Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Awesomeph - Rückfrage zum löschen

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 01.05.2014, 15:24   #1
xome
 
Awesomeph - Rückfrage zum löschen - Icon17

Awesomeph - Rückfrage zum löschen



Hallo Zusammen,

ich habe hier einen Beitrag zum löschen vom Awesomeph gefunden. Mir ist jedoch nicht klar ob ich die gleiche Vorgehensweise nutzen kann? Geht das, oder ist der trojaner so individuell und muss immer einzeln betrachtet werden?

Danke für eure Antwort

http://www.trojaner-board.de/149906-...ight=awesomeph

Viele Grüße
Xome

Alt 01.05.2014, 15:36   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Awesomeph - Rückfrage zum löschen - Standard

Awesomeph - Rückfrage zum löschen



Wir sollten auf jeden Fall erstmal schauen.

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 05.05.2014, 18:04   #3
xome
 
Awesomeph - Rückfrage zum löschen - Standard

Awesomeph - Rückfrage zum löschen



Hallo Schrauber,

anbei die beiden Log's

FRST:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-05-2014
Ran by Yvonne (administrator) on YVONNE-PC on 05-05-2014 18:50:26
Running from C:\Users\Yvonne\Downloads
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
() C:\Program Files\ATK Hotkey\ASLDRSrv.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apache Software Foundation) C:\Program Files\xampp\apache\bin\apache.exe
(Symantec Corporation) C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
(AVM Berlin) C:\Program Files\avmclient\avmbtservice.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
(AVM Berlin) C:\Program Files\Common Files\AVM\De_serv.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
() C:\Program Files\xampp\FileZillaFTP\FileZillaServer.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Nero AG) C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
() C:\Program Files\xampp\mysql\bin\mysqld-nt.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
() C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
(Apache Software Foundation) C:\Program Files\xampp\apache\bin\apache.exe
(TomTom) D:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
() C:\Program Files\ASUS\ASUS Live Update\ALU.exe
(Orb Networks) C:\Program Files\Winamp Remote\bin\OrbTray.exe
(ATK0100) C:\Program Files\ATK Hotkey\HControl.exe
() C:\Program Files\ATKOSD2\ATKOSD2.exe
() C:\Program Files\Wireless Console 2\wcourier.exe
(ATK) C:\Program Files\ASUS\Splendid\ACMON.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(ASUSTeK) C:\Windows\System32\ACEngSvr.exe
() C:\Program Files\ATK Hotkey\ATKOSD.exe
(Motorola Inc.) C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
() C:\Program Files\ATK Hotkey\KBFiltr.exe
(Nero AG) C:\Program Files\Nero\Nero 7\InCD\InCD.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(ASUSTeK Computer INC.) C:\Program Files\ASUS\ATK Media\DMedia.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Orb Networks, Inc.) C:\Program Files\Winamp Remote\bin\Orb.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\PowerForPhone\PowerForPhone.exe
() C:\Windows\ASScrPro.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
() C:\Program Files\Winamp\winampa.exe
(AVM Berlin) C:\Program Files\avmclient\bluefritz.exe
(AVM Berlin) C:\Program Files\avmclient\AvmObex.exe
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
(DivX, LLC) C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(TomTom) D:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
(AVM Berlin) C:\Program Files\avmclient\AvmObex.exe
(AVM Berlin) C:\Program Files\FRITZ!\IWatch.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\System32\sdclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-18] (Microsoft Corporation)
HKLM\...\Run: [SMSERIAL] => C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [1458176 2009-10-26] (Motorola Inc.)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [161328 2007-03-26] (Nero AG)
HKLM\...\Run: [InCD] => C:\Program Files\Nero\Nero 7\InCD\InCD.exe [1057328 2007-03-26] (Nero AG)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4444160 2007-04-25] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1822720 2007-04-13] (Realtek Semiconductor Corp.)
HKLM\...\Run: [ATKMEDIA] => C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [61440 2006-11-02] (ASUSTeK Computer INC.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [857648 2007-03-01] (Synaptics, Inc.)
HKLM\...\Run: [PowerForPhone] => C:\Program Files\PowerForPhone\PowerForPhone.exe [778240 2007-06-26] ()
HKLM\...\Run: [ASUS Screen Saver Protector] => C:\Windows\ASScrPro.exe [33136 2007-09-26] ()
HKLM\...\Run: [ASUS Camera ScreenSaver] => C:\Windows\ASScrProlog.exe [37232 2007-09-26] ()
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [174872 2007-02-12] (Intel Corporation)
HKLM\...\Run: [Symantec PIF AlertEng] => C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [583048 2008-01-29] (Symantec Corporation)
HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [36352 2008-08-04] ()
HKLM\...\Run: [AVMBlueClient] => C:\Program Files\avmclient\bluefritz.exe [1859584 2007-07-03] (AVM Berlin)
HKLM\...\Run: [AVMBLUEOBEX] => C:\Program Files\avmclient\AvmObex.exe [491520 2007-07-03] (AVM Berlin)
HKLM\...\Run: [NvCplDaemon] => C:\Windows\system32\NvCpl.dll [13789728 2009-07-02] (NVIDIA Corporation)
HKLM\...\Run: [SSBkgdUpdate] => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [PaperPort PTD] => C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [29984 2007-10-11] (Nuance Communications, Inc.)
HKLM\...\Run: [IndexSearch] => C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [46368 2007-10-11] (Nuance Communications, Inc.)
HKLM\...\Run: [PPort11reminder] => C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc.)
HKLM\...\Run: [BrMfcWnd] => C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [1085440 2008-05-29] (Brother Industries, Ltd.)
HKLM\...\Run: [ControlCenter3] => C:\Program Files\Brother\ControlCenter3\brctrcen.exe [86016 2007-12-21] (Brother Industries, Ltd.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2010-09-08] (Apple Inc.)
HKLM\...\Run: [DivX Download Manager] => C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe [63360 2010-12-08] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1230704 2011-03-21] ()
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-05-01] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [WebInternetSecurity] => "C:\Program Files\Webinternetsecurity\WebInternetSecurity.exe"
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1632568559-428333796-3590628066-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-18] (Microsoft Corporation)
HKU\S-1-5-21-1632568559-428333796-3590628066-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [149040 2007-03-26] (Nero AG)
HKU\S-1-5-21-1632568559-428333796-3590628066-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-18] (Microsoft Corporation)
HKU\S-1-5-21-1632568559-428333796-3590628066-1000\...\Run: [TomTomHOME.exe] => D:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-02-12] (TomTom)
HKU\S-1-5-21-1632568559-428333796-3590628066-1000\...\MountPoints2: {4e17d204-33d1-11e3-b1e3-001d60a64c94} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\start.exe
HKU\S-1-5-21-1632568559-428333796-3590628066-1000\...\MountPoints2: {592bbc5b-a0bf-11dc-a287-0013e8cf49b1} - F:\LaunchU3.exe -a
HKU\S-1-5-21-1632568559-428333796-3590628066-1000\...\MountPoints2: {67d96040-5eff-11de-9322-001d60a64c94} - F:\InstallTomTomHOME.exe
HKU\S-1-5-21-1632568559-428333796-3590628066-1000\...\MountPoints2: {ed25cf69-41fd-11e3-b1d7-001d60a64c94} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\start.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISDNWatch.lnk
ShortcutTarget: ISDNWatch.lnk -> C:\Program Files\FRITZ!\IWatch.exe (AVM Berlin)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1395169106&from=adks&uid=FUJITSUXMHW2160BHXPL_K116T7926LSKT7926LSKX&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.qip.ru/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1395169106&from=adks&uid=FUJITSUXMHW2160BHXPL_K116T7926LSKT7926LSKX
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1395169106&from=adks&uid=FUJITSUXMHW2160BHXPL_K116T7926LSKT7926LSKX&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.awesomehp.com/?type=hp&ts=1395169106&from=adks&uid=FUJITSUXMHW2160BHXPL_K116T7926LSKT7926LSKX
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1395169106&from=adks&uid=FUJITSUXMHW2160BHXPL_K116T7926LSKT7926LSKX
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1395169106&from=adks&uid=FUJITSUXMHW2160BHXPL_K116T7926LSKT7926LSKX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1395169106&from=adks&uid=FUJITSUXMHW2160BHXPL_K116T7926LSKT7926LSKX&q={searchTerms}
URLSearchHook: HKCU - (No Name) - {95289393-33EA-4F8D-B952-483415B9C955} -  No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.awesomehp.com/?type=sc&ts=1395169106&from=adks&uid=FUJITSUXMHW2160BHXPL_K116T7926LSKT7926LSKX
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1395169106&from=adks&uid=FUJITSUXMHW2160BHXPL_K116T7926LSKT7926LSKX&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1395169106&from=adks&uid=FUJITSUXMHW2160BHXPL_K116T7926LSKT7926LSKX&q={searchTerms}
SearchScopes: HKLM - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
SearchScopes: HKCU - DefaultScope {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {849F8F29-ACFE-499B-BDB4-CA1899E92AF7} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {95289393-33EA-4F8D-B952-483415B9C955} URL = 
SearchScopes: HKCU - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO: No Name - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -  No File
BHO: DivX HiQ - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO: Asz.Citavi.IEPicker.IEPickerButton - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: No Name - {95289393-33EA-4F8D-B952-483415B9C955} -  No File
BHO: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Yvonne\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
BHO: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
Toolbar: HKCU - Winamp Toolbar - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
Toolbar: HKCU - No Name - {A057A204-BACC-4D26-9990-79A187E2698E} -  No File
Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKCU - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{6F671137-EABF-4942-8D49-F954DAEF8E22}: [NameServer]192.168.120.252,192.168.120.253

