| |
| |||||||
Log-Analyse und Auswertung: Win 7 / Avira meldet Trojaner Fakeadb.AWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
10.09.2013, 16:10
| #1 |
| |  Win 7 / Avira meldet Trojaner Fakeadb.A Hallo, Avira fand nun zum dritten mal o.g. Trojaner, nach dem dritten Versuch der Entfernung ist jetzt Ruhe. Ein weiterer vollständiger Suchlauf war ohne Fund, auch MBAM hat dann nichts mehr entdeckt. Nach etwas Recherche befürchte ich, dass sich etwas schlimmeres dahinter verbergen könnte und wollte euch deshalb um Hilfe bitten! Nachfolgend die Log-Dateien des FRST-Suchlaufs sowie von Antivir und MBAM. Ich habe nach Anleitung defogger benutzt und auch einen GMER-Suchlauf durchgeführt, mit dessen Logdatei wäre der Post allerdings zu lang, deshalb würde ich sie auf Verlangen nachliefern... FRST.txt: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-09-2013 01
Ran by Tempel (administrator) on TEST-PC on 10-09-2013 16:24:46
Running from D:\Users\Tempel\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(Logitech Inc.) D:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Logitech, Inc.) D:\Program Files\Logitech\SolarApp\L4301_Solar.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Cisco Systems, Inc.) D:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Adobe Systems Incorporated) D:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc.) D:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) D:\Program Files\Bonjour\mDNSResponder.exe
(cFos Software GmbH) C:\Windows\ASRock\XFast LAN\spd.exe
(Cisco Systems, Inc.) D:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(SEIKO EPSON CORPORATION) D:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE
(TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech, Inc.) D:\Program Files\Logitech\SetPointP\SetPoint.exe
(CANON INC.) D:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Google Inc.) D:\Users\Tempel\AppData\Local\Google\Update\GoogleUpdate.exe
(Google) D:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(johnsadventures.com) D:\Program Files (x86)\johnsadventures.com\John's Background Switcher\BackgroundSwitcher.exe
() D:\Program Files (x86)\Tor\tor.exe
(Dropbox, Inc.) D:\Users\Tempel\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) d:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) D:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google) D:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Logitech, Inc.) D:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Cisco Systems, Inc.) D:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Microsoft Corporation) d:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) D:\Program Files\Windows Media Player\wmpnetwk.exe
(ATI Technologies Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) D:\Users\Tempel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Users\Tempel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Users\Tempel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Users\Tempel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Users\Tempel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Users\Tempel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Users\Tempel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Users\Tempel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Users\Tempel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Users\Tempel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Users\Tempel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Users\Tempel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Users\Tempel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Users\Tempel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Intel Corporation) D:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) D:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) D:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [EvtMgr6] - D:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [CanonMyPrinter] - D:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
Winlogon\Notify\LBTWlgn: d:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [X]
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKCU\...\Run: [ASRockXTU] - [x]
HKCU\...\Run: [zASRockInstantBoot] - [x]
HKCU\...\Run: [Google Update] - D:\Users\Tempel\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-02] (Google Inc.)
HKCU\...\Run: [GoogleDriveSync] - D:\Program Files (x86)\Google\Drive\googledrivesync.exe [20097696 2013-06-27] (Google)
HKCU\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKCU\...\Run: [BackgroundSwitcher] - D:\Program Files (x86)\johnsadventures.com\John's Background Switcher\BackgroundSwitcher.exe [119928 2012-09-16] (johnsadventures.com)
HKCU\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000
MountPoints2: {160f2b8a-c43c-11e1-a0d6-bc5ff4381f46} - J:\setup.exe
MountPoints2: {1edae493-c427-11e1-bf19-806e6f6e6963} - E:\ASRSetup.exe
MountPoints2: {79556fb2-8b2c-11e2-a6da-00059a3c7a00} - J:\setup.exe
HKLM-x32\...\Run: [IAStorIcon] - D:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [CanonSolutionMenuEx] - D:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [StartCCC] - D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - D:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - D:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-08-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - D:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [703888 2013-07-19] (Cisco Systems, Inc.)
Startup: D:\Users\Tempel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> D:\Users\Tempel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.claro-search.com/?affID=114508&tt=4212_5&babsrc=HP_clro&mntrId=4a963650000000000000bc5ff4381f46
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=ASRK
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.claro-search.com/?q={searchTerms}&affID=114508&tt=4212_5&babsrc=SP_clro&mntrId=4a963650000000000000bc5ff4381f46
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - d:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - D:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - d:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - No Name - {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - No File
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - D:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 193.197.62.198 vpn.uni-ulm.de
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com", "hxxp://www.claro-search.com/?affID=114508&tt=4212_5&babsrc=HP_clro&mntrId=4a963650000000000000bc5ff4381f46"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - D:\Users\Tempel\AppData\Local\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - D:\Users\Tempel\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - D:\Users\Tempel\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - D:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
CHR Plugin: (AmazonMP3DownloaderPlugin) - D:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin1017325.dll (Amazon.com, Inc.)
CHR Plugin: (AmazonMP3DownloaderPlugin) - D:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin1017325.dll (Amazon.com, Inc.)
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility for IJ) - D:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
CHR Plugin: (Picasa) - D:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - D:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (VLC Web Plugin) - D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (iTunes Application Detector) - D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Silverlight Plug-In) - d:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Google Drive) - D:\Users\Tempel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (WOT) - D:\Users\Tempel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.4.13_0
CHR Extension: (YouTube) - D:\Users\Tempel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Adblock Plus) - D:\Users\Tempel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.5_0
CHR Extension: (Google Search) - D:\Users\Tempel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Gmail Offline) - D:\Users\Tempel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0
CHR Extension: (PanicButton) - D:\Users\Tempel\AppData\Local\Google\Chrome\User Data\Default\Extensions\faminaibgiklngmfpfbhmokfmnglamcm\0.14.2.2_0
CHR Extension: (Chrome to Mobile) - D:\Users\Tempel\AppData\Local\Google\Chrome\User Data\Default\Extensions\idknbmbdnapjicclomlijcgfpikmndhd\2_0
CHR Extension: (Speed Dial 2) - D:\Users\Tempel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik\1.7.0_0
CHR Extension: (Google Maps) - D:\Users\Tempel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0
CHR Extension: (Google Mail Checker) - D:\Users\Tempel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0
CHR Extension: (Chrome In-App Payments service) - D:\Users\Tempel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: (Chrome to Phone) - D:\Users\Tempel\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco\2.3.2_0
CHR Extension: (Gmail) - D:\Users\Tempel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR StartMenuInternet: Google Chrome - D:\Users\Tempel\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
R2 AdobeARMservice; D:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640 2013-05-10] (Adobe Systems Incorporated)
R2 AntiVirSchedulerService; D:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-08-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; D:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-08-20] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; D:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-08-20] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device; D:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [57008 2012-12-21] (Apple Inc.)
R2 Bonjour Service; D:\Program Files\Bonjour\mDNSResponder.exe [462184 2011-08-31] (Apple Inc.)
R2 cFosSpeedS; C:\Windows\ASRock\XFast LAN\spd.exe [395136 2011-07-04] (cFos Software GmbH)
R2 CVPND; D:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe [1528616 2010-03-23] (Cisco Systems, Inc.)
R2 EPSON_PM_RPCV4_01; D:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE [102400 2006-04-18] (SEIKO EPSON CORPORATION)
S2 gupdate; D:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648 2012-07-02] (Google Inc.)
S3 gupdatem; D:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648 2012-07-02] (Google Inc.)
S3 gusvc; D:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [136120 2011-05-10] (Google)
R2 IAStorDataMgrSvc; D:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13592 2011-05-20] (Intel Corporation)
S3 iPod Service; D:\Program Files\iPod\bin\iPodService.exe [641352 2013-02-20] (Apple Inc.)
R2 L4301_Solar; D:\Program Files\Logitech\SolarApp\L4301_Solar.exe [403536 2010-10-26] (Logitech, Inc.)
S3 LBTServ; D:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [359192 2011-09-27] (Logitech, Inc.)
R2 LMS; D:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [326168 2011-02-22] (Intel Corporation)
S2 SkypeUpdate; D:\Program Files (x86)\Skype\Updater\Updater.exe [161384 2013-02-28] (Skype Technologies)
S3 Steam Client Service; D:\Program Files (x86)\Common Files\Steam\SteamService.exe [563624 2013-08-28] (Valve Corporation)
R2 TeamViewer8; D:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [4308320 2013-08-07] (TeamViewer GmbH)
R2 tor; D:\Program Files (x86)\Tor\tor.exe [3233806 2013-09-01] ()
R2 UMVPFSrv; D:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2012-01-18] (Logitech Inc.)
R2 UNS; D:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2656280 2011-02-22] (Intel Corporation)
R2 vpnagent; D:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [557968 2013-07-19] (Cisco Systems, Inc.)
R2 wlidsvc; d:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2291568 2009-08-18] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-02] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-08-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-08-06] (Avira Operations GmbH & Co. KG)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-03-12] (DT Soft Ltd)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [31808 2012-07-02] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [15936 2012-07-02] (FNet Co., Ltd.)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-03-12] (Duplex Secure Ltd.)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-07-19] (Cisco Systems, Inc.)
S3 ALSysIO; \??\D:\Users\Tempel\AppData\Local\Temp\ALSysIO64.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-10 16:24 - 2013-09-10 16:24 - 00000000 ____D C:\FRST
2013-09-10 16:19 - 2013-09-10 16:19 - 00000654 _____ D:\Users\Tempel\Desktop\defogger_disable.log
2013-09-10 16:19 - 2013-09-10 16:19 - 00000188 _____ D:\Users\Tempel\defogger_reenable
2013-09-10 16:17 - 2013-09-10 16:17 - 00028532 _____ D:\Users\Tempel\Desktop\AVSCAN-20130910-082346-A2F2067D.LOG
2013-09-10 16:16 - 2013-09-10 16:16 - 01949196 _____ (Farbar) D:\Users\Tempel\Desktop\FRST64.exe
2013-09-10 16:16 - 2013-09-10 16:16 - 00377856 _____ D:\Users\Tempel\Desktop\gmer_2.1.19163.exe
2013-09-10 16:16 - 2013-09-10 16:16 - 00050477 _____ D:\Users\Tempel\Desktop\Defogger.exe
2013-09-06 15:01 - 2013-09-06 15:01 - 00000548 _____ C:\Windows\Tasks\MATLAB R2013a Startup Accelerator.job
2013-08-30 08:02 - 2013-08-30 08:02 - 00000000 ____D D:\Program Files (x86)\Tor
2013-08-20 00:00 - 2013-09-04 16:40 - 00003434 _____ C:\Windows\System32\Tasks\Browser Manager
2013-08-17 12:10 - 2013-08-20 11:46 - 00000000 ____D D:\Program Files (x86)\Mozilla Thunderbird
2013-08-17 10:23 - 2013-09-02 10:50 - 00000000 ____D D:\Users\Tempel\Desktop\Entwickeln
