Trojaner-Board
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   search.findwide.com Virus entfernen (https://www.trojaner-board.de/151159-search-findwide-com-virus-entfernen.html)

cosinus 17.03.2014 22:31
Ein neues additions Log wäre gut

fyee 17.03.2014 22:35
wie komm ich dazu?

cosinus 17.03.2014 23:11
Hba ich doch eben erklärt wann FRST ein additions Log erstellt. Haken bei additions setzen!

fyee 18.03.2014 10:46
wie oft soll ich das Programm ausführen? glg

cosinus 18.03.2014 11:40
Was soll diese Frage uns denn jetzt bringen???
Die Tools werden so oft ausgeführt wie nötig!

fyee 18.03.2014 12:50
ok. Werbungen erscheinen immer noch.

cosinus 18.03.2014 13:29
Log fehlt immer noch :pfeiff:

fyee 18.03.2014 15:36
ich setz ihn, aber wenn ich das programm neu öffne, ist das Addition wieder nicht angeklickt.

cosinus 18.03.2014 15:59
Das versuch ich doch die gnaze Zeit zu erklären, dass das ein nromales Verhalten ist!
Wenn FRST den Haken immer dadrin haben würde hätte ich ja wohl kaum extra nochmal drauf hingewiesen da den Haken zu setzen!

fyee 18.03.2014 22:19
ich checks nicht. wozu dann das ganze, wenn die Werbung weiterhin auftaucht obwohl ich den Haken setze? ja er ist danach wieder weg, das hab ich kapiert, aber wo ist nun die Lösung? Dachte mir es gibt eine. Werbungen werden immer intensiver.

Mirko 19.03.2014 04:06
Du must den Haken setzen, damit FRST zusätzlich zu FRST.txt eine Addition.txt erzeugt. Dies geschieht nach erneutem Durchlauf von Farbar's Recovery Scan Tool, und wurde unten im Post #10 beschrieben.
Die Information die in den beiden txt-Dateien enthalten ist, wird von Cosinus benötigt, um mit der Bereinigung fortfahren zu können. Deswegen must Du diese beiden nochmals posten. Es kann sein, dass dieser Vorgang bis zum Abschluss der Bereinigung noch ein paar mal wiederholt werden muss.

fyee 19.03.2014 14:19
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Sofie at 2014-03-19 14:20:07
Running from C:\Users\Sofie\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Avira Savings Advisor (HKLM-x32\...\{A18A516C-AA41-46A9-92DB-60208917E442}) (Version: 1.5.14 - Avira)
Canon iP2700 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2700_series) (Version:  - )
Dropbox (HKCU\...\Dropbox) (Version: 2.6.2 - Dropbox, Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Lenovo Fingerprint Manager (HKLM\...\{26821A01-AE55-4B1A-807A-6EF888C4ACC2}) (Version: 4.5.240.0 - Validity Sensors, Inc.)
Lenovo Fingerprint Manager (HKLM\...\{F7AB2C19-6A27-4C75-A92A-8CC7C59E5FA2}) (Version: 4.5.240.0 - )
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - )
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
PDF24 Creator 6.3.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.214.0 - Tracker Software Products Ltd)
PursuePoint (HKLM\...\PursuePoint) (Version: 2014.03.07.195803 - PursuePoint) <==== ATTENTION
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)

