| katha@messer | 02.02.2014 11:08 |
Awesomehp als Startseite verschwindet nicht
Hi! Seit zwei Tagen macht sich nun Awesomehp in meimen Browser breit.
Hier die FRSTs
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2014 04
Ran by Katharina (administrator) on KATHARINA-PC on 02-02-2014 11:01:18
Running from C:\Users\Katharina\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
() C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe
() C:\Program Files\ShrewSoft\VPN Client\dtpd.exe
() C:\Program Files\ShrewSoft\VPN Client\iked.exe
() C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(Entriq, Inc.) C:\Program Files (x86)\MaxDome\DCBin\DCService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ASUS) C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [617856 2009-07-30] (ELAN Microelectronic Corp.)
HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323584 2009-09-01] (AlcorMicro Co., Ltd.)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [6859392 2009-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [170624 2009-08-19] (ASUS)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-05-30] (Geek Software GmbH)
HKLM-x32\...\Run: [ConnectionCenter] - C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [358336 2011-07-19] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4956176 2013-11-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-19] (Microsoft Corporation)
HKU\S-1-5-21-2353478044-1001011505-2298194141-1000\...\Run: [AVG-Secure-Search-Update_1213b] - C:\Users\Katharina\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=6108e56ce38047d18cdf41affc483ba4-71a11770bd8ef4e7eab3677a8354a079b697be4e /CMPID=1213b
HKU\S-1-5-21-2353478044-1001011505-2298194141-1000\...\MountPoints2: {050548db-61fc-11e0-b947-90e6baacd257} - F:\LaunchU3.exe -a
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.awesomehp.com/?type=hp&ts=1391241942&from=exp&uid=ST9320325AS_6VE37LYMXXXX6VE37LYM
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x372DD98B5858CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1391241942&from=exp&uid=ST9320325AS_6VE37LYMXXXX6VE37LYM
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1391241942&from=exp&uid=ST9320325AS_6VE37LYMXXXX6VE37LYM&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1391241942&from=exp&uid=ST9320325AS_6VE37LYMXXXX6VE37LYM
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.awesomehp.com/?type=hp&ts=1391241942&from=exp&uid=ST9320325AS_6VE37LYMXXXX6VE37LYM
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1391241942&from=exp&uid=ST9320325AS_6VE37LYMXXXX6VE37LYM&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1391241942&from=exp&uid=ST9320325AS_6VE37LYMXXXX6VE37LYM&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1391241942&from=exp&uid=ST9320325AS_6VE37LYMXXXX6VE37LYM
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.awesomehp.com/?type=hp&ts=1391241942&from=exp&uid=ST9320325AS_6VE37LYMXXXX6VE37LYM
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1391241942&from=exp&uid=ST9320325AS_6VE37LYMXXXX6VE37LYM&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.awesomehp.com/?type=sc&ts=1391241942&from=exp&uid=ST9320325AS_6VE37LYMXXXX6VE37LYM
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO-x32: DivX HiQ - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {0D9392CD-A784-4FCA-9342-0F75F7D7C8CB} hxxp://www.cltnet.de/login/dplaunch.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.254 195.241.77.55 195.241.77.58
Tcpip\..\Interfaces\{A7F40B81-94CA-4E7E-9FFE-708110CE67F2}: [NameServer]141.39.208.200,193.174.46.7
FireFox:
========
FF ProfilePath: C:\Users\Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\dt2cvuv9.default-1391292157526
FF Homepage: hxxp://www.gmx.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX OVS Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=1.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxmui.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icafile.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icalogon.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\sslsdk_b.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll (Citrix Systems, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\awesomehp.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-12-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-12-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2013-12-11]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2010-12-12]
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2010-12-12]
FF HKLM-x32\...\Firefox\Extensions: [lightningnewtab@gmail.com] - C:\Users\Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\fvwyzx48.default\extensions\lightningnewtab@gmail.com.xpi
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.awesomehp.com/?type=sc&ts=1391241942&from=exp&uid=ST9320325AS_6VE37LYMXXXX6VE37LYM
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\8.0.552.215\pdf.dll ()
CHR Plugin: (Google Gears 0.5.33.0) - C:\Program Files (x86)\Google\Chrome\Application\8.0.552.215\gears.dll (Google Inc.)
