Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: kein WLAN mehr, dafür AdWare

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 18.02.2014, 20:31   #1
tylon
 
kein WLAN mehr, dafür AdWare - Standard

kein WLAN mehr, dafür AdWare



Moin,

auf meinem laptop habe ich auf einmal kein WLAN Adapter mehr. Dann ist mir aufgefallen, dass die CPU ständig auf 100% lief.

Anschließend habe ich mit Malwarebytes ein QuickScan gemacht und auch etwas gefunden:

Malwarebyte LOG
Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.02.18.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
Warsow :: WARSOW-PC [Administrator]

18.02.2014 19:33:09
MBAM-log-2014-02-18 (19-44-55).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | 

HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 214401
Laufzeit: 6 Minute(n), 36 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 1
C:\Users\Warsow\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Keine Aktion durchgeführt.

Infizierte Registrierungsschlüssel: 3
HKCU\Software\InstallCore\1I1T1Q1S (PUP.Optional.InstallCore.A) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Keine Aktion durchgeführt.
HKLM\Software\InstallIQ (PUP.Optional.InstallBrain.A) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NextLive (PUP.Optional.NextLive.A) -> Daten: C:\Windows

\SysWOW64\rundll32.exe "C:\Users\Warsow\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l -> Keine Aktion 

durchgeführt.
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Daten: 0H1L1J1L1S1R1N -> Keine Aktion durchgeführt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 4
C:\Users\Warsow\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Keine Aktion durchgeführt.
C:\Users\Warsow\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Keine Aktion durchgeführt.
C:\ProgramData\boost_interprocess (PUP.Optional.BoostInterProcess.A) -> Keine Aktion durchgeführt.
C:\ProgramData\boost_interprocess\619F331A864ACE01 (PUP.Optional.BoostInterProcess.A) -> Keine Aktion durchgeführt.

Infizierte Dateien: 7
C:\Users\Warsow\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Keine Aktion durchgeführt.
C:\$Recycle.Bin\S-1-5-21-82718981-2728021986-1345355776-1001\$R3P7YLW\nengine.dll (PUP.Optional.NextLive.A) -> Keine Aktion 

durchgeführt.
C:\Users\Warsow\AppData\Local\Temp\DTLite4481-0347.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
C:\Users\Warsow\AppData\Local\Temp\is125651805\490773392_stp\Mobogenie_Setup_UN.exe (PUP.Optional.NextLive.A) -> Keine 

Aktion durchgeführt.
C:\Users\Warsow\AppData\Local\genienext\nengine.dll (PUP.Optional.NextLive.A) -> Keine Aktion durchgeführt.
C:\Users\Warsow\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Keine Aktion durchgeführt.
C:\Users\Warsow\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Keine Aktion durchgeführt.

(Ende)
         
Mit dem Schlagwort PUP.Optional.InstallCore.A bin ich auf Eure Seite gestoßen.

... und habe die entsprechenden Punkte abgearbeitet:

AdwCleaner[R0]
Code:
ATTFilter
# AdwCleaner v3.019 - Bericht erstellt am 18/02/2014 um 19:45:42
# Aktualisiert 17/02/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : Warsow - WARSOW-PC
# Gestartet von : C:\Users\Warsow\Downloads\adwcleaner.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gefunden : C:\Users\Warsow\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi
Ordner Gefunden C:\ProgramData\boost_interprocess
Ordner Gefunden C:\Users\Warsow\AppData\Local\genienext
Ordner Gefunden C:\Users\Warsow\AppData\Local\Mobogenie
Ordner Gefunden C:\Users\Warsow\AppData\Roaming\newnext.me
Ordner Gefunden C:\Users\Warsow\AppData\Roaming\pdfforge
Ordner Gefunden C:\Users\Warsow\Documents\Mobogenie

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\caphyon
Schlüssel Gefunden : HKCU\Software\InstallCore
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Schlüssel Gefunden : [x64] HKCU\Software\caphyon
Schlüssel Gefunden : [x64] HKCU\Software\InstallCore
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Schlüssel Gefunden : HKLM\Software\InstallIQ
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-

BE8A-2923E76605DA}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-

4CCE-BE8A-2923E76605DA}
Wert Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Google Chrome v32.0.1700.107

[ Datei : C:\Users\Warsow\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [3007 octets] - [18/02/2014 19:45:42]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [3067 octets] ##########
         
AdwCleaner[S0]
Code:
ATTFilter
# AdwCleaner v3.019 - Bericht erstellt am 18/02/2014 um 19:49:50
# Aktualisiert 17/02/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : Warsow - WARSOW-PC
# Gestartet von : C:\Users\Warsow\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\Users\Warsow\AppData\Local\genienext
Ordner Gelöscht : C:\Users\Warsow\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Warsow\AppData\Roaming\newnext.me
Ordner Gelöscht : C:\Users\Warsow\AppData\Roaming\pdfforge
Ordner Gelöscht : C:\Users\Warsow\Documents\Mobogenie
Ordner Gelöscht : C:\Users\Warsow\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-

BE8A-2923E76605DA}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-

4CCE-BE8A-2923E76605DA}
Schlüssel Gelöscht : HKCU\Software\caphyon
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKLM\Software\InstallIQ

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Google Chrome v32.0.1700.107

[ Datei : C:\Users\Warsow\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[S0].txt - [2924 octets] - [18/02/2014 19:49:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2984 octets] ##########
         
JRT
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows 7 Ultimate x64
Ran by Warsow on 18.02.2014 at 19:59:35,21
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\puretext



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18.02.2014 at 20:13:03,80
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
FRST
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-02-2014
Ran by w...w (administrator) on w...w-PC on 18-02-2014 20:16:28
Running from D:\Dropbox\Dokumente\LOG
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(hxxp://www.SteveMiller.net) C:\Users\w...w\AppData\Local\Temp\Rar$EXa0.970\PureText.exe
(Google Inc.) C:\Users\w...w\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe
(Dropbox, Inc.) C:\Users\w...w\AppData\Roaming\Dropbox\bin\Dropbox.exe
(ABBYY) C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Samsung Electronics Co., Ltd.) C:\Windows\system32\RAPID\SamsungRapidSvc.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney Business 6.0\ouservice\StarMoneyOnlineUpdate.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\system32\taskmgr.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(LastPass) C:\Program Files (x86)\LastPass\nplastpass.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2174760 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [SamsungRapidApp] - C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [109280 2013-07-29] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2014-02-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] - C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM-x32\...\Run: [QLBController] - C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [256056 2010-10-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\runonceex: [Flags] - 128
HKLM\...\runonceex: [Title] - RAPID uninstall cleanup using key [0001]
HKLM Group Policy restriction on software: C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-05-05] (Microsoft Corporation)
HKU\S-1-5-21-82718981-2728021986-1345355776-1001\...\Run: [Google Update] - C:\Users\w...w\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-08-18] (Google Inc.)
HKU\S-1-5-21-82718981-2728021986-1345355776-1001\...\Run: [Google+ Auto Backup] - C:\Users\w...w\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3619144 2014-02-06] (Google Inc.)
HKU\S-1-5-21-82718981-2728021986-1345355776-1001\...\Run: [FA91854233861D90EE43556E8D97E21319F25ACE._service_run] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [866632 2014-02-02] (Google Inc.)
HKU\S-1-5-21-82718981-2728021986-1345355776-1001\...\MountPoints2: {893fd500-af70-11e2-80fe-806e6f6e6963} - E:\.\start.exe /autorun
HKU\S-1-5-21-82718981-2728021986-1345355776-1001\...\MountPoints2: {fc15c60b-47d8-11e3-ab5a-64315087dbf6} - G:\autorun.exe
Startup: C:\Users\w...w\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\w...w\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x871D2F587F43CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.42.129