FireFox:
========
FF ProfilePath: C:\Users\Yvonne\AppData\Roaming\Mozilla\Firefox\Profiles\zaks6mpb.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=13 - C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeploytk.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdivx32.dll (DivX,Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Extension: Citavi Picker - C:\Program Files\Mozilla Firefox\extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE} [2008-11-27]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} [2008-10-27]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} [2008-12-04]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} [2009-04-20]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011-01-27]
FF HKLM\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011-01-27]

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.awesomehp.com/?type=hp&ts=1395169106&from=adks&uid=FUJITSUXMHW2160BHXPL_K116T7926LSKT7926LSKX"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\34.0.1847.131\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.190.4) - C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U19) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Chrome NaCl) - C:\Program Files\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\34.0.1847.131\pdf.dll ()
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll No File
CHR Plugin: (Google Updater) - C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (DivX HiQ) - C:\Users\Yvonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae [2011-07-25]
CHR Extension: (Skype Click to Call) - C:\Users\Yvonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-06-15]
CHR Extension: (Google Wallet) - C:\Users\Yvonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-04]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Yvonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-07-25]
CHR Extension: (Quick Start) - C:\Users\Yvonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-03-18]
CHR HKLM\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2010-12-08]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-01-17]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2010-12-08]
CHR HKLM\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Yvonne\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-03-18]

========================== Services (Whitelisted) =================

R2 ADSMService; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [73728 2007-05-18] ()
R2 Apache2; C:\Program Files\xampp\apache\bin\apache.exe [20537 2005-12-01] (Apache Software Foundation)
R2 ASLDRService; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [94208 2007-02-06] ()
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-05-15] ()
R2 Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [554352 2007-09-12] (Symantec Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-01] (AVAST Software)
R2 AVM BT Connection Service; C:\Program Files\avmclient\avmbtservice.exe [405504 2007-07-03] (AVM Berlin)
S2 AvmObexService; C:\Program Files\avmclient\AvmObexService.exe [221184 2007-07-03] (AVM Berlin)
R2 CVPND; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [1516584 2007-04-03] (Cisco Systems, Inc.)
R2 de_serv; C:\Program Files\Common Files\AVM\de_serv.exe [206128 2007-10-25] (AVM Berlin)
R2 FileZilla Server; C:\Program Files\xampp\FileZillaFTP\FileZillaServer.exe [529408 2005-11-14] ()
R2 InCDsrv; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [864816 2007-03-26] (Nero AG)
S3 LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE [2999664 2007-09-12] (Symantec Corporation)
R2 LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [583048 2008-01-29] (Symantec Corporation)
R2 mysql; C:\Program Files\xampp\mysql\bin\mysqld-nt.exe [3960832 2005-12-28] ()
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [36352 2009-12-12] ()
R2 spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [123248 2006-12-29] ()
R2 TomTomHOMEService; D:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [93072 2013-02-12] (TomTom)
S2 LiveUpdate Notice Ex; "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [X]
S4 PALOServerService; "C:\Program Files\Jedox\Palo\palo.exe" --start-service --service-name "PALOServerService" --data "C:\Program Files\Jedox\Palo\data"