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\8.0.552.215\gcswf32.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll No File
CHR Plugin: (DivX OVS Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll No File
CHR Plugin: (VLC Multimedia Plug-in) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (DivX HiQ) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae [2010-12-12]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2010-12-12]
CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2010-12-08]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2010-12-08]
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] ()
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3478544 2013-11-11] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 dtpd; C:\Program Files\ShrewSoft\VPN Client\dtpd.exe [50688 2009-11-15] ()
R2 iked; C:\Program Files\ShrewSoft\VPN Client\iked.exe [948224 2009-11-15] ()
R2 ipsecd; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [690688 2009-11-15] ()
R2 O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2287360 2009-09-12] (O&O Software GmbH)
R2 Prosieben; C:\Program Files (x86)\MaxDome\DCBin\DCService.exe [77032 2009-05-01] (Entriq, Inc.)
==================== Drivers (Whitelisted) ====================
R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-05] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [240920 2013-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [194872 2013-10-24] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-09] (Avira Operations GmbH & Co. KG)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-06] ()
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-02 11:01 - 2014-02-02 11:02 - 00025021 _____ () C:\Users\Katharina\Downloads\FRST.txt
2014-02-02 11:01 - 2014-02-02 11:01 - 00000000 ____D () C:\FRST
2014-02-02 10:52 - 2014-02-02 10:52 - 02080256 _____ (Farbar) C:\Users\Katharina\Downloads\FRST64.exe
2014-02-02 10:51 - 2014-02-02 10:52 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-02 10:51 - 2014-02-02 10:51 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-02 10:51 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-02 10:13 - 2014-02-02 10:13 - 00001121 _____ () C:\Users\Katharina\Desktop\JRT.txt
2014-02-02 10:01 - 2014-02-02 10:01 - 00000000 ____D () C:\Windows\ERUNT
2014-02-02 09:59 - 2014-02-02 09:59 - 01037068 _____ (Thisisu) C:\Users\Katharina\Downloads\JRT.exe
2014-02-02 09:42 - 2014-02-02 09:49 - 00000000 ____D () C:\AdwCleaner
2014-02-02 09:41 - 2014-02-02 09:41 - 01166132 _____ () C:\Users\Katharina\Downloads\adwcleaner.exe
2014-02-01 23:02 - 2014-02-01 23:02 - 00000000 ____D () C:\Users\Katharina\Desktop\Alte Firefox-Daten
2014-02-01 19:44 - 2014-02-01 19:44 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Avira
2014-02-01 19:38 - 2014-02-01 19:38 - 00002070 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-02-01 19:37 - 2014-02-01 19:37 - 00000000 ____D () C:\ProgramData\Avira
2014-02-01 19:37 - 2014-02-01 19:37 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-02-01 19:37 - 2013-12-09 11:37 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-02-01 19:37 - 2013-12-09 11:37 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-02-01 19:37 - 2013-12-09 11:37 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-02-01 19:37 - 2013-12-09 11:37 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-02-01 19:35 - 2014-02-01 19:35 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Katharina\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-01 19:32 - 2014-02-01 19:35 - 129598176 _____ () C:\Users\Katharina\Downloads\avira_free344_antivirus_de.exe
2014-02-01 09:06 - 2014-02-01 20:35 - 00000000 ____D () C:\ProgramData\IePluginService
2014-02-01 09:06 - 2014-02-01 20:32 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-02-01 09:06 - 2014-02-01 20:28 - 00000000 ____D () C:\ProgramData\WPM
2014-01-30 18:45 - 2014-01-30 18:45 - 00000000 ____D () C:\Users\Katharina\Desktop\Beerdigung Opa Kalli
2014-01-30 17:10 - 2014-01-30 18:19 - 209715200 _____ () C:\Users\Katharina\Downloads\clsz.part2.rar
2014-01-29 17:20 - 2014-01-29 18:30 - 209715200 _____ () C:\Users\Katharina\Downloads\clsz.part1.rar
2014-01-29 17:16 - 2013-05-05 13:45 - 00000000 ____D () C:\Users\Katharina\Downloads\Jojo_Moyes-The_last_Letter_from_your_ Lover(English)
2014-01-29 17:15 - 2014-01-23 19:06 - 00000000 ____D () C:\Users\Katharina\Downloads\Brigitte Riebe - Die geheime Braut (ungekürzt)
2014-01-27 21:25 - 2014-01-27 22:11 - 141526392 _____ () C:\Users\Katharina\Downloads\BRDgB.part3.rar
2014-01-27 17:37 - 2014-01-27 18:45 - 209715200 _____ () C:\Users\Katharina\Downloads\BRDgB.part2.rar
2014-01-27 14:50 - 2013-12-25 21:09 - 00000000 ____D () C:\Users\Katharina\Downloads\Murakami, Haruki - 19 eBooks
