| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Awesomehp als Startseite verschwindet nichtWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
02.02.2014, 11:08
| #1 |
| |  Awesomehp als Startseite verschwindet nicht Hi! Seit zwei Tagen macht sich nun Awesomehp in meimen Browser breit. Hier die FRSTs FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2014 04 Ran by Katharina (administrator) on KATHARINA-PC on 02-02-2014 11:01:18 Running from C:\Users\Katharina\Downloads Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe () C:\Program Files\ATKGFNEX\GFNEXSrv.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe () C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe (O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe () C:\Program Files\ShrewSoft\VPN Client\dtpd.exe () C:\Program Files\ShrewSoft\VPN Client\iked.exe () C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe (O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe (Entriq, Inc.) C:\Program Files (x86)\MaxDome\DCBin\DCService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe (AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (ASUS) C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [617856 2009-07-30] (ELAN Microelectronic Corp.) HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323584 2009-09-01] (AlcorMicro Co., Ltd.) HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [6859392 2009-08-17] (ASUS) HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [170624 2009-08-19] (ASUS) HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.) HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-05-30] (Geek Software GmbH) HKLM-x32\...\Run: [ConnectionCenter] - C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [358336 2011-07-19] (Citrix Systems, Inc.) HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4956176 2013-11-07] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-09] (Avira Operations GmbH & Co. KG) HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware ] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-19] (Microsoft Corporation) HKU\S-1-5-21-2353478044-1001011505-2298194141-1000\...\Run: [AVG-Secure-Search-Update_1213b] - C:\Users\Katharina\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=6108e56ce38047d18cdf41affc483ba4-71a11770bd8ef4e7eab3677a8354a079b697be4e /CMPID=1213b HKU\S-1-5-21-2353478044-1001011505-2298194141-1000\...\MountPoints2: {050548db-61fc-11e0-b947-90e6baacd257} - F:\LaunchU3.exe -a ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.awesomehp.com/?type=hp&ts=1391241942&from=exp&uid=ST9320325AS_6VE37LYMXXXX6VE37LYM HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x372DD98B5858CC01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1391241942&from=exp&uid=ST9320325AS_6VE37LYMXXXX6VE37LYM HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1391241942&from=exp&uid=ST9320325AS_6VE37LYMXXXX6VE37LYM&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1391241942&from=exp&uid=ST9320325AS_6VE37LYMXXXX6VE37LYM HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.awesomehp.com/?type=hp&ts=1391241942&from=exp&uid=ST9320325AS_6VE37LYMXXXX6VE37LYM HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1391241942&from=exp&uid=ST9320325AS_6VE37LYMXXXX6VE37LYM&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1391241942&from=exp&uid=ST9320325AS_6VE37LYMXXXX6VE37LYM&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1391241942&from=exp&uid=ST9320325AS_6VE37LYMXXXX6VE37LYM HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.awesomehp.com/?type=hp&ts=1391241942&from=exp&uid=ST9320325AS_6VE37LYMXXXX6VE37LYM HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1391241942&from=exp&uid=ST9320325AS_6VE37LYMXXXX6VE37LYM&q={searchTerms} StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.awesomehp.com/?type=sc&ts=1391241942&from=exp&uid=ST9320325AS_6VE37LYMXXXX6VE37LYM SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) BHO-x32: DivX HiQ - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) DPF: HKLM-x32 {0D9392CD-A784-4FCA-9342-0F75F7D7C8CB} hxxp://www.cltnet.de/login/dplaunch.cab DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll No File Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.254 195.241.77.55 195.241.77.58 Tcpip\..\Interfaces\{A7F40B81-94CA-4E7E-9FFE-708110CE67F2}: [NameServer]141.39.208.200,193.174.46.7 FireFox: ======== FF ProfilePath: C:\Users\Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\dt2cvuv9.default-1391292157526 FF Homepage: hxxp://www.gmx.de/ FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF Plugin-x32: @divx.com/DivX OVS Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll No File FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=1.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxmui.dll (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icafile.dll (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icalogon.dll (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\sslsdk_b.dll (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll (Citrix Systems, Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\awesomehp.