und ich bekomme es einfach nicht weg, bitte um Hilfe!!!
    Plagegeister aller Art und deren Bekämpfung - 30.03.2014 (7)
  5. awesomehp.com
    Plagegeister aller Art und deren Bekämpfung - 15.03.2014 (23)
  6. awesomehp virus in google chrom startseite entfernen
    Log-Analyse und Auswertung - 27.02.2014 (2)
  7. awesomehp.com
    Plagegeister aller Art und deren Bekämpfung - 23.02.2014 (3)
  8. Awesomehp
    Lob, Kritik und Wünsche - 16.02.2014 (0)
  9. Browser haben neue Startseite "Awesomehp" - Wie kann ich diese wieder entfernen?
    Log-Analyse und Auswertung - 13.02.2014 (7)
  10. Startseite Awesomehp lässt sich nicht löschen
    Plagegeister aller Art und deren Bekämpfung - 04.02.2014 (7)
  11. Awesomehp als Startseite verschwindet nicht
    Plagegeister aller Art und deren Bekämpfung - 02.02.2014 (1)
  12. Awesomehp als Startseite
    Plagegeister aller Art und deren Bekämpfung - 02.02.2014 (7)
  13. portaldosites als Startseite im IE und FireFox lässt sich nicht löschen!
    Plagegeister aller Art und deren Bekämpfung - 29.08.2013 (20)
  14. Westernunion Startseite löschen
    Plagegeister aller Art und deren Bekämpfung - 24.12.2011 (6)
  15. Searchqu Startseite im Mozilla lässt sich nicht löschen
    Log-Analyse und Auswertung - 20.12.2011 (18)
  16. Startseite Search for... AdAware laufen lassen --> logs; nicht zu löschen?
    Log-Analyse und Auswertung - 06.02.2005 (11)
  17. Startseite: "searchfor" lässt sich nicht löschen. Außerdem lässtige Nachrichtena
    Log-Analyse und Auswertung - 10.01.2005 (7)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Awesomehp als Startseite löschen - Hallo, ich bekomme Awesomehp als Startseite nicht mehr weg und ständig öffnen sich Werbeseiten auf meinem Rechner. Würde mich freuen, wenn mir da jemand helfen kann! Die logfiles hänge ich - Awesomehp als Startseite löschen...
Archiv
Du betrachtest: Awesomehp als Startseite löschen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19