==================== Drivers (Whitelisted) ====================

S3 Andbus; C:\Windows\System32\DRIVERS\lgandbus.sys [14336 2012-03-02] (LG Electronics Inc.)
S3 AndDiag; C:\Windows\System32\DRIVERS\lganddiag.sys [20736 2012-03-02] (LG Electronics Inc.)
S3 AndGps; C:\Windows\System32\DRIVERS\lgandgps.sys [20096 2012-03-02] (LG Electronics Inc.)
S3 ANDModem; C:\Windows\System32\DRIVERS\lgandmodem.sys [25088 2012-03-02] (LG Electronics Inc.)
S3 androidusb; C:\Windows\System32\Drivers\lgandadb.sys [25728 2012-03-02] (Google Inc)
R0 AsDsm; C:\Windows\system32\Drivers\AsDsm.sys [27504 2007-04-25] (Windows (R) Codename Longhorn DDK provider)
R2 ASMMAP; C:\Program Files\ATKGFNEX\ASMMAP.sys [11632 2007-02-05] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-05-01] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-05-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2014-05-01] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-05-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [776976 2014-05-01] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411552 2014-05-01] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2014-05-01] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180632 2014-05-01] ()
R3 AtcL001; C:\Windows\System32\DRIVERS\atl01v32.sys [48128 2007-03-15] (Attansic Technology corporation.)
S1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [249424 2010-09-07] (AVG Technologies CZ, s.r.o.)
R1 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [34384 2010-09-07] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [26064 2010-09-07] (AVG Technologies CZ, s.r.o.)
R3 AVMBTPARALLEL; C:\Windows\System32\DRIVERS\avmbtpar.sys [61952 2007-07-03] (AVM GmbH)
R3 AVMBTSERIAL; C:\Windows\System32\DRIVERS\avmbtser.sys [60928 2007-07-03] (AVM GmbH)
R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [64512 2007-07-03] (AVM GmbH)
S3 bfhubase; C:\Windows\System32\DRIVERS\bfhubase.sys [851712 2007-07-03] (AVM Berlin)
R3 BFHU_CFG; C:\Windows\System32\DRIVERS\bfhu_cfg.sys [6656 2007-07-03] (AVM Berlin)
R3 CAPI_CIP; C:\Windows\System32\DRIVERS\capi_cip.sys [374144 2007-07-03] (AVM Berlin)
S3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
R2 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306295 2007-04-03] (Cisco Systems, Inc.)
R3 DNE; C:\Windows\System32\DRIVERS\dne2000.sys [127376 2007-01-31] (Deterministic Networks, Inc.)
S2 ghaio; C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [15216 2006-11-16] ()
R4 InCDfs; C:\Windows\System32\drivers\InCDFs.sys [108592 2007-03-26] (Nero AG)
R1 InCDPass; C:\Windows\System32\drivers\InCDPass.sys [37040 2007-03-26] (Nero AG)
U1 InCDrec; C:\Windows\system32\Drivers\InCDrec.sys [16304 2007-03-26] (Nero AG)
R1 incdrm; C:\Windows\System32\drivers\InCDRm.sys [39472 2007-03-26] (Nero AG)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [5632 2007-01-24] ( )
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2006-12-14] (ATK0100)
S3 NETFRITZ; C:\Windows\System32\DRIVERS\NETFRITZ.SYS [334640 2007-10-25] (AVM Berlin)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1743232 2007-05-25] ()
S3 tap0801; C:\Windows\System32\DRIVERS\tap0801.sys [26624 2006-10-01] (The OpenVPN Project)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [25984 2009-12-12] (The OpenVPN Project)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 lvupdtio; \??\C:\Program Files\ASUS\ASUS Live Update\SYS\lvupdtio.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-05 18:50 - 2014-05-05 18:51 - 00031438 _____ () C:\Users\Yvonne\Downloads\FRST.txt
2014-05-05 18:50 - 2014-05-05 18:50 - 00000000 ____D () C:\FRST
2014-05-05 18:49 - 2014-05-05 18:49 - 01052672 _____ (Farbar) C:\Users\Yvonne\Downloads\FRST.exe
2014-05-01 12:23 - 2014-05-01 12:23 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-01 12:23 - 2014-05-01 12:23 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-04-13 15:42 - 2014-04-13 15:42 - 00191961 _____ () C:\Users\Yvonne\.recently-used.xbel
2014-04-05 20:02 - 2014-04-27 13:30 - 00000000 ____D () C:\Users\Yvonne\Desktop\JGA_Katha

==================== One Month Modified Files and Folders =======

2014-05-05 18:51 - 2014-05-05 18:50 - 00031438 _____ () C:\Users\Yvonne\Downloads\FRST.txt
2014-05-05 18:50 - 2014-05-05 18:50 - 00000000 ____D () C:\FRST
2014-05-05 18:49 - 2014-05-05 18:49 - 01052672 _____ (Farbar) C:\Users\Yvonne\Downloads\FRST.exe
2014-05-05 18:34 - 2010-01-06 14:42 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-05 18:26 - 2012-04-06 09:57 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-05 18:03 - 2007-09-26 19:04 - 01883564 _____ () C:\Windows\WindowsUpdate.log
2014-05-05 17:59 - 2010-01-06 14:42 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-05 17:58 - 2009-11-15 11:41 - 00101982 _____ () C:\ProgramData\nvModes.001
2014-05-05 17:58 - 2008-10-07 21:12 - 00000000 ____D () C:\Program Files\Winamp Remote
2014-05-05 17:57 - 2009-11-15 11:40 - 00101982 _____ () C:\ProgramData\nvModes.dat
2014-05-05 17:57 - 2007-09-26 20:32 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-05-05 17:55 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-05 17:55 - 2006-11-02 14:47 - 00003168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-05 17:55 - 2006-11-02 14:47 - 00003168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-04 20:17 - 2007-04-18 10:33 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-05-04 20:17 - 2006-11-02 15:01 - 00032510 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-04 14:56 - 2009-10-31 15:37 - 00001052 _____ () C:\Windows\Tasks\Google Software Updater.job
2014-05-01 20:15 - 2006-11-02 12:33 - 01567222 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-01 15:30 - 2011-07-24 20:49 - 00415223 _____ () C:\Users\Yvonne\AppData\Local\census.cache
2014-05-01 15:30 - 2011-07-24 20:48 - 00214924 _____ () C:\Users\Yvonne\AppData\Local\ars.cache
2014-05-01 13:26 - 2012-04-06 09:57 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-05-01 13:26 - 2011-05-15 09:15 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-05-01 12:49 - 2011-07-25 12:56 - 00002180 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-01 12:23 - 2014-05-01 12:23 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-01 12:23 - 2014-05-01 12:23 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-01 12:23 - 2013-03-10 19:53 - 00180632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-05-01 12:23 - 2013-03-10 19:53 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-05-01 12:23 - 2011-07-25 12:56 - 00001880 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-05-01 12:23 - 2011-07-25 12:55 - 00776976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-05-01 12:23 - 2011-07-25 12:55 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-05-01 12:23 - 2011-07-25 12:55 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-05-01 12:23 - 2011-07-25 12:55 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-05-01 12:23 - 2011-07-25 12:55 - 00057672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2014-05-01 12:23 - 2011-07-25 12:55 - 00054832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2014-04-27 13:30 - 2014-04-05 20:02 - 00000000 ____D () C:\Users\Yvonne\Desktop\JGA_Katha
2014-04-13 15:43 - 2008-07-26 13:29 - 00000000 ____D () C:\Users\Yvonne\.gimp-2.4
2014-04-13 15:42 - 2014-04-13 15:42 - 00191961 _____ () C:\Users\Yvonne\.recently-used.xbel
2014-04-13 15:42 - 2008-10-05 21:35 - 00000000 ____D () C:\Users\Yvonne\AppData\Roaming\gtk-2.0
2014-04-13 15:42 - 2007-11-16 16:28 - 00000000 ____D () C:\Users\Yvonne
2014-04-13 15:26 - 2008-10-12 19:18 - 00000000 ____D () C:\Users\Yvonne\AppData\Local\CutePDF Writer
2014-04-06 13:44 - 2007-09-26 20:29 - 00163232 _____ () C:\Windows\PFRO.log
2014-04-05 14:18 - 2014-03-18 20:59 - 00000000 ____D () C:\ProgramData\WPM
2014-04-05 14:16 - 2014-03-18 21:00 - 00000000 ____D () C:\Program Files\EnhanceTronic
2014-04-05 14:12 - 2010-04-25 11:28 - 00000000 ____D () C:\Users\Yvonne\Documents\Bank_Kontoauszuege