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-11] FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-12-11] FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-12-11] FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2013-12-11] FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2010-12-12] FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2010-12-12] FF HKLM-x32\...\Firefox\Extensions: [lightningnewtab@gmail.com] - C:\Users\Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\fvwyzx48.default\extensions\lightningnewtab@gmail.com.xpi FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.awesomehp.com/?type=sc&ts=1391241942&from=exp&uid=ST9320325AS_6VE37LYMXXXX6VE37LYM Chrome: ======= CHR HomePage: hxxp://www.google.com/ CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\8.0.552.215\pdf.dll () CHR Plugin: (Google Gears 0.5.33.0) - C:\Program Files (x86)\Google\Chrome\Application\8.0.552.215\gears.dll (Google Inc.) CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\8.0.552.215\gcswf32.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc) CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation) CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll No File CHR Plugin: (DivX OVS Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll No File CHR Plugin: (VLC Multimedia Plug-in) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team) CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File CHR Plugin: (Default Plug-in) - default_plugin No File CHR Extension: (DivX HiQ) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae [2010-12-12] CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2010-12-12] CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2010-12-08] CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2010-12-08] ==================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-09] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-09] (Avira Operations GmbH & Co. KG) R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3478544 2013-11-11] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.) R2 dtpd; C:\Program Files\ShrewSoft\VPN Client\dtpd.exe [50688 2009-11-15] () R2 iked; C:\Program Files\ShrewSoft\VPN Client\iked.exe [948224 2009-11-15] () R2 ipsecd; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [690688 2009-11-15] () R2 O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2287360 2009-09-12] (O&O Software GmbH) R2 Prosieben; C:\Program Files (x86)\MaxDome\DCBin\DCService.exe [77032 2009-05-01] (Entriq, Inc.) ==================== Drivers (Whitelisted) ==================== R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] () R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-05] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [240920 2013-11-04] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [194872 2013-10-24] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-09] (Avira Operations GmbH & Co. KG) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.) R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-09] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG) R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] () R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-06] () ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-02-02 11:01 - 2014-02-02 11:02 - 00025021 _____ () C:\Users\Katharina\Downloads\FRST.txt 2014-02-02 11:01 - 2014-02-02 11:01 - 00000000 ____D () C:\FRST 2014-02-02 10:52 - 2014-02-02 10:52 - 02080256 _____ (Farbar) C:\Users\Katharina\Downloads\FRST64.exe 2014-02-02 10:51 - 2014-02-02 10:52 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-02-02 10:51 - 2014-02-02 10:51 - 00001113 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-02-02 10:51 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-02-02 10:13 - 2014-02-02 10:13 - 00001121 _____ () C:\Users\Katharina\Desktop\JRT.txt 2014-02-02 10:01 - 2014-02-02 10:01 - 00000000 ____D () C:\Windows\ERUNT 2014-02-02 09:59 - 2014-02-02 09:59 - 01037068 _____ (Thisisu) C:\Users\Katharina\Downloads\JRT.exe 2014-02-02 09:42 - 2014-02-02 09:49 - 00000000 ____D () C:\AdwCleaner 2014-02-02 09:41 - 2014-02-02 09:41 - 01166132 _____ () C:\Users\Katharina\Downloads\adwcleaner.exe 2014-02-01 23:02 - 2014-02-01 23:02 - 00000000 ____D () C:\Users\Katharina\Desktop\Alte Firefox-Daten 2014-02-01 19:44 - 2014-02-01 19:44 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Avira 2014-02-01 19:38 - 2014-02-01 19:38 - 00002070 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk 2014-02-01 19:37 - 2014-02-01 19:37 - 00000000 ____D () C:\ProgramData\Avira 2014-02-01 19:37 - 2014-02-01 19:37 - 00000000 ____D () C:\Program Files (x86)\Avira 2014-02-01 19:37 - 2013-12-09 11:37 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2014-02-01 19:37 - 2013-12-09 11:37 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2014-02-01 19:37 - 2013-12-09 11:37 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2014-02-01 19:37 - 2013-12-09 11:37 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2014-02-01 19:35 - 2014-02-01 19:35 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Katharina\Downloads\mbam-setup-1.75.0.1300.exe 2014-02-01 19:32 - 2014-02-01 19:35 - 129598176 _____ () C:\Users\Katharina\Downloads\avira_free344_antivirus_de.exe 2014-02-01 09:06 - 2014-02-01 20:35 - 00000000 ____D () C:\ProgramData\IePluginService 2014-02-01 09:06 - 2014-02-01 20:32 - 00000000 ____D () C:\Program Files (x86)\SupTab 2014-02-01 09:06 - 2014-02-01 20:28 - 00000000 ____D () C:\ProgramData\WPM 2014-01-30 18:45 - 2014-01-30 18:45 - 00000000 ____D () C:\Users\Katharina\Desktop\Beerdigung Opa Kalli 2014-01-30 17:10 - 2014-01-30 18:19 - 209715200 _____ () C:\Users\Katharina\Downloads\clsz.part2.rar 2014-01-29 17:20 - 2014-01-29 18:30 - 209715200 _____ () C:\Users\Katharina\Downloads\clsz.part1.rar 2014-01-29 17:16 - 2013-05-05 13:45 - 00000000 ____D () C:\Users\Katharina\Downloads\Jojo_Moyes-The_last_Letter_from_your_ Lover(English) 2014-01-29 17:15 - 2014-01-23 19:06 - 00000000 ____D () C:\Users\Katharina\Downloads\Brigitte Riebe - Die geheime Braut (ungekürzt) 2014-01-27 21:25 - 2014-01-27 22:11 - 141526392 _____ () C:\Users\Katharina\Downloads\BRDgB.part3.rar 2014-01-27 17:37 - 2014-01-27 18:45 - 209715200 _____ () C:\Users\Katharina\Downloads\BRDgB.part2.rar 2014-01-27 14:50 - 2013-12-25 21:09 - 00000000 ____D () C:\Users\Katharina\Downloads\Murakami, Haruki - 19 eBooks 2014-01-27 14:04 - 2014-01-27 14:20 - 44809036 _____ () C:\Users\Katharina\Downloads\251220132109.rar 2014-01-27 13:40 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2014-01-27 13:40 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2014-01-27 13:39 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2014-01-27 13:39 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2014-01-27 13:39 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2014-01-27 13:39 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2014-01-27 13:39 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2014-01-27 13:39 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2014-01-27 13:39 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-01-27 13:26 - 2014-01-27 14:34 - 209715200 _____ () C:\Users\Katharina\Downloads\BRDgB.part1.rar 2014-01-14 13:57 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-01-14 13:57 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-01-14 13:57 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-01-14 13:57 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-01-14 13:57 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-01-14 13:57 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-01-14 13:57 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-01-14 13:57 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-01-14 13:57 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-01-14 13:57 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-01-14 13:57 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-01-14 13:57 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-01-14 13:57 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-01-14 13:57 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-01-14 13:57 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-01-14 13:57 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-01-14 13:57 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-01-14 13:57 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-01-14 13:57 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-01-14 13:57 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-01-14 13:57 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-01-14 13:57 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-01-14 13:57 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-01-14 13:57 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-01-14 13:57 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-01-14 13:57 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-01-14 13:57 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-01-14 13:57 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-01-14 13:57 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-01-14 13:57 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-01-14 13:57 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-01-11 20:30 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE 2014-01-11 20:25 - 2014-01-11 20:25 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-01-11 20:25 - 2014-01-11 20:25 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2014-01-11 20:25 - 2014-01-11 20:25 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2014-01-11 20:25 - 2014-01-11 20:25 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2014-01-11 20:25 - 2014-01-11 20:25 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2014-01-11 20:25 - 2014-01-11 20:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-01-11 20:25 - 2014-01-11 20:25 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2014-01-11 20:24 - 2014-01-11 20:24 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2014-01-11 20:24 - 2014-01-11 20:24 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2014-01-11 20:24 - 2014-01-11 20:24 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2014-01-11 20:24 - 2014-01-11 20:24 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2014-01-11 20:24 - 2014-01-11 20:24 