Chrome: 
=======
CHR HomePage: 
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Extension: (Google Docs) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-04-27]
CHR Extension: (Google Drive) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-04-27]
CHR Extension: (YouTube) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-27]
CHR Extension: (SmoothScroll) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\cccpiddacjljmfbbgeimpelpndgpoknn [2013-07-10]
CHR Extension: (Adblock Plus) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-12-14]
CHR Extension: (Inkognito-Filter) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifilbmpnkjinlkchohdfcpdkmpngiik [2013-10-07]
CHR Extension: (Google-Suche) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-27]
CHR Extension: (Speed Dial) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi [2013-04-27]
CHR Extension: (Tampermonkey) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2014-01-14]
CHR Extension: (Deaktivierungs-Add-on von Google Analytics) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2013-04-27]
CHR Extension: (Snip-Me - Amazon-Preisalarm) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggbcajkaanddkocabpldmeomjdlgjpag [2013-04-27]
CHR Extension: (AdBlock) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-04-27]
CHR Extension: (Mibbit webchat) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbadbkkklnhamjjeagmknajgmbgcmnpi [2013-04-27]
CHR Extension: (Webseite Blocher (Beta)) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib [2013-04-27]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2013-10-24]
CHR Extension: (Feedly - News, Blogs and Youtube) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2013-04-27]
CHR Extension: (JDownloader Integration for Google Chrome™) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\laeghehalempfenbefbjbhccjcoakpmm [2013-04-27]
CHR Extension: (Schwarz + Silber-Metall-Kohlenstoff) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\lodhggoaglindpoejnjldimdlikkphph [2013-11-10]
CHR Extension: (qipu Cashbackmelder open beta) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\mloigoojndlehdjiemdfpiikieonngel [2013-04-27]
CHR Extension: (Do It (Tomorrow)) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfagjoblnoeagfhfhohcdklnddjaiglo [2013-04-27]
CHR Extension: (Pocket (formerly Read It Later)) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2013-04-27]
CHR Extension: (Google Wallet) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR Extension: (YouTube Unblocker) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnkeeiehehhefofiekoflfedgehcdhl [2014-01-26]
CHR Extension: (Google Chrome to Phone Extension) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco [2013-04-27]
CHR Extension: (Do Share) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglhhmnmdocfhmhlekfdecokagmbchnf [2014-01-02]
CHR Extension: (Big G Black Bar Sorter) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiamgkpplhllmgmjkmpoapkidpgfhmdo [2013-04-27]
CHR Extension: (Evernote Web Clipper) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2013-04-27]
CHR Extension: (Google Mail) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-27]
CHR Extension: (IRC to Mibbit) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\pohpiiceeffdepjkcikeifcpecegppod [2013-04-27]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 ABBYY.Licensing.FineReader.Professional.11.0; C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe [818952 2011-12-22] (ABBYY)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-29] (Advanced Micro Devices, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2014-02-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2014-02-18] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1011768 2014-02-18] (Avira Operations GmbH & Co. KG)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [280120 2010-10-01] (Hewlett-Packard Company)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [27360 2013-07-29] (Samsung Electronics Co., Ltd.)
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [663184 2014-01-27] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
R2 StarMoney Business 6.0 OnlineUpdate; C:\Program Files (x86)\StarMoney Business 6.0\ouservice\StarMoneyOnlineUpdate.exe [663184 2014-01-27] (Star Finanz-Software Entwicklung und Vertriebs GmbH)

==================== Drivers (Whitelisted) ====================

R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-21] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-21] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-11-26] (Disc Soft Ltd)
S3 FARMNTIO; c:\windows\system32\drivers\farmntio.sys [25144 2013-04-11] ()
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [44928 2012-10-11] (ManyCam LLC)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [28160 2013-01-31] (ManyCam LLC)
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [240864 2013-07-29] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111328 2013-07-29] (Samsung Electronics Co., Ltd.)
S3 ALSysIO; \??\C:\Users\w...w\AppData\Local\Temp\ALSysIO64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-18 20:16 - 2014-02-18 20:16 - 00000000 ____D () C:\FRST
2014-02-18 19:59 - 2014-02-18 19:59 - 00000000 ____D () C:\Windows\ERUNT
2014-02-18 19:46 - 2014-02-18 19:46 - 00000879 _____ () C:\Users\w...w\Desktop\LOG - Verknüpfung.lnk
2014-02-18 19:45 - 2014-02-18 19:56 - 00000000 ____D () C:\AdwCleaner
2014-02-17 19:24 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-17 19:24 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-17 19:23 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-17 19:23 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-17 19:23 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-17 19:23 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-17 19:23 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-17 19:23 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-17 19:23 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-17 19:23 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-17 19:23 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-17 19:23 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-17 19:23 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-17 19:23 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-17 19:23 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-17 19:23 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-17 19:23 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-17 19:23 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-17 19:23 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-17 19:23 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-17 19:23 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-17 19:23 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-17 19:23 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-17 19:23 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-17 19:23 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-17 19:23 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-17 19:23 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-17 19:23 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-17 19:23 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-17 19:23 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-17 19:23 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-17 19:23 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-17 19:23 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-17 19:23 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-17 19:23 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-17 19:23 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-17 19:23 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-17 19:23 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-17 19:23 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-17 19:23 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-17 19:23 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-15 17:25 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-15 17:25 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-15 17:25 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-15 17:25 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-15 17:25 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-15 17:25 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-15 17:25 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-15 17:25 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-15 17:25 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-15 17:25 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-15 17:25 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-15 17:25 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-15 17:25 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-15 17:25 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-15 17:25 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-15 17:25 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-15 17:25 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-15 17:25 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-15 17:19 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-15 17:19 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-15 17:19 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-15 17:19 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-15 17:19 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-15 17:19 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-15 17:11 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-15 17:11 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-15 17:11 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-15 17:11 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-09 11:40 - 2014-02-09 11:40 - 01869082 _____ () C:\Users\w...w\Downloads\ch.neoos.doodle.1.0.3.apk
2014-02-09 11:34 - 2014-02-09 11:34 - 00000000 ____D () C:\Users\w...w\AppData\Roaming\Mozilla
2014-02-08 11:28 - 2014-02-08 11:28 - 00025366 _____ () C:\Users\w...w\Downloads\FRITZ!Box_Anrufliste.csv
2014-02-08 11:24 - 2014-02-08 11:24 - 00500844 _____ () C:\Users\w...w\Downloads\archive08022014_112414.zip
2014-02-08 09:39 - 2014-02-08 09:39 - 00288104 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-02-08 09:39 - 2014-02-08 09:39 - 00284434 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2014-02-08 09:39 - 2014-02-08 09:39 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-02-07 12:38 - 2014-02-07 12:38 - 00000000 ____D () C:\Users\w...w\AppData\Local\roomeon
2014-02-05 19:18 - 2014-02-05 19:18 - 00000000 ____D () C:\Program Files (x86)\LG Electronics
2014-02-05 19:17 - 2014-02-05 19:17 - 00000000 ____D () C:\LGP350
2014-02-05 19:16 - 2014-02-05 19:16 - 00003138 _____ () C:\Windows\System32\Tasks\{9449C0E6-3B45-4444-A20D-88B6C47C715D}
2014-02-05 19:16 - 2014-02-05 19:16 - 00002411 _____ () C:\Windows\SysWOW64\lgAxconfig.ini
2014-02-05 19:16 - 2014-02-05 19:16 - 00000831 _____ () C:\Users\w...w\Desktop\LGMobile Support Tool.lnk
2014-02-05 19:16 - 2011-05-06 19:37 - 00655872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr90.dll
2014-02-05 19:16 - 2011-05-06 19:37 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp90.dll
2014-02-05 19:16 - 2011-05-06 19:37 - 00224768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcm90.dll
2014-02-05 19:16 - 2006-04-30 14:33 - 00053248 _____ () C:\Windows\SysWOW64\CommonDL.dll
2014-02-05 19:16 - 2005-11-20 08:34 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml4r.dll
2014-02-05 19:16 - 2005-09-30 07:39 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml4a.dll
2014-02-05 19:14 - 2014-02-05 19:23 - 00000000 ____D () C:\Users\w...w\Downloads\LGP350
2014-02-05 19:08 - 2014-02-05 19:16 - 00000000 ____D () C:\ProgramData\LGMOBILEAX
2014-02-05 19:08 - 2014-02-05 19:08 - 00261208 _____ (LG Electronics) C:\Users\w...w\Downloads\B2CAppSetup.exe
2014-02-02 13:26 - 2014-02-02 13:26 - 00035840 _____ () C:\Users\w...w\Downloads\pcon014.xls
2014-01-26 12:32 - 2014-01-26 12:32 - 00282775 _____ () C:\Users\w...w\Downloads\YouTube-Unblocker-055.crx
2014-01-24 21:29 - 2014-01-24 21:29 - 00001350 _____ () C:\Users\w...w\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MD5 & SHA Checksum Utility.exe - Verknüpfung.lnk
2014-01-24 08:24 - 2014-01-24 08:24 - 00002475 _____ () C:\Users\w...w\Downloads\mailFilters.xml
2014-01-24 08:12 - 2014-01-24 08:12 - 00000000 ____D () C:\Users\w...w\AppData\Roaming\DropboxMaster
2014-01-23 10:39 - 2014-01-23 10:39 - 00020480 _____ () C:\Users\w...w\Downloads\MinusArbeitstage.xls

