Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Probleme mit LyricsContainer im Firefox auf dem BS Win8

Probleme mit LyricsContainer im Firefox auf dem BS Win8


Log-Analyse und Auswertung: Probleme mit LyricsContainer im Firefox auf dem BS Win8

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 28.08.2013, 20:20   #1
Vanesy
 
Probleme mit LyricsContainer im Firefox auf dem BS Win8 - Standard

Probleme mit LyricsContainer im Firefox auf dem BS Win8


Hallo Ryder,

sorry nochmal fürs verspätete antworten, aber bei mir geht es derzeit im privaten drunter und drüber.

Hier die gewünschten Log-Dateien

ADWCleaner

Code:
ATTFilter
# AdwCleaner v3.000 - Report created 21/08/2013 at 22:24:06
# Updated 20/08/2013 by Xplode
# Operating System : Windows 8  (64 bits)
# Username : Monja - MONJA
# Running from : C:\Users\Monja\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : APNMCP

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\APN
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
Folder Deleted : C:\Program Files (x86)\LyricsContainer
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Users\Monja\AppData\Local\AskPartnerNetwork
Folder Deleted : C:\Users\Monja\AppData\Local\Temp\APN
Folder Deleted : C:\Users\Monja\AppData\LocalLow\delta
Folder Deleted : C:\Users\Monja\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Monja\AppData\Roaming\Systweak
File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Monja\AppData\Roaming\Mozilla\Firefox\Profiles\vx7ur3jd.default\user.js
File Deleted : C:\Windows\Tasks\LyricsContainer Update.job

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\abfmigjiaapipflmopkaaooigcjjdojh
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Key Deleted : HKLM\SOFTWARE\e53db8ce13fb948
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\DataMngr
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\delta LTD
Key Deleted : HKCU\Software\Delta
Key Deleted : HKCU\Software\Iminent
Key Deleted : HKCU\Software\AppDataLow\Software\LyricsContainer
Key Deleted : HKLM\Software\AskPartnerNetwork
Key Deleted : HKLM\Software\BabylonToolbar
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Delta
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Lyrics@LyricsContainer.co
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v23.0.1 (de)

[ File : C:\Users\Monja\AppData\Roaming\Mozilla\Firefox\Profiles\vx7ur3jd.default\prefs.js ]

Line Deleted : user_pref("extensions.delta.admin", false);
Line Deleted : user_pref("extensions.delta.aflt", "babsst");
Line Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Line Deleted : user_pref("extensions.delta.autoRvrt", "false");
Line Deleted : user_pref("extensions.delta.bbDpng", "17");
Line Deleted : user_pref("extensions.delta.cntry", "DE");
Line Deleted : user_pref("extensions.delta.dfltLng", "de");
Line Deleted : user_pref("extensions.delta.excTlbr", false);
Line Deleted : user_pref("extensions.delta.ffxUnstlRst", true);
Line Deleted : user_pref("extensions.delta.hdrMd5", "61B07786922AEDE375C73461BEE9C103");
Line Deleted : user_pref("extensions.delta.id", "ee5ee3e90000000000007427ea2e30e5");
Line Deleted : user_pref("extensions.delta.instlDay", "15934");
Line Deleted : user_pref("extensions.delta.instlRef", "sst");
Line Deleted : user_pref("extensions.delta.lastVrsnTs", "1.8.24.517:40:06");
Line Deleted : user_pref("extensions.delta.newTab", false);
Line Deleted : user_pref("extensions.delta.prdct", "delta");
Line Deleted : user_pref("extensions.delta.prtnrId", "delta");
Line Deleted : user_pref("extensions.delta.rvrt", "false");
Line Deleted : user_pref("extensions.delta.sg", "azb");
Line Deleted : user_pref("extensions.delta.smplGrp", "none");
Line Deleted : user_pref("extensions.delta.tlbrId", "base");
Line Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");
Line Deleted : user_pref("extensions.delta.vrsn", "1.8.24.5");
Line Deleted : user_pref("extensions.delta.vrsnTs", "1.8.24.517:40:06");
Line Deleted : user_pref("extensions.delta.vrsni", "1.8.24.5");
Line Deleted : user_pref("extensions.delta_i.babExt", "");
Line Deleted : user_pref("extensions.delta_i.babTrack", "affID=119557&tsp=4977");
Line Deleted : user_pref("extensions.delta_i.srcExt", "ss");
Line Deleted : user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\exte[...]