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2014-01-11 20:24 - 2014-01-11 20:24 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2014-01-11 20:24 - 2014-01-11 20:24 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2014-01-11 20:24 - 2014-01-11 20:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2014-01-11 20:24 - 2014-01-11 20:24 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-01-11 20:24 - 2014-01-11 20:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2014-01-11 20:24 - 2014-01-11 20:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2014-01-11 20:24 - 2014-01-11 20:24 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2014-01-11 20:24 - 2014-01-11 20:24 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2014-01-11 20:24 - 2014-01-11 20:24 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2014-01-11 20:24 - 2014-01-11 20:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-01-11 20:24 - 2014-01-11 20:24 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2014-01-11 20:24 - 2014-01-11 20:24 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-01-11 20:24 - 2014-01-11 20:24 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2014-01-09 20:49 - 2014-01-09 20:49 - 01035926 _____ () C:\Users\Katharina\Downloads\MozBackup-1.5.1-EN.exe 2014-01-09 20:49 - 2014-01-09 20:49 - 00000000 ____D () C:\Program Files (x86)\MozBackup 2014-01-07 18:25 - 2014-01-07 21:17 - 526385152 _____ () C:\Users\Katharina\Downloads\aehad.part2.rar 2014-01-07 12:57 - 2014-01-07 15:49 - 526385152 _____ () C:\Users\Katharina\Downloads\aehad.part1.rar ==================== One Month Modified Files and Folders ======= 2014-02-02 11:02 - 2014-02-02 11:01 - 00025021 _____ () C:\Users\Katharina\Downloads\FRST.txt 2014-02-02 11:01 - 2014-02-02 11:01 - 00000000 ____D () C:\FRST 2014-02-02 10:53 - 2010-03-13 03:38 - 01882069 _____ () C:\Windows\WindowsUpdate.log 2014-02-02 10:52 - 2014-02-02 10:52 - 02080256 _____ (Farbar) C:\Users\Katharina\Downloads\FRST64.exe 2014-02-02 10:52 - 2014-02-02 10:51 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-02-02 10:51 - 2014-02-02 10:51 - 00001113 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-02-02 10:51 - 2009-07-14 05:45 - 00015152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-02-02 10:51 - 2009-07-14 05:45 - 00015152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-02-02 10:42 - 2010-03-14 10:13 - 02059556 _____ () C:\Windows\system32\oodbs.lor 2014-02-02 10:42 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-02-02 10:42 - 2009-07-14 05:51 - 00192114 _____ () C:\Windows\setupact.log 2014-02-02 10:30 - 2012-06-20 21:12 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-02-02 10:13 - 2014-02-02 10:13 - 00001121 _____ () C:\Users\Katharina\Desktop\JRT.txt 2014-02-02 10:01 - 2014-02-02 10:01 - 00000000 ____D () C:\Windows\ERUNT 2014-02-02 09:59 - 2014-02-02 09:59 - 01037068 _____ (Thisisu) C:\Users\Katharina\Downloads\JRT.exe 2014-02-02 09:49 - 2014-02-02 09:42 - 00000000 ____D () C:\AdwCleaner 2014-02-02 09:41 - 2014-02-02 09:41 - 01166132 _____ () C:\Users\Katharina\Downloads\adwcleaner.exe 2014-02-02 09:30 - 2011-07-13 19:59 - 00000000 ____D () C:\ProgramData\MFAData 2014-02-02 09:23 - 2010-03-14 10:13 - 00762062 _____ () C:\Windows\PFRO.log 2014-02-01 23:02 - 2014-02-01 23:02 - 00000000 ____D () C:\Users\Katharina\Desktop\Alte Firefox-Daten 2014-02-01 20:35 - 2014-02-01 09:06 - 00000000 ____D () C:\ProgramData\IePluginService 2014-02-01 20:32 - 2014-02-01 09:06 - 00000000 ____D () C:\Program Files (x86)\SupTab 2014-02-01 20:28 - 2014-02-01 09:06 - 00000000 ____D () C:\ProgramData\WPM 2014-02-01 19:44 - 2014-02-01 19:44 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Avira 2014-02-01 19:38 - 2014-02-01 19:38 - 00002070 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk 2014-02-01 19:37 - 2014-02-01 19:37 - 00000000 ____D () C:\ProgramData\Avira 2014-02-01 19:37 - 2014-02-01 19:37 - 00000000 ____D () C:\Program Files (x86)\Avira 2014-02-01 19:35 - 2014-02-01 19:35 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Katharina\Downloads\mbam-setup-1.75.0.1300.exe 2014-02-01 19:35 - 2014-02-01 19:32 - 129598176 _____ () C:\Users\Katharina\Downloads\avira_free344_antivirus_de.exe 2014-02-01 18:46 - 2010-03-20 11:31 - 00001473 _____ () C:\Windows\system32\ServiceFilter.ini 2014-02-01 12:04 - 2010-03-13 04:02 - 00000000 ___RD () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-02-01 09:05 - 2010-03-13 04:02 - 00001625 _____ () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-01-30 18:48 - 2013-10-06 13:53 - 00000000 ____D () C:\Users\Katharina\Desktop\Maastricht International Business 2014-01-30 18:48 - 2009-07-14 18:58 - 00654400 _____ () C:\Windows\system32\perfh007.dat 2014-01-30 18:48 - 2009-07-14 18:58 - 00130240 _____ () C:\Windows\system32\perfc007.dat 2014-01-30 18:48 - 2009-07-14 06:13 - 01498742 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-01-30 18:45 - 2014-01-30 18:45 - 00000000 ____D () C:\Users\Katharina\Desktop\Beerdigung Opa Kalli 2014-01-30 18:19 - 2014-01-30 17:10 - 209715200 _____ () C:\Users\Katharina\Downloads\clsz.part2.rar 2014-01-29 18:30 - 2014-01-29 17:20 - 209715200 _____ () C:\Users\Katharina\Downloads\clsz.part1.rar 2014-01-28 11:49 - 2009-07-14 05:45 - 02386808 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-01-27 22:42 - 2013-08-15 16:51 - 00000000 ____D () C:\Windows\system32\MRT 2014-01-27 22:40 - 2010-03-20 11:42 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-01-27 22:11 - 2014-01-27 21:25 - 141526392 _____ () C:\Users\Katharina\Downloads\BRDgB.part3.rar 2014-01-27 18:45 - 2014-01-27 17:37 - 209715200 _____ () C:\Users\Katharina\Downloads\BRDgB.part2.rar 2014-01-27 14:44 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2014-01-27 14:34 - 2014-01-27 13:26 - 209715200 _____ () C:\Users\Katharina\Downloads\BRDgB.part1.rar 2014-01-27 14:20 - 2014-01-27 14:04 - 44809036 _____ () C:\Users\Katharina\Downloads\251220132109.rar 2014-01-23 19:06 - 2014-01-29 17:15 - 00000000 ____D () C:\Users\Katharina\Downloads\Brigitte Riebe - Die geheime Braut (ungekürzt) 2014-01-14 13:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-01-11 20:31 - 2013-11-12 18:31 - 00111585 _____ () C:\Windows\IE11_main.log 2014-01-11 20:25 - 2014-01-11 20:25 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-01-11 20:25 - 2014-01-11 20:25 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2014-01-11 20:25 - 2014-01-11 20:25 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2014-01-11 20:25 - 2014-01-11 20:25 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2014-01-11 20:25 - 2014-01-11 20:25 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2014-01-11 20:25 - 2014-01-11 20:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-01-11 20:25 - 2014-01-11 20:25 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2014-01-11 20:24 - 2014-01-11 20:24 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2014-01-11 20:24 - 2014-01-11 20:24 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2014-01-11 20:24 - 2014-01-11 20:24 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2014-01-11 20:24 - 2014-01-11 20:24 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2014-01-11 20:24 - 2014-01-11 20:24 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2014-01-11 20:24 - 2014-01-11 20:24 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2014-01-11 20:24 - 2014-01-11 20:24 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2014-01-11 20:24 - 2014-01-11 20:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2014-01-11 20:24 - 2014-01-11 20:24 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-01-11 20:24 - 2014-01-11 20:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2014-01-11 20:24 - 2014-01-11 20:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2014-01-11 20:24 - 2014-01-11 20:24 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2014-01-11 20:24 - 2014-01-11 20:24 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2014-01-11 20:24 - 2014-01-11 20:24 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2014-01-11 20:24 - 2014-01-11 20:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2014-01-11 20:24 - 2014-01-11 20:24 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-01-11 20:24 - 2014-01-11 20:24 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2014-01-11 20:24 - 2014-01-11 20:24 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-01-11 20:24 - 2014-01-11 20:24 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2014-01-09 20:49 - 2014-01-09 20:49 - 01035926 _____ () C:\Users\Katharina\Downloads\MozBackup-1.5.1-EN.exe 2014-01-09 20:49 - 2014-01-09 20:49 - 00000000 ____D () C:\Program Files (x86)\MozBackup 2014-01-07 21:17 - 2014-01-07 18:25 - 526385152 _____ () C:\Users\Katharina\Downloads\aehad.part2.rar 2014-01-07 15:49 - 2014-01-07 12:57 - 526385152 _____ () C:\Users\Katharina\Downloads\aehad.part1.rar Files to move or delete: ==================== C:\ProgramData\aspg.dat Some content of TEMP: ==================== C:\Users\Katharina\AppData\Local\Temp\APNStub.exe C:\Users\Katharina\AppData\Local\Temp\AskSLib.dll C:\Users\Katharina\AppData\Local\Temp\avgnt.exe C:\Users\Katharina\AppData\Local\Temp\economics_of_strategy_5th_besanko_download.zip_Downloader.exe C:\Users\Katharina\AppData\Local\Temp\FileSystemView.dll C:\Users\Katharina\AppData\Local\Temp\gcapi_dll.dll C:\Users\Katharina\AppData\Local\Temp\gdapi.dll C:\Users\Katharina\AppData\Local\Temp\GoogleSetup.exe C:\Users\Katharina\AppData\Local\Temp\gtapi_signed.dll C:\Users\Katharina\AppData\Local\Temp\GTGCAPI.exe C:\Users\Katharina\AppData\Local\Temp\htmlayout.dll C:\Users\Katharina\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe C:\Users\Katharina\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe C:\Users\Katharina\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe C:\Users\Katharina\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe C:\Users\Katharina\AppData\Local\Temp\msvcr90.dll C:\Users\Katharina\AppData\Local\Temp\Offercast_AVIRAV7_.exe C:\Users\Katharina\AppData\Local\Temp\pdf24-creator-update.exe C:\Users\Katharina\AppData\Local\Temp\Quarantine.exe C:\Users\Katharina\AppData\Local\Temp\SkypeSetup.exe C:\Users\Katharina\AppData\Local\Temp\toolbar588685.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-01-29 14:10 ==================== End Of Log ============================ Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2014 04