==================== Restore Points  =========================

11-03-2014 12:50:38 Removed Microsoft Office Enterprise 2007
11-03-2014 13:24:57 Installed Microsoft Office Professional Plus 2010
11-03-2014 13:50:52 OpenOffice 4.0.1 wird entfernt
15-03-2014 08:08:18 Windows Update
18-03-2014 20:23:48 Malwarebytes Anti-Rootkit Restore Point
18-03-2014 22:16:33 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {260FDA87-0DC0-4B0D-A9D5-B0DC75C37663} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {29E80C3F-2F64-4A87-9942-489D35F64810} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-13] (Adobe Systems Incorporated)
Task: {C70E7BCF-4494-4BD0-8826-B2521F465D20} - System32\Tasks\aviraSWU => Cscript.exe "C:\Program Files (x86)\avira\Internet Explorer\swu.vbs"
Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove No Task File
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2000-01-16 20:48 - 2000-01-16 20:48 - 00347136 _____ () C:\Users\Sofie\Downloads\desknote\desktopnotes.exe
2014-03-09 15:33 - 2014-02-25 11:41 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-03-19 13:34 - 2014-03-19 13:34 - 00041984 _____ () c:\users\sofie\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkzyi7g.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\Sofie\AppData\Roaming\Dropbox\bin\libcef.dll
2014-03-07 23:47 - 2014-03-07 23:47 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2010-01-30 02:41 - 2010-01-30 02:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2014-03-13 19:59 - 2014-03-13 19:59 - 16276872 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI-Gerät
Description: PCI-Gerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/19/2014 01:35:33 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/18/2014 11:37:31 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (03/19/2014 02:20:18 PM) (Source: atapi) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort1 gefunden.

Error: (03/18/2014 06:00:12 PM) (Source: atapi) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort1 gefunden.

Error: (03/18/2014 05:44:43 PM) (Source: atapi) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort1 gefunden.

Error: (03/17/2014 10:45:06 PM) (Source: atapi) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort1 gefunden.

Error: (03/18/2014 10:17:16 PM) (Source: atapi) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort1 gefunden.


Microsoft Office Sessions:
=========================
Error: (03/19/2014 01:35:33 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/18/2014 11:37:31 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info ===========================

Percentage of memory in use: 45%
Total physical RAM: 3816.57 MB
Available physical RAM: 2065.8 MB
Total Pagefile: 7631.31 MB
Available Pagefile: 5608.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:414.48 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: D3EB885B)

Partition: GPT Partition Type.

==================== End Of Log ============================

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Sofie (administrator) on PREMSO on 19-03-2014 14:19:46
Running from C:\Users\Sofie\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Lenovo.) C:\Windows\system32\ibmpmsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Validity Sensors, Inc.) C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe
(Validity Sensors, Inc.) C:\Windows\system32\valWBFPolicyService.exe
(Validity Sensors, Inc.) C:\Program Files\Lenovo Fingerprint Reader\SwipeMonitor.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
() C:\Users\Sofie\Downloads\desknote\desktopnotes.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Dropbox, Inc.) C:\Users\Sofie\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\system32\prevhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe


==================== Registry (Whitelisted) ==================

HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2300210221-4292620252-1487165455-1000\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2300210221-4292620252-1487165455-1000\...\MountPoints2: {b5cda4ea-927c-11e3-9164-7c7a911e910e} - E:\SETUP.EXE
Startup: C:\Users\Sofie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Desktopnotes.lnk
ShortcutTarget: Desktopnotes.lnk -> C:\Users\Sofie\Downloads\desknote\desktopnotes.exe ()
Startup: C:\Users\Sofie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Sofie\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBB03CFDBFF24CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
SearchScopes: HKCU - {21681651-28C5-4354-8633-979AE3D8E825} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=10871
SearchScopes: HKCU - {4BE4DD24-D8C9-4F27-A705-85F28F788433} URL = hxxp://search.findwide.com/serp?guid={5C9ED2DF-5885-418F-AF81-869C04B7E5B2}&action=default_search&serpv=22&k={searchTerms}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Avira Savings Advisor BHO - {A18A516C-AA41-46A9-92DB-60208917E442} - C:\Program Files (x86)\avira\Internet Explorer\avira32.dll ()
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKCU - No Name - {1A78A3AA-45A4-4662-8118-B8022A26F1C7} -  No File
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21