*************************

AdwCleaner[R0].txt - [10425 octets] - [21/08/2013 22:16:12]
AdwCleaner[S0].txt - [9985 octets] - [21/08/2013 22:24:06]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10045 octets] ##########
JRT

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.4 (08.22.2013:1)
OS: Windows 8 x64
Ran by Monja on 23.08.2013 at 17:19:52,89
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{77e880b5-cae7-4928-8507-ec2e5007e73e}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{77e880b5-cae7-4928-8507-ec2e5007e73e}



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted: [File] C:\Users\Monja\AppData\Roaming\mozilla\firefox\profiles\vx7ur3jd.default\invalidprefs.js
Successfully deleted: [File] C:\Users\Monja\AppData\Roaming\mozilla\firefox\profiles\vx7ur3jd.default\extensions\toolbar_avira-v7@apn.ask.com.xpi
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions\\lyrics@lyricscontainer.co
Successfully deleted the following from C:\Users\Monja\AppData\Roaming\mozilla\firefox\profiles\vx7ur3jd.default\prefs.js

user_pref("iminent.ShowThankyouPixel", "0");
user_pref("iminent.displayFavLinks", "0");
user_pref("iminent.registerToolbarEvent102", "1376754483683");
user_pref("iminent.registerToolbarEvent109", "1376754840275");
user_pref("iminent.registerToolbarEvent111", "1376754840289");
user_pref("iminent.registerToolbarEvent112", "1376754840459");
user_pref("iminent.registerToolbarEvent122", "1376754840302");
user_pref("iminent.version", "7.33.3.1");
user_pref("iminent.versioning", "{\"CurrentVersion\":\"7.33.3.1\",\"InstallEventCTime\":1376754466868,\"InstallEvent\":\"True\"}");
Emptied folder: C:\Users\Monja\AppData\Roaming\mozilla\firefox\profiles\vx7ur3jd.default\minidumps [13 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 23.08.2013 at 17:25:04,70
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-08-2013
Ran by Monja (administrator) on 25-08-2013 19:56:48
Running from C:\Users\Monja\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-07-18] (Avira Operations GmbH & Co. KG)
HKU\Default\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845392 2012-08-13] (Acer Incorporated)
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL [21864 2012-07-25] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\progra~2\nvidia~1\3dvisi~1\nvstinit.dll [20328 2012-07-25] (NVIDIA Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKLM - DefaultScope {4EDD4AEF-E2F7-465F-9F11-B23C67FCB6D1} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {4EDD4AEF-E2F7-465F-9F11-B23C67FCB6D1} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {4EDD4AEF-E2F7-465F-9F11-B23C67FCB6D1} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - DefaultScope {4EDD4AEF-E2F7-465F-9F11-B23C67FCB6D1} URL = 
SearchScopes: HKCU - {4EDD4AEF-E2F7-465F-9F11-B23C67FCB6D1} URL = 
BHO-x32: Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" No File
BHO-x32: LyricsContainer - {77e880b5-cae7-4928-8507-ec2e5007e73e} - C:\Program Files (x86)\LyricsContainer\128.dll No File
Toolbar: HKLM-x32 - Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" No File
Toolbar: HKCU - No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Monja\AppData\Roaming\Mozilla\Firefox\Profiles\vx7ur3jd.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Extension: No Name - C:\Users\Monja\AppData\Roaming\Mozilla\Firefox\Profiles\vx7ur3jd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] C:\Program Files\McAfee\MSK