Ran by Katharina at 2014-02-02 11:04:04
Running from C:\Users\Katharina\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
==================== Installed Programs ======================
Adobe AIR (x32 Version: 2.6.0.19140 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.6.0.19140 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Asset Services CS3 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS3 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Bridge Start Meeting (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Camera Raw 4.0 (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color Common Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Recommended Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit 2 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 ActiveX (x32 Version: 10.0.45.2 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168 - Adobe Systems Incorporated)
Adobe Fonts All (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Help Viewer CS3 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS3 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS3 (x32 Version: 10 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS3 (x32 Version: 10.0 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 - Deutsch (x32 Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Setup (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Stock Photos CS3 (x32 Version: 1.5 - Adobe Systems Incorporated) Hidden
Adobe Type Support (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS3 (x32 Version: 5.1.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Client (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Alcor Micro USB Card Reader (x32 Version: 1.5.17.25482 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.5.17.25482 - Alcor Micro Corp.) Hidden
Apple Application Support (x32 Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
ASUS Virtual Camera (x32 Version: 1.0.19 - asus)
ATK Generic Function Service (x32 Version: 1.00.0008 - ATK)
ATK Hotkey (x32 Version: 1.0.0052 - ASUS)
ATK Media (x32 Version: 2.0.0006 - ASUS)
ATKOSD2 (x32 Version: 7.0.0006 - ASUS)
AVG 2014 (Version: 14.0.3684 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4259 - AVG Technologies) Hidden
AVG 2014 (Version: 2014.0.4259 - AVG Technologies)
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Bullzip PDF Printer 7.1.0.1159 (Version: - Bullzip)
Cisco AnyConnect VPN Client (x32 Version: 2.5.6005 - Cisco Systems, Inc.)
Cisco Systems VPN Client 5.0.07.0290 (Version: 5.0.7 - Cisco Systems, Inc.)
Citrix Receiver (DV) (x32 Version: 13.0.0.6684 - Citrix Systems, Inc.) Hidden
Citrix Receiver (HDX Flash-Umleitung) (x32 Version: 13.0.0.6684 - Citrix Systems, Inc.) Hidden
Citrix Receiver (USB) (x32 Version: 13.0.0.6684 - Citrix Systems, Inc.) Hidden
Citrix Receiver (x32 Version: 13.0.0.6684 - Citrix Systems, Inc.)
Citrix Receiver Inside (x32 Version: 3.0.0.56418 - Citrix Systems, Inc.) Hidden
Citrix Receiver(Aero) (x32 Version: 13.0.0.6684 - Citrix Systems, Inc.) Hidden
DivX Converter (x32 Version: 7.1.0 - DivX, Inc.)
DivX-Setup (x32 Version: 2.2.0.24 - DivX, LLC)
Dropbox (HKCU Version: 1.2.51 - Dropbox, Inc.)
ETDWare PS/2-x64 7.0.5.7_WHQL (Version: - )
Fast Boot (Version: 1.0.5 - ASUS)
Intel(R) Graphics Media Accelerator Driver (Version: 8.15.10.2202 - Intel Corporation)
iTunes (Version: 11.1.0.126 - Apple Inc.)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader (x32 Version: 0.89 - AppWork UG (haftungsbeschränkt))
Kyocera Product Library (Version: 2.0.0713 - Kyocera Mita Corporation)
Lyrics Plugin for Winamp (x32 Version: 0.4 - Lyrics Plugin) <==== ATTENTION
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
maxdome Download Manager 4.1.300.78 (x32 Version: 4.1.30078 - Prosieben)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2007 - German/Deutsch (x32 Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office O MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office X MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Silverlight (x32 Version: 4.0.60831.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
MozBackup 1.5.1 (x32 Version: - Pavel Cvrcek)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
O&O Defrag Professional (Version: 12.0.197 - O&O Software GmbH)
ODF Add-In für Microsoft Office (x32 Version: 3.0.5254.0 - OpenXML/ODF Translator Team)
Online Plug-in (x32 Version: 13.0.0.6684 - Citrix Systems, Inc.) Hidden
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 5.5.0 (x32 Version: - PDF24.org)
PDFCreator (x32 Version: 1.6.2 - pdfforge)
PhotoScape (x32 Version: - )
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
Shrew Soft VPN Client (Version: - )
Skype Click to Call (x32 Version: 5.6.8442 - Skype Technologies S.A.)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.3010.1 - TuneUp Software) Hidden
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
USB 2.0 1.3M UVC WebCam (Version: - )
VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden
VIA Plattform-Geräte-Manager (x32 Version: 1.34 - VIA Technologies, Inc.)