==================== One Month Modified Files and Folders =======

2014-02-18 20:16 - 2014-02-18 20:16 - 00000000 ____D () C:\FRST
2014-02-18 20:16 - 2013-04-27 20:48 - 00000000 ____D () C:\Users\w...w\AppData\Roaming\Dropbox
2014-02-18 20:15 - 2013-04-27 20:33 - 01700628 _____ () C:\Windows\WindowsUpdate.log
2014-02-18 19:59 - 2014-02-18 19:59 - 00000000 ____D () C:\Windows\ERUNT
2014-02-18 19:58 - 2009-07-14 05:45 - 00016944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-18 19:58 - 2009-07-14 05:45 - 00016944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-18 19:57 - 2009-07-14 18:58 - 00654400 _____ () C:\Windows\system32\perfh007.dat
2014-02-18 19:57 - 2009-07-14 18:58 - 00130240 _____ () C:\Windows\system32\perfc007.dat
2014-02-18 19:57 - 2009-07-14 06:13 - 01498742 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-18 19:56 - 2014-02-18 19:45 - 00000000 ____D () C:\AdwCleaner
2014-02-18 19:53 - 2013-04-27 20:43 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-18 19:53 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-18 19:53 - 2009-07-14 05:51 - 00049970 _____ () C:\Windows\setupact.log
2014-02-18 19:49 - 2013-08-18 19:01 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-82718981-2728021986-1345355776-1001UA.job
2014-02-18 19:49 - 2013-08-18 19:01 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-82718981-2728021986-1345355776-1001Core.job
2014-02-18 19:46 - 2014-02-18 19:46 - 00000879 _____ () C:\Users\w...w\Desktop\LOG - Verknüpfung.lnk
2014-02-18 19:44 - 2013-08-18 19:01 - 00004096 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-82718981-2728021986-1345355776-1001UA
2014-02-18 19:44 - 2013-08-18 19:01 - 00003700 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-82718981-2728021986-1345355776-1001Core
2014-02-18 19:37 - 2013-05-30 12:21 - 00000000 ____D () C:\Program Files (x86)\StarMoney Business 6.0
2014-02-18 19:37 - 2013-05-26 21:27 - 00000000 ____D () C:\Program Files (x86)\StarMoney 9.0
2014-02-18 19:30 - 2013-04-27 20:43 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-17 19:31 - 2013-08-16 15:29 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-17 19:29 - 2010-02-09 23:33 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-17 19:15 - 2013-05-03 08:42 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-02-09 11:40 - 2014-02-09 11:40 - 01869082 _____ () C:\Users\w...w\Downloads\ch.neoos.doodle.1.0.3.apk
2014-02-09 11:34 - 2014-02-09 11:34 - 00000000 ____D () C:\Users\w...w\AppData\Roaming\Mozilla
2014-02-08 13:34 - 2013-05-17 18:20 - 00000000 ____D () C:\Program Files (x86)\JDownloader v2.0
2014-02-08 11:28 - 2014-02-08 11:28 - 00025366 _____ () C:\Users\w...w\Downloads\FRITZ!Box_Anrufliste.csv
2014-02-08 11:24 - 2014-02-08 11:24 - 00500844 _____ () C:\Users\w...w\Downloads\archive08022014_112414.zip
2014-02-08 09:39 - 2014-02-08 09:39 - 00288104 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-02-08 09:39 - 2014-02-08 09:39 - 00284434 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2014-02-08 09:39 - 2014-02-08 09:39 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-02-08 00:31 - 2014-01-07 19:37 - 00000000 ____D () C:\Users\w...w\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-02-07 19:03 - 2013-04-27 21:30 - 00070604 _____ () C:\Windows\PFRO.log
2014-02-07 12:46 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-02-07 12:38 - 2014-02-07 12:38 - 00000000 ____D () C:\Users\w...w\AppData\Local\roomeon
2014-02-06 13:16 - 2014-02-17 19:23 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-17 19:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-17 19:23 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-17 19:23 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-17 19:23 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-17 19:23 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-17 19:23 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-17 19:23 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-17 19:23 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-17 19:23 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-17 19:23 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-17 19:23 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-17 19:23 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-17 19:23 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-17 19:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-17 19:23 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-17 19:23 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-17 19:23 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-17 19:23 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-17 19:23 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-17 19:23 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-17 19:23 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-17 19:23 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-17 19:23 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-17 19:23 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-17 19:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-17 19:23 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-17 19:23 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-17 19:23 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-17 19:23 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-17 19:23 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-17 19:23 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-17 19:23 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-17 19:23 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-17 19:23 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-17 19:23 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-17 19:23 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-17 19:23 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-17 19:23 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-05 19:23 - 2014-02-05 19:14 - 00000000 ____D () C:\Users\w...w\Downloads\LGP350
2014-02-05 19:18 - 2014-02-05 19:18 - 00000000 ____D () C:\Program Files (x86)\LG Electronics
2014-02-05 19:18 - 2013-05-26 21:26 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-05 19:17 - 2014-02-05 19:17 - 00000000 ____D () C:\LGP350
2014-02-05 19:16 - 2014-02-05 19:16 - 00003138 _____ () C:\Windows\System32\Tasks\{9449C0E6-3B45-4444-A20D-88B6C47C715D}
2014-02-05 19:16 - 2014-02-05 19:16 - 00002411 _____ () C:\Windows\SysWOW64\lgAxconfig.ini
2014-02-05 19:16 - 2014-02-05 19:16 - 00000831 _____ () C:\Users\w...w\Desktop\LGMobile Support Tool.lnk
2014-02-05 19:16 - 2014-02-05 19:08 - 00000000 ____D () C:\ProgramData\LGMOBILEAX
2014-02-05 19:08 - 2014-02-05 19:08 - 00261208 _____ (LG Electronics) C:\Users\w...w\Downloads\B2CAppSetup.exe
2014-02-03 19:18 - 2013-05-24 12:13 - 00000000 ____D () C:\Users\w...w\AppData\Roaming\vlc
2014-02-02 13:26 - 2014-02-02 13:26 - 00035840 _____ () C:\Users\w...w\Downloads\pcon014.xls
2014-02-02 12:46 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-01-26 12:32 - 2014-01-26 12:32 - 00282775 _____ () C:\Users\w...w\Downloads\YouTube-Unblocker-055.crx
2014-01-24 21:29 - 2014-01-24 21:29 - 00001350 _____ () C:\Users\w...w\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MD5 & SHA Checksum Utility.exe - Verknüpfung.lnk
2014-01-24 08:24 - 2014-01-24 08:24 - 00002475 _____ () C:\Users\w...w\Downloads\mailFilters.xml
2014-01-24 08:13 - 2013-04-27 20:38 - 00000000 ___RD () C:\Users\w...w\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-24 08:12 - 2014-01-24 08:12 - 00000000 ____D () C:\Users\w...w\AppData\Roaming\DropboxMaster
2014-01-23 10:39 - 2014-01-23 10:39 - 00020480 _____ () C:\Users\w...w\Downloads\MinusArbeitstage.xls