2013-08-15 09:55 - 2013-08-15 09:55 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 09:54 - 2013-07-25 05:54 - 17830400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-15 09:54 - 2013-07-25 05:37 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-15 09:54 - 2013-07-25 05:35 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-15 09:54 - 2013-07-25 05:31 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-15 09:54 - 2013-07-25 05:30 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-15 09:54 - 2013-07-25 05:29 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-08-15 09:54 - 2013-07-25 05:29 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-08-15 09:54 - 2013-07-25 05:29 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-15 09:54 - 2013-07-25 05:28 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-15 09:54 - 2013-07-25 05:28 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-15 09:54 - 2013-07-25 05:28 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-15 09:54 - 2013-07-25 05:28 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-08-15 09:54 - 2013-07-25 05:28 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-08-15 09:54 - 2013-07-25 05:27 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-15 09:54 - 2013-07-25 05:27 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-08-15 09:54 - 2013-07-25 05:26 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-15 09:54 - 2013-07-25 04:40 - 12334080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-15 09:54 - 2013-07-25 04:32 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-15 09:54 - 2013-07-25 04:30 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-15 09:54 - 2013-07-25 04:26 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-15 09:54 - 2013-07-25 04:26 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-15 09:54 - 2013-07-25 04:25 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-08-15 09:54 - 2013-07-25 04:24 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-08-15 09:54 - 2013-07-25 04:24 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-15 09:54 - 2013-07-25 04:23 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-15 09:54 - 2013-07-25 04:23 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-15 09:54 - 2013-07-25 04:23 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-15 09:54 - 2013-07-25 04:23 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-08-15 09:54 - 2013-07-25 04:23 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-08-15 09:54 - 2013-07-25 04:22 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-15 09:54 - 2013-07-25 04:22 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-15 09:54 - 2013-07-25 04:22 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-08-15 08:27 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-15 08:27 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-15 08:27 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-15 08:27 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-15 08:27 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-15 08:27 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-15 08:27 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-15 08:27 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 08:27 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 08:27 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 08:27 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 08:27 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-15 08:27 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-15 08:27 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-15 08:27 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-15 08:27 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-15 08:27 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-15 08:27 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-15 08:27 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-15 08:27 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-15 08:27 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-15 08:27 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-15 08:27 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-15 08:27 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-15 08:27 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-15 08:27 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-15 08:27 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
==================== One Month Modified Files and Folders =======
2013-09-10 16:24 - 2013-09-10 16:24 - 00000000 ____D C:\FRST
2013-09-10 16:24 - 2012-07-02 11:24 - 02041576 _____ C:\Windows\WindowsUpdate.log
2013-09-10 16:23 - 2012-07-02 12:59 - 00000000 ____D D:\Users\Tempel\AppData\Roaming\Dropbox
2013-09-10 16:22 - 2012-07-02 13:02 - 00000000 ___RD D:\Users\Tempel\Dropbox
2013-09-10 16:22 - 2012-07-02 12:59 - 00000000 ___RD D:\Users\Tempel\Google Drive
2013-09-10 16:21 - 2009-07-14 06:51 - 00363965 _____ C:\Windows\setupact.log
2013-09-10 16:19 - 2013-09-10 16:19 - 00000654 _____ D:\Users\Tempel\Desktop\defogger_disable.log
2013-09-10 16:19 - 2013-09-10 16:19 - 00000188 _____ D:\Users\Tempel\defogger_reenable
2013-09-10 16:19 - 2012-07-02 12:31 - 00000000 ____D D:\Users\Tempel
2013-09-10 16:17 - 2013-09-10 16:17 - 00028532 _____ D:\Users\Tempel\Desktop\AVSCAN-20130910-082346-A2F2067D.LOG
2013-09-10 16:16 - 2013-09-10 16:16 - 01949196 _____ (Farbar) D:\Users\Tempel\Desktop\FRST64.exe
2013-09-10 16:16 - 2013-09-10 16:16 - 00377856 _____ D:\Users\Tempel\Desktop\gmer_2.1.19163.exe
2013-09-10 16:16 - 2013-09-10 16:16 - 00050477 _____ D:\Users\Tempel\Desktop\Defogger.exe
2013-09-10 00:23 - 2012-07-05 10:24 - 00000000 ____D D:\Users\Tempel\Documents\MATLAB
2013-09-09 21:31 - 2009-07-14 06:45 - 00016704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-09 21:31 - 2009-07-14 06:45 - 00016704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-09 21:30 - 2009-07-14 19:58 - 00696620 _____ C:\Windows\system32\perfh007.dat
2013-09-09 21:30 - 2009-07-14 19:58 - 00147916 _____ C:\Windows\system32\perfc007.dat
2013-09-09 21:30 - 2009-07-14 07:13 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-06 15:01 - 2013-09-06 15:01 - 00000548 _____ C:\Windows\Tasks\MATLAB R2013a Startup Accelerator.job
2013-09-06 14:36 - 2012-07-02 14:27 - 00000000 ____D D:\Program Files\MATLAB
2013-09-06 12:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-09-06 11:27 - 2012-07-02 12:56 - 00590196 _____ C:\Windows\PFRO.log
2013-09-04 16:40 - 2013-08-20 00:00 - 00003434 _____ C:\Windows\System32\Tasks\Browser Manager
2013-09-04 16:28 - 2012-07-02 12:50 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2013412791-1596353806-2001287601-1003UA.job
2013-09-04 15:43 - 2012-07-02 12:58 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-04 15:05 - 2013-03-12 18:17 - 00000548 _____ C:\Windows\Tasks\MATLAB R2012b Startup Accelerator.job
2013-09-04 15:02 - 2012-07-02 12:58 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-04 15:01 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-02 14:31 - 2013-08-06 22:34 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-02 10:50 - 2013-08-17 10:23 - 00000000 ____D D:\Users\Tempel\Desktop\Entwickeln
2013-09-02 10:28 - 2012-07-02 12:50 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2013412791-1596353806-2001287601-1003Core.job
2013-09-01 09:28 - 2012-10-15 12:02 - 00000000 ____D D:\Users\Tempel\AppData\Local\CrashDumps
2013-08-30 11:13 - 2012-08-31 10:19 - 00000000 ____D D:\Users\Tempel\Desktop\Tempels
2013-08-30 08:02 - 2013-08-30 08:02 - 00000000 ____D D:\Program Files (x86)\Tor
2013-08-30 00:14 - 2012-11-26 22:38 - 00000000 ____D D:\Program Files (x86)\Steam
2013-08-23 10:45 - 2013-03-08 10:18 - 00000000 ____D D:\Program Files (x86)\Cisco
2013-08-20 11:46 - 2013-08-17 12:10 - 00000000 ____D D:\Program Files (x86)\Mozilla Thunderbird
2013-08-20 11:25 - 2013-08-06 22:35 - 00081112 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-08-20 11:25 - 2013-08-06 22:34 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-08-16 18:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-16 07:44 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-15 09:55 - 2013-08-15 09:55 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 09:54 - 2012-07-02 13:09 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
Files to move or delete:
====================
D:\Users\Tempel\AppData\Local\Temp\AskSLib.dll
D:\Users\Tempel\AppData\Local\Temp\iv_uninstall.exe
D:\Users\Tempel\AppData\Local\Temp\LMkRstPt.exe
D:\Users\Tempel\AppData\Local\Temp\MSETUP4.EXE
D:\Users\Tempel\AppData\Local\Temp\tmp7167.exe
D:\Users\Tempel\AppData\Local\Temp\tmp951F.exe
D:\Users\Tempel\AppData\Local\Temp\tmpBE5E.exe
D:\Users\Tempel\AppData\Local\Temp\tmpC10.exe
D:\Users\Tempel\AppData\Local\Temp\tmpCC43.exe
D:\Users\Tempel\AppData\Local\Temp\tmpF4AA.exe
D:\Users\Tempel\AppData\Local\Temp\uninstall.exe
D:\Users\Tempel\AppData\Local\Temp\vpnclient_setup.exe
D:\Users\Tempel\AppData\Local\Temp\_is3B7.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-09-01 13:07
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-09-2013 01 Ran by Tempel at 2013-09-10 16:25:14 Running from D:\Users\Tempel\Desktop Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= Adobe Flash Player 11 ActiveX (x32 Version: 11.0.1.152) Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224) Adobe Reader X (10.1.7) - Deutsch (x32 Version: 10.1.7) Amazon MP3-Downloader 1.0.17 (x32 Version: 1.0.17) AMD Accelerated Video Transcoding (Version: 12.5.100.21219) AMD APP SDK Runtime (Version: 10.0.1084.4) AMD Catalyst Install Manager (Version: 8.0.903.0) AMD Drag and Drop Transcoding (Version: 2.00.0000) AMD Media Foundation Decoders (Version: 1.0.71219.1540) Apple Application Support (x32 Version: 2.3.3) Apple Mobile Device Support (Version: 6.1.0.13) Apple Software Update (x32 Version: 2.1.3.127) Asmedia ASM104x USB 3.0 Host Controller Driver (x32 Version: 1.10.1.0) ASRock eXtreme Tuner v0.1.110 (x32) ASRock InstantBoot v1.29 (x32) Avira Free Antivirus (x32 Version: 13.0.0.4052) Batman: Arkham City GOTY (x32) Bonjour (Version: 3.0.0.10) CameraHelperMsi (x32 Version: 13.50.854.0) Canon Easy-PhotoPrint EX (x32) Canon Easy-WebPrint EX (x32) Canon MG5300 series Benutzerregistrierung (x32) Canon MG5300 series MP Drivers Canon MG5300 series On-screen Manual (x32) Canon MP Navigator EX 5.0 (x32) Canon My Printer (x32) Canon Solution Menu EX (x32) Catalyst Control Center - Branding (x32 Version: 1.00.0000) Catalyst Control Center (x32 Version: 2012.1219.1521.27485) Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1219.1521.27485) Catalyst Control Center InstallProxy (x32 Version: 2012.1219.1521.27485) Catalyst Control Center Localization All (x32 Version: 2012.1219.1521.27485) CCC Help Chinese Standard (x32 Version: 2012.1219.1520.27485) CCC Help Chinese Traditional (x32 Version: 2012.1219.1520.27485) CCC Help Czech (x32 Version: 2012.1219.1520.27485) CCC Help Danish (x32 Version: 2012.1219.1520.27485) CCC Help Dutch (x32 Version: 2012.1219.1520.27485) CCC Help English (x32 Version: 2012.1219.1520.27485) CCC Help Finnish (x32 Version: 2012.1219.1520.27485) CCC Help French (x32 Version: 2012.1219.1520.27485) CCC Help German (x32 Version: 2012.1219.1520.27485) CCC Help Greek (x32 Version: 2012.1219.1520.27485) CCC Help Hungarian (x32 Version: 2012.1219.1520.27485) CCC Help Italian (x32 Version: 2012.1219.1520.27485) CCC Help Japanese (x32 Version: 2012.1219.1520.27485) CCC Help Korean (x32 Version: 2012.1219.1520.27485) CCC Help Norwegian (x32 Version: 2012.1219.1520.27485) CCC Help Polish (x32 Version: 2012.1219.1520.27485) CCC Help Portuguese (x32 Version: 2012.1219.1520.27485) CCC Help Russian (x32 Version: 2012.1219.1520.27485) CCC Help Spanish (x32 Version: 2012.1219.1520.27485) CCC Help Swedish (x32 Version: 2012.1219.1520.27485) CCC Help Thai (x32 Version: 2012.1219.1520.27485) CCC Help Turkish (x32 Version: 2012.1219.1520.27485) ccc-utility64 (Version: 2012.1219.1521.27485) CCleaner (Version: 3.20) Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04063) Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04063) Cisco Systems VPN Client 5.0.07.0290 (Version: 5.0.7) Core Temp 1.0 RC3 (Version: 1.0) DAEMON Tools Lite (x32 Version: 4.46.1.0328) Dark Souls: Prepare to Die Edition (x32) Dead Space™ 2 (x32 Version: 1.0.941.0) Diablo II (x32) Diablo III (x32 Version: 1.0.7.14633) Diablo III Public Test (x32 Version: 1.0.5.12289) Dropbox (HKCU Version: 2.0.22) Dual-Core Optimizer (x32 Version: 1.1.4.0169) ElsterFormular (x32 Version: 14.0.0.10960) EPSON-Drucker-Software erLT (x32 Version: 1.20.138.34) Fraps (x32) Google Chrome (HKCU Version: 29.0.1547.66) Google Drive (x32 Version: 1.11.4865.2530) Google Update Helper (x32 Version: 1.3.21.153) GPL Ghostscript (Version: 9.05) GSview 5.0 (Version: 5.0) Intel(R) Control Center (x32 Version: 1.2.1.1007) Intel(R) Management Engine Components (x32 Version: 7.0.0.1144) Intel(R) Processor Graphics (x32 Version: 9.17.10.2932) Intel(R) Rapid Storage Technology (x32 Version: 10.6.0.1002) iTunes (Version: 11.0.2.26) John's Background Switcher 4.6 (x32 Version: 4.6) Logitech SetPoint 6.32 (Version: 6.32.20) Logitech Solar App 1.0 (Version: 1.00.46) Logitech Unifying-Software 2.10 (Version: 2.10.37) Logitech Webcam Software (x32 Version: 2.0) LWS Facebook (x32 Version: 13.50.854.0) LWS Gallery (x32 Version: 13.50.854.0) LWS Help_main (x32 Version: 13.50.862.0) LWS Launcher (x32 Version: 13.50.859.0) LWS Motion Detection (x32 Version: 13.30.1395.0) LWS Pictures And Video (x32 Version: 13.50.861.0) LWS Twitter (x32 Version: 13.30.1346.0) LWS Video Mask Maker (x32 Version: 13.30.1379.0) LWS VideoEffects (Version: 13.30.1379.0) LWS Webcam Software (x32 Version: 13.31.1038.0) LWS WLM Plugin (x32 Version: 1.30.1201.0) LWS YouTube Plugin (x32 Version: 13.31.1038.0) Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300) MATLAB R2012b (Version: 8.0) MATLAB R2013a (Version: 8.1) Metro 2033 (x32) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319) Microsoft .NET Framework 4 Extended (Version: 4.0.30319) Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319) Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0) Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0) Microsoft Silverlight (Version: 5.1.20513.0) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (x32 Version: 9.0.30411) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) MiKTeX 2.9 (Version: 2.9) Mozilla Thunderbird 14.0 (x86 de) (x32 Version: 14.0) Mozilla Thunderbird 17.0.8 (x86 de) (HKCU Version: 17.0.8) MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0) Müller Foto (x32 Version: 5.0.3) neroxml (x32 Version: 1.0.0) NVIDIA PhysX (x32 Version: 9.10.0222) ock App Charger v1.0.4 OpenOffice.org 3.4 (x32 Version: 3.4.9590) Path of Exile (x32 Version: 0.10.0.22479) Picasa 3 (x32 Version: 3.9) Realtek Ethernet Controller Driver (x32 Version: 7.44.421.2011) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6392) Sid Meier's Civilization 4 - Beyond the Sword (x32 Version: 3.19) Sid Meier's Civilization 4 Complete (x32 Version: 1.74) Sid Meier's Civilization V (x32) Skype™ 6.3 (x32 Version: 6.3.105) SSH Secure Shell (x32) Steam (x32 Version: 1.0.0.0) TeamViewer 8 (x32 Version: 8.0.20202) TeXnicCenter Version 2.0 Alpha 4 (Version: 2.0 Alpha 4) The Witcher 2: Assassins of Kings Enhanced Edition (x32) THX TruStudio (x32 Version: 1.00.01) Torchlight II (x32) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1) VLC media player 2.0.5 (x32 Version: 2.0.5) Winamp (x32 Version: 5.623 ) Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1) Windows Live ID Sign-in Assistant (Version: 6.500.3165.0) WinRAR 4.20 (64-Bit) (Version: 4.20.0) XFast LAN v6.61 (Version: 6.61) XFastUsb (x32) ==================== Restore Points ========================= 03-09-2013 10:21:25 Windows Update 06-09-2013 06:20:17 Avira Free Antivirus - 06.09.2013 08:20 ==================== Hosts content: ========================== 2009-07-14 04:34 - 2013-03-10 08:51 - 00000859 ____A C:\Windows\system32\Drivers\etc\hosts 193.197.62.198 vpn.uni-ulm.de ==================== Scheduled Tasks (whitelisted) ============= Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started Task: {14B75439-A288-43E5-84A1-2661F5F37081} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe Task: {30CD2CAE-6E89-4AEC-83A8-9D4272BF437B} - System32\Tasks\GoogleUpdateTaskMachineCore => D:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-02] (Google Inc.) Task: {3913E400-F048-44EA-896C-C10AA90FA56C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2013412791-1596353806-2001287601-1003Core => D:\Users\Tempel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-02] (Google Inc.) Task: {3CBF2CFE-2936-43B3-8B21-6B27A28EB95F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2013412791-1596353806-2001287601-1003UA => D:\Users\Tempel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-02] (Google Inc.) Task: {54919411-C0FD-4D02-9C10-764D3D9E47E5} - System32\Tasks\Core Temp Autostart Tempel => D:\Program Files\Core Temp\Core Temp.exe [2012-01-25] () Task: {66B0083A-9720-4B7E-B8D4-3D416FDDD0B9} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation) Task: {73C545BC-7D18-402A-95A4-B7CA622CAC93} - System32\Tasks\MATLAB R2012b Startup Accelerator => D:\Program Files\MATLAB\R2012b\bin\win64\MATLABStartupAccelerator.exe [2012-07-20] () Task: {744E55E7-D199-4F96-B59C-B83107063D7A} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation) Task: {8CF68670-E8A7-4B58-B932-AEBAA37AE273} - System32\Tasks\CCleanerSkipUAC => D:\Program Files\CCleaner\CCleaner.exe [2012-06-22] (Piriform Ltd) Task: {A268E353-8EAE-488E-8211-C8DE18DA94A7} - System32\Tasks\Apple\AppleSoftwareUpdate => D:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {A9F90BEF-56D6-4D4A-AF32-0F0CEE15D97F} - System32\Tasks\Browser Manager => Sc.exe start Browser Manager Task: {CCB4565E-F696-4A52-8782-37B61BC28F1F} - System32\Tasks\{3D613602-B0DA-4E2C-A8C9-3BA8E6EEFD0F} => C:\Windows\System32\msiexec.exe [2010-11-20] (Microsoft Corporation) Task: {CDB1B702-B9BC-458C-B17C-5ACA4FEF3FDA} - System32\Tasks\GoogleUpdateTaskMachineUA => D:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-02] (Google Inc.) Task: {E4A07A55-29CB-4AE5-BF25-F8CD4A23F205} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => D:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => D:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2013412791-1596353806-2001287601-1003Core.job => D:\Users\Tempel\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2013412791-1596353806-2001287601-1003UA.job => D:\Users\Tempel\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\MATLAB R2012b Startup Accelerator.job => D:\Program Files\MATLAB\R2012b\bin\win64\MATLABStartupAccelerator.exe Task: C:\Windows\Tasks\MATLAB R2013a Startup Accelerator.job => D:\Program Files\MATLAB\R2013a\bin\win64\MATLABStartupAccelerator.exe ==================== Loaded Modules (whitelisted) ============= 2013-05-25 02:36 - 2013-05-25 02:36 - 00164016 _____ (Dropbox, Inc.) D:\Users\Tempel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll 2013-06-27 16:11 - 2013-06-27 16:11 - 00778704 _____ (Google) D:\Program Files (x86)\Google\Drive\googledrivesync64.dll 2013-07-27 11:54 - 2013-04-04 14:50 - 00095304 _____ (Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll 2012-07-05 09:53 - 2012-06-09 19:20 - 00196096 _____ (Alexander Roshal) D:\Program Files\WinRAR\rarext.dll 2013-08-06 22:34 - 2013-08-20 11:25 - 02288184 _____ (Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll 2013-03-07 17:31 - 2013-03-07 17:31 - 00747472 _____ (Google) D:\Program Files (x86)\Google\Drive\contextmenu64.dll 2012-07-02 12:38 - 2010-11-03 12:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2012-07-02 12:38 - 2011-05-31 04:09 - 03114088 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll 2011-10-07 11:37 - 2011-10-07 11:37 - 00047896 _____ (Logitech, Inc.) D:\Program Files\Logitech\SetPointP\khalwrapper.dll 2011-10-07 11:37 - 2011-10-07 11:37 - 00161048 _____ (Logitech, Inc.) D:\Program Files\Logitech\SetPointP\KemUtil.dll 2011-10-07 11:37 - 2011-10-07 11:37 - 00091416 _____ (Logitech, Inc.) D:\Program Files\Logitech\SetPointP\KemXML.dll 2011-10-07 11:37 - 2011-10-07 11:37 - 00185112 _____ (Logitech, Inc.) D:\Program Files\Logitech\SetPointP\kemutb.dll 2011-10-07 11:37 - 2011-10-07 11:37 - 00140056 _____ (Logitech, Inc.) D:\Program Files\Logitech\SetPointP\KemWnd.dll 2011-10-07 11:38 - 2011-10-07 11:38 - 00037144 _____ (Logitech, Inc.) D:\Program Files\Logitech\SetPointP\SetPointCOM.dll 2011-10-07 11:39 - 2011-10-07 11:39 - 01304856 _____ () D:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll 2011-10-07 11:38 - 2011-10-07 11:38 - 00038168 _____ (Logitech, Inc.) D:\Program Files\Logitech\SetPointP\WebBrowserSupport.dll 2011-10-07 11:39 - 2011-10-07 11:39 - 00204056 _____ (Logitech, Inc.) D:\Program Files\Logitech\SetPointP\Macros\MacroAppSwitch.dll 2011-10-07 11:39 - 2011-10-07 11:39 - 00293656 _____ (Logitech, Inc.) D:\Program Files\Logitech\SetPointP\Macros\MacroMedia.dll 2011-10-07 11:39 - 2011-10-07 11:39 - 00236824 _____ (Logitech, Inc.) D:\Program Files\Logitech\SetPointP\Macros\MacroEmail.dll 2011-10-07 11:37 - 2011-10-07 11:37 - 00026904 _____ (Logitech, Inc.) D:\Program Files\Logitech\SetPointP\KemMon.dll 2011-09-27 21:04 - 2011-09-27 21:04 - 00863000 _____ (Logitech, Inc.) D:\Program Files\Common Files\LogiShrd\KHAL3\KhalApi.dll 2011-09-27 21:04 - 2011-09-27 21:04 - 00141080 _____ (Logitech, Inc.) D:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.dll 2011-10-07 11:37 - 2011-10-07 11:37 - 00086808 _____ (Logitech, Inc.) D:\Program Files\Logitech\SetPointP\kgame.dll 2011-10-07 11:38 - 2011-10-07 11:38 - 00141592 _____ (Logitech, Inc.) D:\Program Files\Logitech\SetPointP\LCabHandler.dll 2012-12-08 13:24 - 2011-03-14 19:09 - 00136704 _____ (CANON INC.) D:\Program Files\Canon\MyPrinter\cnmpu.dll 2012-12-08 13:24 - 2011-04-07 19:09 - 00069632 _____ (CANON INC.) D:\Program Files\Canon\MyPrinter\BJMyRes.dll 2012-07-02 12:37 - 2011-04-15 04:16 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2012-12-14 02:42 - 2012-12-14 02:42 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrDEU.lrc 2013-08-06 22:34 - 2013-08-06 22:22 - 00231480 _____ (Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll 2011-08-31 00:05 - 2011-08-31 00:05 - 00132968 _____ (Apple Inc.) D:\Program Files\Bonjour\mdnsNSP.dll 2012-09-16 20:49 - 2012-09-16 20:49 - 01352824 _____ (johnsadventures.com) D:\Program Files (x86)\johnsadventures.com\John's Background Switcher\JBSCore.dll 2012-12-19 16:17 - 2012-12-19 16:17 - 00097792 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.Implementation.dll 2012-12-19 16:15 - 2012-12-19 16:15 - 00031744 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00025088 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Private.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00048640 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00005632 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.Foundation.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00020480 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.Private.dll 2012-12-19 16:17 - 2012-12-19 16:17 - 00022016 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.Implementation.dll 2012-12-19 16:15 - 2012-12-19 16:15 - 00015360 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\NEWAEM.Foundation.dll 2011-09-27 21:04 - 2011-09-27 21:04 - 00863000 _____ (Logitech, Inc.) D:\Program Files\Common Files\LogiShrd\KHAL3\KHALAPI.DLL 2011-09-27 21:04 - 2011-09-27 21:04 - 00455960 _____ (Logitech, Inc.) D:\Program Files\Common Files\LogiShrd\KHAL3\KHALITCH.DLL 2011-09-27 21:05 - 2011-09-27 21:05 - 00470808 _____ (Logitech, Inc.) D:\Program Files\Common Files\LogiShrd\KHAL3\KHALMW.DLL 2011-09-27 21:04 - 2011-09-27 21:04 - 01152280 _____ (Logitech, Inc.) D:\Program Files\Common Files\LogiShrd\KHAL3\KHALHPP.DLL 2011-09-27 21:05 - 2011-09-27 21:05 - 00552728 _____ (Logitech, Inc.) D:\Program Files\Common Files\LogiShrd\KHAL3\KHALMOU.DLL 2011-09-27 21:04 - 2011-09-27 21:04 - 00618776 _____ (Logitech, Inc.) D:\Program Files\Common Files\LogiShrd\KHAL3\KHALHID.DLL 2011-09-27 21:05 - 2011-09-27 21:05 - 00541976 _____ (Logitech, Inc.) D:\Program Files\Common Files\LogiShrd\KHAL3\KHALUSB.DLL 2012-12-19 16:15 - 2012-12-19 16:15 - 00061440 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.dll 2012-12-19 16:17 - 2012-12-19 16:17 - 00018432 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.XManifest.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00061440 _____ (Advanced Micro Devices, Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00038912 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.Private.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00029184 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Private.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00005632 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00032768 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ATICCCom.dll 2012-09-12 05:24 - 2012-09-12 05:24 - 00185344 _____ (Advanced Micro Devices, Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ADL.Foundation.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00035328 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00006144 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.Shared.dll 2012-12-19 16:17 - 2012-12-19 16:17 - 00048128 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Source.Kit.Server.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00020480 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.CoreAudioAPI.dll 2012-12-19 16:17 - 2012-12-19 16:17 - 00007168 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.DPPE.Shared.dll 2012-12-19 16:15 - 2012-12-19 16:15 - 00007168 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Hotkeys.Shared.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00006656 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.WinMessages.Shared.dll 2012-05-14 09:35 - 2012-05-14 09:35 - 00045056 _____ (ATI Technologies Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0601.dll 2012-05-14 09:35 - 2012-05-14 09:35 - 00016384 _____ (ATI Technologies Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Foundation.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00006656 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.dll 2012-05-14 09:35 - 2012-05-14 09:35 - 00007168 _____ (Advanced Micro Devices, Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I1010.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00005632 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.REG.Shared.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00327680 _____ (Advanced Mirco Devices, Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00208896 _____ (Advanced Mirco Devices, Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Shared.dll 2012-05-14 09:35 - 2012-05-14 09:35 - 00006144 _____ (Advanced Micro Devices, Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00005632 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.GD.Shared.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00008704 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Actions.CCAA.Shared.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00008704 _____ (Advanced Micro Devices, Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Private.dll 2012-05-14 09:35 - 2012-05-14 09:35 - 00006656 _____ (Advanced Micro Devices, Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll 2012-12-19 16:20 - 2012-12-19 16:20 - 00066048 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.WirelessDisplay.Graphics.Runtime.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00009216 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.Shared.Private.dll 2012-12-19 16:17 - 2012-12-19 16:17 - 00035328 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.WirelessDisplay.Graphics.shared.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00025600 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00028672 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00045056 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00061440 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Shared.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00057344 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.shared.dll 2012-05-14 09:35 - 2012-05-14 09:35 - 00005120 _____ (Advanced Micro Devices, Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0912.dll 2012-05-14 09:35 - 2012-05-14 09:35 - 00005120 _____ (Advanced Micro Devices, Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0706.dll 2012-05-14 09:35 - 2012-05-14 09:35 - 00016384 _____ (Advanced Micro Devices, Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0712.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00057856 _____ (Advanced Micro Devices, Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll 2012-12-19 16:19 - 2012-12-19 16:19 - 00158720 _____ (Advanced Micro Devices, Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects2.Runtime.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00032768 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceLCD.Graphics.Shared.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00069632 _____ (Advanced Micro Devices, Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00053248 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Shared.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00028672 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CustomFormats.Graphics.Shared.dll 2012-05-14 09:35 - 2012-05-14 09:35 - 00005120 _____ (Advanced Micro Devices, Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0812.dll 2012-05-14 09:35 - 2012-05-14 09:35 - 00004608 _____ (Advanced Micro Devices, Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0805.dll 2012-12-19 16:17 - 2012-12-19 16:17 - 00051200 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.OverDrive5.Graphics.shared.dll 2012-05-14 09:35 - 2012-05-14 09:35 - 00006656 _____ (Advanced Micro Devices, Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0703.dll 2012-12-19 16:17 - 2012-12-19 16:17 - 00110592 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Runtime.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00081920 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Shared.dll 2012-05-14 09:35 - 2012-05-14 09:35 - 00004608 _____ (Advanced Micro Devices, Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I1011.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00106496 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Runtime.