Visual Studio 2008 x64 Redistributables (x32 Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (x32 Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 1.0.5 (x32 Version: 1.0.5 - VideoLAN Team)
Winamp (x32 Version: 5.572 - Nullsoft, Inc)
WinRAR (Version: - )
==================== Restore Points =========================
27-01-2014 21:39:37 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {6CAD7CA2-C1C0-46E2-8F3F-6A22788521A7} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {839436BB-E863-4538-B4CE-DB62622EDF0E} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {8D5C4C8C-7345-488A-97B9-8D90DDF37DF7} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: {9FCA4423-8D23-49E2-97B2-94BBBD246A09} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {A6AB55DC-5D63-4D52-A755-18E0D42AF530} - System32\Tasks\Your File Updater => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe <==== ATTENTION
Task: {B1F12BBC-F4E2-48D5-AF10-C74D527F49B1} - System32\Tasks\Divx-Online-Aktualisierungsprogramm => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2010-12-08] ()
Task: {C0DF0E59-4547-435A-B8CD-242CB4FC7098} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-11] (Adobe Systems Incorporated)
Task: {C1B549C9-F6E4-4309-8C08-AA995C8E0634} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E31267C1-CFDC-477D-979D-CA8A505085A3} - System32\Tasks\{0820F591-966F-40C1-B5D8-B4F17EDE0ABE} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {FB6D4C0C-44EC-4209-A8CC-C0740F526BDA} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2014-02-01 19:37 - 2013-12-09 11:37 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2012-08-27 20:33 - 2012-08-27 20:33 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-08-27 20:33 - 2012-08-27 20:33 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-03-23 13:26 - 2010-03-23 13:26 - 00201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2009-05-01 16:58 - 2009-05-01 16:58 - 01057512 _____ () C:\Program Files (x86)\MaxDome\DCBin\PocoFoundation.dll
2009-05-01 16:58 - 2009-05-01 16:58 - 00627944 _____ () C:\Program Files (x86)\MaxDome\DCBin\PocoNet.dll
2009-05-01 16:58 - 2009-05-01 16:58 - 00514352 _____ () C:\Program Files (x86)\MaxDome\DCBin\sqlite3.dll
2009-05-01 16:58 - 2009-05-01 16:58 - 00517352 _____ () C:\Program Files (x86)\MaxDome\DCBin\PocoXML.dll
2013-12-11 13:11 - 2013-12-11 13:12 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-02-01 19:37 - 2013-12-09 11:37 - 00394808 _____ () c:\program files (x86)\avira\antivir desktop\sqlite3.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Shrew Soft Virtual Adapter
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
Error: (10/01/2013 09:18:44 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 31 seconds with 0 seconds of active time. This session ended with a crash.
Error: (10/01/2013 09:17:34 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 60 seconds with 0 seconds of active time. This session ended with a crash.
Error: (09/26/2013 10:53:09 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 8561 seconds with 4380 seconds of active time. This session ended with a crash.
Error: (02/20/2012 05:05:22 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2206 seconds with 1380 seconds of active time. This session ended with a crash.
Error: (02/20/2012 04:28:16 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 282 seconds with 240 seconds of active time. This session ended with a crash.
Error: (02/20/2012 04:23:12 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 106 seconds with 60 seconds of active time. This session ended with a crash.
Error: (02/20/2012 04:21:04 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 574 seconds with 540 seconds of active time. This session ended with a crash.
Error: (02/20/2012 04:11:00 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 14676 seconds with 6840 seconds of active time. This session ended with a crash.
Error: (02/18/2012 05:33:40 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 3970 seconds with 3840 seconds of active time. This session ended with a crash.