2014-01-27 14:04 - 2014-01-27 14:20 - 44809036 _____ () C:\Users\Katharina\Downloads\251220132109.rar
2014-01-27 13:40 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-27 13:40 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-27 13:39 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-27 13:39 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-27 13:39 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-27 13:39 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-27 13:39 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-27 13:39 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-27 13:39 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-27 13:26 - 2014-01-27 14:34 - 209715200 _____ () C:\Users\Katharina\Downloads\BRDgB.part1.rar
2014-01-14 13:57 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-01-14 13:57 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-01-14 13:57 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-01-14 13:57 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-01-14 13:57 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-01-14 13:57 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-01-14 13:57 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-01-14 13:57 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-01-14 13:57 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-01-14 13:57 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-01-14 13:57 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-01-14 13:57 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-01-14 13:57 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-01-14 13:57 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-01-14 13:57 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-01-14 13:57 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-01-14 13:57 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-01-14 13:57 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-01-14 13:57 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-01-14 13:57 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-01-14 13:57 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-01-14 13:57 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-01-14 13:57 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-01-14 13:57 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-01-14 13:57 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-01-14 13:57 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-01-14 13:57 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-01-14 13:57 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-01-14 13:57 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-01-14 13:57 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-01-14 13:57 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-01-11 20:30 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-01-11 20:25 - 2014-01-11 20:25 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-01-11 20:25 - 2014-01-11 20:25 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-01-11 20:25 - 2014-01-11 20:25 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-01-11 20:25 - 2014-01-11 20:25 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-01-11 20:25 - 2014-01-11 20:25 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-01-11 20:25 - 2014-01-11 20:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-01-11 20:25 - 2014-01-11 20:25 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-01-11 20:24 - 2014-01-11 20:24 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-01-11 20:24 - 2014-01-11 20:24 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-01-11 20:24 - 2014-01-11 20:24 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-01-11 20:24 - 2014-01-11 20:24 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-01-11 20:24 - 2014-01-11 20:24 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-01-11 20:24 - 2014-01-11 20:24 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-01-11 20:24 - 2014-01-11 20:24 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-01-11 20:24 - 2014-01-11 20:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-01-11 20:24 - 2014-01-11 20:24 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-01-11 20:24 - 2014-01-11 20:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-01-11 20:24 - 2014-01-11 20:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-01-11 20:24 - 2014-01-11 20:24 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-01-11 20:24 - 2014-01-11 20:24 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-01-11 20:24 - 2014-01-11 20:24 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-01-11 20:24 - 2014-01-11 20:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-01-11 20:24 - 2014-01-11 20:24 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-01-11 20:24 - 2014-01-11 20:24 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-01-11 20:24 - 2014-01-11 20:24 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-01-09 20:49 - 2014-01-09 20:49 - 01035926 _____ () C:\Users\Katharina\Downloads\MozBackup-1.5.1-EN.exe