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-07-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [811064 2013-07-18] (Avira Operations GmbH & Co. KG)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2449552 2012-10-09] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-23] (Acer Incorporated)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-07-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130016 2013-07-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-02-26] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [83672 2013-07-18] (Avira Operations GmbH & Co. KG)
R3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-23 18:59 - 2013-08-23 18:59 - 01576474 _____ (Farbar) C:\Users\Monja\Desktop\FRST64.exe
2013-08-23 17:25 - 2013-08-23 17:25 - 00002107 _____ C:\Users\Monja\Desktop\JRT.txt
2013-08-23 17:19 - 2013-08-23 17:19 - 01021434 _____ (Thisisu) C:\Users\Monja\Downloads\JRT(2).exe
2013-08-23 17:07 - 2013-08-23 17:07 - 01021434 _____ (Thisisu) C:\Users\Monja\Downloads\JRT(1).exe
2013-08-23 17:03 - 2013-08-23 17:03 - 00000000 ____D C:\Windows\ERUNT
2013-08-23 17:02 - 2013-08-23 17:02 - 01021434 _____ (Thisisu) C:\Users\Monja\Downloads\JRT.exe
2013-08-21 22:28 - 2013-08-21 22:28 - 00010126 _____ C:\Users\Monja\Desktop\AdwCleaner[S0].txt
2013-08-21 22:13 - 2013-08-21 22:24 - 00000000 ____D C:\AdwCleaner
2013-08-21 22:12 - 2013-08-21 22:12 - 00975858 _____ C:\Users\Monja\Downloads\adwcleaner.exe
2013-08-21 22:02 - 2013-08-21 22:02 - 00000085 _____ C:\Windows\wininit.ini
2013-08-21 20:49 - 2013-08-21 20:49 - 00000000 ____D C:\Users\Monja\Desktop\Trojaner-Board
2013-08-21 19:52 - 2013-08-21 19:52 - 00000000 ____D C:\FRST
2013-08-21 18:27 - 2013-08-21 18:27 - 00001117 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-21 18:27 - 2013-08-21 18:27 - 00000000 ____D C:\Users\Monja\AppData\Roaming\Malwarebytes
2013-08-21 18:27 - 2013-08-21 18:27 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-21 18:27 - 2013-08-21 18:27 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-21 18:27 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-21 18:26 - 2013-08-21 18:26 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Monja\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-17 21:21 - 2013-08-17 21:24 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-08-17 21:21 - 2013-08-17 21:21 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2013-08-17 18:17 - 2013-08-20 19:42 - 00000000 ____D C:\Program Files (x86)\WinRAR
2013-08-17 18:17 - 2013-08-17 18:18 - 00000000 ____D C:\Users\Monja\AppData\Roaming\WinRAR
2013-08-17 17:41 - 2013-08-17 17:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-08-17 17:40 - 2013-08-17 19:47 - 00000898 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-08-17 16:46 - 2013-08-17 17:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-15 20:00 - 2013-08-15 20:03 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 18:48 - 2013-05-24 01:02 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 18:47 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-14 18:47 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-14 18:47 - 2013-07-26 07:13 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-08-14 18:47 - 2013-07-26 07:13 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-08-14 18:47 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-14 18:47 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-14 18:47 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-14 18:47 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-14 18:47 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-14 18:47 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-14 18:47 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-14 18:47 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-14 18:47 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-14 18:47 - 2013-07-26 05:13 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-08-14 18:47 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-14 18:47 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-14 18:47 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-14 