Some content of TEMP:
====================
C:\Users\Yvonne\AppData\Local\Temp\AdobeUpdater12345.exe
C:\Users\Yvonne\AppData\Local\Temp\BackupSetup.exe
C:\Users\Yvonne\AppData\Local\Temp\converter.exe
C:\Users\Yvonne\AppData\Local\Temp\DivXSetup.exe
C:\Users\Yvonne\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Yvonne\AppData\Local\Temp\FlashPlayerUpdate01.exe
C:\Users\Yvonne\AppData\Local\Temp\FlashPlayerUpdate02.exe
C:\Users\Yvonne\AppData\Local\Temp\FlashPlayerUpdate03.exe
C:\Users\Yvonne\AppData\Local\Temp\FlashPlayerUpdate04.exe
C:\Users\Yvonne\AppData\Local\Temp\FlashPlayerUpdate05.exe
C:\Users\Yvonne\AppData\Local\Temp\FlashPlayerUpdate06.exe
C:\Users\Yvonne\AppData\Local\Temp\icqsetup.exe
C:\Users\Yvonne\AppData\Local\Temp\jre-6u11-windows-i586-p-iftw.exe
C:\Users\Yvonne\AppData\Local\Temp\jre-6u13-windows-i586-p-iftw.exe
C:\Users\Yvonne\AppData\Local\Temp\jre-6u15-windows-i586-iftw.exe
C:\Users\Yvonne\AppData\Local\Temp\jre-6u17-windows-i586-iftw-rv.exe
C:\Users\Yvonne\AppData\Local\Temp\jre-6u18-windows-i586-iftw-rv.exe
C:\Users\Yvonne\AppData\Local\Temp\jre-6u19-windows-i586-iftw-rv.exe
C:\Users\Yvonne\AppData\Local\Temp\jre-7u10-windows-i586-iftw.exe
C:\Users\Yvonne\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Yvonne\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Yvonne\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\Yvonne\AppData\Local\Temp\NeroSearchTrayHook_{884ACE7E-8D48-451C-9CE4-7116FD355551}.dll
C:\Users\Yvonne\AppData\Local\Temp\NV_Meet_Teilnehmer_DE.exe
C:\Users\Yvonne\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Yvonne\AppData\Local\Temp\SymLCSVC.EXE
C:\Users\Yvonne\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Yvonne\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Yvonne\AppData\Local\Temp\ytb.exe
C:\Users\Yvonne\AppData\Local\Temp\_is793A.exe
C:\Users\Yvonne\AppData\Local\Temp\{EF27D6C1-CDFA-4AA3-92BD-6D262FD2C4F3}-GoogleEarth-Win-Bundle-6.1.0.5001.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-05 18:04

==================== End Of Log ============================
         
--- --- ---

--- --- ---





und Addition:


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version:05-05-2014
Ran by Yvonne at 2014-05-05 18:51:41
Running from C:\Users\Yvonne\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Reader X (10.1.8) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.8 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5.9.615 - Adobe Systems, Inc.)
AFPL Ghostscript 8.54 (HKLM\...\AFPL Ghostscript 8.54) (Version:  - )
AFPL Ghostscript Fonts (HKLM\...\AFPL Ghostscript Fonts) (Version:  - )
Apple Application Support (HKLM\...\{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}) (Version: 1.3.2 - Apple Inc.)
Apple Software Update (HKLM\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
Ask Toolbar (HKLM\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.6.6.0 - Ask.com) <==== ATTENTION
ASUS Data Security Manager (HKLM\...\{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}) (Version: 1.00.0004 - ASUS)
ASUS InstantFun (HKLM\...\{57B15AD4-8C9D-4164-82BB-E33D8644E757}) (Version: 1.0.0015 - ASUS)
ASUS Live Update (HKLM\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.1 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM\...\{C0FC1C14-4824-4A73-87A6-9E888C9C3102}) (Version: 1.02.16 - ASUSTeK)
Asus_Camera_ScreenSaver (HKLM\...\Asus_Camera_ScreenSaver) (Version: 2.0.0006 - ASUS)
ATK Generic Function Service (HKLM\...\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}) (Version: 1.00.0006 - ATK)
ATK Hotkey (HKLM\...\{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}) (Version: 1.00.0014 - ATK)
ATK Media (HKLM\...\{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}) (Version:  - )
ATKOSD2 (HKLM\...\{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}) (Version: 6.64.1.4 - ATK)
Attansic Ethernet Utility (HKLM\...\{1F698102-5739-441E-96F0-74F4EA540F06}) (Version: 2.0.60.4 - Attansic)
avast! Free Antivirus (HKLM\...\avast) (Version: 9.0.2018 - Avast Software)
AVM BlueFRITZ! USB (HKLM\...\AVMBLUECLI) (Version:  - )
AVM FRITZ! (HKLM\...\FRITZ! 2.0) (Version:  - AVM Berlin)
Brother MFL-Pro Suite MFC-490CW (HKLM\...\{D9461574-5FC0-4641-BBDC-D1038B196F55}) (Version: 1.1.5.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 2.28 - Piriform)
Cisco Systems VPN Client 5.0.00.0340 (HKLM\...\{CCBAA1F7-E5E1-48B2-9ED9-A79C6A37CE78}) (Version: 5.0.0 - Cisco Systems, Inc.)
Citavi 2.4.7 (HKLM\...\Citavi) (Version: 2.4.7.0 - Academic Software Zurich)
CutePDF Writer 2.7 (HKLM\...\CutePDF Writer Installation) (Version:  - )
DivX Converter (HKLM\...\{13F3917B56CD4C25848BDC69916971BB}) (Version: 7.1.0 - DivX, Inc.)
DivX Converter (HKLM\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 7.1.0 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM\...\DivX Plus DirectShow Filters) (Version:  - DivX, Inc.)
DivX Version Checker (HKLM\...\{3FC7CBBC4C1E11DCA1A752EA55D89593}) (Version: 7.1.0.9 - DivX, Inc.)
DivX-Setup (HKLM\...\DivX Setup.divx.com) (Version: 2.4.1.4 - DivX, LLC)
Favorit (HKLM\...\khtqur) (Version:  - )
Free Audio CD Burner version 1.2 (HKLM\...\Free Audio CD Burner_is1) (Version:  - DVDVideoSoft Limited.)
GIMP 2.4.5 (HKLM\...\WinGimp-2.0_is1) (Version:  - )
Google Chrome (HKLM\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Drive (HKLM\...\{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}) (Version: 1.14.6059.644 - Google, Inc.)
Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden
Google Updater (HKLM\...\Google Updater) (Version: 2.4.1536.6592 - Google Inc.)
ICQ7.5 (HKLM\...\{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}) (Version: 7.5 - ICQ)
Intel(R) Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - )
Intel(R) PROSet/Wireless Software (HKLM\...\ProInst) (Version: 11.1.1.0 - Intel Corporation)
IrfanView (remove only) (HKLM\...\IrfanView) (Version:  - )
J2SE Development Kit 5.0 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0150000}) (Version: 1.5.0 - Sun Microsystems, Inc.)
J2SE Runtime Environment 5.0 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0150000}) (Version: 1.5.0 - Sun Microsystems, Inc.)
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 19 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216019FF}) (Version: 6.0.190 - Sun Microsystems, Inc.)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
LG United Mobile Driver (HKLM\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.10.1.0 - LG Electronics)
LifeFrame2 (HKLM\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 2.0.15 - ASUS)
LightScribe  1.4.142.1 (Version: 1.4.142.1 - hxxp://www.lightscribe.com) Hidden
LiveUpdate 3.2 (Symantec Corporation) (HKLM\...\LiveUpdate) (Version: 3.2.0.68 - Symantec Corporation)
LiveUpdate Notice (Symantec Corporation) (HKLM\...\{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}) (Version: 1.4.5 - Symantec Corporation)
Macromedia Dreamweaver 8 (HKLM\...\{44025BD7-AD10-4769-99AE-6378FD0303D6}) (Version: 8.0.0.2751 - Macromedia)
Macromedia Extension Manager (HKLM\...\{0F022A2E-7022-497D-90A5-0F46746D8275}) (Version: 1.7.270 - Ihr Firmenname)
Maxon C4D Studio Bundle v9.012 (HKLM\...\Maxon C4D Studio Bundle v9.012) (Version:  - )
mCore (Version: 9.21.0000 - Intel Corporation) Hidden
mDriver (Version: 9.21.0000 - Intel) Hidden
mHelp (Version: 9.21.0000 - Intel) Hidden
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Access 2007 (HKLM\...\Access) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Access 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Dutch) 2007 (Version: 12.0.4518.1017 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Italian) 2007 (Version: 12.0.4518.1018 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Dutch) 2007 (Version: 12.0.4518.1017 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Italian) 2007 (Version: 12.0.4518.1018 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Dutch) 2007 (Version: 12.0.4518.1017 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Italian) 2007 (Version: 12.0.4518.1018 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Dutch) 2007 (Version: 12.0.4518.1017 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Italian) 2007 (Version: 12.0.4518.1018 - Microsoft Corporation) Hidden
Microsoft Office Professional Edition 2003 (HKLM\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.7969.0 - Microsoft Corporation)
Microsoft Office Professional Hybrid 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Arabic) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Dutch) 2007 (Version: 12.0.4518.1017 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.4518.1018 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Dutch) 2007 (Version: 12.0.4518.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Italian) 2007 (Version: 12.0.4518.1018 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Dutch) 2007 (Version: 12.0.4518.1017 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Italian) 2007 (Version: 12.0.4518.1018 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Dutch) 2007 (Version: 12.0.4518.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Italian) 2007 (Version: 12.0.4518.1018 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Visio MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Visio Professional 2007 (HKLM\...\VISPROR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Visio Professional 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Dutch) 2007 (Version: 12.0.4518.1017 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Italian) 2007 (Version: 12.0.4518.1018 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
mMHouse (Version: 9.21.0000 - Intel Corporation) Hidden
Motorola SM56 Speakerphone Modem (HKLM\...\SMSERIAL) (Version: 6.12.25.06 - Motorola Inc)
mPfMgr (Version: 9.21.0000 - Intel Corporation) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Müller Foto (HKLM\...\Müller Foto) (Version:  - )
NB Probe (HKLM\...\{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}) (Version:  - )
Nero 7 Essentials (HKLM\...\{97F32DF8-D66E-446A-A425-C1D7B45C1033}) (Version: 7.02.6782 - Nero AG)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.4 - NVIDIA Corporation)
OpenVPN 2.1.1 (HKLM\...\OpenVPN) (Version: 2.1.1 - )
Opera 12.02 (HKLM\...\Opera 12.02.1578) (Version: 12.02.1578 - Opera Software ASA)
PaperPort Image Printer (HKLM\...\{2BC2781A-F7F6-452E-95EB-018A522F1B2C}) (Version: 1.00.0000 - Nuance Communications, Inc.)
PDF Blender (HKLM\...\PDF Blender) (Version:  - )
Power4Gear eXtreme (HKLM\...\{8CFEBE9C-F29F-4C49-80E0-7106970F8734}) (Version: 1.00.0011 - ATK)
PowerForPhone (HKLM\...\{FC3D290D-79BE-44B7-ABF9-FDD110925930}) (Version: 1.0.0.14 - PowerForPhone)
QuickTime (HKLM\...\{E7004147-2CCA-431C-AA05-2AB166B9785D}) (Version: 7.68.75.0 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5406 - Realtek Semiconductor Corp.)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.51.01 - )
Sabo_CC_2009 (HKLM\...\Sabo_CC_2009_is1) (Version:  - )
ScanSoft PaperPort 11 (HKLM\...\{7A8FF745-BBC5-482B-88E4-18D3178249A9}) (Version: 11.1.0000 - Nuance Communications, Inc.)
Shared Add-in Extensibility Update for Microsoft .NET Framework 2.0 (KB908002) (HKLM\...\{09959E11-AD5D-408E-96AF-E3346954D6B8}) (Version: 1.0.0 - Microsoft)
Shared Add-in Support Update for Microsoft .NET Framework 2.0 (KB908002) (HKLM\...\{64F3B15C-24C7-4B2B-9B72-65CCBBD7F06B}) (Version: 1.0.0 - Microsoft)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 5.8 (HKLM\...\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}) (Version: 5.8.158 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 9.1.19.0 - Synaptics)
TomTom HOME (HKLM\...\{EC5F4C1B-F838-4CB7-8561-8F809296428B}) (Version: 2.9.4 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
UltraStar Deluxe (HKLM\...\UltraStar Deluxe) (Version: 1.0.1a - USDX Team)
Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version:  - )
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
USB 2.0 1.3M UVC WebCam (HKLM\...\USB 2.0 1.3M UVC WebCam) (Version:  - )
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0 - DivX, Inc) Hidden
WhiteBoardMeeting (HKLM\...\{09801D34-8DE8-406A-BFD7-747AF74F5E6E}) (Version: 1.2.101 - Iteral)
Winamp (HKLM\...\Winamp) (Version: 5.541  - Nullsoft, Inc)
Winamp Remote (HKLM\...\Orb) (Version: 2.2008.0508.1530 - Orb Networks)
Winamp Toolbar for Firefox (HKLM\...\Winamp Toolbar for Firefox) (Version: 5.5.1.1 - AOL LLC) <==== ATTENTION
Winamp Toolbar for Internet Explorer (HKLM\...\Winamp Toolbar) (Version: 5.1.28.2 - AOL LLC) <==== ATTENTION
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinFlash (HKLM\...\{DE10AB76-4756-4913-BE25-55D1C1051F9A}) (Version:  - )
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
WinSCP 4.1.7 (HKLM\...\winscp3_is1) (Version: 4.1.7 - Martin Prikryl)
WinZip 14.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BB}) (Version: 14.0.8708 - WinZip Computing, S.L. )
Wireless Console 2 (HKLM\...\{83F73CB1-7705-49D1-9852-84D839CA2A45}) (Version: 2.0.8 - ATK)
XAMPP 1.5.1 (HKLM\...\xampp) (Version:  - )
XMind (HKLM\...\XMind) (Version: 3.0.2 - XMind Ltd.)