2014-01-09 20:49 - 2014-01-09 20:49 - 00000000 ____D () C:\Program Files (x86)\MozBackup
2014-01-07 18:25 - 2014-01-07 21:17 - 526385152 _____ () C:\Users\Katharina\Downloads\aehad.part2.rar
2014-01-07 12:57 - 2014-01-07 15:49 - 526385152 _____ () C:\Users\Katharina\Downloads\aehad.part1.rar
==================== One Month Modified Files and Folders =======
2014-02-02 11:02 - 2014-02-02 11:01 - 00025021 _____ () C:\Users\Katharina\Downloads\FRST.txt
2014-02-02 11:01 - 2014-02-02 11:01 - 00000000 ____D () C:\FRST
2014-02-02 10:53 - 2010-03-13 03:38 - 01882069 _____ () C:\Windows\WindowsUpdate.log
2014-02-02 10:52 - 2014-02-02 10:52 - 02080256 _____ (Farbar) C:\Users\Katharina\Downloads\FRST64.exe
2014-02-02 10:52 - 2014-02-02 10:51 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-02 10:51 - 2014-02-02 10:51 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-02 10:51 - 2009-07-14 05:45 - 00015152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-02 10:51 - 2009-07-14 05:45 - 00015152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-02 10:42 - 2010-03-14 10:13 - 02059556 _____ () C:\Windows\system32\oodbs.lor
2014-02-02 10:42 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-02 10:42 - 2009-07-14 05:51 - 00192114 _____ () C:\Windows\setupact.log
2014-02-02 10:30 - 2012-06-20 21:12 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-02 10:13 - 2014-02-02 10:13 - 00001121 _____ () C:\Users\Katharina\Desktop\JRT.txt
2014-02-02 10:01 - 2014-02-02 10:01 - 00000000 ____D () C:\Windows\ERUNT
2014-02-02 09:59 - 2014-02-02 09:59 - 01037068 _____ (Thisisu) C:\Users\Katharina\Downloads\JRT.exe
2014-02-02 09:49 - 2014-02-02 09:42 - 00000000 ____D () C:\AdwCleaner
2014-02-02 09:41 - 2014-02-02 09:41 - 01166132 _____ () C:\Users\Katharina\Downloads\adwcleaner.exe
2014-02-02 09:30 - 2011-07-13 19:59 - 00000000 ____D () C:\ProgramData\MFAData
2014-02-02 09:23 - 2010-03-14 10:13 - 00762062 _____ () C:\Windows\PFRO.log
2014-02-01 23:02 - 2014-02-01 23:02 - 00000000 ____D () C:\Users\Katharina\Desktop\Alte Firefox-Daten
2014-02-01 20:35 - 2014-02-01 09:06 - 00000000 ____D () C:\ProgramData\IePluginService
2014-02-01 20:32 - 2014-02-01 09:06 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-02-01 20:28 - 2014-02-01 09:06 - 00000000 ____D () C:\ProgramData\WPM
2014-02-01 19:44 - 2014-02-01 19:44 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Avira
2014-02-01 19:38 - 2014-02-01 19:38 - 00002070 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-02-01 19:37 - 2014-02-01 19:37 - 00000000 ____D () C:\ProgramData\Avira
2014-02-01 19:37 - 2014-02-01 19:37 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-02-01 19:35 - 2014-02-01 19:35 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Katharina\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-01 19:35 - 2014-02-01 19:32 - 129598176 _____ () C:\Users\Katharina\Downloads\avira_free344_antivirus_de.exe
2014-02-01 18:46 - 2010-03-20 11:31 - 00001473 _____ () C:\Windows\system32\ServiceFilter.ini
2014-02-01 12:04 - 2010-03-13 04:02 - 00000000 ___RD () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-01 09:05 - 2010-03-13 04:02 - 00001625 _____ () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-30 18:48 - 2013-10-06 13:53 - 00000000 ____D () C:\Users\Katharina\Desktop\Maastricht International Business
2014-01-30 18:48 - 2009-07-14 18:58 - 00654400 _____ () C:\Windows\system32\perfh007.dat
2014-01-30 18:48 - 2009-07-14 18:58 - 00130240 _____ () C:\Windows\system32\perfc007.dat
2014-01-30 18:48 - 2009-07-14 06:13 - 01498742 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-01-30 18:45 - 2014-01-30 18:45 - 00000000 ____D () C:\Users\Katharina\Desktop\Beerdigung Opa Kalli
2014-01-30 18:19 - 2014-01-30 17:10 - 209715200 _____ () C:\Users\Katharina\Downloads\clsz.part2.rar
2014-01-29 18:30 - 2014-01-29 17:20 - 209715200 _____ () C:\Users\Katharina\Downloads\clsz.part1.rar
2014-01-28 11:49 - 2009-07-14 05:45 - 02386808 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-27 22:42 - 2013-08-15 16:51 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-27 22:40 - 2010-03-20 11:42 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-27 22:11 - 2014-01-27 21:25 - 141526392 _____ () C:\Users\Katharina\Downloads\BRDgB.part3.rar
2014-01-27 18:45 - 2014-01-27 17:37 - 209715200 _____ () C:\Users\Katharina\Downloads\BRDgB.part2.rar
2014-01-27 14:44 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-01-27 14:34 - 2014-01-27 13:26 - 209715200 _____ () C:\Users\Katharina\Downloads\BRDgB.part1.rar