FireFox:
========
FF ProfilePath: C:\Users\Sofie\AppData\Roaming\Mozilla\Firefox\Profiles\cyrqb4s0.default
FF NewTab: user_pref("browser.newtab.url", "");
FF DefaultSearchEngine: FindWide
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Savings Advisor - C:\Users\Sofie\AppData\Roaming\Mozilla\Firefox\Profiles\cyrqb4s0.default\Extensions\ciuvo-extension@avira.de [2014-03-09]
FF Extension: PursuePoint - C:\Users\Sofie\AppData\Roaming\Mozilla\Firefox\Profiles\cyrqb4s0.default\Extensions\{e844e171-0702-480a-abc8-39f79c8c6126}.xpi [2014-03-07]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 ValBioService; C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe [22872 2013-10-28] (Validity Sensors, Inc.)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [40848 2013-10-28] (Validity Sensors, Inc.)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R3 NETwNs64; C:\Windows\System32\DRIVERS\NETwsw02.sys [3599840 2013-10-14] (Intel Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-19 14:19 - 2014-03-19 14:19 - 00008996 _____ () C:\Users\Sofie\Desktop\FRST.txt
2014-03-18 22:10 - 2014-03-18 22:10 - 00000000 ____D () C:\Windows\ERUNT
2014-03-18 22:09 - 2014-03-18 22:09 - 01037734 _____ (Thisisu) C:\Users\Sofie\Downloads\JRT.exe
2014-03-18 22:01 - 2014-03-18 22:01 - 01950720 _____ () C:\Users\Sofie\Downloads\adwcleaner.exe
2014-03-18 21:56 - 2014-03-18 21:56 - 00000000 ____D () C:\Users\Sofie\AppData\Roaming\Malwarebytes
2014-03-18 21:56 - 2014-03-18 21:56 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-18 21:56 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-18 18:31 - 2014-03-18 21:38 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-18 18:31 - 2014-03-18 21:36 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-18 18:31 - 2014-03-18 18:31 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-18 17:51 - 2014-03-18 17:51 - 00001083 _____ () C:\Users\Public\Desktop\PDF24 Creator.lnk
2014-03-18 17:51 - 2014-03-18 17:51 - 00000000 ____D () C:\Users\Sofie\AppData\Local\PDF24
2014-03-18 17:50 - 2014-03-18 17:51 - 00000000 ____D () C:\Program Files (x86)\PDF24
2014-03-18 17:46 - 2014-03-18 17:47 - 16204160 _____ (Geek Software GmbH ) C:\Users\Sofie\Downloads\pdf24-creator-6.3.2.exe
2014-03-18 16:58 - 2014-03-19 14:19 - 00000000 ____D () C:\FRST
2014-03-18 15:30 - 2014-03-18 16:58 - 02157056 _____ (Farbar) C:\Users\Sofie\Desktop\FRST64.exe
2014-03-18 13:15 - 2014-03-18 22:06 - 00000000 ____D () C:\AdwCleaner
2014-03-17 11:13 - 2014-03-17 11:13 - 00000000 ____D () C:\Users\Sofie\AppData\Roaming\IrfanView
2014-03-17 11:13 - 2014-03-17 11:13 - 00000000 ____D () C:\Program Files (x86)\IrfanView
2014-03-17 11:10 - 2014-03-17 11:10 - 02179728 _____ (Irfan Skiljan) C:\Users\Sofie\Downloads\iview437g_setup.exe
2014-03-14 09:46 - 2014-03-14 09:46 - 00004096 ____H () C:\Users\Sofie\AppData\Local\keyfile3.drm
2014-03-14 08:53 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-14 08:53 - 2014-03-01 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-14 08:53 - 2014-03-01 06:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-14 08:53 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-14 08:53 - 2014-03-01 05:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-14 08:53 - 2014-03-01 05:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-14 08:53 - 2014-03-01 05:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-14 08:53 - 2014-03-01 05:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-14 08:53 - 2014-03-01 05:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-14 08:53 - 2014-03-01 05:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-14 08:53 - 2014-03-01 05:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-14 08:53 - 2014-03-01 05:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-14 08:53 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-14 08:53 - 2014-03-01 05:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-14 08:53 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-14 08:53 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-14 08:53 - 2014-03-01 05:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-14 08:53 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-14 08:53 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-14 08:53 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-14 08:53 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-14 08:53 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-14 08:53 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-14 08:53 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-14 08:53 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-14 08:53 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-14 08:53 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-14 08:53 - 2014-03-01 04:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-14 08:53 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-14 08:53 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-14 08:53 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-14 08:53 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-14 08:53 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-14 08:53 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-14 08:53 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-14 08:53 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-14 08:53 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-14 08:53 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-14 08:53 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-14 08:53 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-14 08:53 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-14 08:53 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-14 08:53 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-14 08:53 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-14 08:52 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-14 08:52 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-14 08:52 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-14 08:52 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-12 19:27 - 2014-03-12 19:27 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information