==================== Restore Points  =========================

01-05-2014 10:21:26 avast! antivirus system restore point
04-05-2014 09:05:56 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {10C50824-35E3-43BF-87A5-33CC363F3446} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-01] (Adobe Systems Incorporated)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {1F42230B-1888-4919-B346-B6353A21F8A0} - System32\Tasks\ASUS Live Update => C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2007-02-09] ()
Task: {27C1092F-7102-4EDC-9A64-91ADEC0DB770} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-09-18] (Google)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {3CA7A887-7590-427A-9FE0-A4DBBBEBCA64} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30] (Apple Inc.)
Task: {3EA7C137-ED67-4BC3-9BED-FD510DAB8BFC} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Yvonne => C:\Program Files\Windows Calendar\wincal.exe [2009-04-10] (Microsoft Corporation)
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-18] (Microsoft Corporation)
Task: {64467EAA-2DFD-40BB-A0A0-F9F55910977C} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files\Ask.com\UpdateTask.exe [2010-02-04] () <==== ATTENTION
Task: {752BBD36-1338-4287-A511-938A2C296F48} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-06] (Google Inc.)
Task: {808AEA90-2DD5-4639-AEA0-B4B73DE4D436} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {941BB351-6091-4BDA-B45E-18FA89CF1920} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {9C4B9E75-9F0B-45C1-B9D0-BCED26186E27} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {AE4D6566-537D-41B3-8CC3-A4A06EB4ACF4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-06] (Google Inc.)
Task: {CBA200C1-C337-491B-A10E-78A48D874173} - System32\Tasks\Orb Startup => C:\Program Files\Winamp Remote\bin\orbtray.exe [2008-04-01] (Orb Networks)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: {FE525E8C-E223-4EE7-9A82-5B00CB2CBAF7} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-05-01] (AVAST Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2007-09-26 20:08 - 2007-05-18 11:31 - 00073728 _____ () C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
2007-09-26 19:58 - 2007-02-06 03:13 - 00094208 _____ () C:\Program Files\ATK Hotkey\ASLDRSrv.exe
2007-09-26 19:58 - 2007-05-15 18:47 - 00094208 _____ () C:\Program Files\ATKGFNEX\GFNEXSrv.exe
2014-05-05 17:56 - 2014-05-05 17:56 - 02252800 _____ () C:\Program Files\AVAST Software\Avast\defs\14050500\algo.dll
2007-03-30 16:41 - 2007-03-30 16:41 - 01167360 _____ () C:\Program Files\Intel\Wireless\Bin\acAuth.dll
2007-04-16 20:17 - 2007-04-16 20:17 - 00118784 _____ () C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL
2008-10-12 19:17 - 2007-07-12 22:33 - 00087552 _____ () C:\Windows\System32\cpwmon2k.dll
2005-07-25 12:11 - 2005-07-25 12:11 - 00077824 _____ () C:\Program Files\xampp\apache\bin\ZLIB1.dll
2005-11-29 03:18 - 2005-11-29 03:18 - 00225280 _____ () C:\Program Files\xampp\php\ext\php_ming.dll
2005-12-28 21:22 - 2005-12-28 21:22 - 01302528 _____ () C:\Program Files\xampp\apache\bin\LIBMYSQL.dll
2005-11-29 03:31 - 2005-11-29 03:31 - 00888832 _____ () C:\Program Files\xampp\php\ext\php_pdf.dll
2007-04-03 16:18 - 2007-04-03 16:18 - 00197672 _____ () C:\Windows\system32\vpnapi.dll
2005-11-14 00:15 - 2005-11-14 00:15 - 00529408 _____ () C:\Program Files\xampp\FileZillaFTP\FileZillaServer.exe
2005-12-28 21:22 - 2005-12-28 21:22 - 03960832 _____ () C:\Program Files\xampp\mysql\bin\mysqld-nt.exe
2007-09-26 20:13 - 2006-12-29 01:17 - 00123248 _____ () C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
2007-09-26 20:13 - 2006-09-01 20:11 - 00147456 _____ () C:\Program Files\ASUS\NB Probe\SPM\spdiskex.dll
2007-09-26 20:13 - 2003-11-28 11:11 - 00135168 _____ () C:\Program Files\ASUS\NB Probe\SPM\spos.dll
2007-09-26 20:13 - 2005-08-30 00:24 - 00081920 _____ () C:\Program Files\ASUS\NB Probe\SPM\spnbacpi.dll
2007-09-26 20:13 - 2005-04-08 04:25 - 00077824 _____ () C:\Program Files\ASUS\NB Probe\SPM\spmemory.dll
2010-04-10 15:13 - 2002-11-26 13:43 - 00106496 ____N () C:\Windows\system32\BrMuSNMP.dll
2007-09-26 20:08 - 2007-06-15 19:28 - 00147456 _____ () C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll
2007-09-26 20:08 - 2007-06-02 02:08 - 00143360 _____ () C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
2007-09-26 20:12 - 2007-02-09 19:38 - 00049520 _____ () C:\Program Files\ASUS\ASUS Live Update\ALU.exe
2008-03-27 02:40 - 2008-03-27 02:40 - 00118784 _____ () C:\Program Files\Winamp Remote\bin\Cab.dll
2005-07-20 20:48 - 2005-07-20 20:48 - 00059904 _____ () C:\Program Files\Winamp Remote\bin\ZLIB1.dll
2007-09-26 19:58 - 2004-05-28 03:13 - 00057344 _____ () C:\Program Files\ATK Hotkey\CMSSC.dll
2007-09-26 19:59 - 2007-01-18 04:26 - 07708672 _____ () C:\Program Files\ATKOSD2\ATKOSD2.exe
2007-09-26 20:10 - 2006-12-21 08:03 - 01036288 _____ () C:\Program Files\Wireless Console 2\wcourier.exe
2007-09-26 20:17 - 2007-01-16 23:08 - 00009216 _____ () C:\Program Files\ASUS\Splendid\GLCDdll.dll
2007-09-26 19:58 - 2006-12-19 02:26 - 02420736 _____ () C:\Program Files\ATK Hotkey\ATKOSD.exe
2007-09-26 19:58 - 2007-04-17 22:39 - 00077824 _____ () C:\Program Files\ATK Hotkey\KBFiltr.exe
2007-09-26 20:07 - 2006-10-26 00:37 - 00045056 _____ () C:\Program Files\ASUS\ATK Media\GERSTRING.dll
2008-05-01 22:59 - 2008-05-01 22:59 - 02158592 _____ () C:\Program Files\Winamp Remote\bin\OrbMedia.dll
2007-08-01 03:11 - 2007-08-01 03:11 - 00360448 _____ () C:\Program Files\Winamp Remote\bin\sqlite3.dll
2007-03-16 23:53 - 2007-03-16 23:53 - 00057344 _____ () C:\Program Files\Winamp Remote\bin\ogg.dll
2008-03-27 02:40 - 2008-03-27 02:40 - 00618496 _____ () C:\Program Files\Winamp Remote\bin\OrbPVR.dll
2003-01-28 11:09 - 2003-01-28 11:09 - 00143360 _____ () C:\Program Files\Winamp Remote\bin\LIBEXPAT.dll
2008-03-27 02:41 - 2008-03-27 02:41 - 00487424 _____ () C:\Program Files\Winamp Remote\bin\OrbWebServer.dll
2005-11-29 02:25 - 2005-11-29 02:25 - 00057344 _____ () C:\Program Files\Winamp Remote\bin\TVGrabber.dll
2007-09-26 20:23 - 2007-06-26 19:10 - 00778240 _____ () C:\Program Files\PowerForPhone\PowerForPhone.exe
2007-09-26 20:37 - 2007-09-26 20:37 - 00033136 _____ () C:\Windows\ASScrPro.exe
2008-08-04 01:02 - 2008-08-04 01:02 - 00036352 _____ () C:\Program Files\Winamp\winampa.exe
2011-03-21 23:10 - 2011-03-21 23:10 - 01230704 _____ () C:\Program Files\DivX\DivX Update\DivXUpdate.exe
2011-03-21 23:10 - 2011-03-21 23:10 - 00096112 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2013-11-23 20:20 - 2013-11-23 20:20 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-05-01 12:49 - 2014-04-24 02:33 - 00065352 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
2014-05-01 12:49 - 2014-04-24 02:33 - 04081480 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\pdf.dll
2014-05-01 12:49 - 2014-04-24 02:33 - 00390472 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
2014-05-01 12:49 - 2014-04-24 02:33 - 01647432 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VPN Client.lnk => C:\Windows\pss\VPN Client.lnk.CommonStartup
MSCONFIG\startupreg: Innerpass => C:\ProgramData\Skype\Plugins\Plugins\9E0D937F462E4362A83B254A9F8AB3F8\InnerPassFileSharing.exe autostart