2014-01-27 14:20 - 2014-01-27 14:04 - 44809036 _____ () C:\Users\Katharina\Downloads\251220132109.rar
2014-01-23 19:06 - 2014-01-29 17:15 - 00000000 ____D () C:\Users\Katharina\Downloads\Brigitte Riebe - Die geheime Braut (ungekürzt)
2014-01-14 13:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-01-11 20:31 - 2013-11-12 18:31 - 00111585 _____ () C:\Windows\IE11_main.log
2014-01-11 20:25 - 2014-01-11 20:25 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-01-11 20:25 - 2014-01-11 20:25 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-01-11 20:25 - 2014-01-11 20:25 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-01-11 20:25 - 2014-01-11 20:25 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-01-11 20:25 - 2014-01-11 20:25 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-01-11 20:25 - 2014-01-11 20:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-01-11 20:25 - 2014-01-11 20:25 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-01-11 20:24 - 2014-01-11 20:24 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-01-11 20:24 - 2014-01-11 20:24 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-01-11 20:24 - 2014-01-11 20:24 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-01-11 20:24 - 2014-01-11 20:24 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-01-11 20:24 - 2014-01-11 20:24 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-01-11 20:24 - 2014-01-11 20:24 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-01-11 20:24 - 2014-01-11 20:24 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-01-11 20:24 - 2014-01-11 20:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-01-11 20:24 - 2014-01-11 20:24 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-01-11 20:24 - 2014-01-11 20:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-01-11 20:24 - 2014-01-11 20:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-01-11 20:24 - 2014-01-11 20:24 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-01-11 20:24 - 2014-01-11 20:24 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-01-11 20:24 - 2014-01-11 20:24 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-01-11 20:24 - 2014-01-11 20:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-01-11 20:24 - 2014-01-11 20:24 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-01-11 20:24 - 2014-01-11 20:24 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-01-11 20:24 - 2014-01-11 20:24 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-01-11 20:24 - 2014-01-11 20:24 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-01-09 20:49 - 2014-01-09 20:49 - 01035926 _____ () C:\Users\Katharina\Downloads\MozBackup-1.5.1-EN.exe
2014-01-09 20:49 - 2014-01-09 20:49 - 00000000 ____D () C:\Program Files (x86)\MozBackup
2014-01-07 21:17 - 2014-01-07 18:25 - 526385152 _____ () C:\Users\Katharina\Downloads\aehad.part2.rar
2014-01-07 15:49 - 2014-01-07 12:57 - 526385152 _____ () C:\Users\Katharina\Downloads\aehad.part1.rar
Files to move or delete:
====================
C:\ProgramData\aspg.dat
Some content of TEMP:
====================
C:\Users\Katharina\AppData\Local\Temp\APNStub.exe
C:\Users\Katharina\AppData\Local\Temp\AskSLib.dll
C:\Users\Katharina\AppData\Local\Temp\avgnt.exe
C:\Users\Katharina\AppData\Local\Temp\economics_of_strategy_5th_besanko_download.zip_Downloader.exe
C:\Users\Katharina\AppData\Local\Temp\FileSystemView.dll
C:\Users\Katharina\AppData\Local\Temp\gcapi_dll.dll
C:\Users\Katharina\AppData\Local\Temp\gdapi.dll
C:\Users\Katharina\AppData\Local\Temp\GoogleSetup.exe
C:\Users\Katharina\AppData\Local\Temp\gtapi_signed.dll
C:\Users\Katharina\AppData\Local\Temp\GTGCAPI.exe
C:\Users\Katharina\AppData\Local\Temp\htmlayout.dll
C:\Users\Katharina\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Katharina\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Katharina\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Katharina\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Katharina\AppData\Local\Temp\msvcr90.dll
C:\Users\Katharina\AppData\Local\Temp\Offercast_AVIRAV7_.exe
C:\Users\Katharina\AppData\Local\Temp\pdf24-creator-update.exe
C:\Users\Katharina\AppData\Local\Temp\Quarantine.exe
C:\Users\Katharina\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Katharina\AppData\Local\Temp\toolbar588685.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-29 14:10
==================== End Of Log ============================
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2014 04
Ran by Katharina at 2014-02-02 11:04:04
Running from C:\Users\Katharina\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
==================== Installed Programs ======================