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00081920 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Shared.dll 2012-05-14 09:35 - 2012-05-14 09:35 - 00005120 _____ (Advanced Micro Devices, Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0906.dll 2012-12-19 16:17 - 2012-12-19 16:17 - 00013312 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Runtime.dll 2012-12-19 16:17 - 2012-12-19 16:17 - 00045056 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.shared.dll 2012-12-19 16:19 - 2012-12-19 16:19 - 00014336 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Runtime.dll 2012-12-19 16:19 - 2012-12-19 16:19 - 00008192 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.shared.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00020480 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00020480 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll 2012-12-19 16:17 - 2012-12-19 16:17 - 00020480 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Runtime.dll 2012-12-19 16:17 - 2012-12-19 16:17 - 00010752 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Shared.dll 2012-12-19 16:17 - 2012-12-19 16:17 - 00013824 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Fuel.Foundation.dll 2012-12-19 16:19 - 2012-12-19 16:19 - 00011264 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Runtime.dll 2012-12-19 16:19 - 2012-12-19 16:19 - 00009216 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Shared.dll 2012-12-19 16:19 - 2012-12-19 16:19 - 00015360 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Runtime.dll 2012-12-19 16:17 - 2012-12-19 16:17 - 00012800 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Shared.dll 2012-12-19 16:19 - 2012-12-19 16:19 - 00019456 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUOverDrive.Fuel.Shared.dll 2012-12-19 16:17 - 2012-12-19 16:17 - 00011776 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Runtime.dll 2012-12-19 16:17 - 2012-12-19 16:17 - 00009216 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Shared.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00066560 _____ (Advanced Micro Devices, Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\APM.Server.dll 2012-12-19 16:15 - 2012-12-19 16:15 - 00024576 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\APM.Foundation.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00007680 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Extension.EEU.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00385024 _____ (Advanced Micro Devices, Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00036864 _____ (Advanced Micro Devices, Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.Private.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00005632 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.EEU.Shared.dll 2012-12-19 16:15 - 2012-12-19 16:15 - 00008192 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00032768 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 01437184 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.Private.dll 2012-12-19 16:17 - 2012-12-19 16:17 - 00413696 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Systemtray.dll 2012-12-19 16:17 - 2012-12-19 16:17 - 00175104 _____ (Advanced Micro Devices, Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Implementation.dll 2012-05-04 17:42 - 2012-05-04 17:42 - 00098304 _____ (Advanced Micro Devices, Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingNet4.dll 2012-12-19 16:15 - 2012-12-19 16:15 - 00523264 _____ (Advanced Micro Devices, Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Private.dll 2012-12-19 16:15 - 2012-12-19 16:15 - 00328192 _____ (Advanced Micro Devices, Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Implementation.default_Localization.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00176128 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 01093632 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.Shared.dll 2012-12-19 16:19 - 2012-12-19 16:19 - 00028672 _____ (Advanced Mirco Devices, Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Dashboard.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00057344 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll 2012-12-19 16:19 - 2012-12-19 16:19 - 01414656 _____ (Advanced Micro Devices, Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects1.Dashboard.dll 2012-12-19 16:18 - 2012-12-19 16:18 - 00550400 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll 2012-12-19 16:18 - 2012-12-19 16:18 - 00369664 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00032768 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll 2012-12-19 16:18 - 2012-12-19 16:18 - 00393216 _____ (Advanced Micro Devices, Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll 2012-12-19 16:18 - 2012-12-19 16:18 - 02498560 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00028672 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MultiVPU2.Graphics.Shared.dll 2012-12-19 16:18 - 2012-12-19 16:18 - 00241664 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Dashboard.dll 2012-12-19 16:18 - 2012-12-19 16:18 - 00021504 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Dashboard.dll 2012-12-19 16:19 - 2012-12-19 16:19 - 00101888 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll 2012-12-19 16:19 - 2012-12-19 16:19 - 00045056 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Audio.Graphics.Dashboard.dll 2012-12-19 16:17 - 2012-12-19 16:17 - 00008704 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Dashboard.dll 2012-12-19 16:19 - 2012-12-19 16:19 - 00008192 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Dashboard.dll 2012-12-19 16:19 - 2012-12-19 16:19 - 00040448 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Dashboard.dll 2012-12-19 16:17 - 2012-12-19 16:17 - 00008704 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Dashboard.dll 2012-12-19 16:15 - 2012-12-19 16:15 - 00371712 _____ (Advanced Micro Devices, Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Implementation.de_Localization.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00311296 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Client.dll 2012-12-19 16:19 - 2012-12-19 16:19 - 00061440 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.ProfileManager2.dll 2012-12-19 16:18 - 2012-12-19 16:18 - 01351680 _____ (Advanced Micro Devices, Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.dll 2012-12-19 16:17 - 2012-12-19 16:17 - 00020480 _____ (Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard.Shared.Private.dll 2013-07-13 10:23 - 2013-07-13 10:23 - 00853896 ____T (Google Inc.) D:\Users\Tempel\AppData\Local\Google\Update\1.3.21.153\goopdate.dll 2012-11-14 01:32 - 2012-11-14 01:32 - 03558400 _____ (wxWidgets development team) D:\Users\Tempel\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll 2011-08-31 00:05 - 2011-08-31 00:05 - 00121704 _____ (Apple Inc.) D:\Program Files (x86)\Bonjour\mdnsNSP.dll 2013-08-06 22:34 - 2013-08-06 22:22 - 00258104 _____ (Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll 2013-03-13 22:48 - 2013-03-13 22:48 - 24978944 _____ () D:\Users\Tempel\AppData\Roaming\Dropbox\bin\libcef.dll 2013-03-13 22:48 - 2013-03-13 22:48 - 09956864 _____ (The ICU Project) D:\Users\Tempel\AppData\Roaming\Dropbox\bin\icudt.dll 2013-08-16 14:01 - 2013-08-16 14:01 - 00492032 _____ (Intel Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\97ce162bb354fcf9c8d9eae8252ee216\IAStorUtil.ni.dll 2012-07-02 12:39 - 2011-05-20 10:06 - 00032768 _____ (Intel Corporation) D:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\de-DE\IAStorIcon.resources.dll 2012-07-02 12:39 - 2011-05-20 10:05 - 01318912 _____ (Intel Corporation) D:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IntelVisualDesign.dll 2012-07-02 12:39 - 2011-05-20 10:06 - 00004608 _____ (Intel Corporation) D:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\de-DE\IntelVisualDesign.resources.dll 2013-07-12 12:21 - 2013-07-12 12:21 - 00014336 _____ (Intel Corp.) C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\22d36f517c7545fdb65ccddae680a3eb\IAStorCommon.ni.dll 2012-07-02 12:39 - 2011-05-20 10:05 - 00174592 _____ (Intel Corporation) D:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorUIHelper.dll 2013-09-10 16:21 - 2013-09-10 16:21 - 02436608 _____ (Python Software Foundation) D:\Users\Tempel\AppData\Local\Temp\_MEI27642\python27.dll 2013-09-10 16:21 - 2013-09-10 16:21 - 00098816 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27642\win32api.pyd 2013-09-10 16:21 - 2013-09-10 16:21 - 00110080 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27642\pywintypes27.dll 2013-09-10 16:21 - 2013-09-10 16:21 - 00364544 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27642\pythoncom27.dll 2013-09-10 16:21 - 2013-09-10 16:21 - 00044032 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27642\_socket.pyd 2013-09-10 16:21 - 2013-09-10 16:21 - 01153024 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27642\_ssl.pyd 2013-09-10 16:21 - 2013-09-10 16:21 - 00320512 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27642\win32com.shell.shell.pyd 2013-09-10 16:21 - 2013-09-10 16:21 - 00711680 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27642\_hashlib.pyd 2013-09-10 16:21 - 2013-09-10 16:21 - 01175040 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27642\wx._core_.pyd 2013-09-10 16:21 - 2013-09-10 16:21 - 01985024 _____ (wxWidgets development team) D:\Users\Tempel\AppData\Local\Temp\_MEI27642\wxbase294u_vc90.dll 2013-09-10 16:21 - 2013-09-10 16:21 - 00154112 _____ (wxWidgets development team) D:\Users\Tempel\AppData\Local\Temp\_MEI27642\wxbase294u_net_vc90.dll 2013-09-10 16:21 - 2013-09-10 16:21 - 04598272 _____ (wxWidgets development team) D:\Users\Tempel\AppData\Local\Temp\_MEI27642\wxmsw294u_core_vc90.dll 2013-09-10 16:21 - 2013-09-10 16:21 - 01234944 _____ (wxWidgets development team) D:\Users\Tempel\AppData\Local\Temp\_MEI27642\wxmsw294u_adv_vc90.dll 2013-09-10 16:21 - 2013-09-10 16:21 - 00805888 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27642\wx._gdi_.pyd 2013-09-10 16:21 - 2013-09-10 16:21 - 00811008 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27642\wx._windows_.pyd 2013-09-10 16:21 - 2013-09-10 16:21 - 00595968 _____ (wxWidgets development team) D:\Users\Tempel\AppData\Local\Temp\_MEI27642\wxmsw294u_html_vc90.dll 2013-09-10 16:21 - 2013-09-10 16:21 - 01062400 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27642\wx._controls_.pyd 2013-09-10 16:21 - 2013-09-10 16:21 - 00735232 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27642\wx._misc_.pyd 2013-09-10 16:21 - 2013-09-10 16:21 - 00128512 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27642\_elementtree.pyd 2013-09-10 16:21 - 2013-09-10 16:21 - 00127488 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27642\pyexpat.pyd 2013-09-10 16:21 - 2013-09-10 16:21 - 00557056 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27642\pysqlite2._sqlite.pyd 2013-09-10 16:21 - 2013-09-10 16:21 - 00087040 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27642\_ctypes.pyd 2013-09-10 16:21 - 2013-09-10 16:21 - 00119808 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27642\win32file.pyd 2013-09-10 16:21 - 2013-09-10 16:21 - 00108544 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27642\win32security.pyd 2013-09-10 16:21 - 2013-09-10 16:21 - 00018432 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27642\win32event.pyd 2013-09-10 16:21 - 2013-09-10 16:21 - 00038912 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27642\win32inet.pyd 2013-09-10 16:21 - 2013-09-10 16:21 - 00122368 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27642\wx._wizard.pyd 2013-09-10 16:21 - 2013-09-10 16:21 - 00686080 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27642\unicodedata.pyd 2013-09-10 16:21 - 2013-09-10 16:21 - 00026624 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27642\_multiprocessing.pyd 2013-09-10 16:21 - 2013-09-10 16:21 - 00070656 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27642\wx._html2.pyd 2013-09-10 16:21 - 2013-09-10 16:21 - 00091648 _____ (wxWidgets development team) D:\Users\Tempel\AppData\Local\Temp\_MEI27642\wxmsw294u_webview_vc90.dll 2013-09-10 16:21 - 2013-09-10 16:21 - 00010240 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27642\select.pyd 2013-09-10 16:21 - 2013-09-10 16:21 - 00025600 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27642\win32pdh.pyd 2013-09-10 16:21 - 2013-09-10 16:21 - 00504832 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27642\windows._cacheinvalidation.pyd 2013-09-10 16:21 - 2013-09-10 16:21 - 00421200 _____ (Microsoft Corporation) D:\Users\Tempel\AppData\Local\Temp\_MEI27642\MSVCP100.dll 2013-09-10 16:21 - 2013-09-10 16:21 - 00773968 _____ (Microsoft Corporation) D:\Users\Tempel\AppData\Local\Temp\_MEI27642\MSVCR100.dll 2013-09-10 16:21 - 2013-09-10 16:21 - 00011264 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27642\win32crypt.pyd 2013-09-10 16:21 - 2013-09-10 16:21 - 00035840 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27642\win32process.pyd 2013-09-10 16:21 - 2013-09-10 16:21 - 00017408 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27642\win32profile.pyd 2013-09-10 16:21 - 2013-09-10 16:21 - 00022528 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27642\win32ts.pyd 2013-08-06 22:34 - 2013-08-20 11:24 - 00749112 _____ (Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\AntiVir Desktop\ccwkrlib.dll 2013-08-06 22:34 - 2013-08-20 11:24 - 00055352 _____ (Avira Operations GmbH & Co. KG) d:\program files (x86)\avira\antivir desktop\cfglib.dll 2013-08-06 22:34 - 2013-08-20 11:24 - 00349752 _____ (Avira Operations GmbH & Co. KG) d:\program files (x86)\avira\antivir desktop\ccguard.dll 2013-08-06 22:34 - 2013-08-20 11:24 - 00029240 _____ (Avira Operations GmbH & Co. KG) d:\program files (x86)\avira\antivir desktop\ccgrdrc.dll 2013-08-06 22:34 - 2013-08-20 11:24 - 00229432 _____ (Avira Operations GmbH & Co. KG) d:\program files (x86)\avira\antivir desktop\ccgrdw.dll 2013-08-06 22:34 - 2013-08-20 11:25 - 00415288 _____ (Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\AntiVir Desktop\grdcore.dll 2013-08-06 22:34 - 2013-08-20 11:25 - 00218168 _____ (Avira Operations GmbH & Co. KG) d:\program files (x86)\avira\antivir desktop\gpipc.dll 2013-08-06 22:34 - 2013-08-20 11:24 - 00059448 _____ (Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\AntiVir Desktop\avipc.dll 2013-08-06 22:34 - 2013-08-20 11:24 - 00419384 _____ (Avira Operations GmbH & Co. KG) d:\program files (x86)\avira\antivir desktop\ccwgrd.dll 2013-08-06 22:34 - 2013-08-20 11:24 - 00807992 _____ (Avira Operations GmbH & Co. KG) d:\program files (x86)\avira\antivir desktop\ccgen.dll 2013-08-06 22:34 - 2013-08-20 11:24 - 00049720 _____ (Avira Operations GmbH & Co. KG) d:\program files (x86)\avira\antivir desktop\ccgenrc.dll 2013-08-06 22:34 - 2013-08-20 11:24 - 00220216 _____ (Avira Operations GmbH & Co. KG) d:\program files (x86)\avira\antivir desktop\ccupdate.dll 