==================== Faulty Device Manager Devices =============

Name: AVM FRITZ!web PPP over ISDN
Description: AVM FRITZ!web PPP over ISDN
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: AVM
Service: NETFRITZ
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Cisco Systems VPN Adapter
Description: Cisco Systems VPN Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/05/2014 05:57:29 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung AvmObexService.exe, Version 1.0.13.0, Zeitstempel 0x4564a69d, fehlerhaftes Modul AVMCCDI.DLL_unloaded, Version 0.0.0.0, Zeitstempel 0x4211aef4, Ausnahmecode 0xc0000005, Fehleroffset 0x00173d9a,
Prozess-ID 0x604, Anwendungsstartzeit AvmObexService.exe0.

Error: (05/04/2014 10:25:41 AM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung AvmObexService.exe, Version 1.0.13.0, Zeitstempel 0x4564a69d, fehlerhaftes Modul AVMCCDI.DLL, Version 1.26.0.0, Zeitstempel 0x4211aef4, Ausnahmecode 0xc0000005, Fehleroffset 0x00003d9a,
Prozess-ID 0x604, Anwendungsstartzeit AvmObexService.exe0.

Error: (05/01/2014 01:39:43 PM) (Source: Windows Backup) (User: )
Description: Die Dateisicherung ist aufgrund eines Fehlers beim Schreiben in das Sicherungsziel G:\ fehlgeschlagen. Fehler: Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und die Hardwarekonfiguration. (0x81000006)

Error: (05/01/2014 00:26:36 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung AvmObexService.exe, Version 1.0.13.0, Zeitstempel 0x4564a69d, fehlerhaftes Modul AVMCCDI.DLL_unloaded, Version 0.0.0.0, Zeitstempel 0x4211aef4, Ausnahmecode 0xc0000005, Fehleroffset 0x003e3d9a,
Prozess-ID 0x77c, Anwendungsstartzeit AvmObexService.exe0.

Error: (05/01/2014 00:21:21 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {ce7c6bfc-fb28-4f20-b8d2-6bc9da3c731f}

Error: (05/01/2014 11:59:04 AM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung AvmObexService.exe, Version 1.0.13.0, Zeitstempel 0x4564a69d, fehlerhaftes Modul AVMCCDI.DLL_unloaded, Version 0.0.0.0, Zeitstempel 0x4211aef4, Ausnahmecode 0xc0000005, Fehleroffset 0x00243d9a,
Prozess-ID 0x1dc, Anwendungsstartzeit AvmObexService.exe0.

Error: (04/27/2014 11:57:05 AM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung AvmObexService.exe, Version 1.0.13.0, Zeitstempel 0x4564a69d, fehlerhaftes Modul AVMCCDI.DLL_unloaded, Version 0.0.0.0, Zeitstempel 0x4211aef4, Ausnahmecode 0xc0000005, Fehleroffset 0x00243d9a,
Prozess-ID 0x258, Anwendungsstartzeit AvmObexService.exe0.

Error: (04/13/2014 09:47:36 AM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung AvmObexService.exe, Version 1.0.13.0, Zeitstempel 0x4564a69d, fehlerhaftes Modul AVMCCDI.DLL_unloaded, Version 0.0.0.0, Zeitstempel 0x4211aef4, Ausnahmecode 0xc0000005, Fehleroffset 0x00173d9a,
Prozess-ID 0x790, Anwendungsstartzeit AvmObexService.exe0.

Error: (04/10/2014 06:21:00 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung AvmObexService.exe, Version 1.0.13.0, Zeitstempel 0x4564a69d, fehlerhaftes Modul AVMCCDI.DLL, Version 1.26.0.0, Zeitstempel 0x4211aef4, Ausnahmecode 0xc0000005, Fehleroffset 0x00003d9a,
Prozess-ID 0x354, Anwendungsstartzeit AvmObexService.exe0.