2014-03-12 19:27 - 2014-03-12 19:27 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-03-12 19:27 - 2012-03-14 05:00 - 00385024 _____ (CANON INC.) C:\Windows\system32\CNMLMA4.DLL
2014-03-12 11:28 - 2014-03-12 11:27 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-03-11 21:53 - 2014-03-11 21:53 - 00001253 _____ () C:\Users\Sofie\Desktop\GIW.lnk
2014-03-11 14:28 - 2014-03-11 14:28 - 00000000 ____D () C:\Windows\PCHEALTH
2014-03-11 14:28 - 2014-03-11 14:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2014-03-11 14:28 - 2014-03-11 14:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Sync Framework
2014-03-11 14:28 - 2014-03-11 14:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-03-11 14:27 - 2014-03-11 14:27 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-03-11 14:26 - 2014-03-11 14:26 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-03-11 14:26 - 2014-03-11 14:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-03-11 14:25 - 2014-03-11 14:25 - 00000000 __RHD () C:\MSOCache
2014-03-11 14:25 - 2014-03-11 14:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-03-11 14:23 - 2014-03-11 14:23 - 00003086 _____ () C:\Windows\System32\Tasks\{BCAD09BB-5F56-4744-B340-28BA6B88E0C8}
2014-03-11 10:30 - 2014-03-11 10:30 - 374346597 _____ () C:\Windows\MEMORY.DMP
2014-03-11 10:30 - 2014-03-11 10:30 - 00656968 _____ () C:\Windows\Minidump\031114-38407-01.dmp
2014-03-11 10:30 - 2014-03-11 10:30 - 00000000 ____D () C:\Windows\Minidump
2014-03-11 09:55 - 2014-03-11 09:55 - 00001380 _____ () C:\Users\Sofie\Desktop\INDIVIDUAL.lnk
2014-03-10 23:53 - 2014-03-10 23:53 - 00000000 ____D () C:\Users\Sofie\AppData\Roaming\OpenOffice
2014-03-10 23:43 - 2014-03-10 23:43 - 00613200 _____ (Chip Digital GmbH) C:\Users\Sofie\Downloads\OpenOffice - CHIP-Downloader.exe
2014-03-10 11:18 - 2014-03-10 11:18 - 00000000 ____D () C:\Program Files\Intel
2014-03-10 11:18 - 2014-03-10 11:18 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-03-10 11:18 - 2014-03-10 11:18 - 00000000 ____D () C:\Intel
2014-03-10 11:18 - 2014-01-25 02:23 - 00064000 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
2014-03-10 11:18 - 2014-01-25 02:23 - 00060416 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL
2014-03-09 23:51 - 2014-03-09 23:51 - 00001252 _____ () C:\Users\Sofie\Desktop\BA.lnk
2014-03-09 23:51 - 2014-03-09 23:51 - 00001157 _____ () C:\Users\Sofie\Desktop\(6) FINAL SEM.lnk
2014-03-09 22:43 - 2014-03-09 22:43 - 00287220 _____ () C:\Users\Sofie\Downloads\KeyTweak_install.exe
2014-03-09 22:40 - 2014-03-09 22:40 - 01212224 _____ () C:\Users\Sofie\Downloads\keytweak-setup.exe
2014-03-09 15:34 - 2014-03-09 15:34 - 00003408 _____ () C:\Windows\System32\Tasks\aviraSWU
2014-03-09 15:34 - 2014-03-09 15:34 - 00000000 ____D () C:\Users\Sofie\AppData\Roaming\Avira
2014-03-09 15:33 - 2014-03-09 15:34 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-03-09 15:33 - 2014-03-09 15:33 - 00002070 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-03-09 15:33 - 2014-03-09 15:33 - 00000000 ____D () C:\ProgramData\Avira
2014-03-09 15:33 - 2014-02-25 11:41 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-03-09 15:33 - 2014-02-25 11:41 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-03-09 15:33 - 2014-02-25 11:41 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-03-09 15:25 - 2014-03-09 15:26 - 138607664 _____ () C:\Users\Sofie\Downloads\avira_free_antivirus_de_14.0.3.350.exe
2014-03-09 14:22 - 2014-03-17 22:35 - 01648454 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-09 14:10 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-09 14:10 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-03-07 23:47 - 2014-03-18 23:17 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-07 23:47 - 2014-03-18 23:16 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-07 23:47 - 2014-03-07 23:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-27 02:52 - 2014-02-27 02:52 - 00068440 _____ (Lenovo.) C:\Windows\system32\ibmpmsvc.exe
2014-02-27 02:52 - 2014-02-27 02:52 - 00060760 _____ (Lenovo.) C:\Windows\system32\ibmpmctl.exe
2014-02-27 02:52 - 2014-02-27 02:52 - 00057144 _____ (Lenovo.) C:\Windows\system32\Drivers\ibmpmdrv.sys
2014-02-27 02:52 - 2014-02-27 02:52 - 00040280 _____ (Lenovo.) C:\Windows\system32\tpinspm.dll
2014-02-20 19:45 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-20 19:45 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-20 19:45 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-20 19:45 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-20 19:45 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-20 19:45 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-20 19:45 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-20 19:45 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-20 19:45 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-20 19:45 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-20 19:44 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-20 19:44 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-20 19:44 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-20 19:44 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-20 19:44 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-20 19:44 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-20 19:44 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-20 19:44 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-20 19:44 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-20 19:44 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-20 19:44 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-20 19:44 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-20 19:44 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-20 19:44 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-20 19:44 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-20 19:44 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-20 19:44 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-20 19:44 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe

==================== One Month Modified Files and Folders =======

2014-03-19 14:19 - 2014-03-19 14:19 - 00008996 _____ () C:\Users\Sofie\Desktop\FRST.txt
2014-03-19 14:19 - 2014-03-18 16:58 - 00000000 ____D () C:\FRST
2014-03-19 14:16 - 2014-02-08 20:09 - 00000000 ____D () C:\Users\Sofie\AppData\Roaming\Dropbox
2014-03-19 14:08 - 2014-02-07 22:06 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0EF1B442-55C9-4738-8D39-B7A6D6301DE5}
2014-03-19 13:59 - 2014-02-08 20:42 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-19 13:41 - 2009-07-14 05:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-19 13:41 - 2009-07-14 05:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-19 13:38 - 2014-02-07 21:57 - 00702890 _____ () C:\Windows\system32\perfh007.dat
2014-03-19 13:38 - 2014-02-07 21:57 - 00150498 _____ () C:\Windows\system32\perfc007.dat
2014-03-19 13:38 - 2009-07-14 06:13 - 01628044 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-19 13:37 - 2014-02-07 21:42 - 01789915 _____ () C:\Windows\WindowsUpdate.log
2014-03-19 13:34 - 2014-02-08 20:12 - 00000000 ___RD () C:\Users\Sofie\Dropbox
2014-03-19 13:34 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-19 13:33 - 2009-07-14 05:51 - 00026240 _____ () C:\Windows\setupact.log
2014-03-18 23:17 - 2014-03-07 23:47 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-18 23:16 - 2014-03-07 23:47 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-18 22:10 - 2014-03-18 22:10 - 00000000 ____D () C:\Windows\ERUNT
2014-03-18 22:09 - 2014-03-18 22:09 - 01037734 _____ (Thisisu) C:\Users\Sofie\Downloads\JRT.exe
2014-03-18 22:06 - 2014-03-18 13:15 - 00000000 ____D () C:\AdwCleaner
2014-03-18 22:04 - 2010-11-21 04:47 - 00200022 _____ () C:\Windows\PFRO.log
2014-03-18 22:01 - 2014-03-18 22:01 - 01950720 _____ () C:\Users\Sofie\Downloads\adwcleaner.exe
2014-03-18 21:56 - 2014-03-18 21:56 - 00000000 ____D () C:\Users\Sofie\AppData\Roaming\Malwarebytes
2014-03-18 21:56 - 2014-03-18 21:56 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-18 21:38 - 2014-03-18 18:31 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-18 21:36 - 2014-03-18 18:31 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-18 18:31 - 2014-03-18 18:31 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-18 17:51 - 2014-03-18 17:51 - 00001083 _____ () C:\Users\Public\Desktop\PDF24 Creator.lnk
2014-03-18 17:51 - 2014-03-18 17:51 - 00000000 ____D () C:\Users\Sofie\AppData\Local\PDF24
2014-03-18 17:51 - 2014-03-18 17:50 - 00000000 ____D () C:\Program Files (x86)\PDF24
2014-03-18 17:47 - 2014-03-18 17:46 - 16204160 _____ (Geek Software GmbH ) C:\Users\Sofie\Downloads\pdf24-creator-6.3.2.exe
2014-03-18 16:58 - 2014-03-18 15:30 - 02157056 _____ (Farbar) C:\Users\Sofie\Desktop\FRST64.exe
2014-03-17 22:35 - 2014-03-09 14:22 - 01648454 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-17 11:13 - 2014-03-17 11:13 - 00000000 ____D () C:\Users\Sofie\AppData\Roaming\IrfanView
2014-03-17 11:13 - 2014-03-17 11:13 - 00000000 ____D () C:\Program Files (x86)\IrfanView
2014-03-17 11:10 - 2014-03-17 11:10 - 02179728 _____ (Irfan Skiljan) C:\Users\Sofie\Downloads\iview437g_setup.exe
2014-03-15 14:52 - 2009-07-14 05:45 - 00414096 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-14 09:46 - 2014-03-14 09:46 - 00004096 ____H () C:\Users\Sofie\AppData\Local\keyfile3.drm
2014-03-13 19:59 - 2014-02-08 20:42 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-13 19:59 - 2014-02-08 20:42 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-13 19:59 - 2014-02-08 20:42 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 19:27 - 2014-03-12 19:27 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information