18:47 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-14 18:47 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-14 18:47 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-14 18:47 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-14 18:47 - 2013-07-26 02:54 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-08-14 18:47 - 2013-07-09 08:07 - 02233168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 18:47 - 2013-07-02 02:44 - 00036288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2013-08-14 18:47 - 2013-07-02 00:08 - 00247216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2013-08-14 18:47 - 2013-05-24 00:25 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-14 18:46 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-14 18:46 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-14 18:46 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-14 18:45 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-14 18:45 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-14 18:45 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-14 18:45 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-14 18:45 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-14 18:44 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-14 18:44 - 2013-07-13 08:18 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 18:44 - 2013-07-13 08:16 - 01889280 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 18:44 - 2013-07-13 08:16 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 18:44 - 2013-07-13 08:15 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2013-08-14 18:44 - 2013-07-13 08:15 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2013-08-14 18:44 - 2013-07-13 06:24 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-14 18:44 - 2013-07-13 06:23 - 01568256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-14 18:44 - 2013-07-13 06:23 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2013-08-14 18:44 - 2013-07-13 06:23 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2013-08-10 16:13 - 2013-08-10 16:18 - 00000000 ____D C:\Program Files (x86)\Paletti
2013-08-10 16:13 - 2011-05-24 14:24 - 00929844 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC42D.DLL
2013-08-10 16:13 - 2011-05-24 14:24 - 00827445 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCO42D.DLL
2013-08-10 16:13 - 2011-05-24 14:24 - 00434252 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVCRTD.DLL
2013-08-10 16:13 - 2011-05-24 14:24 - 00303104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVCR70.DLL
2013-08-10 16:13 - 2011-05-24 14:24 - 00094285 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVCIRTD.DLL
2013-08-10 15:59 - 2013-08-10 15:59 - 00000000 ___HD C:\Users\Public\Documents\Silag_prefs
2013-08-10 15:59 - 2013-08-10 15:59 - 00000000 ____D C:\Users\Monja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grundschule Lernspass mit Hexe Lilli
2013-08-09 17:13 - 2013-08-20 16:43 - 00000000 ____D C:\Musik Jean-Luke
2013-08-05 23:01 - 2013-08-25 12:53 - 00015312 _____ C:\Windows\SysWOW64\bufferpool.txt
2013-08-05 19:14 - 2013-08-05 19:14 - 00000000 ____D C:\Users\Monja\AppData\Roaming\Avira
2013-08-05 19:09 - 2013-08-05 19:09 - 00002074 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-08-05 19:09 - 2013-08-05 19:09 - 00000000 ____D C:\ProgramData\Avira
2013-08-05 19:09 - 2013-08-05 19:09 - 00000000 ____D C:\Program Files (x86)\Avira
2013-08-05 19:09 - 2013-07-18 08:02 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-08-05 19:09 - 2013-07-18 08:02 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-08-05 19:09 - 2013-07-18 08:02 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-08-05 19:09 - 2013-02-26 16:56 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-08-05 18:50 - 2013-08-05 18:51 - 110344048 _____ C:\Users\Monja\Downloads\avira_free_antivirus85_de.exe
2013-07-30 22:44 - 2013-07-30 22:44 - 00000000 ____D C:\Users\Monja\AppData\Local\Deployment
2013-07-30 22:44 - 2013-07-30 22:44 - 00000000 ____D C:\Users\Monja\AppData\Local\Apps\2.0
2013-07-30 11:27 - 2013-08-09 17:52 - 00000000 ____D C:\Fotos