2013-08-06 22:34 - 2013-08-20 11:24 - 00028728 _____ (Avira Operations GmbH & Co. KG) d:\program files (x86)\avira\antivir desktop\ccupdrc.dll 2013-08-06 22:34 - 2013-08-20 11:24 - 00083000 _____ (Avira Operations GmbH & Co. KG) d:\program files (x86)\avira\antivir desktop\cclic.dll 2013-08-06 22:34 - 2013-08-20 11:24 - 00009784 _____ (Avira Operations GmbH & Co. KG) d:\program files (x86)\avira\antivir desktop\cclicrc.dll 2013-08-06 22:34 - 2013-08-20 11:24 - 00237624 _____ (Avira Operations GmbH & Co. KG) d:\program files (x86)\avira\antivir desktop\ccmsg.dll 2013-08-06 22:34 - 2013-08-20 11:24 - 00010296 _____ (Avira Operations GmbH & Co. KG) d:\program files (x86)\avira\antivir desktop\ccmsgrc.dll 2013-08-06 22:34 - 2013-08-20 11:24 - 04786744 _____ (Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\AntiVir Desktop\rcimage.dll 2013-08-06 22:34 - 2013-08-20 11:24 - 00014392 _____ (Avira Operations GmbH & Co. KG) d:\program files (x86)\avira\antivir desktop\ccmainrc.dll 2013-08-06 22:34 - 2013-08-20 11:24 - 00212536 _____ (Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\AntiVir Desktop\ccupdw.dll 2013-07-19 23:29 - 2013-07-19 23:29 - 00407952 _____ (Cisco Systems, Inc.) D:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpncommoncrypt.dll 2013-07-19 23:29 - 2013-07-19 23:29 - 00165776 ____R (The OpenSSL Project, hxxp://www.openssl.org/) D:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\acciscossl.dll 2013-07-19 23:29 - 2013-07-19 23:29 - 00605072 ____R (The OpenSSL Project, hxxp://www.openssl.org/) D:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\acciscocrypto.dll 2013-07-19 23:29 - 2013-07-19 23:29 - 01132432 _____ (Cisco Systems, Inc.) D:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpncommon.dll 2013-07-19 23:29 - 2013-07-19 23:29 - 01058192 _____ (Cisco Systems, Inc.) D:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnapi.dll 2013-07-19 23:29 - 2013-07-19 23:29 - 00105360 _____ (Cisco Systems, Inc.) D:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\Plugins\acfeedback.dll 2013-07-19 23:29 - 2013-07-19 23:29 - 00063376 _____ () D:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll ==================== Alternate Data Streams (whitelisted) ========== ==================== Faulty Device Manager Devices ============= Name: Cisco Systems VPN Adapter for 64-bit Windows Description: Cisco Systems VPN Adapter for 64-bit Windows Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Cisco Systems Service: CVirtA Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Cisco Systems Service: vpnva Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (09/06/2013 02:24:58 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Error: (09/06/2013 08:20:17 AM) (Source: Microsoft-Windows-CAPI2) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed. System Error: 0xC0000039 (unresolvable). Error: (09/03/2013 00:21:25 PM) (Source: Microsoft-Windows-CAPI2) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed. System Error: 0xC0000039 (unresolvable). Error: (09/03/2013 00:21:25 PM) (Source: Microsoft-Windows-CAPI2) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed. System Error: 0xC0000039 (unresolvable). Error: (09/01/2013 09:27:54 AM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: browsermngr.exe, Version: 2.6.1519.190, Zeitstempel: 0x51f24b41 Name des fehlerhaften Moduls: browsermngr.exe, Version: 2.6.1519.190, Zeitstempel: 0x51f24b41 Ausnahmecode: 0xc0000417 Fehleroffset: 0x000f5223 ID des fehlerhaften Prozesses: 0xa48 Startzeit der fehlerhaften Anwendung: 0xbrowsermngr.exe0 Pfad der fehlerhaften Anwendung: browsermngr.exe1 Pfad des fehlerhaften Moduls: browsermngr.exe2 Berichtskennung: browsermngr.exe3 Error: (08/27/2013 01:45:47 PM) (Source: Microsoft-Windows-CAPI2) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed. System Error: 0xC0000039 (unresolvable). Error: (08/27/2013 01:45:47 PM) (Source: Microsoft-Windows-CAPI2) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed. System Error: 0xC0000039 (unresolvable). Error: (08/23/2013 11:57:50 AM) (Source: MATLAB) (User: ) Description: MATLABSevere: Error checking out license The program '[4196] D:\Program Files\MATLAB\R2012b\bin\win64\MATLAB.exe: Native' has exited with code 1 (0x1). Error: (08/21/2013 02:49:08 PM) (Source: Microsoft-Windows-CAPI2) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed. System Error: 0xC0000039 (unresolvable). Error: (08/21/2013 02:49:07 PM) (Source: Microsoft-Windows-CAPI2) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed. System Error: 0xC0000039 (unresolvable). System errors: ============= Error: (09/10/2013 04:22:05 PM) (Source: bowser) (User: ) Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "KATHARINA-PC", der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{B8CC2442-4DC9-4717-8C69-B17E0B1816F1}-Transport zu sein scheint. Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen. Error: (09/10/2013 01:27:57 PM) (Source: bowser) (User: ) Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "KATHARINA-PC", der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{B8CC2442-4DC9-4717-8C69-B17E0B1816F1}-Transport zu sein scheint. Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen. Error: (09/10/2013 11:34:55 AM) (Source: bowser) (User: ) Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "KATHARINA-PC", der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{B8CC2442-4DC9-4717-8C69-B17E0B1816F1}-Transport zu sein scheint. Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen. Error: (09/10/2013 11:22:57 AM) (Source: bowser) (User: ) Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "KATHARINA-PC", der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{B8CC2442-4DC9-4717-8C69-B17E0B1816F1}-Transport zu sein scheint. Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen. Error: (09/10/2013 08:25:58 AM) (Source: Service Control Manager) (User: ) Description: Dienst "Adobe Flash Player Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (09/09/2013 09:34:35 PM) (Source: bowser) (User: ) Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "FLACHBOOK-PC", der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{B8CC2442-4DC9-4717-8C69-B17E0B1816F1}-Transport zu sein scheint. Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen. Error: (09/07/2013 08:58:08 PM) (Source: bowser) (User: ) Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "KATHARINA-PC", der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{B8CC2442-4DC9-4717-8C69-B17E0B1816F1}-Transport zu sein scheint. Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen. Error: (09/06/2013 00:37:20 PM) (Source: BROWSER) (User: ) Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{B8CC2442-4DC9-4717-8C69-B17E0B1816F1}" zu oft fehl. Der Sicherungssuchdienst wird beendet. Error: (09/06/2013 08:21:03 AM) (Source: Service Control Manager) (User: ) Description: Dienst "Tor Win32 Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (09/06/2013 08:21:01 AM) (Source: Service Control Manager) (User: ) Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Browser Manager" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: %%1056 Microsoft Office Sessions: ========================= Error: (09/06/2013 02:24:58 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestD:\Users\Tempel\Downloads\SoftonicDownloader_fuer_artistic-font-collection.exe Error: (09/06/2013 08:20:17 AM) (Source: Microsoft-Windows-CAPI2)(User: ) Description: Details: AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed. System Error: 0xC0000039 (unresolvable) Error: (09/03/2013 00:21:25 PM) (Source: Microsoft-Windows-CAPI2)(User: ) Description: Details: AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed. System Error: 0xC0000039 (unresolvable) Error: (09/03/2013 00:21:25 PM) (Source: Microsoft-Windows-CAPI2)(User: ) Description: Details: AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed. System Error: 0xC0000039 (unresolvable) Error: (09/01/2013 09:27:54 AM) (Source: Application Error)(User: ) Description: browsermngr.exe2.6.1519.19051f24b41browsermngr.exe2.6.1519.19051f24b41c0000417000f5223a4801cea6e4bac0755fC:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.exeC:\ProgramData\Browser Manager\2.6.1519.190\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.exe03aee720-12d8-11e3-a46d-bc5ff4381f46 Error: (08/27/2013 01:45:47 PM) (Source: Microsoft-Windows-CAPI2)(User: ) Description: Details: AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed. System Error: 0xC0000039 (unresolvable) Error: (08/27/2013 01:45:47 PM) (Source: Microsoft-Windows-CAPI2)(User: ) Description: Details: AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed. System Error: 0xC0000039 (unresolvable) Error: (08/23/2013 11:57:50 AM) (Source: MATLAB)(User: ) Description: MATLABSevere: Error checking out license The program '[4196] D:\Program Files\MATLAB\R2012b\bin\win64\MATLAB.exe: Native' has exited with code 1 (0x1). Error: (08/21/2013 02:49:08 PM) (Source: Microsoft-Windows-CAPI2)(User: ) Description: Details: AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed. System Error: 0xC0000039 (unresolvable) Error: (08/21/2013 02:49:07 PM) (Source: Microsoft-Windows-CAPI2)(User: ) Description: Details: AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed. System Error: 0xC0000039 (unresolvable) ==================== Memory info =========================== Percentage of memory in use: 27% Total physical RAM: 8103.51 MB Available physical RAM: 5860.95 MB Total Pagefile: 24485.69 MB Available Pagefile: 22106.6 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:59.53 GB) (Free:19.55 GB) NTFS Drive d: () (Fixed) (Total:931.51 GB) (Free:475.39 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 60 GB) (Disk ID: 2F84E159) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=60 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 63ACE089) Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS) ==================== End Of Log ============================ Code:
ATTFilter
Avira Free Antivirus
Erstellungsdatum der Reportdatei: Dienstag, 10. September 2013 08:23
Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.
Lizenznehmer : Avira Free Antivirus
Seriennummer : 0000149996-ADJIE-0000001
Plattform : Windows 7 Professional
Windowsversion : (Service Pack 1) [6.1.7601]
Boot Modus : Normal gebootet
Benutzername : SYSTEM
Computername : TEST-PC
Versionsinformationen:
BUILD.DAT : 13.0.0.4052 55009 Bytes 29.08.2013 17:56:00
AVSCAN.EXE : 13.6.20.2100 639032 Bytes 20.08.2013 09:24:40
AVSCANRC.DLL : 13.6.20.2174 63032 Bytes 20.08.2013 09:24:40
LUKE.DLL : 13.6.20.2174 65080 Bytes 20.08.2013 09:25:04
AVSCPLR.DLL : 13.6.20.2174 92216 Bytes 20.08.2013 09:24:40
AVREG.DLL : 13.6.20.2174 250424 Bytes 20.08.2013 09:24:39
avlode.dll : 13.6.20.2174 497720 Bytes 20.08.2013 09:24:39
avlode.rdf : 13.0.1.42 26846 Bytes 28.08.2013 11:03:28
VBASE000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 19:04:11
VBASE001.VDF : 7.11.74.226 2201600 Bytes 30.04.2013 18:19:16
VBASE002.VDF : 7.11.80.60 2751488 Bytes 28.05.2013 07:07:26
VBASE003.VDF : 7.11.85.214 2162688 Bytes 21.06.2013 18:00:31
VBASE004.VDF : 7.11.91.176 3903488 Bytes 23.07.2013 18:57:51
VBASE005.VDF : 7.11.98.186 6822912 Bytes 29.08.2013 12:02:35
VBASE006.VDF : 7.11.98.187 2048 Bytes 29.08.2013 12:02:35
VBASE007.VDF : 7.11.98.188 2048 Bytes 29.08.2013 12:02:35
VBASE008.VDF : 7.11.98.189 2048 Bytes 29.08.2013 12:02:35
VBASE009.VDF : 7.11.98.190 2048 Bytes 29.08.2013 12:02:36
VBASE010.VDF : 7.11.98.191 2048 Bytes 29.08.2013 12:02:36
VBASE011.VDF : 7.11.98.192 2048 Bytes 29.08.2013 12:02:36
VBASE012.VDF : 7.11.98.193 2048 Bytes 29.08.2013 12:02:36
VBASE013.VDF : 7.11.99.52 270848 Bytes 30.08.2013 18:02:50
VBASE014.VDF : 7.11.99.167 210944 Bytes 02.09.2013 12:31:27
VBASE015.VDF : 7.11.100.3 265216 Bytes 03.09.2013 15:40:25
VBASE016.VDF : 7.11.100.95 220160 Bytes 04.09.2013 13:03:56
VBASE017.VDF : 7.11.100.197 143872 Bytes 05.09.2013 12:57:21
VBASE018.VDF : 7.11.101.11 227840 Bytes 06.09.2013 12:00:53
VBASE019.VDF : 7.11.101.79 148480 Bytes 07.09.2013 12:00:29
VBASE020.VDF : 7.11.101.80 2048 Bytes 07.09.2013 12:00:30
VBASE021.VDF : 7.11.101.81 2048 Bytes 07.09.2013 12:00:30
VBASE022.VDF : 7.11.101.82 2048 Bytes 07.09.2013 12:00:30
VBASE023.VDF : 7.11.101.83 2048 Bytes 07.09.2013 12:00:30
VBASE024.VDF : 7.11.101.84 2048 Bytes 07.09.2013 12:00:30
VBASE025.VDF : 7.11.101.85 2048 Bytes 07.09.2013 12:00:30
VBASE026.VDF : 7.11.101.86 2048 Bytes 07.09.2013 12:00:30
VBASE027.VDF : 7.11.101.87 2048 Bytes 07.09.2013 12:00:30
VBASE028.VDF : 7.11.101.88 2048 Bytes 07.09.2013 12:00:30
VBASE029.VDF : 7.11.101.89 2048 Bytes 07.09.2013 12:00:30
VBASE030.VDF : 7.11.101.90 2048 Bytes 07.09.2013 12:00:30
VBASE031.VDF : 7.11.101.160 324608 Bytes 09.09.2013 01:24:59
Engineversion : 8.2.12.118
AEVDF.DLL : 8.1.3.4 102774 Bytes 16.06.2013 08:49:36
AESCRIPT.DLL : 8.1.4.148 516478 Bytes 06.09.2013 12:00:58
AESCN.DLL : 8.1.10.4 131446 Bytes 26.03.2013 19:18:48
AESBX.DLL : 8.2.16.26 1245560 Bytes 23.08.2013 14:14:53
AERDL.DLL : 8.2.0.128 688504 Bytes 16.06.2013 08:49:36
AEPACK.DLL : 8.3.2.24 749945 Bytes 20.06.2013 14:19:24
AEOFFICE.DLL : 8.1.2.76 205181 Bytes 08.08.2013 17:59:05
AEHEUR.DLL : 8.1.4.608 6148474 Bytes 06.09.2013 12:00:58
AEHELP.DLL : 8.1.27.6 266617 Bytes 27.08.2013 12:13:21
AEGEN.DLL : 8.1.7.14 446839 Bytes 06.09.2013 12:00:55
AEEXP.DLL : 8.4.1.60 323959 Bytes 06.09.2013 12:00:59
AEEMU.DLL : 8.1.3.2 393587 Bytes 10.07.2012 20:06:13
AECORE.DLL : 8.1.32.0 201081 Bytes 23.08.2013 14:14:49
AEBB.DLL : 8.1.1.4 53619 Bytes 06.11.2012 07:48:30
AVWINLL.DLL : 13.6.20.2174 23608 Bytes 20.08.2013 09:24:24
AVPREF.DLL : 13.6.20.2174 48184 Bytes 20.08.2013 09:24:39
AVREP.DLL : 13.6.20.2174 175672 Bytes 20.08.2013 09:24:40
AVARKT.DLL : 13.6.20.2174 258104 Bytes 20.08.2013 09:24:33
AVEVTLOG.DLL : 13.6.20.2174 165432 Bytes 20.08.2013 09:24:35
SQLITE3.DLL : 3.7.0.1 394824 Bytes 06.08.2013 20:23:05
AVSMTP.DLL : 13.6.20.2174 60472 Bytes 20.08.2013 09:24:41
NETNT.DLL : 13.6.20.2174 13368 Bytes 20.08.2013 09:25:05
RCIMAGE.DLL : 13.6.20.2174 4786744 Bytes 20.08.2013 09:24:24
RCTEXT.DLL : 13.6.20.2174 68152 Bytes 20.08.2013 09:24:24
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: AVGuardAsyncScan
Konfigurationsdatei...................: D:\ProgramData\Avira\AntiVir Desktop\TEMP\AVGUARD_522e2064\guard_slideup.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Quarantäne
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: aus
Durchsuche aktive Programme...........: ein
Durchsuche Registrierung..............: aus
Suche nach Rootkits...................: aus
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: Vollständig
Beginn des Suchlaufs: Dienstag, 10. September 2013 08:23
Der Registrierungseintrag <HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc\Start> wurde erfolgreich repariert.