Some content of TEMP:
====================
C:\Users\w...w\AppData\Local\Temp\13-9-legacy_vista_win7_64_dd_ccc_whql.exe
C:\Users\w...w\AppData\Local\Temp\avgnt.exe
C:\Users\w...w\AppData\Local\Temp\Checkupdate.exe
C:\Users\w...w\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxh9u8q.dll
C:\Users\w...w\AppData\Local\Temp\DTLite4481-0347.exe
C:\Users\w...w\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\w...w\AppData\Local\Temp\gcapi_dll.dll
C:\Users\w...w\AppData\Local\Temp\GLF8224.tmp.dll
C:\Users\w...w\AppData\Local\Temp\gtapi_signed.dll
C:\Users\w...w\AppData\Local\Temp\SCC.dll
C:\Users\w...w\AppData\Local\Temp\SymCCIS.dll
C:\Users\w...w\AppData\Local\Temp\tmp7B1.exe
C:\Users\w...w\AppData\Local\Temp\unrar.dll
C:\Users\w...w\AppData\Local\Temp\vlc-2.1.2-win32.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-30 16:58

==================== End Of Log ============================
         
--- --- ---

Addition
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-02-2014
Ran by w...w at 2014-02-18 20:17:26
Running from D:\Dropbox\Dokumente\LOG
Boot Mode: Normal
==========================================================


==================== Security Center ========================


==================== Installed Programs ======================

AAVUpdateManager (x32 Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
ABBYY FineReader 11 (x32 Version: 11.0.460 - ABBYY)
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
AllDup 3.4.18 (x32 Version: 3.4.18 - Michael Thummerer Software Design)
AMD Accelerated Video Transcoding (Version: 12.5.100.30429 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2013.0429.2313.39747 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.80430.0002 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2013.0429.2313.39747 - Ihr Firmenname) Hidden
Avidemux 2.6 - 64bits (x32 Version: 2.6.5.8897 - )
Avira Free Antivirus (x32 Version: 14.0.2.344 - Avira)
BUDNI Fotowelt (x32 Version: 5.1.3 - CEWE Stiftung u Co. KGaA)
calibre 64bit (Version: 0.9.34 - Kovid Goyal)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0429.2313.39747 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0429.2313.39747 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0429.2313.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0429.2313.39747 - Advanced Micro Devices, Inc.) Hidden
CDBurnerXP (x32 Version: 4.5.2.4291 - CDBurnerXP)
ClipboardPath (Aktueller Benutzer) (HKCU Version: 1.2.4 - Stefan Bertels)
Common Desktop Agent (Version: 1.53.0 - OEM) Hidden
Core Temp 1.0 RC6 (Version: 1.0 - Alcpu)
CrystalDiskMark 3.0.2f (Version: 3.0.2f - Crystal Dew World)
DAEMON Tools Lite (x32 Version: 4.48.1.0347 - Disc Soft Ltd)
DriverTools 1.0 (x32 Version: 1.0 - Huawei Technologies Co.,Ltd)
Dropbox (HKCU Version: 2.6.5 - Dropbox, Inc.)
Evernote v. 5.1.2 (x32 Version: 5.1.2.2387 - Evernote Corp.)
Everpix (HKCU Version: 1.0.12.55 - Everpix)
FileZilla Client 3.7.3 (x32 Version: 3.7.3 - Tim Kosse)
Foxit Reader (x32 Version: 6.0.4.719 - Foxit Corporation)
Google Chrome (x32 Version: 32.0.1700.107 - Google Inc.)
Google Talk Plugin (x32 Version: 5.1.4.17398 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Google+ Auto Backup (HKCU Version: 1.0.22.105 - Google, Inc.)
Google+ Auto Backup (x32 Version: 1.0.21.81 - Google)
Hdd Speed Test Tool v. 1.0.14 (RC 1) (x32 Version:  - Marko Oette (oette.info)) <==== ATTENTION
HP HotKey Support (Version: 4.0.3.1 - Hewlett-Packard Company)
iDRS(tm) OCR Software by I.R.I.S (x32 Version: 1.00.04.03 - Samsung Electronics Co., Ltd.)
IrfanView (remove only) (x32 Version: 4.35 - Irfan Skiljan)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 2 (Version: 2.0 - AppWork GmbH)
Kobo (x32 Version: 3.2.2 - Kobo Inc.)
LastPass (Nur deinstallieren) (x32 Version:  - LastPass)
LG United Mobile Driver (x32 Version: 3.8.1 - LG Electronics)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
ManyCam 3.1.59 (x32 Version: 3.1.59 - ManyCam LLC)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 - de-de (Version: 15.0.4551.1512 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
NAVIGON Fresh 3.4.1 (x32 Version: 3.4.1 - NAVIGON)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
ownCloud (x32 Version: 1.2.5 - ownCloud, Inc)
PDF Architect (x32 Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (x32 Version: 1.7.1 - pdfforge)
Phase 5 HTML-Editor (x32 Version: 5.6.2.3 - Systemberatung Schommer)
Picasa 3 (x32 Version: 3.9 - Google, Inc.)
Pixum Fotobuch (x32 Version: 5.1.3 - CEWE Stiftung u Co. KGaA)
RAPID Mode (Version: 1.0.1.42 - Samsung Electronics Co., Ltd.) Hidden
Samsung Data Migration (x32 Version: 2.5 - Samsung)
Samsung Easy Printer Manager (x32 Version: 1.02.06.05 - Samsung Electronics Co., Ltd.)
Samsung Magician (x32 Version: 4.3.0 - Samsung Electronics)
Samsung Printer Live Update (x32 Version: 1.01.00.04 - Samsung Electronics Co., Ltd.)
Samsung Scan Assistant (x32 Version: 1.04.30.00 - Samsung Electronics Co., Ltd.)
Samsung SCX-3400 Series (x32 Version:  - Samsung Electronics Co., Ltd.)
Skype™ 6.7 (x32 Version: 6.7.102 - Skype Technologies S.A.)
SRS-Root (x32 Version:  - 123Unlock GSM Service)
StarMoney (x32 Version: 4.0.0.203 - StarFinanz) Hidden
StarMoney 9.0  (x32 Version: 9.0 - Star Finanz GmbH)
StarMoney Business 6.0  (x32 Version: 6.0 - Star Finanz GmbH)
Steuer-Spar-Erklärung 2013 (x32 Version: 18.09 - Wolters Kluwer Deutschland GmbH)
Synaptics Pointing Device Driver (Version: 15.0.24.0 - Synaptics Incorporated)
TeamViewer 9 (x32 Version: 9.0.25942 - TeamViewer)
TreeSize Free V2.7 (x32 Version: 2.7 - JAM Software)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
VLC media player 2.1.2 (x32 Version: 2.1.2 - VideoLAN)
WinRAR 4.20 (64-Bit) (Version: 4.20.0 - win.rar GmbH)
WISO Mein Geld 2014 Professional (x32 Version:  - Buhl Data Service GmbH)
WISO Mein Geld 2014 Professional (x32 Version: 16.0.1.0 - Buhl Data Service GmbH) Hidden