Adobe AIR (x32 Version: 2.6.0.19140 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.6.0.19140 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Asset Services CS3 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS3 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Bridge Start Meeting (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Camera Raw 4.0 (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color Common Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Recommended Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit 2 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 ActiveX (x32 Version: 10.0.45.2 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168 - Adobe Systems Incorporated)
Adobe Fonts All (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Help Viewer CS3 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS3 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS3 (x32 Version: 10 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS3 (x32 Version: 10.0 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 - Deutsch (x32 Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Setup (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Stock Photos CS3 (x32 Version: 1.5 - Adobe Systems Incorporated) Hidden
Adobe Type Support (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS3 (x32 Version: 5.1.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Client (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Alcor Micro USB Card Reader (x32 Version: 1.5.17.25482 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.5.17.25482 - Alcor Micro Corp.) Hidden
Apple Application Support (x32 Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
ASUS Virtual Camera (x32 Version: 1.0.19 - asus)
ATK Generic Function Service (x32 Version: 1.00.0008 - ATK)
ATK Hotkey (x32 Version: 1.0.0052 - ASUS)
ATK Media (x32 Version: 2.0.0006 - ASUS)
ATKOSD2 (x32 Version: 7.0.0006 - ASUS)
AVG 2014 (Version: 14.0.3684 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4259 - AVG Technologies) Hidden
AVG 2014 (Version: 2014.0.4259 - AVG Technologies)
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Bullzip PDF Printer 7.1.0.1159 (Version: - Bullzip)
Cisco AnyConnect VPN Client (x32 Version: 2.5.6005 - Cisco Systems, Inc.)
Cisco Systems VPN Client 5.0.07.0290 (Version: 5.0.7 - Cisco Systems, Inc.)
Citrix Receiver (DV) (x32 Version: 13.0.0.6684 - Citrix Systems, Inc.) Hidden
Citrix Receiver (HDX Flash-Umleitung) (x32 Version: 13.0.0.6684 - Citrix Systems, Inc.) Hidden
Citrix Receiver (USB) (x32 Version: 13.0.0.6684 - Citrix Systems, Inc.) Hidden
Citrix Receiver (x32 Version: 13.0.0.6684 - Citrix Systems, Inc.)
Citrix Receiver Inside (x32 Version: 3.0.0.56418 - Citrix Systems, Inc.) Hidden
Citrix Receiver(Aero) (x32 Version: 13.0.0.6684 - Citrix Systems, Inc.) Hidden
DivX Converter (x32 Version: 7.1.0 - DivX, Inc.)
DivX-Setup (x32 Version: 2.2.0.24 - DivX, LLC)
Dropbox (HKCU Version: 1.2.51 - Dropbox, Inc.)
ETDWare PS/2-x64 7.0.5.7_WHQL (Version: - )
Fast Boot (Version: 1.0.5 - ASUS)
Intel(R) Graphics Media Accelerator Driver (Version: 8.15.10.2202 - Intel Corporation)
iTunes (Version: 11.1.0.126 - Apple Inc.)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader (x32 Version: 0.89 - AppWork UG (haftungsbeschränkt))
Kyocera Product Library (Version: 2.0.0713 - Kyocera Mita Corporation)
Lyrics Plugin for Winamp (x32 Version: 0.4 - Lyrics Plugin) <==== ATTENTION
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
maxdome Download Manager 4.1.300.78 (x32 Version: 4.1.30078 - Prosieben)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2007 - German/Deutsch (x32 Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office O MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office X MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Silverlight (x32 Version: 4.0.60831.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
MozBackup 1.5.1 (x32 Version: - Pavel Cvrcek)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
O&O Defrag Professional (Version: 12.0.197 - O&O Software GmbH)
ODF Add-In für Microsoft Office (x32 Version: 3.0.5254.0 - OpenXML/ODF Translator Team)
Online Plug-in (x32 Version: 13.0.0.6684 - Citrix Systems, Inc.) Hidden
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 5.5.0 (x32 Version: - PDF24.org)
PDFCreator (x32 Version: 1.6.2 - pdfforge)
PhotoScape (x32 Version: - )
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
Shrew Soft VPN Client (Version: - )
Skype Click to Call (x32 Version: 5.6.8442 - Skype Technologies S.A.)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.3010.1 - TuneUp Software) Hidden
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
USB 2.0 1.3M UVC WebCam (Version: - )
VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden
VIA Plattform-Geräte-Manager (x32 Version: 1.34 - VIA Technologies, Inc.)