Der Registrierungseintrag <HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AdobeFlashPlayerUpdateSvc> wurde erfolgreich entfernt.
Der Registrierungseintrag <HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AdobeFlashPlayerUpdateSvc> wurde erfolgreich entfernt.
Der Registrierungseintrag <HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\AdobeFlashPlayerUpdateSvc> wurde erfolgreich entfernt.
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '108' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'atiesrxx.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '101' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '106' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '80' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '147' Modul(e) wurden durchsucht
Durchsuche Prozess 'UMVPFSrv.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'L4301_Solar.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'atieclxx.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'vpnagent.exe' - '91' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '75' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '91' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'FlashPlayerUpdateService.exe' - '43' Modul(e) wurden durchsucht
Modul ist infiziert -> <C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe>
[FUND] Ist das Trojanische Pferd TR/Fakeadb.A
[HINWEIS] Prozess 'FlashPlayerUpdateService.exe' wurde beendet
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '54ab1544.qua' verschoben!
[HINWEIS] Der Registrierungseintrag <HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AdobeFlashPlayerUpdateSvc\ImagePath> wurde erfolgreich repariert.
[HINWEIS] Der Registrierungseintrag <HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AdobeFlashPlayerUpdateSvc\ImagePath> wurde erfolgreich repariert.
[HINWEIS] Der Registrierungseintrag <HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\AdobeFlashPlayerUpdateSvc\ImagePath> wurde erfolgreich repariert.
Durchsuche Prozess 'AppleMobileDeviceService.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dwm.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '160' Modul(e) wurden durchsucht
Durchsuche Prozess 'mDNSResponder.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'spd.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'cvpnd.exe' - '58' Modul(e) wurden durchsucht
Durchsuche Prozess 'E_S30RP1.EXE' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'TeamViewer_Service.exe' - '104' Modul(e) wurden durchsucht
Durchsuche Prozess 'RAVCpl64.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'SetPoint.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'BJMYPRT.EXE' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxpers.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'tor.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'GoogleUpdate.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'googledrivesync.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSVC.EXE' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'StikyNot.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'BackgroundSwitcher.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'DTLite.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'googledrivesync.exe' - '125' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dropbox.exe' - '97' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSvcM.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'IAStorIcon.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'MOM.exe' - '69' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '86' Modul(e) wurden durchsucht
Durchsuche Prozess 'vpnui.exe' - '79' Modul(e) wurden durchsucht
Durchsuche Prozess 'KHALMNPR.EXE' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '58' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'CCC.exe' - '217' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnetwk.exe' - '120' Modul(e) wurden durchsucht
Durchsuche Prozess 'WUDFHost.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'GoogleUpdate.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'IAStorDataMgrSvc.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'LMS.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '58' Modul(e) wurden durchsucht
Durchsuche Prozess 'UNS.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'MATLAB.exe' - '262' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '112' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '107' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '73' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '31' Modul(e) wurden durchsucht
Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
[FUND] Ist das Trojanische Pferd TR/Fakeadb.A
[HINWEIS] Die Datei konnte nicht ins Quarantäneverzeichnis verschoben werden!
[HINWEIS] Die Datei existiert nicht!
Der Suchlauf über die ausgewählten Dateien wird begonnen:
Beginne mit der Suche in 'C:\Windows\SysWOW64\FlashPlayerUpdateService.exe'
C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
[FUND] Ist das Trojanische Pferd TR/Fakeadb.A
Beginne mit der Desinfektion:
C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
[FUND] Ist das Trojanische Pferd TR/Fakeadb.A
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '1e63674a.qua' verschoben!
Ende des Suchlaufs: Dienstag, 10. September 2013 08:30
Benötigte Zeit: 02:13 Minute(n)
Der Suchlauf wurde vollständig durchgeführt.
0 Verzeichnisse wurden überprüft
5726 Dateien wurden geprüft
3 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
2 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
5723 Dateien ohne Befall
35 Archive wurden durchsucht
0 Warnungen
3 Hinweise
Die Suchergebnisse werden an den Guard übermittelt.
Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.09.06.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Tempel :: TEST-PC [Administrator] 10.09.2013 08:30:50 mbam-log-2013-09-10 (08-30-50).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 1121164 Laufzeit: 2 Stunde(n), 6 Minute(n), 53 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) P.S.: In einem anderen Thread habe ich gelesen, dass Windows 7 Professional für Verwirrung gesorgt hat. Ich wollte gleich anmerken, dass es sich dabei um eine Lizenz handelt, die ich (kostenlos) von meiner Universität zur Verfügung gestellt bekomme. Der Rechner wird ausschließlich privat genutzt! (naja, mit ein bisschen akademischer Nutzung über Nacht...  ) |
|
10.09.2013, 16:37
| #2 |
| /// the machine /// TB-Ausbilder    | Win 7 / Avira meldet Trojaner Fakeadb.A hi,
__________________schauen wir mal  ESET Online Scanner
__________________ |
|
10.09.2013, 23:28
| #3 |
| | Win 7 / Avira meldet Trojaner Fakeadb.A Ok, der Scan ist fertig, hier das Logfile:
__________________Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=320c3ab262356f4eb4f9f86eac07e781
# engine=15079
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-09-10 09:05:15
# local_time=2013-09-10 11:05:15 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 94 27546 149518420 20334 0
# compatibility_mode=5893 16776573 100 94 24280 130476965 0 0
# scanned=930138
# found=0
# cleaned=0
# scan_time=19142
|
|
11.09.2013, 08:59
| #4 |
| /// the machine /// TB-Ausbilder | Win 7 / Avira meldet Trojaner Fakeadb.A Sieht gut aus. Alles von Flashplayer deinstallieren und neu installieren, dann bitte ein frisches FRST log.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.09.2013, 10:39
| #5 |
| | Win 7 / Avira meldet Trojaner Fakeadb.A Ok, habe ich gemacht. Hier ist das neue Log: FRST.txt: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-09-2013
Ran by Tempel (administrator) on TEST-PC on 11-09-2013 11:23:50
Running from D:\Users\Tempel\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(Logitech Inc.) D:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Logitech, Inc.) D:\Program Files\Logitech\SolarApp\L4301_Solar.exe
(Cisco Systems, Inc.) D:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Adobe Systems Incorporated) D:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc.) D:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) D:\Program Files\Bonjour\mDNSResponder.exe
(cFos Software GmbH) C:\Windows\ASRock\XFast LAN\spd.exe
(Cisco Systems, Inc.) D:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(SEIKO EPSON CORPORATION) D:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE
(TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech, Inc.) D:\Program Files\Logitech\SetPointP\SetPoint.exe
(CANON INC.) D:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Google Inc.) D:\Users\Tempel\AppData\Local\Google\Update\GoogleUpdate.exe
(Google) D:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(johnsadventures.com) D:\Program Files (x86)\johnsadventures.com\John's Background Switcher\BackgroundSwitcher.exe
(Dropbox, Inc.) D:\Users\Tempel\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) D:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() D:\Program Files (x86)\Tor\tor.exe
(Google) D:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) d:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Advanced Micro Devices Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Logitech, Inc.) D:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Cisco Systems, Inc.) D:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Microsoft Corporation) d:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(ATI Technologies Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) D:\Program Files\Windows Media Player\wmpnetwk.exe
(Google Inc.) D:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Intel Corporation) D:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) D:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) D:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) D:\Users\Tempel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Users\Tempel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Users\Tempel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Users\Tempel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Users\Tempel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Users\Tempel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Users\Tempel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Users\Tempel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Users\Tempel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Users\Tempel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Users\Tempel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Users\Tempel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Users\Tempel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Users\Tempel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Users\Tempel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Users\Tempel\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [EvtMgr6] - D:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [CanonMyPrinter] - D:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
Winlogon\Notify\LBTWlgn: d:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [X]
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKCU\...\Run: [ASRockXTU] - [x]
HKCU\...\Run: [zASRockInstantBoot] - [x]
HKCU\...\Run: [Google Update] - D:\Users\Tempel\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-02] (Google Inc.)
HKCU\...\Run: [GoogleDriveSync] - D:\Program Files (x86)\Google\Drive\googledrivesync.exe [20097696 2013-06-27] (Google)
HKCU\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKCU\...\Run: [BackgroundSwitcher] - D:\Program Files (x86)\johnsadventures.com\John's Background Switcher\BackgroundSwitcher.exe [119928 2012-09-16] (johnsadventures.com)
HKCU\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000
MountPoints2: {160f2b8a-c43c-11e1-a0d6-bc5ff4381f46} - J:\setup.exe
MountPoints2: {1edae493-c427-11e1-bf19-806e6f6e6963} - E:\ASRSetup.exe
MountPoints2: {79556fb2-8b2c-11e2-a6da-00059a3c7a00} - J:\setup.exe
HKLM-x32\...\Run: [IAStorIcon] - D:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [CanonSolutionMenuEx] - D:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [StartCCC] - D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - D:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - D:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-08-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - D:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [703888 2013-07-19] (Cisco Systems, Inc.)
Startup: D:\Users\Tempel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> D:\Users\Tempel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.claro-search.com/?affID=114508&tt=4212_5&babsrc=HP_clro&mntrId=4a963650000000000000bc5ff4381f46
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x07DCD6DB3F58CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=ASRK
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.claro-search.com/?q={searchTerms}&affID=114508&tt=4212_5&babsrc=SP_clro&mntrId=4a963650000000000000bc5ff4381f46
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - d:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - D:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - d:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - No Name - {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - No File
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - D:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 193.197.62.198 vpn.uni-ulm.de
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com", "hxxp://www.claro-search.com/?affID=114508&tt=4212_5&babsrc=HP_clro&mntrId=4a963650000000000000bc5ff4381f46"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - D:\Users\Tempel\AppData\Local\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - D:\Users\Tempel\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - D:\Users\Tempel\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - D:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (AmazonMP3DownloaderPlugin) - D:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin1017325.dll (Amazon.com, Inc.)
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility for IJ) - D:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
CHR Plugin: (Picasa) - D:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (VLC Web Plugin) - D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (iTunes Application Detector) - D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Google Update) - D:\Users\Tempel\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Silverlight Plug-In) - d:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Google Drive) - D:\Users\Tempel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (WOT) - D:\Users\Tempel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.4.13_0
CHR Extension: (YouTube) - D:\Users\Tempel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Adblock Plus) - D:\Users\Tempel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.5_0
CHR Extension: (Google Search) - D:\Users\Tempel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Gmail Offline) - D:\Users\Tempel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0
CHR Extension: (PanicButton) - D:\Users\Tempel\AppData\Local\Google\Chrome\User Data\Default\Extensions\faminaibgiklngmfpfbhmokfmnglamcm\0.14.2.2_0
CHR Extension: (Chrome to Mobile) - D:\Users\Tempel\AppData\Local\Google\Chrome\User Data\Default\Extensions\idknbmbdnapjicclomlijcgfpikmndhd\2_0
CHR Extension: (Speed Dial 2) - D:\Users\Tempel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik\1.7.0_0
CHR Extension: (Google Maps) - D:\Users\Tempel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0
CHR Extension: (Google Mail Checker) - D:\Users\Tempel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0
CHR Extension: (Chrome In-App Payments service) - D:\Users\Tempel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: (Chrome to Phone) - D:\Users\Tempel\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco\2.3.2_0
CHR Extension: (Gmail) - D:\Users\Tempel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR StartMenuInternet: Google Chrome - D:\Users\Tempel\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
R2 AdobeARMservice; D:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640 2013-05-10] (Adobe Systems Incorporated)
R2 AntiVirSchedulerService; D:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-08-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; D:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-08-20] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; D:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-08-20] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device; D:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [57008 2012-12-21] (Apple Inc.)
R2 Bonjour Service; D:\Program Files\Bonjour\mDNSResponder.exe [462184 2011-08-31] (Apple Inc.)
R2 cFosSpeedS; C:\Windows\ASRock\XFast LAN\spd.exe [395136 2011-07-04] (cFos Software GmbH)
R2 CVPND; D:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe [1528616 2010-03-23] (Cisco Systems, Inc.)
R2 EPSON_PM_RPCV4_01; D:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE [102400 2006-04-18] (SEIKO EPSON CORPORATION)
S2 gupdate; D:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648 2012-07-02] (Google Inc.)
S3 gupdatem; D:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648 2012-07-02] (Google Inc.)
S3 gusvc; D:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [136120 2011-05-10] (Google)
R2 IAStorDataMgrSvc; D:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13592 2011-05-20] (Intel Corporation)
S3 iPod Service; D:\Program Files\iPod\bin\iPodService.exe [641352 2013-02-20] (Apple Inc.)
R2 L4301_Solar; D:\Program Files\Logitech\SolarApp\L4301_Solar.exe [403536 2010-10-26] (Logitech, Inc.)
S3 LBTServ; D:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [359192 2011-09-27] (Logitech, Inc.)
R2 LMS; D:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [326168 2011-02-22] (Intel Corporation)
S2 SkypeUpdate; D:\Program Files (x86)\Skype\Updater\Updater.exe [161384 2013-02-28] (Skype Technologies)
S3 Steam Client Service; D:\Program Files (x86)\Common Files\Steam\SteamService.exe [563624 2013-08-28] (Valve Corporation)
R2 TeamViewer8; D:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [4308320 2013-08-07] (TeamViewer GmbH)
R2 tor; D:\Program Files (x86)\Tor\tor.exe [3233806 2013-09-01] ()
R2 UMVPFSrv; D:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2012-01-18] (Logitech Inc.)