2014-03-12 19:27 - 2014-03-12 19:27 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-03-12 11:27 - 2014-03-12 11:28 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-03-11 21:53 - 2014-03-11 21:53 - 00001253 _____ () C:\Users\Sofie\Desktop\GIW.lnk
2014-03-11 17:47 - 2014-02-10 00:00 - 00109296 _____ () C:\Users\Sofie\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-11 17:18 - 2014-02-10 19:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-11 14:29 - 2011-04-12 09:28 - 00000000 ____D () C:\Windows\ShellNew
2014-03-11 14:29 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-03-11 14:28 - 2014-03-11 14:28 - 00000000 ____D () C:\Windows\PCHEALTH
2014-03-11 14:28 - 2014-03-11 14:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2014-03-11 14:28 - 2014-03-11 14:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Sync Framework
2014-03-11 14:28 - 2014-03-11 14:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-03-11 14:28 - 2014-02-10 19:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-03-11 14:27 - 2014-03-11 14:27 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-03-11 14:26 - 2014-03-11 14:26 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-03-11 14:26 - 2014-03-11 14:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-03-11 14:26 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-03-11 14:26 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini
2014-03-11 14:25 - 2014-03-11 14:25 - 00000000 __RHD () C:\MSOCache
2014-03-11 14:25 - 2014-03-11 14:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-03-11 14:23 - 2014-03-11 14:23 - 00003086 _____ () C:\Windows\System32\Tasks\{BCAD09BB-5F56-4744-B340-28BA6B88E0C8}
2014-03-11 10:30 - 2014-03-11 10:30 - 374346597 _____ () C:\Windows\MEMORY.DMP
2014-03-11 10:30 - 2014-03-11 10:30 - 00656968 _____ () C:\Windows\Minidump\031114-38407-01.dmp
2014-03-11 10:30 - 2014-03-11 10:30 - 00000000 ____D () C:\Windows\Minidump
2014-03-11 10:00 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-03-11 09:55 - 2014-03-11 09:55 - 00001380 _____ () C:\Users\Sofie\Desktop\INDIVIDUAL.lnk
2014-03-11 01:05 - 2014-02-10 00:04 - 00000000 ____D () C:\Users\Sofie\Downloads\desknote
2014-03-10 23:53 - 2014-03-10 23:53 - 00000000 ____D () C:\Users\Sofie\AppData\Roaming\OpenOffice
2014-03-10 23:43 - 2014-03-10 23:43 - 00613200 _____ (Chip Digital GmbH) C:\Users\Sofie\Downloads\OpenOffice - CHIP-Downloader.exe
2014-03-10 11:18 - 2014-03-10 11:18 - 00000000 ____D () C:\Program Files\Intel
2014-03-10 11:18 - 2014-03-10 11:18 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-03-10 11:18 - 2014-03-10 11:18 - 00000000 ____D () C:\Intel
2014-03-09 23:51 - 2014-03-09 23:51 - 00001252 _____ () C:\Users\Sofie\Desktop\BA.lnk
2014-03-09 23:51 - 2014-03-09 23:51 - 00001157 _____ () C:\Users\Sofie\Desktop\(6) FINAL SEM.lnk
2014-03-09 22:58 - 2014-02-08 20:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-09 22:43 - 2014-03-09 22:43 - 00287220 _____ () C:\Users\Sofie\Downloads\KeyTweak_install.exe
2014-03-09 22:40 - 2014-03-09 22:40 - 01212224 _____ () C:\Users\Sofie\Downloads\keytweak-setup.exe
2014-03-09 22:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Resources
2014-03-09 15:34 - 2014-03-09 15:34 - 00003408 _____ () C:\Windows\System32\Tasks\aviraSWU
2014-03-09 15:34 - 2014-03-09 15:34 - 00000000 ____D () C:\Users\Sofie\AppData\Roaming\Avira
2014-03-09 15:34 - 2014-03-09 15:33 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-03-09 15:33 - 2014-03-09 15:33 - 00002070 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-03-09 15:33 - 2014-03-09 15:33 - 00000000 ____D () C:\ProgramData\Avira
2014-03-09 15:26 - 2014-03-09 15:25 - 138607664 _____ () C:\Users\Sofie\Downloads\avira_free_antivirus_de_14.0.3.350.exe