==================== One Month Modified Files and Folders =======

2013-08-25 19:48 - 2013-03-21 05:55 - 00766266 _____ C:\Windows\system32\perfh007.dat
2013-08-25 19:48 - 2013-03-21 05:55 - 00159970 _____ C:\Windows\system32\perfc007.dat
2013-08-25 19:48 - 2012-07-26 09:28 - 01772788 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-25 19:44 - 2013-03-20 21:17 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-25 19:44 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-25 12:53 - 2013-08-05 23:01 - 00015312 _____ C:\Windows\SysWOW64\bufferpool.txt
2013-08-25 12:40 - 2013-06-15 18:33 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-25 12:06 - 2013-06-15 17:09 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2966206782-1434238145-1787605704-1001
2013-08-25 12:02 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-08-23 19:01 - 2013-08-23 19:01 - 01576474 _____ (Farbar) C:\Users\Monja\Downloads\FRST64(1).exe
2013-08-23 18:59 - 2013-08-23 18:59 - 01576474 _____ (Farbar) C:\Users\Monja\Desktop\FRST64.exe
2013-08-23 17:25 - 2013-08-23 17:25 - 00002107 _____ C:\Users\Monja\Desktop\JRT.txt
2013-08-23 17:19 - 2013-08-23 17:19 - 01021434 _____ (Thisisu) C:\Users\Monja\Downloads\JRT(2).exe
2013-08-23 17:07 - 2013-08-23 17:07 - 01021434 _____ (Thisisu) C:\Users\Monja\Downloads\JRT(1).exe
2013-08-23 17:03 - 2013-08-23 17:03 - 00000000 ____D C:\Windows\ERUNT
2013-08-23 17:02 - 2013-08-23 17:02 - 01021434 _____ (Thisisu) C:\Users\Monja\Downloads\JRT.exe
2013-08-21 22:28 - 2013-08-21 22:28 - 00010126 _____ C:\Users\Monja\Desktop\AdwCleaner[S0].txt
2013-08-21 22:24 - 2013-08-21 22:13 - 00000000 ____D C:\AdwCleaner
2013-08-21 22:24 - 2012-11-22 14:33 - 00232388 _____ C:\Windows\PFRO.log
2013-08-21 22:24 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-08-21 22:12 - 2013-08-21 22:12 - 00975858 _____ C:\Users\Monja\Downloads\adwcleaner.exe
2013-08-21 22:02 - 2013-08-21 22:02 - 00000085 _____ C:\Windows\wininit.ini
2013-08-21 20:49 - 2013-08-21 20:49 - 00000000 ____D C:\Users\Monja\Desktop\Trojaner-Board
2013-08-21 19:52 - 2013-08-21 19:52 - 00000000 ____D C:\FRST
2013-08-21 18:36 - 2013-06-15 17:13 - 00000000 ____D C:\Users\Monja\AppData\Local\CrashDumps
2013-08-21 18:27 - 2013-08-21 18:27 - 00001117 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-21 18:27 - 2013-08-21 18:27 - 00000000 ____D C:\Users\Monja\AppData\Roaming\Malwarebytes
2013-08-21 18:27 - 2013-08-21 18:27 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-21 18:27 - 2013-08-21 18:27 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-21 18:26 - 2013-08-21 18:26 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Monja\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-20 19:42 - 2013-08-17 18:17 - 00000000 ____D C:\Program Files (x86)\WinRAR
2013-08-20 16:43 - 2013-08-09 17:13 - 00000000 ____D C:\Musik Jean-Luke
2013-08-18 16:23 - 2013-06-15 17:01 - 00000000 ___RD C:\Users\Monja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-08-17 23:27 - 2013-06-15 16:58 - 01392235 _____ C:\Windows\WindowsUpdate.log
2013-08-17 21:24 - 2013-08-17 21:21 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-08-17 21:21 - 2013-08-17 21:21 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2013-08-17 20:22 - 2013-06-23 11:17 - 00000000 ____D C:\Users\Monja\Desktop\Jean-Luke
2013-08-17 19:47 - 2013-08-17 17:40 - 00000898 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-08-17 18:18 - 2013-08-17 18:17 - 00000000 ____D C:\Users\Monja\AppData\Roaming\WinRAR
2013-08-17 17:52 - 2013-06-15 16:57 - 00000000 ____D C:\Users\Monja
2013-08-17 17:41 - 2013-08-17 17:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-08-17 17:40 - 2013-08-17 16:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-17 17:13 - 2013-06-15 17:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-16 16:25 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-08-16 16:13 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-08-15 23:47 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-08-15 23:47 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-08-15 20:03 - 2013-08-15 20:00 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 20:00 - 2013-06-18 23:48 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-10 16:18 - 2013-08-10 16:13 - 00000000 ____D C:\Program Files (x86)\Paletti