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {024CB324-E18B-49B4-8DAF-ECE127F097C3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-27] (Google Inc.)
Task: {57AFB501-1755-45DE-919F-9B67E71DDA7E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2013-11-15] (Microsoft Corporation)
Task: {6784F09D-A64B-4CFE-B24D-9487FD975DD2} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {7CDCCDB8-79CE-4F5D-A1B0-8D61D5BDAA4E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-10-31] (Microsoft Corporation)
Task: {B83574F9-0DEF-4D54-9DAD-5C89D2A4BDEA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-82718981-2728021986-1345355776-1001UA => C:\Users\w...w\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-18] (Google Inc.)
Task: {C6852C54-B1AE-4468-AD8B-D0B7DA03E4D6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2013-11-15] (Microsoft Corporation)
Task: {E2CC3C92-2E5A-44B7-91BC-83AFC3D45E53} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-27] (Google Inc.)
Task: {FD4B11A8-4184-431E-BAEC-2BB5382F547F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-82718981-2728021986-1345355776-1001Core => C:\Users\w...w\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-18] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-82718981-2728021986-1345355776-1001Core.job => C:\Users\w...w\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-82718981-2728021986-1345355776-1001UA.job => C:\Users\w...w\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-06-18 15:49 - 2013-06-18 15:49 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-04-29 23:25 - 2013-04-29 23:25 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-04-29 23:08 - 2013-04-29 23:08 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-04-27 20:59 - 2013-04-27 20:58 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2008-10-24 15:35 - 2008-10-24 15:35 - 00128296 _____ () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
2014-02-06 23:27 - 2014-02-06 23:27 - 03244032 _____ () C:\Users\w...w\AppData\Local\Programs\Google\Google+ Auto Backup\gpuploader_i18n.dll
2014-02-18 19:53 - 2014-02-18 19:53 - 00041984 _____ () c:\users\w...w\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxh9u8q.dll
2013-08-23 20:01 - 2013-08-23 20:01 - 25100288 _____ () C:\Users\w...w\AppData\Roaming\Dropbox\bin\libcef.dll
2014-02-07 19:08 - 2011-01-13 09:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 9.0\ouservice\PATCHW32.dll
2014-02-05 14:14 - 2011-01-13 09:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney Business 6.0\ouservice\PATCHW32.dll
2014-02-05 14:15 - 2014-02-02 00:41 - 00715592 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libglesv2.dll
2014-02-05 14:15 - 2014-02-02 00:41 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libegl.dll
2014-02-05 14:15 - 2014-02-02 00:42 - 04055368 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll
2014-02-05 14:15 - 2014-02-02 00:42 - 00399688 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
2014-02-05 14:15 - 2014-02-02 00:41 - 01634632 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AMD AVT => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
MSCONFIG\startupreg: Bonus.SSR.FR11 => "C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" /autorun
MSCONFIG\startupreg: CDAServer => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Google Update => "C:\Users\w...w\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: PureText => "D:\Dropbox\Software\PureText.exe"
MSCONFIG\startupreg: SMB60StarMoneyRunEntry => "C:\Program Files (x86)\StarMoney Business 6.0\app\oflagent.exe"
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 64%
Total physical RAM: 3836.56 MB
Available physical RAM: 1360.12 MB
Total Pagefile: 7671.3 MB
Available Pagefile: 4526.67 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:79.99 GB) (Free:37.8 GB) NTFS
Drive d: (Daten) (Fixed) (Total:158.38 GB) (Free:49.26 GB) NTFS
Drive e: (Warentest) (CDROM) (Total:0.61 GB) (Free:0 GB) CDFS
Drive f: () (Removable) (Total:14.94 GB) (Free:14.94 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238 GB) (Disk ID: A464783C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=80 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=158 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 15 GB) (Disk ID: 00000000)
Partition 1: (Active) - (Size=15 GB) - (Type=0C)

==================== End Of Log ============================
         
Ist mein System nun Sauber?

Gruß

Hier der vollständigkeitshalber der Abschluss-Scan

MBAM-log-2014-02-18 (20-27-27)
Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.02.18.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
w...w :: w...w-PC [Administrator]

18.02.2014 20:21:36
MBAM-log-2014-02-18 (20-27-27).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 215395
Laufzeit: 5 Minute(n), 33 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 3
C:\$Recycle.Bin\S-1-5-21-82718981-2728021986-1345355776-1001\$R3P7YLW\nengine.dll (PUP.Optional.NextLive.A) -> Keine Aktion durchgeführt.
C:\Users\w...w\AppData\Local\Temp\DTLite4481-0347.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
C:\Users\w...w\AppData\Local\Temp\is125651805\490773392_stp\Mobogenie_Setup_UN.exe (PUP.Optional.NextLive.A) -> Keine Aktion durchgeführt.

(Ende)
         
ESET läuft noch...

Alt 19.02.2014, 05:56   #2
schrauber
/// the machine
/// TB-Ausbilder
 

kein WLAN mehr, dafür AdWare - Standard

kein WLAN mehr, dafür AdWare



Funde mit MBAM löschen lassen. Poste dann noch ESET und ein frisches FRST Log. Was macht das WLAN?
__________________

__________________

Alt 19.02.2014, 18:56   #3
tylon
 
kein WLAN mehr, dafür AdWare - Standard

kein WLAN mehr, dafür AdWare



Funde aus MBAM gelöscht und auch keine weitere Auffälligkeiten dort.
ESET folgt, da es über 2 Stunden dauert
WLAN Adapter ist wieder vorhanden. Kann AdWare diesen wirklich blockieren?

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2014
Ran by w...w (administrator) on w...w-PC on 19-02-2014 19:50:19
Running from D:\Dropbox\Dokumente\LOG
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(ABBYY) C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Samsung Electronics Co., Ltd.) C:\Windows\system32\RAPID\SamsungRapidSvc.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney Business 6.0\ouservice\StarMoneyOnlineUpdate.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
(Google Inc.) C:\Users\w...w\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Dropbox, Inc.) C:\Users\w...w\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2174760 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [SamsungRapidApp] - C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [109280 2013-07-29] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2014-02-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] - C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM-x32\...\Run: [QLBController] - C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [256056 2010-10-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\runonceex: [Flags] - 128
HKLM\...\runonceex: [Title] - RAPID uninstall cleanup using key [0001]
HKLM Group Policy restriction on software: C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-05-05] (Microsoft Corporation)
HKU\S-1-5-21-82718981-2728021986-1345355776-1001\...\Run: [Google Update] - C:\Users\w...w\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-08-18] (Google Inc.)
HKU\S-1-5-21-82718981-2728021986-1345355776-1001\...\Run: [Google+ Auto Backup] - C:\Users\w...w\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3619144 2014-02-06] (Google Inc.)
HKU\S-1-5-21-82718981-2728021986-1345355776-1001\...\Run: [FA91854233861D90EE43556E8D97E21319F25ACE._service_run] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [866632 2014-02-02] (Google Inc.)
HKU\S-1-5-21-82718981-2728021986-1345355776-1001\...\MountPoints2: {893fd500-af70-11e2-80fe-806e6f6e6963} - E:\.\start.exe /autorun
HKU\S-1-5-21-82718981-2728021986-1345355776-1001\...\MountPoints2: {fc15c60b-47d8-11e3-ab5a-64315087dbf6} - G:\autorun.exe
Startup: C:\Users\w...w\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\w...w\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x871D2F587F43CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Chrome: 
=======
CHR HomePage: 
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Extension: (Google Docs) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-04-27]
CHR Extension: (Google Drive) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-04-27]
CHR Extension: (YouTube) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-27]
CHR Extension: (Adblock Plus) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-12-14]
CHR Extension: (Inkognito-Filter) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifilbmpnkjinlkchohdfcpdkmpngiik [2013-10-07]
CHR Extension: (Google-Suche) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-27]
CHR Extension: (Deaktivierungs-Add-on von Google Analytics) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2013-04-27]
CHR Extension: (Snip-Me - Amazon-Preisalarm) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggbcajkaanddkocabpldmeomjdlgjpag [2013-04-27]
CHR Extension: (AdBlock) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-04-27]
CHR Extension: (Mibbit webchat) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbadbkkklnhamjjeagmknajgmbgcmnpi [2013-04-27]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2013-10-24]
CHR Extension: (Feedly - News, Blogs and Youtube) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2013-04-27]
CHR Extension: (JDownloader Integration for Google Chrome™) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\laeghehalempfenbefbjbhccjcoakpmm [2013-04-27]
CHR Extension: (Schwarz + Silber-Metall-Kohlenstoff) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\lodhggoaglindpoejnjldimdlikkphph [2013-11-10]
CHR Extension: (qipu Cashbackmelder open beta) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\mloigoojndlehdjiemdfpiikieonngel [2013-04-27]
CHR Extension: (Do It (Tomorrow)) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfagjoblnoeagfhfhohcdklnddjaiglo [2013-04-27]
CHR Extension: (Pocket (formerly Read It Later)) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2013-04-27]
CHR Extension: (Google Wallet) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR Extension: (YouTube Unblocker) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnkeeiehehhefofiekoflfedgehcdhl [2014-01-26]
CHR Extension: (Google Chrome to Phone Extension) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco [2013-04-27]
CHR Extension: (Evernote Web Clipper) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2013-04-27]
CHR Extension: (Google Mail) - C:\Users\w...w\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-27]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 ABBYY.Licensing.FineReader.Professional.11.0; C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe [818952 2011-12-22] (ABBYY)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-29] (Advanced Micro Devices, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2014-02-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2014-02-18] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1011768 2014-02-18] (Avira Operations GmbH & Co. KG)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [280120 2010-10-01] (Hewlett-Packard Company)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [27360 2013-07-29] (Samsung Electronics Co., Ltd.)
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [663184 2014-01-27] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
R2 StarMoney Business 6.0 OnlineUpdate; C:\Program Files (x86)\StarMoney Business 6.0\ouservice\StarMoneyOnlineUpdate.exe [663184 2014-01-27] (Star Finanz-Software Entwicklung und Vertriebs GmbH)