R2 UNS; D:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2656280 2011-02-22] (Intel Corporation)
R2 vpnagent; D:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [557968 2013-07-19] (Cisco Systems, Inc.)
R2 wlidsvc; d:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2291568 2009-08-18] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-02] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-08-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-08-06] (Avira Operations GmbH & Co. KG)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-03-12] (DT Soft Ltd)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [31808 2012-07-02] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [15936 2012-07-02] (FNet Co., Ltd.)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-03-12] (Duplex Secure Ltd.)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-07-19] (Cisco Systems, Inc.)
S3 ALSysIO; \??\D:\Users\Tempel\AppData\Local\Temp\ALSysIO64.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-11 11:19 - 2013-09-11 11:19 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-11 11:19 - 2013-09-11 11:19 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-10 17:44 - 2013-09-10 17:44 - 00000000 ____D D:\Program Files (x86)\ESET
2013-09-10 17:43 - 2013-09-10 17:43 - 02347384 _____ (ESET) D:\Users\Tempel\Downloads\esetsmartinstaller_enu.exe
2013-09-10 16:31 - 2013-09-10 16:31 - 00018931 _____ D:\Users\Tempel\Desktop\gmer.log
2013-09-10 16:25 - 2013-09-10 16:25 - 00060660 _____ D:\Users\Tempel\Desktop\Addition.txt
2013-09-10 16:24 - 2013-09-10 16:24 - 00000000 ____D C:\FRST
2013-09-10 16:19 - 2013-09-10 16:19 - 00000654 _____ D:\Users\Tempel\Desktop\defogger_disable.log
2013-09-10 16:19 - 2013-09-10 16:19 - 00000188 _____ D:\Users\Tempel\defogger_reenable
2013-09-10 16:17 - 2013-09-10 16:17 - 00028532 _____ D:\Users\Tempel\Desktop\AVSCAN-20130910-082346-A2F2067D.LOG
2013-09-10 16:16 - 2013-09-10 16:16 - 00377856 _____ D:\Users\Tempel\Desktop\gmer_2.1.19163.exe
2013-09-10 16:16 - 2013-09-10 16:16 - 00050477 _____ D:\Users\Tempel\Desktop\Defogger.exe
2013-09-06 15:01 - 2013-09-06 15:01 - 00000548 _____ C:\Windows\Tasks\MATLAB R2013a Startup Accelerator.job
2013-08-30 08:02 - 2013-08-30 08:02 - 00000000 ____D D:\Program Files (x86)\Tor
2013-08-20 00:00 - 2013-09-04 16:40 - 00003434 _____ C:\Windows\System32\Tasks\Browser Manager
2013-08-17 12:10 - 2013-08-20 11:46 - 00000000 ____D D:\Program Files (x86)\Mozilla Thunderbird
2013-08-17 10:23 - 2013-09-02 10:50 - 00000000 ____D D:\Users\Tempel\Desktop\Entwickeln
2013-08-15 09:55 - 2013-08-15 09:55 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 09:54 - 2013-07-25 05:54 - 17830400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-15 09:54 - 2013-07-25 05:37 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-15 09:54 - 2013-07-25 05:35 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-15 09:54 - 2013-07-25 05:31 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-15 09:54 - 2013-07-25 05:30 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-15 09:54 - 2013-07-25 05:29 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-08-15 09:54 - 2013-07-25 05:29 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-08-15 09:54 - 2013-07-25 05:29 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-15 09:54 - 2013-07-25 05:28 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-15 09:54 - 2013-07-25 05:28 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-15 09:54 - 2013-07-25 05:28 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-15 09:54 - 2013-07-25 05:28 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-08-15 09:54 - 2013-07-25 05:28 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-08-15 09:54 - 2013-07-25 05:27 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-15 09:54 - 2013-07-25 05:27 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-08-15 09:54 - 2013-07-25 05:26 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-15 09:54 - 2013-07-25 04:40 - 12334080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-15 09:54 - 2013-07-25 04:32 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-15 09:54 - 2013-07-25 04:30 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-15 09:54 - 2013-07-25 04:26 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-15 09:54 - 2013-07-25 04:26 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-15 09:54 - 2013-07-25 04:25 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-08-15 09:54 - 2013-07-25 04:24 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-08-15 09:54 - 2013-07-25 04:24 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-15 09:54 - 2013-07-25 04:23 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-15 09:54 - 2013-07-25 04:23 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-15 09:54 - 2013-07-25 04:23 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-15 09:54 - 2013-07-25 04:23 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-08-15 09:54 - 2013-07-25 04:23 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-08-15 09:54 - 2013-07-25 04:22 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-15 09:54 - 2013-07-25 04:22 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-15 09:54 - 2013-07-25 04:22 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-08-15 08:27 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-15 08:27 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-15 08:27 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-15 08:27 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-15 08:27 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-15 08:27 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-15 08:27 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-15 08:27 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 08:27 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 08:27 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 08:27 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 08:27 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-15 08:27 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-15 08:27 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-15 08:27 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-15 08:27 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-15 08:27 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-15 08:27 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-15 08:27 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-15 08:27 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-15 08:27 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-15 08:27 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-15 08:27 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-15 08:27 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-15 08:27 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-15 08:27 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-15 08:27 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
==================== One Month Modified Files and Folders =======
2013-09-11 11:23 - 2013-09-11 11:23 - 01949408 _____ (Farbar) D:\Users\Tempel\Desktop\FRST64.exe
2013-09-11 11:20 - 2012-07-02 12:41 - 00000000 ____D D:\Users\Tempel\AppData\Local\Adobe
2013-09-11 11:19 - 2013-09-11 11:19 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-11 11:19 - 2013-09-11 11:19 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-11 11:19 - 2012-11-27 00:03 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-11 11:19 - 2009-07-14 06:45 - 00016704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-11 11:19 - 2009-07-14 06:45 - 00016704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-11 11:16 - 2012-07-02 11:24 - 02078616 _____ C:\Windows\WindowsUpdate.log
2013-09-11 11:16 - 2009-07-14 19:58 - 00696620 _____ C:\Windows\system32\perfh007.dat
2013-09-11 11:16 - 2009-07-14 19:58 - 00147916 _____ C:\Windows\system32\perfc007.dat
2013-09-11 11:16 - 2009-07-14 07:13 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-11 11:13 - 2012-07-02 13:02 - 00000000 ___RD D:\Users\Tempel\Dropbox
2013-09-11 11:13 - 2012-07-02 12:59 - 00000000 ____D D:\Users\Tempel\AppData\Roaming\Dropbox
2013-09-11 11:12 - 2012-07-02 12:59 - 00000000 ___RD D:\Users\Tempel\Google Drive
2013-09-11 11:12 - 2009-07-14 06:51 - 00365141 _____ C:\Windows\setupact.log
2013-09-10 17:44 - 2013-09-10 17:44 - 00000000 ____D D:\Program Files (x86)\ESET
2013-09-10 17:43 - 2013-09-10 17:43 - 02347384 _____ (ESET) D:\Users\Tempel\Downloads\esetsmartinstaller_enu.exe
2013-09-10 16:34 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-09-10 16:31 - 2013-09-10 16:31 - 00018931 _____ D:\Users\Tempel\Desktop\gmer.log
2013-09-10 16:25 - 2013-09-10 16:25 - 00060660 _____ D:\Users\Tempel\Desktop\Addition.txt
2013-09-10 16:24 - 2013-09-10 16:24 - 00000000 ____D C:\FRST
2013-09-10 16:19 - 2013-09-10 16:19 - 00000654 _____ D:\Users\Tempel\Desktop\defogger_disable.log
2013-09-10 16:19 - 2013-09-10 16:19 - 00000188 _____ D:\Users\Tempel\defogger_reenable
2013-09-10 16:19 - 2012-07-02 12:31 - 00000000 ____D D:\Users\Tempel
2013-09-10 16:17 - 2013-09-10 16:17 - 00028532 _____ D:\Users\Tempel\Desktop\AVSCAN-20130910-082346-A2F2067D.LOG
2013-09-10 16:16 - 2013-09-10 16:16 - 00377856 _____ D:\Users\Tempel\Desktop\gmer_2.1.19163.exe
2013-09-10 16:16 - 2013-09-10 16:16 - 00050477 _____ D:\Users\Tempel\Desktop\Defogger.exe
2013-09-10 00:23 - 2012-07-05 10:24 - 00000000 ____D D:\Users\Tempel\Documents\MATLAB
2013-09-06 15:01 - 2013-09-06 15:01 - 00000548 _____ C:\Windows\Tasks\MATLAB R2013a Startup Accelerator.job
2013-09-06 14:36 - 2012-07-02 14:27 - 00000000 ____D D:\Program Files\MATLAB
2013-09-06 11:27 - 2012-07-02 12:56 - 00590196 _____ C:\Windows\PFRO.log
2013-09-04 16:40 - 2013-08-20 00:00 - 00003434 _____ C:\Windows\System32\Tasks\Browser Manager
2013-09-04 16:28 - 2012-07-02 12:50 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2013412791-1596353806-2001287601-1003UA.job
2013-09-04 15:43 - 2012-07-02 12:58 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-04 15:05 - 2013-03-12 18:17 - 00000548 _____ C:\Windows\Tasks\MATLAB R2012b Startup Accelerator.job
2013-09-04 15:02 - 2012-07-02 12:58 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-04 15:01 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-02 14:31 - 2013-08-06 22:34 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-02 10:50 - 2013-08-17 10:23 - 00000000 ____D D:\Users\Tempel\Desktop\Entwickeln
2013-09-02 10:28 - 2012-07-02 12:50 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2013412791-1596353806-2001287601-1003Core.job
2013-09-01 09:28 - 2012-10-15 12:02 - 00000000 ____D D:\Users\Tempel\AppData\Local\CrashDumps
2013-08-30 11:13 - 2012-08-31 10:19 - 00000000 ____D D:\Users\Tempel\Desktop\Tempels
2013-08-30 08:02 - 2013-08-30 08:02 - 00000000 ____D D:\Program Files (x86)\Tor
2013-08-30 00:14 - 2012-11-26 22:38 - 00000000 ____D D:\Program Files (x86)\Steam
2013-08-23 10:45 - 2013-03-08 10:18 - 00000000 ____D D:\Program Files (x86)\Cisco
2013-08-20 11:46 - 2013-08-17 12:10 - 00000000 ____D D:\Program Files (x86)\Mozilla Thunderbird
2013-08-20 11:25 - 2013-08-06 22:35 - 00081112 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-08-20 11:25 - 2013-08-06 22:34 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-08-16 18:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-16 07:44 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-15 09:55 - 2013-08-15 09:55 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 09:54 - 2012-07-02 13:09 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
Files to move or delete:
====================
D:\Users\Tempel\AppData\Local\Temp\AskSLib.dll
D:\Users\Tempel\AppData\Local\Temp\iv_uninstall.exe
D:\Users\Tempel\AppData\Local\Temp\LMkRstPt.exe
D:\Users\Tempel\AppData\Local\Temp\MSETUP4.EXE
D:\Users\Tempel\AppData\Local\Temp\tmp7167.exe
D:\Users\Tempel\AppData\Local\Temp\tmp951F.exe
D:\Users\Tempel\AppData\Local\Temp\tmpBE5E.exe
D:\Users\Tempel\AppData\Local\Temp\tmpC10.exe
D:\Users\Tempel\AppData\Local\Temp\tmpCC43.exe
D:\Users\Tempel\AppData\Local\Temp\tmpF4AA.exe
D:\Users\Tempel\AppData\Local\Temp\uninstall.exe
D:\Users\Tempel\AppData\Local\Temp\vpnclient_setup.exe
D:\Users\Tempel\AppData\Local\Temp\_is3B7.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-09-01 13:07
==================== End Of Log ============================