2013-08-10 15:59 - 2013-08-10 15:59 - 00000000 ___HD C:\Users\Public\Documents\Silag_prefs
2013-08-10 15:59 - 2013-08-10 15:59 - 00000000 ____D C:\Users\Monja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grundschule Lernspass mit Hexe Lilli
2013-08-09 17:52 - 2013-07-30 11:27 - 00000000 ____D C:\Fotos
2013-08-09 17:15 - 2012-07-26 09:21 - 00025238 _____ C:\Windows\setupact.log
2013-08-06 17:37 - 2012-11-22 14:51 - 00000000 ____D C:\ProgramData\McAfee
2013-08-06 17:36 - 2013-03-20 21:38 - 00000000 ____D C:\ProgramData\Norton
2013-08-05 20:57 - 2013-06-23 17:37 - 00000000 ____D C:\Users\Monja\AppData\Local\clear.fi
2013-08-05 19:14 - 2013-08-05 19:14 - 00000000 ____D C:\Users\Monja\AppData\Roaming\Avira
2013-08-05 19:09 - 2013-08-05 19:09 - 00002074 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-08-05 19:09 - 2013-08-05 19:09 - 00000000 ____D C:\ProgramData\Avira
2013-08-05 19:09 - 2013-08-05 19:09 - 00000000 ____D C:\Program Files (x86)\Avira
2013-08-05 19:07 - 2012-11-22 14:51 - 00000000 ____D C:\Program Files\mcafee
2013-08-05 18:51 - 2013-08-05 18:50 - 110344048 _____ C:\Users\Monja\Downloads\avira_free_antivirus85_de.exe
2013-08-05 18:51 - 2012-07-26 10:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2013-07-30 22:44 - 2013-07-30 22:44 - 00000000 ____D C:\Users\Monja\AppData\Local\Deployment
2013-07-30 22:44 - 2013-07-30 22:44 - 00000000 ____D C:\Users\Monja\AppData\Local\Apps\2.0
2013-07-29 20:21 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2013-07-26 07:13 - 2013-08-14 18:47 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-26 07:13 - 2013-08-14 18:47 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-26 07:13 - 2013-08-14 18:47 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-07-26 07:13 - 2013-08-14 18:47 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-07-26 07:13 - 2013-08-14 18:47 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-26 07:12 - 2013-08-14 18:47 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-26 07:12 - 2013-08-14 18:47 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-26 07:12 - 2013-08-14 18:47 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-26 07:12 - 2013-08-14 18:47 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-26 07:12 - 2013-08-14 18:47 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-26 07:12 - 2013-08-14 18:46 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-26 07:12 - 2013-08-14 18:46 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-26 07:12 - 2013-08-14 18:46 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-26 07:12 - 2013-08-14 18:45 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-26 07:12 - 2013-08-14 18:45 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-26 05:35 - 2013-08-14 18:47 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-26 05:13 - 2013-08-14 18:47 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-26 05:13 - 2013-08-14 18:47 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-26 05:13 - 2013-08-14 18:47 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-07-26 05:12 - 2013-08-14 18:47 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-26 05:12 - 2013-08-14 18:47 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-26 05:12 - 2013-08-14 18:47 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-26 05:12 - 2013-08-14 18:47 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-26 05:12 - 2013-08-14 18:45 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-26 05:12 - 2013-08-14 18:45 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-26 05:12 - 2013-08-14 18:45 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-26 05:12 - 2013-08-14 18:44 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-26 05:11 - 2013-08-14 18:47 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-26 05:11 - 2013-08-14 18:47 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-26 04:49 - 2013-08-14 18:47 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-26 02:54 - 2013-08-14 18:47 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-20 16:40