==================== Drivers (Whitelisted) ====================

R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-21] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-21] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-11-26] (Disc Soft Ltd)
S3 FARMNTIO; c:\windows\system32\drivers\farmntio.sys [25144 2013-04-11] ()
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [44928 2012-10-11] (ManyCam LLC)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [28160 2013-01-31] (ManyCam LLC)
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [240864 2013-07-29] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111328 2013-07-29] (Samsung Electronics Co., Ltd.)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\w...w\AppData\Local\Temp\ALSysIO64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-18 23:45 - 2014-02-18 23:45 - 00001619 _____ () C:\Users\w...w\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Evernote.lnk
2014-02-18 23:34 - 2014-02-18 23:34 - 00150131 _____ () C:\Users\w...w\Desktop\xda-developers - View Single Post - Whatsapp ART support.htm
2014-02-18 23:34 - 2014-02-18 23:34 - 00000000 ____D () C:\Users\w...w\Desktop\xda-developers - View Single Post - Whatsapp ART support_files
2014-02-18 23:29 - 2014-02-18 23:29 - 00000000 ____D () C:\Program Files\SAMSUNG
2014-02-18 23:29 - 2013-06-21 01:07 - 00103448 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2014-02-18 23:28 - 2014-02-18 23:28 - 15365072 _____ (SAMSUNG Electronics Co., Ltd.) C:\Users\w...w\Downloads\Samsung_USB-Driver_for_Mobile_Phones-1.5.27.0.exe
2014-02-18 22:51 - 2014-02-18 22:51 - 00000000 ____D () C:\Users\w...w\AppData\Roaming\InstallShield
2014-02-18 22:48 - 2014-02-18 22:50 - 90531320 _____ (Hewlett-Packard Company ) C:\Users\w...w\Downloads\sp60504.exe
2014-02-18 22:42 - 2014-02-18 22:42 - 02219125 _____ ( ) C:\Users\w...w\Downloads\Minimal_ADB_and_Fastboot_1.0.exe
2014-02-18 22:39 - 2014-02-18 22:39 - 01081344 _____ () C:\Users\w...w\Downloads\libart-monitor-patched.zip
2014-02-18 22:39 - 2014-02-18 22:39 - 00000000 ____D () C:\Users\w...w\Downloads\libart-monitor-patched
2014-02-18 20:21 - 2014-02-18 20:21 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-02-18 20:16 - 2014-02-19 19:50 - 00000000 ____D () C:\FRST
2014-02-18 19:59 - 2014-02-18 19:59 - 00000000 ____D () C:\Windows\ERUNT
2014-02-18 19:46 - 2014-02-18 19:46 - 00000879 _____ () C:\Users\w...w\Desktop\LOG - Verknüpfung.lnk
2014-02-18 19:45 - 2014-02-18 23:58 - 00000000 ____D () C:\AdwCleaner
2014-02-17 19:24 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-17 19:24 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-17 19:23 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-17 19:23 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-17 19:23 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-17 19:23 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-17 19:23 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-17 19:23 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-17 19:23 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-17 19:23 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-17 19:23 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-17 19:23 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-17 19:23 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-17 19:23 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-17 19:23 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-17 19:23 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-17 19:23 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-17 19:23 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-17 19:23 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-17 19:23 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-17 19:23 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-17 19:23 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-17 19:23 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-17 19:23 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-17 19:23 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-17 19:23 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-17 19:23 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-17 19:23 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-17 19:23 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-17 19:23 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-17 19:23 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-17 19:23 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-17 19:23 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-17 19:23 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-17 19:23 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-17 19:23 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-17 19:23 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-17 19:23 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-17 19:23 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-17 19:23 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-17 19:23 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-15 17:25 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-15 17:25 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-15 17:25 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-15 17:25 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-15 17:25 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-15 17:25 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-15 17:25 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-15 17:25 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-15 17:25 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-15 17:25 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-15 17:25 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-15 17:25 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-15 17:25 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-15 17:25 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-15 17:25 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-15 17:25 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-15 17:25 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-15 17:25 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-15 17:19 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-15 17:19 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-15 17:19 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-15 17:19 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-15 17:19 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-15 17:19 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-15 17:11 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-15 17:11 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-15 17:11 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-15 17:11 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-09 11:40 - 2014-02-09 11:40 - 01869082 _____ () C:\Users\w...w\Downloads\ch.neoos.doodle.1.0.3.apk
2014-02-09 11:34 - 2014-02-09 11:34 - 00000000 ____D () C:\Users\w...w\AppData\Roaming\Mozilla
2014-02-08 11:28 - 2014-02-08 11:28 - 00025366 _____ () C:\Users\w...w\Downloads\FRITZ!Box_Anrufliste.csv
2014-02-08 11:24 - 2014-02-08 11:24 - 00500844 _____ () C:\Users\w...w\Downloads\archive08022014_112414.zip
2014-02-08 09:39 - 2014-02-08 09:39 - 00288104 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-02-08 09:39 - 2014-02-08 09:39 - 00284434 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2014-02-08 09:39 - 2014-02-08 09:39 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-02-07 12:38 - 2014-02-07 12:38 - 00000000 ____D () C:\Users\w...w\AppData\Local\roomeon
2014-02-05 19:18 - 2014-02-05 19:18 - 00000000 ____D () C:\Program Files (x86)\LG Electronics
2014-02-05 19:17 - 2014-02-05 19:17 - 00000000 ____D () C:\LGP350
2014-02-05 19:16 - 2014-02-05 19:16 - 00003138 _____ () C:\Windows\System32\Tasks\{9449C0E6-3B45-4444-A20D-88B6C47C715D}
2014-02-05 19:16 - 2014-02-05 19:16 - 00002411 _____ () C:\Windows\SysWOW64\lgAxconfig.ini
2014-02-05 19:16 - 2014-02-05 19:16 - 00000831 _____ () C:\Users\w...w\Desktop\LGMobile Support Tool.lnk
2014-02-05 19:16 - 2011-05-06 19:37 - 00655872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr90.dll
2014-02-05 19:16 - 2011-05-06 19:37 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp90.dll
2014-02-05 19:16 - 2011-05-06 19:37 - 00224768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcm90.dll
2014-02-05 19:16 - 2006-04-30 14:33 - 00053248 _____ () C:\Windows\SysWOW64\CommonDL.dll
2014-02-05 19:16 - 2005-11-20 08:34 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml4r.dll
2014-02-05 19:16 - 2005-09-30 07:39 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml4a.dll
2014-02-05 19:14 - 2014-02-05 19:23 - 00000000 ____D () C:\Users\w...w\Downloads\LGP350
2014-02-05 19:08 - 2014-02-05 19:16 - 00000000 ____D () C:\ProgramData\LGMOBILEAX
2014-02-05 19:08 - 2014-02-05 19:08 - 00261208 _____ (LG Electronics) C:\Users\w...w\Downloads\B2CAppSetup.exe
2014-02-02 13:26 - 2014-02-02 13:26 - 00035840 _____ () C:\Users\w...w\Downloads\pcon014.xls
2014-01-26 12:32 - 2014-01-26 12:32 - 00282775 _____ () C:\Users\w...w\Downloads\YouTube-Unblocker-055.crx
2014-01-24 21:29 - 2014-01-24 21:29 - 00001350 _____ () C:\Users\w...w\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MD5 & SHA Checksum Utility.exe - Verknüpfung.lnk
2014-01-24 08:24 - 2014-01-24 08:24 - 00002475 _____ () C:\Users\w...w\Downloads\mailFilters.xml
2014-01-24 08:12 - 2014-01-24 08:12 - 00000000 ____D () C:\Users\w...w\AppData\Roaming\DropboxMaster
2014-01-23 10:39 - 2014-01-23 10:39 - 00020480 _____ () C:\Users\w...w\Downloads\MinusArbeitstage.xls