Error: (02/18/2012 04:12:19 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 10366 seconds with 8400 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2013-04-08 12:30:34.816
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-08 12:30:34.426
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-10-20 22:24:58.396
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\Temp\TMP0000006CB21ECB912651FE62" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2011-10-20 22:24:58.283
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\Temp\TMP0000006CB21ECB912651FE62" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2011-10-20 22:24:58.136
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\Temp\TMP0000006CB21ECB912651FE62" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2011-08-11 21:39:16.351
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\wow64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2010-11-10 09:46:57.739
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\drivers\CVPNDRVA.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2010-11-10 09:46:57.552
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\drivers\CVPNDRVA.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2010-11-10 09:46:34.651
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\drivers\CVPNDRVA.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2010-11-10 09:46:34.635
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\drivers\CVPNDRVA.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 68%
Total physical RAM: 2013.09 MB
Available physical RAM: 624.71 MB
Total Pagefile: 4026.17 MB
Available Pagefile: 1895.3 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:146.39 GB) (Free:22.55 GB) NTFS
Drive e: (Backup) (Fixed) (Total:151.6 GB) (Free:112.1 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 516D077A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=146 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=152 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Professional x64
Ran by Katharina on 02.02.2014 at 10:01:41,26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\caphyon
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C6DD655C-5BE2-476D-BCC8-02A03ADA11B2}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\Program Files (x86)\re-markit"
~~~ FireFox
Emptied folder: C:\Users\Katharina\AppData\Roaming\mozilla\firefox\profiles\dt2cvuv9.default-1391292157526\minidumps [1 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.02.2014 at 10:13:50,42
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.02.01.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16476 Katharina :: KATHARINA-PC [Administrator] 01.02.2014 20:15:30 mbam-log-2014-02-01 (20-15-30).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 446872 Laufzeit: 3 Stunde(n), 4 Minute(n), 47 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 8 HKCR\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Optional.SoftwareUpdater) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Optional.SoftwareUpdater) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Optional.SoftwareUpdater) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Optional.SoftwareUpdater) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\Updater.AmiUpd.1 (PUP.Optional.SoftwareUpdater) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\Updater.AmiUpd (PUP.Optional.SoftwareUpdater) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} (PUP.Optional.Qone8) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} (PUP.Optional.Qone8) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 1 HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|DefaultScope (PUP.Optional.Qone8) -> Bösartig: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}) Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}) -> Erfolgreich ersetzt und in Quarantäne gestellt. Infizierte Verzeichnisse: 3 C:\Users\Katharina\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Katharina\AppData\Roaming\OpenCandy\8CC0D38561814CD797732959A9675335 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Katharina\AppData\Roaming\OpenCandy\DE6E0439C3C44BF7AEB9D353DE95A855 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateien: 10 C:\Users\Katharina\AppData\Local\SwvUpdater\Updater.exe (PUP.Optional.SoftwareUpdater) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Katharina\AppData\Local\Temp\awhFC39.tmp (PUP.Optional.Amonetize.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Katharina\AppData\Local\Temp\toolbar588638.exe (PUP.Optional.Amonetize) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Katharina\AppData\Local\Temp\fullpackage_temp1391241919\package1.zip (PUP.Optional.SkyTech.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Katharina\AppData\Local\Temp\fullpackage_temp1391241919\QQBrowserFrame.dll (PUP.Optional.SkyTech.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Katharina\AppData\Roaming\OpenCandy\8CC0D38561814CD797732959A9675335\TuneUpUtilities2013-2200218_de-DE.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Katharina\AppData\Roaming\OpenCandy\DE6E0439C3C44BF7AEB9D353DE95A855\3708.ico (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Katharina\AppData\Roaming\OpenCandy\DE6E0439C3C44BF7AEB9D353DE95A855\EBB77268-338F-4C6A-8590-AD88FED26F4A (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Katharina\AppData\Roaming\OpenCandy\DE6E0439C3C44BF7AEB9D353DE95A855\OCBrowserHelper_1.0.5.112.dll (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Katharina\AppData\Roaming\OpenCandy\DE6E0439C3C44BF7AEB9D353DE95A855\RAWinstaller.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.02.02.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16476 Katharina :: KATHARINA-PC [limitiert] 02.02.2014 10:53:36 mbam-log-2014-02-02 (10-53-36).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 209355 Laufzeit: 13 Minute(n), 31 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\$Recycle.Bin\S-1-5-21-2353478044-1001011505-2298194141-1000\$RCQU4GD.exe (PUP.Optional.Bandoo.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Danke schonmal im Voraus  Geändert von katha@messer (02.02.2014 um 11:24 Uhr) |
|
02.02.2014, 13:08
| #2 |
| /// the machine /// TB-Ausbilder    | Awesomehp als Startseite verschwindet nicht hi,
__________________Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Downloade dir bitte Shortcut Cleaner (by Grinler) auf deinen Desktop.
und ein frisches FRST log bitte.
__________________ |
|
| Themen zu Awesomehp als Startseite verschwindet nicht |
| 4d36e972-e325-11ce-bfc1-08002be10318, avg antivirus, awesomehp, awesomehp entfernen, browser, converter, defender, desktop, flash player, homepage, iexplore.exe, lightning, pup.optional.amonetize, pup.optional.amonetize.a, pup.optional.bandoo.a, pup.optional.opencandy, pup.optional.qone8, pup.optional.skytech.a, pup.optional.softwareupdater, re-markit, registry, security, services.exe, software, svchost.exe |
Linear-Darstellung