Visual Studio 2008 x64 Redistributables (x32 Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (x32 Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 1.0.5 (x32 Version: 1.0.5 - VideoLAN Team)
Winamp (x32 Version: 5.572 - Nullsoft, Inc)
WinRAR (Version: - )
==================== Restore Points =========================
27-01-2014 21:39:37 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {6CAD7CA2-C1C0-46E2-8F3F-6A22788521A7} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {839436BB-E863-4538-B4CE-DB62622EDF0E} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {8D5C4C8C-7345-488A-97B9-8D90DDF37DF7} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: {9FCA4423-8D23-49E2-97B2-94BBBD246A09} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {A6AB55DC-5D63-4D52-A755-18E0D42AF530} - System32\Tasks\Your File Updater => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe <==== ATTENTION
Task: {B1F12BBC-F4E2-48D5-AF10-C74D527F49B1} - System32\Tasks\Divx-Online-Aktualisierungsprogramm => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2010-12-08] ()
Task: {C0DF0E59-4547-435A-B8CD-242CB4FC7098} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-11] (Adobe Systems Incorporated)
Task: {C1B549C9-F6E4-4309-8C08-AA995C8E0634} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E31267C1-CFDC-477D-979D-CA8A505085A3} - System32\Tasks\{0820F591-966F-40C1-B5D8-B4F17EDE0ABE} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {FB6D4C0C-44EC-4209-A8CC-C0740F526BDA} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2014-02-01 19:37 - 2013-12-09 11:37 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2012-08-27 20:33 - 2012-08-27 20:33 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-08-27 20:33 - 2012-08-27 20:33 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-03-23 13:26 - 2010-03-23 13:26 - 00201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2009-05-01 16:58 - 2009-05-01 16:58 - 01057512 _____ () C:\Program Files (x86)\MaxDome\DCBin\PocoFoundation.dll
2009-05-01 16:58 - 2009-05-01 16:58 - 00627944 _____ () C:\Program Files (x86)\MaxDome\DCBin\PocoNet.dll
2009-05-01 16:58 - 2009-05-01 16:58 - 00514352 _____ () C:\Program Files (x86)\MaxDome\DCBin\sqlite3.dll
2009-05-01 16:58 - 2009-05-01 16:58 - 00517352 _____ () C:\Program Files (x86)\MaxDome\DCBin\PocoXML.dll
2013-12-11 13:11 - 2013-12-11 13:12 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-02-01 19:37 - 2013-12-09 11:37 - 00394808 _____ () c:\program files (x86)\avira\antivir desktop\sqlite3.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Shrew Soft Virtual Adapter
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
Error: (10/01/2013 09:18:44 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 31 seconds with 0 seconds of active time. This session ended with a crash.
Error: (10/01/2013 09:17:34 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 60 seconds with 0 seconds of active time. This session ended with a crash.
Error: (09/26/2013 10:53:09 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 8561 seconds with 4380 seconds of active time. This session ended with a crash.
Error: (02/20/2012 05:05:22 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2206 seconds with 1380 seconds of active time. This session ended with a crash.
Error: (02/20/2012 04:28:16 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 282 seconds with 240 seconds of active time. This session ended with a crash.
Error: (02/20/2012 04:23:12 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 106 seconds with 60 seconds of active time. This session ended with a crash.
Error: (02/20/2012 04:21:04 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 574 seconds with 540 seconds of active time. This session ended with a crash.
Error: (02/20/2012 04:11:00 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 14676 seconds with 6840 seconds of active time. This session ended with a crash.
Error: (02/18/2012 05:33:40 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 3970 seconds with 3840 seconds of active time. This session ended with a crash.