==================== One Month Modified Files and Folders =======

2014-02-19 19:50 - 2014-02-18 20:16 - 00000000 ____D () C:\FRST
2014-02-19 19:50 - 2013-04-27 20:48 - 00000000 ____D () C:\Users\w...w\AppData\Roaming\Dropbox
2014-02-19 19:49 - 2013-08-18 19:01 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-82718981-2728021986-1345355776-1001UA.job
2014-02-19 19:49 - 2013-08-18 19:01 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-82718981-2728021986-1345355776-1001Core.job
2014-02-19 19:33 - 2013-04-27 20:33 - 01803857 _____ () C:\Windows\WindowsUpdate.log
2014-02-19 19:12 - 2013-04-27 20:43 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-19 19:11 - 2013-04-27 20:43 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-19 19:06 - 2013-04-27 20:43 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-19 19:06 - 2013-04-27 20:43 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-19 19:04 - 2009-07-14 18:58 - 00654400 _____ () C:\Windows\system32\perfh007.dat
2014-02-19 19:04 - 2009-07-14 18:58 - 00130240 _____ () C:\Windows\system32\perfc007.dat
2014-02-19 19:04 - 2009-07-14 06:13 - 01498742 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-19 00:04 - 2009-07-14 05:45 - 00016944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-19 00:04 - 2009-07-14 05:45 - 00016944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-18 23:58 - 2014-02-18 19:45 - 00000000 ____D () C:\AdwCleaner
2014-02-18 23:58 - 2013-04-27 21:30 - 00071268 _____ () C:\Windows\PFRO.log
2014-02-18 23:58 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-18 23:58 - 2009-07-14 05:51 - 00052684 _____ () C:\Windows\setupact.log
2014-02-18 23:45 - 2014-02-18 23:45 - 00001619 _____ () C:\Users\w...w\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Evernote.lnk
2014-02-18 23:34 - 2014-02-18 23:34 - 00150131 _____ () C:\Users\w...w\Desktop\xda-developers - View Single Post - Whatsapp ART support.htm
2014-02-18 23:34 - 2014-02-18 23:34 - 00000000 ____D () C:\Users\w...w\Desktop\xda-developers - View Single Post - Whatsapp ART support_files
2014-02-18 23:29 - 2014-02-18 23:29 - 00000000 ____D () C:\Program Files\SAMSUNG
2014-02-18 23:28 - 2014-02-18 23:28 - 15365072 _____ (SAMSUNG Electronics Co., Ltd.) C:\Users\w...w\Downloads\Samsung_USB-Driver_for_Mobile_Phones-1.5.27.0.exe
2014-02-18 23:28 - 2013-05-03 08:40 - 00000000 ____D () C:\ProgramData\Samsung
2014-02-18 23:25 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-18 22:51 - 2014-02-18 22:51 - 00000000 ____D () C:\Users\w...w\AppData\Roaming\InstallShield
2014-02-18 22:51 - 2013-12-19 20:32 - 00000000 ____D () C:\SWSetup
2014-02-18 22:50 - 2014-02-18 22:48 - 90531320 _____ (Hewlett-Packard Company ) C:\Users\w...w\Downloads\sp60504.exe
2014-02-18 22:42 - 2014-02-18 22:42 - 02219125 _____ ( ) C:\Users\w...w\Downloads\Minimal_ADB_and_Fastboot_1.0.exe
2014-02-18 22:40 - 2013-06-04 19:12 - 00000000 ____D () C:\Program Files (x86)\phase5
2014-02-18 22:39 - 2014-02-18 22:39 - 01081344 _____ () C:\Users\w...w\Downloads\libart-monitor-patched.zip
2014-02-18 22:39 - 2014-02-18 22:39 - 00000000 ____D () C:\Users\w...w\Downloads\libart-monitor-patched
2014-02-18 20:21 - 2014-02-18 20:21 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-02-18 19:59 - 2014-02-18 19:59 - 00000000 ____D () C:\Windows\ERUNT
2014-02-18 19:46 - 2014-02-18 19:46 - 00000879 _____ () C:\Users\w...w\Desktop\LOG - Verknüpfung.lnk
2014-02-18 19:44 - 2013-08-18 19:01 - 00004096 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-82718981-2728021986-1345355776-1001UA
2014-02-18 19:44 - 2013-08-18 19:01 - 00003700 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-82718981-2728021986-1345355776-1001Core
2014-02-18 19:37 - 2013-05-30 12:21 - 00000000 ____D () C:\Program Files (x86)\StarMoney Business 6.0
2014-02-18 19:37 - 2013-05-26 21:27 - 00000000 ____D () C:\Program Files (x86)\StarMoney 9.0
2014-02-17 19:31 - 2013-08-16 15:29 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-17 19:29 - 2010-02-09 23:33 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-17 19:15 - 2013-05-03 08:42 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-02-09 11:40 - 2014-02-09 11:40 - 01869082 _____ () C:\Users\w...w\Downloads\ch.neoos.doodle.1.0.3.apk
2014-02-09 11:34 - 2014-02-09 11:34 - 00000000 ____D () C:\Users\w...w\AppData\Roaming\Mozilla
2014-02-08 13:34 - 2013-05-17 18:20 - 00000000 ____D () C:\Program Files (x86)\JDownloader v2.0
2014-02-08 11:28 - 2014-02-08 11:28 - 00025366 _____ () C:\Users\w...w\Downloads\FRITZ!Box_Anrufliste.csv
2014-02-08 11:24 - 2014-02-08 11:24 - 00500844 _____ () C:\Users\w...w\Downloads\archive08022014_112414.zip
2014-02-08 09:39 - 2014-02-08 09:39 - 00288104 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-02-08 09:39 - 2014-02-08 09:39 - 00284434 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2014-02-08 09:39 - 2014-02-08 09:39 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-02-08 00:31 - 2014-01-07 19:37 - 00000000 ____D () C:\Users\w...w\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-02-07 12:46 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-02-07 12:38 - 2014-02-07 12:38 - 00000000 ____D () C:\Users\w...w\AppData\Local\roomeon
2014-02-06 13:16 - 2014-02-17 19:23 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-17 19:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-17 19:23 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-17 19:23 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-17 19:23 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-17 19:23 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-17 19:23 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-17 19:23 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-17 19:23 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-17 19:23 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-17 19:23 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-17 19:23 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-17 19:23 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-17 19:23 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-17 19:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-17 19:23 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-17 19:23 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-17 19:23 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-17 19:23 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-17 19:23 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-17 19:23 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-17 19:23 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-17 19:23 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-17 19:23 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-17 19:23 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-17 19:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-17 19:23 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-17 19:23 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-17 19:23 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-17 19:23 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-17 19:23 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-17 19:23 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-17 19:23 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-17 19:23 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-17 19:23 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-17 19:23 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-17 19:23 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-17 19:23 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-17 19:23 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-05 19:23 - 2014-02-05 19:14 - 00000000 ____D () C:\Users\w...w\Downloads\LGP350
2014-02-05 19:18 - 2014-02-05 19:18 - 00000000 ____D () C:\Program Files (x86)\LG Electronics
2014-02-05 19:18 - 2013-05-26 21:26 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-05 19:17 - 2014-02-05 19:17 - 00000000 ____D () C:\LGP350
2014-02-05 19:16 - 2014-02-05 19:16 - 00003138 _____ () C:\Windows\System32\Tasks\{9449C0E6-3B45-4444-A20D-88B6C47C715D}
2014-02-05 19:16 - 2014-02-05 19:16 - 00002411 _____ () C:\Windows\SysWOW64\lgAxconfig.ini
2014-02-05 19:16 - 2014-02-05 19:16 - 00000831 _____ () C:\Users\w...w\Desktop\LGMobile Support Tool.lnk
2014-02-05 19:16 - 2014-02-05 19:08 - 00000000 ____D () C:\ProgramData\LGMOBILEAX
2014-02-05 19:08 - 2014-02-05 19:08 - 00261208 _____ (LG Electronics) C:\Users\w...w\Downloads\B2CAppSetup.exe
2014-02-03 19:18 - 2013-05-24 12:13 - 00000000 ____D () C:\Users\w...w\AppData\Roaming\vlc
2014-02-02 13:26 - 2014-02-02 13:26 - 00035840 _____ () C:\Users\w...w\Downloads\pcon014.xls
2014-01-26 12:32 - 2014-01-26 12:32 - 00282775 _____ () C:\Users\w...w\Downloads\YouTube-Unblocker-055.crx
2014-01-24 21:29 - 2014-01-24 21:29 - 00001350 _____ () C:\Users\w...w\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MD5 & SHA Checksum Utility.exe - Verknüpfung.lnk
2014-01-24 08:24 - 2014-01-24 08:24 - 00002475 _____ () C:\Users\w...w\Downloads\mailFilters.xml
2014-01-24 08:13 - 2013-04-27 20:38 - 00000000 ___RD () C:\Users\w...w\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-24 08:12 - 2014-01-24 08:12 - 00000000 ____D () C:\Users\w...w\AppData\Roaming\DropboxMaster
2014-01-23 10:39 - 2014-01-23 10:39 - 00020480 _____ () C:\Users\w...w\Downloads\MinusArbeitstage.xls