Error: (04/07/2014 05:16:29 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung AvmObexService.exe, Version 1.0.13.0, Zeitstempel 0x4564a69d, fehlerhaftes Modul AVMCCDI.DLL_unloaded, Version 0.0.0.0, Zeitstempel 0x4211aef4, Ausnahmecode 0xc0000005, Fehleroffset 0x00243d9a,
Prozess-ID 0x298, Anwendungsstartzeit AvmObexService.exe0.


System errors:
=============
Error: (05/05/2014 06:09:17 PM) (Source: Service Control Manager) (User: )
Description: lvupdtio%%2

Error: (05/05/2014 05:57:47 PM) (Source: Service Control Manager) (User: )
Description: AVM BT OBEX Service1

Error: (05/05/2014 05:57:01 PM) (Source: Service Control Manager) (User: )
Description: Avgldx86

Error: (05/05/2014 05:57:01 PM) (Source: Service Control Manager) (User: )
Description: ghaio%%193

Error: (05/05/2014 05:56:32 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{878E57C0-751E-417B-BB1A-A483E045B4-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (05/04/2014 00:59:43 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{878E57C0-751E-417B-BB1A-A483E045B4-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (05/04/2014 00:11:51 PM) (Source: Service Control Manager) (User: )
Description: lvupdtio%%2

Error: (05/04/2014 10:31:47 AM) (Source: Service Control Manager) (User: )
Description: lvupdtio%%2

Error: (05/04/2014 10:26:35 AM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{878E57C0-751E-417B-BB1A-A483E045B4-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (05/04/2014 10:25:58 AM) (Source: Service Control Manager) (User: )
Description: AVM BT OBEX Service1


Microsoft Office Sessions:
=========================
Error: (04/02/2010 09:18:20 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 291 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (04/02/2010 09:13:22 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 12 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (04/02/2010 09:12:53 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 13 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (04/02/2010 09:03:03 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 37 seconds with 0 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Percentage of memory in use: 66%
Total physical RAM: 2046.48 MB
Available physical RAM: 683.08 MB
Total Pagefile: 4332.19 MB
Available Pagefile: 2543.38 MB
Total Virtual: 2047.88 MB
Available Virtual: 1905.76 MB

==================== Drives ================================

Drive c: (VistaOS) (Fixed) (Total:74.52 GB) (Free:6.35 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:67.69 GB) (Free:54.4 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 149 GB) (Disk ID: F98D6E74)
Partition 1: (Not Active) - (Size=7 GB) - (Type=1C)
Partition 2: (Active) - (Size=75 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=68 GB) - (Type=OF Extended)

==================== End Of Log ============================
         
__________________

Alt 06.05.2014, 11:29   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Awesomeph - Rückfrage zum löschen - Standard

Awesomeph - Rückfrage zum löschen



Revo Uninstaller - Download - Filepony
Damit alles deinstallieren was Du in der Additional.txt findest mit dem Zusatz <== ATTENTION

Mit Revo auch Moderat die Reste entfernen lassen.




Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 18.05.2014, 19:52   #5
xome
 
Awesomeph - Rückfrage zum löschen - Standard

Awesomeph - Rückfrage zum löschen



Hallo Schrauber,

Gibt es noch eine alternative zum awdCleaner?
Wenn ich diesen installiere und aufrufe erhalte ich die Fehlermeldung, dass ich die neuste Version herunterladen soll. Die neue Version heißt nach der Installation auch anders. Der San kann zwar durchgeführt werden, aber für die Löschung benötigt man eine kostenpflichtige Registrierung.

Viele Grüße
Xome


Alt 19.05.2014, 18:02   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Awesomeph - Rückfrage zum löschen - Standard

Awesomeph - Rückfrage zum löschen



du hast irgendwas geladen, aber nicht den AdwCleaner.
__________________
--> Awesomeph - Rückfrage zum löschen

Antwort

Themen zu Awesomeph - Rückfrage zum löschen
.html, awesomeph entfernen, beitrag, einzeln, gefunde, hallo zusammen, löschen, nutze, nutzen, troja, trojaner, vorgehensweise, zusammen




Ähnliche Themen: Awesomeph - Rückfrage zum löschen


  1. Löschen
    Plagegeister aller Art und deren Bekämpfung - 12.02.2015 (2)
  2. Laptop ruckelt nur noch, Iminent lässt sich nicht löschen und Radio schaltet sich alleine an und aus und lässt sich ebenfalls nicht löschen
    Plagegeister aller Art und deren Bekämpfung - 27.06.2014 (3)
  3. Awesomeph eingefangen und kann ihn nicht entfernen....
    Plagegeister aller Art und deren Bekämpfung - 25.02.2014 (9)
  4. Daten unwiederherstellbar löschen bzw freien Speicher löschen
    Überwachung, Datenschutz und Spam - 24.02.2014 (7)
  5. Internet Trojaner (Awesomeph)
    Plagegeister aller Art und deren Bekämpfung - 10.02.2014 (7)
  6. Awesomeph Windows7 Mozilla Firefox
    Plagegeister aller Art und deren Bekämpfung - 08.02.2014 (1)
  7. Ezpowerads löschen?
    Plagegeister aller Art und deren Bekämpfung - 19.09.2013 (9)
  8. Löschen von Spyhunter
    Log-Analyse und Auswertung - 09.09.2013 (17)
  9. Virus von externer Festplatte löschen ohne Bilder davon zu löschen
    Plagegeister aller Art und deren Bekämpfung - 15.08.2012 (1)
  10. Microsoft installiert erneut ohne Rückfrage Firefox-Add-on
    Nachrichten - 13.06.2010 (0)
  11. Löschen oder nicht löschen, das ist hier die Frage
    Antiviren-, Firewall- und andere Schutzprogramme - 17.05.2010 (9)
  12. Löschen von Thread
    Mülltonne - 09.04.2010 (1)
  13. Verdacht auf Fehlalarm: 'BDS/Backdoor.Gen' (berechtigte Rückfrage)
    Plagegeister aller Art und deren Bekämpfung - 21.01.2010 (6)
  14. Kein Virenprogramm kann trojanisches Pferd löschen! Wie soll ich es löschen?
    Mülltonne - 19.03.2008 (1)
  15. Löschen
    Lob, Kritik und Wünsche - 14.10.2006 (5)
  16. Löschen!
    Log-Analyse und Auswertung - 23.04.2006 (2)
  17. Wie löschen?
    Plagegeister aller Art und deren Bekämpfung - 22.10.2004 (1)

Zum Thema Awesomeph - Rückfrage zum löschen - Hallo Zusammen, ich habe hier einen Beitrag zum löschen vom Awesomeph gefunden. Mir ist jedoch nicht klar ob ich die gleiche Vorgehensweise nutzen kann? Geht das, oder ist der trojaner - Awesomeph - Rückfrage zum löschen...
Archiv
Du betrachtest: Awesomeph - Rückfrage zum löschen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.