Error: (02/18/2012 04:12:19 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 10366 seconds with 8400 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2013-04-08 12:30:34.816
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-08 12:30:34.426
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-10-20 22:24:58.396
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\Temp\TMP0000006CB21ECB912651FE62" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2011-10-20 22:24:58.283
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\Temp\TMP0000006CB21ECB912651FE62" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2011-10-20 22:24:58.136
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\Temp\TMP0000006CB21ECB912651FE62" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2011-08-11 21:39:16.351
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\wow64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2010-11-10 09:46:57.739
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\drivers\CVPNDRVA.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2010-11-10 09:46:57.552
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\drivers\CVPNDRVA.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2010-11-10 09:46:34.651
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\drivers\CVPNDRVA.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2010-11-10 09:46:34.635
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\drivers\CVPNDRVA.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 68%
Total physical RAM: 2013.09 MB
Available physical RAM: 624.71 MB
Total Pagefile: 4026.17 MB
Available Pagefile: 1895.3 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:146.39 GB) (Free:22.55 GB) NTFS
Drive e: (Backup) (Fixed) (Total:151.6 GB) (Free:112.1 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 516D077A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=146 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=152 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Hier das JRT File Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Professional x64
Ran by Katharina on 02.02.2014 at 10:01:41,26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\caphyon
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C6DD655C-5BE2-476D-BCC8-02A03ADA11B2}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\Program Files (x86)\re-markit"
~~~ FireFox
Emptied folder: C:\Users\Katharina\AppData\Roaming\mozilla\firefox\profiles\dt2cvuv9.default-1391292157526\minidumps [1 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.02.2014 at 10:13:50,42
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
und MalwareBytes Code:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Datenbank Version: v2014.02.01.06
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Katharina :: KATHARINA-PC [Administrator]
01.02.2014 20:15:30
mbam-log-2014-02-01 (20-15-30).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 446872
Laufzeit: 3 Stunde(n), 4 Minute(n), 47 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 8
HKCR\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Optional.SoftwareUpdater) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Optional.SoftwareUpdater) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Optional.SoftwareUpdater) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Optional.SoftwareUpdater) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Updater.AmiUpd.1 (PUP.Optional.SoftwareUpdater) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Updater.AmiUpd (PUP.Optional.SoftwareUpdater) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} (PUP.Optional.Qone8) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} (PUP.Optional.Qone8) -> Erfolgreich gelöscht und in Quarantäne gestellt.
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 1
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|DefaultScope (PUP.Optional.Qone8) -> Bösartig: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}) Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}) -> Erfolgreich ersetzt und in Quarantäne gestellt.
Infizierte Verzeichnisse: 3
C:\Users\Katharina\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Katharina\AppData\Roaming\OpenCandy\8CC0D38561814CD797732959A9675335 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Katharina\AppData\Roaming\OpenCandy\DE6E0439C3C44BF7AEB9D353DE95A855 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
Infizierte Dateien: 10
C:\Users\Katharina\AppData\Local\SwvUpdater\Updater.exe (PUP.Optional.SoftwareUpdater) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Katharina\AppData\Local\Temp\awhFC39.tmp (PUP.Optional.Amonetize.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Katharina\AppData\Local\Temp\toolbar588638.exe (PUP.Optional.Amonetize) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Katharina\AppData\Local\Temp\fullpackage_temp1391241919\package1.zip (PUP.Optional.SkyTech.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Katharina\AppData\Local\Temp\fullpackage_temp1391241919\QQBrowserFrame.dll (PUP.Optional.SkyTech.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Katharina\AppData\Roaming\OpenCandy\8CC0D38561814CD797732959A9675335\TuneUpUtilities2013-2200218_de-DE.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Katharina\AppData\Roaming\OpenCandy\DE6E0439C3C44BF7AEB9D353DE95A855\3708.ico (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Katharina\AppData\Roaming\OpenCandy\DE6E0439C3C44BF7AEB9D353DE95A855\EBB77268-338F-4C6A-8590-AD88FED26F4A (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Katharina\AppData\Roaming\OpenCandy\DE6E0439C3C44BF7AEB9D353DE95A855\OCBrowserHelper_1.0.5.112.dll (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Katharina\AppData\Roaming\OpenCandy\DE6E0439C3C44BF7AEB9D353DE95A855\RAWinstaller.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
(Ende)
Code:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Datenbank Version: v2014.02.02.02
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Katharina :: KATHARINA-PC [limitiert]
02.02.2014 10:53:36
mbam-log-2014-02-02 (10-53-36).txt
Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 209355
Laufzeit: 13 Minute(n), 31 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 1
C:\$Recycle.Bin\S-1-5-21-2353478044-1001011505-2298194141-1000\$RCQU4GD.exe (PUP.Optional.Bandoo.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
(Ende)
Ich hoffe, dass mir jemand helfen kann. Mein Firefox ist sehr langsam, hängt sich oft auf etc.
Danke schonmal im Voraus :) |
AdwCleaner auf deinen Desktop.