==================== End Of Log ============================
--- --- ---

--- --- ---

Antwort

Themen zu Probleme mit LyricsContainer im Firefox auf dem BS Win8
.dll, administrator, adobe, antivirus, avira, avira searchfree toolbar, defender, diagnostics, explorer, farbar, farbar recovery scan tool, fehler, firefox, firefox 23.0.1, flash player, help, lyricscontainer, mozilla, musik, nvidia, realtek, regclean, registry, rundll, safer networking, scan, secrets, services.exe, software, srtasks.exe, svchost.exe, system, usb, werbeeinblendungen, wildtangent games, winlogon.exe


« Windows XP: Trojaner tr/bankzone.a.4 nach Aufrufen einer Zip-Datei | Windows 8: Unerwünschte Tabs öffnen sich selbstständig »


Ähnliche Themen: Probleme mit LyricsContainer im Firefox auf dem BS Win8


  1. Startmenü-Probleme mit Win8.1
    Log-Analyse und Auswertung - 20.11.2015 (29)
  2. Win7 und Win8.1 sfc kann defekte Dateien nicht reparieren / Win8.1 abgesicherter Modus nicht startbar?
    Alles rund um Windows - 11.10.2015 (27)
  3. Win8 PC langsam, cookie verhalten in Firefox anders als eingestellt Virus?
    Log-Analyse und Auswertung - 06.04.2015 (12)
  4. Win8.1 black scrren -> wscript.exe beendet -> Win8.1 fährt hoch
    Log-Analyse und Auswertung - 14.02.2015 (3)
  5. win8.1 64bit firefox packages entfernen - werde mit werbung ueberschwemmt
    Plagegeister aller Art und deren Bekämpfung - 14.01.2015 (11)
  6. Win8/ Firefox voller Werbung nach Avira installation/ evtl. mehr?
    Plagegeister aller Art und deren Bekämpfung - 06.12.2014 (14)
  7. Trojaner vor einiger Zeit eingefagen, jetzt treten verstärkt Probleme auf / Win8.1
    Plagegeister aller Art und deren Bekämpfung - 21.11.2014 (7)
  8. Unerwünschte Werbeeinblendungen unter Firefox und Win8
    Plagegeister aller Art und deren Bekämpfung - 21.07.2014 (13)
  9. Wlan Probleme unter Win8 zeigt Begrenzt an
    Netzwerk und Hardware - 09.06.2014 (1)
  10. Avira-Meldung "tr/atraps.gen" gefunden - sonst aber keine Probleme / Win8.1
    Plagegeister aller Art und deren Bekämpfung - 17.05.2014 (24)
  11. Win8.1: Firefox: ständige neue Werbefenster und Werbelinks im Text
    Plagegeister aller Art und deren Bekämpfung - 04.05.2014 (41)
  12. Win8.1: Firefox: ständige neue Werbefenster und Werbelinks im Text
    Plagegeister aller Art und deren Bekämpfung - 07.04.2014 (17)
  13. Unter Win8.1 über Firefox popt immer wieder adfly Seite auf.
    Plagegeister aller Art und deren Bekämpfung - 25.02.2014 (9)
  14. Probleme mit searchgol nach deltatoolbar nach installation von imgburn (Win8-x64-chrome)
    Log-Analyse und Auswertung - 31.10.2013 (29)
  15. Win8 startet nicht direkt, Probleme bei Nutzung
    Plagegeister aller Art und deren Bekämpfung - 21.10.2013 (23)
  16. Probleme mit Vaio i5 Win8
    Log-Analyse und Auswertung - 29.09.2013 (2)
  17. Win8 / Firefox: Befall mit Delta-Search-Virus
    Plagegeister aller Art und deren Bekämpfung - 05.08.2013 (13)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Probleme mit LyricsContainer im Firefox auf dem BS Win8 - Hallo Ryder, sorry nochmal fürs verspätete antworten, aber bei mir geht es derzeit im privaten drunter und drüber. Hier die gewünschten Log-Dateien ADWCleaner Code: Alles auswählen Aufklappen ATTFilter # AdwCleaner - Probleme mit LyricsContainer im Firefox auf dem BS Win8...
Archiv
Du betrachtest: Probleme mit LyricsContainer im Firefox auf dem BS Win8 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131