2014-03-07 23:47 - 2014-03-07 23:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-01 07:05 - 2014-03-14 08:53 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 06:17 - 2014-03-14 08:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 06:16 - 2014-03-14 08:53 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 05:58 - 2014-03-14 08:53 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 05:52 - 2014-03-14 08:53 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 05:51 - 2014-03-14 08:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 05:42 - 2014-03-14 08:53 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 05:40 - 2014-03-14 08:53 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 05:37 - 2014-03-14 08:53 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 05:33 - 2014-03-14 08:53 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 05:33 - 2014-03-14 08:53 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 05:32 - 2014-03-14 08:53 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 05:30 - 2014-03-14 08:53 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 05:23 - 2014-03-14 08:53 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 05:17 - 2014-03-14 08:53 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 05:11 - 2014-03-14 08:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 05:02 - 2014-03-14 08:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 04:54 - 2014-03-14 08:53 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 04:52 - 2014-03-14 08:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 04:51 - 2014-03-14 08:53 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-01 04:47 - 2014-03-14 08:53 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 04:43 - 2014-03-14 08:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 04:43 - 2014-03-14 08:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 04:42 - 2014-03-14 08:53 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 04:40 - 2014-03-14 08:53 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 04:38 - 2014-03-14 08:53 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 04:37 - 2014-03-14 08:53 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-01 04:35 - 2014-03-14 08:53 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 04:18 - 2014-03-14 08:53 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 04:16 - 2014-03-14 08:53 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 04:14 - 2014-03-14 08:53 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-14 08:53 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 04:03 - 2014-03-14 08:53 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 04:00 - 2014-03-14 08:53 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 03:57 - 2014-03-14 08:53 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-14 08:53 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-14 08:53 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-14 08:53 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-14 08:53 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-14 08:53 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-27 02:52 - 2014-02-27 02:52 - 00068440 _____ (Lenovo.) C:\Windows\system32\ibmpmsvc.exe
2014-02-27 02:52 - 2014-02-27 02:52 - 00060760 _____ (Lenovo.) C:\Windows\system32\ibmpmctl.exe
2014-02-27 02:52 - 2014-02-27 02:52 - 00057144 _____ (Lenovo.) C:\Windows\system32\Drivers\ibmpmdrv.sys
2014-02-27 02:52 - 2014-02-27 02:52 - 00040280 _____ (Lenovo.) C:\Windows\system32\tpinspm.dll
2014-02-25 11:41 - 2014-03-09 15:33 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-02-25 11:41 - 2014-03-09 15:33 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-02-25 11:41 - 2014-03-09 15:33 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys

Files to move or delete:
====================
C:\Users\PNotesPortable\PNotesPortable.exe


Some content of TEMP:
====================
C:\Users\Sofie\AppData\Local\Temp\avgnt.exe
C:\Users\Sofie\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkzyi7g.dll
C:\Users\Sofie\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvgkrsl.dll
C:\Users\Sofie\AppData\Local\Temp\ose00000.exe
C:\Users\Sofie\AppData\Local\Temp\Quarantine.exe
C:\Users\Sofie\AppData\Local\Temp\setup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-11 12:15

==================== End Of Log ============================
--- --- ---

cosinus 19.03.2014 15:28
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
FF Extension: PursuePoint - C:\Users\Sofie\AppData\Roaming\Mozilla\Firefox\Profiles\cyrqb4s0.default\Extensions\{e844e171-0702-480a-abc8-39f79c8c6126}.xpi [2014-03-07]
Task: {C70E7BCF-4494-4BD0-8826-B2521F465D20} - System32\Tasks\aviraSWU => Cscript.exe "C:\Program Files (x86)\avira\Internet Explorer\swu.vbs"
C:\Program Files (x86)\avira\Internet Explorer\swu.vbs
Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove No Task File

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


fyee 19.03.2014 16:32
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by Sofie at 2014-03-19 16:33:20 Run:1
Running from C:\Users\Sofie\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
FF Extension: PursuePoint - C:\Users\Sofie\AppData\Roaming\Mozilla\Firefox\Profiles\cyrqb4s0.default\Extensions\{e844e171-0702-480a-abc8-39f79c8c6126}.xpi [2014-03-07]
Task: {C70E7BCF-4494-4BD0-8826-B2521F465D20} - System32\Tasks\aviraSWU => Cscript.exe "C:\Program Files (x86)\avira\Internet Explorer\swu.vbs"
C:\Program Files (x86)\avira\Internet Explorer\swu.vbs
Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove No Task File
*****************

C:\Users\Sofie\AppData\Roaming\Mozilla\Firefox\Profiles\cyrqb4s0.default\Extensions\{e844e171-0702-480a-abc8-39f79c8c6126}.xpi => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C70E7BCF-4494-4BD0-8826-B2521F465D20} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C70E7BCF-4494-4BD0-8826-B2521F465D20} => Key deleted successfully.
C:\Windows\System32\Tasks\aviraSWU => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\aviraSWU => Key deleted successfully.
C:\Program Files (x86)\avira\Internet Explorer\swu.vbs => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{EB02381F-D652-4B1C-894A-712498C62C51} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB02381F-D652-4B1C-894A-712498C62C51} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MUI\LPRemove => Key deleted successfully.

==== End of Fixlog ====

cosinus 19.03.2014 19:04
Und wieder frische FRST Logs zweks Kontrolle bitte. Haken wieder setzen bei additions


Alle Zeitangaben in WEZ +1. Es ist jetzt 07:46 Uhr.
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131