Some content of TEMP:
====================
C:\Users\w...w\AppData\Local\Temp\13-9-legacy_vista_win7_64_dd_ccc_whql.exe
C:\Users\w...w\AppData\Local\Temp\avgnt.exe
C:\Users\w...w\AppData\Local\Temp\Checkupdate.exe
C:\Users\w...w\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzsjg9q.dll
C:\Users\w...w\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\w...w\AppData\Local\Temp\gcapi_dll.dll
C:\Users\w...w\AppData\Local\Temp\GLF8224.tmp.dll
C:\Users\w...w\AppData\Local\Temp\gtapi_signed.dll
C:\Users\w...w\AppData\Local\Temp\Quarantine.exe
C:\Users\w...w\AppData\Local\Temp\SCC.dll
C:\Users\w...w\AppData\Local\Temp\SymCCIS.dll
C:\Users\w...w\AppData\Local\Temp\tmp7B1.exe
C:\Users\w...w\AppData\Local\Temp\unrar.dll
C:\Users\w...w\AppData\Local\Temp\vlc-2.1.2-win32.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-30 16:58

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---
__________________

Alt 20.02.2014, 13:28   #4
schrauber
/// the machine
/// TB-Ausbilder
 

kein WLAN mehr, dafür AdWare - Standard

kein WLAN mehr, dafür AdWare



Zitat:
Kann AdWare diesen wirklich blockieren?
jein, aber kaputt machen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu kein WLAN mehr, dafür AdWare
100%, adware, antivir, avira, branding, desktop, device driver, google, google analytics, homepage, installation, mobogenie, mobogenie entfernen, preferences, pup.optional.installbrain.a, pup.optional.installcore.a, pup.optional.nextlive.a, pup.optional.opencandy, registrierungsdatenbank, rundll, services.exe, software, starmoney, svchost.exe, vista



Ähnliche Themen: kein WLAN mehr, dafür AdWare


  1. Hotspot Shield und File Shredder lassen sich nicht deinstallieren, kein WLAN mehr, PC langsam
    Log-Analyse und Auswertung - 08.06.2015 (24)
  2. Nach Adware Cleaner Meldung: "Keine Internetverbindung". Keine Updates, kein Skype u.ä. mehr möglich!
    Antiviren-, Firewall- und andere Schutzprogramme - 08.01.2015 (15)
  3. Nach Instalation von Iminet,kein Netzwerk mehr (kein internet mehr) Goggle Chrome und IE lassen sich nicht öffnen(weißer Bildschirm)
    Plagegeister aller Art und deren Bekämpfung - 27.12.2014 (1)
  4. Kein WLan funktioniert mehr am Laptop
    Plagegeister aller Art und deren Bekämpfung - 26.12.2014 (10)
  5. Laptop WIN7: funktioniert kein WLAN mehr, Mozilla spinnt rum, Intel RST Service läuft nicht, Meldungen im Wartungscenter
    Plagegeister aller Art und deren Bekämpfung - 03.11.2014 (37)
  6. Laptop WIN7: funktioniert kein WLAN mehr, Mozilla spinnt rum, Intel RST Service läuft nicht, Meldungen im Wartungscenter
    Alles rund um Windows - 07.10.2014 (1)
  7. Kein Browser läuft mehr durch Adware
    Plagegeister aller Art und deren Bekämpfung - 31.07.2014 (21)
  8. BKA-/Bundestrojaner aber kein Sperrschirm dafür Fehler beim booten
    Plagegeister aller Art und deren Bekämpfung - 07.01.2014 (9)
  9. Windows 8: Malware Fund - ADWARE/InstallCore.Gen + WLAN Probleme
    Plagegeister aller Art und deren Bekämpfung - 21.12.2013 (7)
  10. kein WLAN über Fritzbox 3270 mehr, wahrscheinlich durch Trojaner
    Plagegeister aller Art und deren Bekämpfung - 01.07.2013 (11)
  11. Yahoo: kein HTTPS, dafür eine Fülle an XSS-Lücken
    Nachrichten - 27.11.2012 (0)
  12. nach start kein ton & wlan
    Alles rund um Windows - 25.07.2012 (0)
  13. Keine Anmeldung bei Windows mehr möglich. Passwort feld fehlt. Kein Internet mehr. Kein Admin mehr.
    Plagegeister aller Art und deren Bekämpfung - 15.02.2012 (5)
  14. Kein WLan mehr nach windows xp neuinstallation
    Alles rund um Windows - 13.04.2011 (20)
  15. lost+found: Sniffender Mac-Trojaner, Adware per WLAN
    Nachrichten - 10.06.2010 (0)
  16. Kein Wlan nach Neuinstallation
    Alles rund um Windows - 21.08.2008 (3)
  17. Kein Lan kein Wlan funkt mehr beim laptop!
    Log-Analyse und Auswertung - 27.07.2007 (5)

Zum Thema kein WLAN mehr, dafür AdWare - Moin, auf meinem laptop habe ich auf einmal kein WLAN Adapter mehr. Dann ist mir aufgefallen, dass die CPU ständig auf 100% lief. Anschließend habe ich mit Malwarebytes ein QuickScan - kein WLAN mehr, dafür AdWare...
Archiv
Du betrachtest: kein WLAN mehr, dafür AdWare auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.