--- --- --- Addition.txt: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-09-2013 Ran by Tempel at 2013-09-11 11:24:17 Running from D:\Users\Tempel\Desktop Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168) Adobe Reader X (10.1.7) - Deutsch (x32 Version: 10.1.7) Amazon MP3-Downloader 1.0.17 (x32 Version: 1.0.17) AMD Accelerated Video Transcoding (Version: 12.5.100.21219) AMD APP SDK Runtime (Version: 10.0.1084.4) AMD Catalyst Install Manager (Version: 8.0.903.0) AMD Drag and Drop Transcoding (Version: 2.00.0000) AMD Media Foundation Decoders (Version: 1.0.71219.1540) Apple Application Support (x32 Version: 2.3.3) Apple Mobile Device Support (Version: 6.1.0.13) Apple Software Update (x32 Version: 2.1.3.127) Asmedia ASM104x USB 3.0 Host Controller Driver (x32 Version: 1.10.1.0) ASRock App Charger v1.0.4 ASRock eXtreme Tuner v0.1.110 (x32) ASRock InstantBoot v1.29 (x32) Avira Free Antivirus (x32 Version: 13.0.0.4052) Batman: Arkham City GOTY (x32) Bonjour (Version: 3.0.0.10) CameraHelperMsi (x32 Version: 13.50.854.0) Canon Easy-PhotoPrint EX (x32) Canon Easy-WebPrint EX (x32) Canon MG5300 series Benutzerregistrierung (x32) Canon MG5300 series MP Drivers Canon MG5300 series On-screen Manual (x32) Canon MP Navigator EX 5.0 (x32) Canon My Printer (x32) Canon Solution Menu EX (x32) Catalyst Control Center - Branding (x32 Version: 1.00.0000) Catalyst Control Center (x32 Version: 2012.1219.1521.27485) Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1219.1521.27485) Catalyst Control Center InstallProxy (x32 Version: 2012.1219.1521.27485) Catalyst Control Center Localization All (x32 Version: 2012.1219.1521.27485) CCC Help Chinese Standard (x32 Version: 2012.1219.1520.27485) CCC Help Chinese Traditional (x32 Version: 2012.1219.1520.27485) CCC Help Czech (x32 Version: 2012.1219.1520.27485) CCC Help Danish (x32 Version: 2012.1219.1520.27485) CCC Help Dutch (x32 Version: 2012.1219.1520.27485) CCC Help English (x32 Version: 2012.1219.1520.27485) CCC Help Finnish (x32 Version: 2012.1219.1520.27485) CCC Help French (x32 Version: 2012.1219.1520.27485) CCC Help German (x32 Version: 2012.1219.1520.27485) CCC Help Greek (x32 Version: 2012.1219.1520.27485) CCC Help Hungarian (x32 Version: 2012.1219.1520.27485) CCC Help Italian (x32 Version: 2012.1219.1520.27485) CCC Help Japanese (x32 Version: 2012.1219.1520.27485) CCC Help Korean (x32 Version: 2012.1219.1520.27485) CCC Help Norwegian (x32 Version: 2012.1219.1520.27485) CCC Help Polish (x32 Version: 2012.1219.1520.27485) CCC Help Portuguese (x32 Version: 2012.1219.1520.27485) CCC Help Russian (x32 Version: 2012.1219.1520.27485) CCC Help Spanish (x32 Version: 2012.1219.1520.27485) CCC Help Swedish (x32 Version: 2012.1219.1520.27485) CCC Help Thai (x32 Version: 2012.1219.1520.27485) CCC Help Turkish (x32 Version: 2012.1219.1520.27485) ccc-utility64 (Version: 2012.1219.1521.27485) CCleaner (Version: 3.20) Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04063) Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04063) Cisco Systems VPN Client 5.0.07.0290 (Version: 5.0.7) Core Temp 1.0 RC3 (Version: 1.0) DAEMON Tools Lite (x32 Version: 4.46.1.0328) Dark Souls: Prepare to Die Edition (x32) Dead Space™ 2 (x32 Version: 1.0.941.0) Diablo II (x32) Diablo III (x32 Version: 1.0.7.14633) Diablo III Public Test (x32 Version: 1.0.5.12289) Dropbox (HKCU Version: 2.0.22) Dual-Core Optimizer (x32 Version: 1.1.4.0169) ElsterFormular (x32 Version: 14.0.0.10960) EPSON-Drucker-Software erLT (x32 Version: 1.20.138.34) ESET Online Scanner v3 (x32) Fraps (x32) Google Chrome (HKCU Version: 29.0.1547.66) Google Drive (x32 Version: 1.11.4865.2530) Google Update Helper (x32 Version: 1.3.21.153) GPL Ghostscript (Version: 9.05) GSview 5.0 (Version: 5.0) Intel(R) Control Center (x32 Version: 1.2.1.1007) Intel(R) Management Engine Components (x32 Version: 7.0.0.1144) Intel(R) Processor Graphics (x32 Version: 9.17.10.2932) Intel(R) Rapid Storage Technology (x32 Version: 10.6.0.1002) iTunes (Version: 11.0.2.26) John's Background Switcher 4.6 (x32 Version: 4.6) Logitech SetPoint 6.32 (Version: 6.32.20) Logitech Solar App 1.0 (Version: 1.00.46) Logitech Unifying-Software 2.10 (Version: 2.10.37) Logitech Webcam Software (x32 Version: 2.0) LWS Facebook (x32 Version: 13.50.854.0) LWS Gallery (x32 Version: 13.50.854.0) LWS Help_main (x32 Version: 13.50.862.0) LWS Launcher (x32 Version: 13.50.859.0) LWS Motion Detection (x32 Version: 13.30.1395.0) LWS Pictures And Video (x32 Version: 13.50.861.0) LWS Twitter (x32 Version: 13.30.1346.0) LWS Video Mask Maker (x32 Version: 13.30.1379.0) LWS VideoEffects (Version: 13.30.1379.0) LWS Webcam Software (x32 Version: 13.31.1038.0) LWS WLM Plugin (x32 Version: 1.30.1201.0) LWS YouTube Plugin (x32 Version: 13.31.1038.0) Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300) MATLAB R2012b (Version: 8.0) MATLAB R2013a (Version: 8.1) Metro 2033 (x32) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319) Microsoft .NET Framework 4 Extended (Version: 4.0.30319) Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319) Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0) Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0) Microsoft Silverlight (Version: 5.1.20513.0) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (x32 Version: 9.0.30411) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) MiKTeX 2.9 (Version: 2.9) Mozilla Thunderbird 14.0 (x86 de) (x32 Version: 14.0) Mozilla Thunderbird 17.0.8 (x86 de) (HKCU Version: 17.0.8) MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0) Müller Foto (x32 Version: 5.0.3) neroxml (x32 Version: 1.0.0) NVIDIA PhysX (x32 Version: 9.10.0222) OpenOffice.org 3.4 (x32 Version: 3.4.9590) Path of Exile (x32 Version: 0.10.0.22479) Picasa 3 (x32 Version: 3.9) Realtek Ethernet Controller Driver (x32 Version: 7.44.421.2011) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6392) Sid Meier's Civilization 4 - Beyond the Sword (x32 Version: 3.19) Sid Meier's Civilization 4 Complete (x32 Version: 1.74) Sid Meier's Civilization V (x32) Skype™ 6.3 (x32 Version: 6.3.105) SSH Secure Shell (x32) Steam (x32 Version: 1.0.0.0) TeamViewer 8 (x32 Version: 8.0.20202) TeXnicCenter Version 2.0 Alpha 4 (Version: 2.0 Alpha 4) The Witcher 2: Assassins of Kings Enhanced Edition (x32) THX TruStudio (x32 Version: 1.00.01) Torchlight II (x32) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1) VLC media player 2.0.5 (x32 Version: 2.0.5) Winamp (x32 Version: 5.623 ) Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1) Windows Live ID Sign-in Assistant (Version: 6.500.3165.0) WinRAR 4.20 (64-Bit) (Version: 4.20.0) XFast LAN v6.61 (Version: 6.61) XFastUsb (x32) ==================== Restore Points ========================= 03-09-2013 10:21:25 Windows Update 06-09-2013 06:20:17 Avira Free Antivirus - 06.09.2013 08:20 ==================== Hosts content: ========================== 2009-07-14 04:34 - 2013-03-10 08:51 - 00000859 ____A C:\Windows\system32\Drivers\etc\hosts 193.197.62.198 vpn.uni-ulm.de ==================== Scheduled Tasks (whitelisted) ============= Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started Task: {14B75439-A288-43E5-84A1-2661F5F37081} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe Task: {30CD2CAE-6E89-4AEC-83A8-9D4272BF437B} - System32\Tasks\GoogleUpdateTaskMachineCore => D:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-02] (Google Inc.) Task: {3913E400-F048-44EA-896C-C10AA90FA56C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2013412791-1596353806-2001287601-1003Core => D:\Users\Tempel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-02] (Google Inc.) Task: {3CBF2CFE-2936-43B3-8B21-6B27A28EB95F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2013412791-1596353806-2001287601-1003UA => D:\Users\Tempel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-02] (Google Inc.) Task: {54919411-C0FD-4D02-9C10-764D3D9E47E5} - System32\Tasks\Core Temp Autostart Tempel => D:\Program Files\Core Temp\Core Temp.exe [2012-01-25] () Task: {66B0083A-9720-4B7E-B8D4-3D416FDDD0B9} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation) Task: {73C545BC-7D18-402A-95A4-B7CA622CAC93} - System32\Tasks\MATLAB R2012b Startup Accelerator => D:\Program Files\MATLAB\R2012b\bin\win64\MATLABStartupAccelerator.exe [2012-07-20] () Task: {744E55E7-D199-4F96-B59C-B83107063D7A} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation) Task: {8CF68670-E8A7-4B58-B932-AEBAA37AE273} - System32\Tasks\CCleanerSkipUAC => D:\Program Files\CCleaner\CCleaner.exe [2012-06-22] (Piriform Ltd) Task: {A268E353-8EAE-488E-8211-C8DE18DA94A7} - System32\Tasks\Apple\AppleSoftwareUpdate => D:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {A9F90BEF-56D6-4D4A-AF32-0F0CEE15D97F} - System32\Tasks\Browser Manager => Sc.exe start Browser Manager Task: {CCB4565E-F696-4A52-8782-37B61BC28F1F} - System32\Tasks\{3D613602-B0DA-4E2C-A8C9-3BA8E6EEFD0F} => C:\Windows\System32\msiexec.exe [2010-11-20] (Microsoft Corporation) Task: {CDB1B702-B9BC-458C-B17C-5ACA4FEF3FDA} - System32\Tasks\GoogleUpdateTaskMachineUA => D:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-02] (Google Inc.) Task: {E4A07A55-29CB-4AE5-BF25-F8CD4A23F205} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => D:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => D:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2013412791-1596353806-2001287601-1003Core.job => D:\Users\Tempel\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2013412791-1596353806-2001287601-1003UA.job => D:\Users\Tempel\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\MATLAB R2012b Startup Accelerator.job => D:\Program Files\MATLAB\R2012b\bin\win64\MATLABStartupAccelerator.exe Task: C:\Windows\Tasks\MATLAB R2013a Startup Accelerator.job => D:\Program Files\MATLAB\R2013a\bin\win64\MATLABStartupAccelerator.exe ==================== Loaded Modules (whitelisted) ============= 2013-05-25 02:36 - 2013-05-25 02:36 - 00164016 _____ (Dropbox, Inc.) D:\Users\Tempel\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll 2012-07-05 09:53 - 2012-06-09 19:20 - 00196096 _____ (Alexander Roshal) D:\Program Files\WinRAR\rarext.dll 2011-10-07 11:39 - 2011-10-07 11:39 - 01304856 _____ () D:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll 2012-12-08 13:24 - 2011-03-14 19:09 - 00136704 _____ (CANON INC.) D:\Program Files\Canon\MyPrinter\cnmpu.dll 2012-12-08 13:24 - 2011-04-07 19:09 - 00069632 _____ (CANON INC.) D:\Program Files\Canon\MyPrinter\BJMyRes.dll 2012-07-02 12:37 - 2011-04-15 04:16 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2012-12-14 02:42 - 2012-12-14 02:42 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrDEU.lrc 2012-09-16 20:49 - 2012-09-16 20:49 - 01352824 _____ (johnsadventures.com) D:\Program Files (x86)\johnsadventures.com\John's Background Switcher\JBSCore.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00327680 _____ (Advanced Mirco Devices, Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.dll 2012-12-19 16:16 - 2012-12-19 16:16 - 00208896 _____ (Advanced Mirco Devices, Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Shared.dll 2012-12-19 16:19 - 2012-12-19 16:19 - 00028672 _____ (Advanced Mirco Devices, Inc.) D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Dashboard.dll 2013-07-13 10:23 - 2013-07-13 10:23 - 00853896 ____T (Google Inc.) D:\Users\Tempel\AppData\Local\Google\Update\1.3.21.153\goopdate.dll 2012-11-14 01:32 - 2012-11-14 01:32 - 03558400 _____ (wxWidgets development team) D:\Users\Tempel\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll 2013-03-13 22:48 - 2013-03-13 22:48 - 24978944 _____ () D:\Users\Tempel\AppData\Roaming\Dropbox\bin\libcef.dll 2013-03-13 22:48 - 2013-03-13 22:48 - 09956864 _____ (The ICU Project) D:\Users\Tempel\AppData\Roaming\Dropbox\bin\icudt.dll 2013-08-16 14:01 - 2013-08-16 14:01 - 00492032 _____ (Intel Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\97ce162bb354fcf9c8d9eae8252ee216\IAStorUtil.ni.dll 2013-07-12 12:21 - 2013-07-12 12:21 - 00014336 _____ (Intel Corp.) C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\22d36f517c7545fdb65ccddae680a3eb\IAStorCommon.ni.dll 2013-09-11 11:12 - 2013-09-11 11:12 - 02436608 _____ (Python Software Foundation) D:\Users\Tempel\AppData\Local\Temp\_MEI27722\python27.dll 2013-09-11 11:12 - 2013-09-11 11:12 - 00098816 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27722\win32api.pyd 2013-09-11 11:12 - 2013-09-11 11:12 - 00110080 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27722\pywintypes27.dll 2013-09-11 11:12 - 2013-09-11 11:12 - 00364544 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27722\pythoncom27.dll 2013-09-11 11:12 - 2013-09-11 11:12 - 00044032 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27722\_socket.pyd 2013-09-11 11:12 - 2013-09-11 11:12 - 01153024 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27722\_ssl.pyd 2013-09-11 11:12 - 2013-09-11 11:12 - 00320512 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27722\win32com.shell.shell.pyd 2013-09-11 11:12 - 2013-09-11 11:12 - 00711680 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27722\_hashlib.pyd 2013-09-11 11:12 - 2013-09-11 11:12 - 01175040 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27722\wx._core_.pyd 2013-09-11 11:12 - 2013-09-11 11:12 - 01985024 _____ (wxWidgets development team) D:\Users\Tempel\AppData\Local\Temp\_MEI27722\wxbase294u_vc90.dll 2013-09-11 11:12 - 2013-09-11 11:12 - 00154112 _____ (wxWidgets development team) D:\Users\Tempel\AppData\Local\Temp\_MEI27722\wxbase294u_net_vc90.dll 2013-09-11 11:12 - 2013-09-11 11:12 - 04598272 _____ (wxWidgets development team) D:\Users\Tempel\AppData\Local\Temp\_MEI27722\wxmsw294u_core_vc90.dll 2013-09-11 11:12 - 2013-09-11 11:12 - 01234944 _____ (wxWidgets development team) D:\Users\Tempel\AppData\Local\Temp\_MEI27722\wxmsw294u_adv_vc90.dll 2013-09-11 11:12 - 2013-09-11 11:12 - 00805888 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27722\wx._gdi_.pyd 2013-09-11 11:12 - 2013-09-11 11:12 - 00811008 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27722\wx._windows_.pyd 2013-09-11 11:12 - 2013-09-11 11:12 - 00595968 _____ (wxWidgets development team) D:\Users\Tempel\AppData\Local\Temp\_MEI27722\wxmsw294u_html_vc90.dll 2013-09-11 11:12 - 2013-09-11 11:12 - 01062400 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27722\wx._controls_.pyd 2013-09-11 11:12 - 2013-09-11 11:12 - 00735232 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27722\wx._misc_.pyd 2013-09-11 11:12 - 2013-09-11 11:12 - 00128512 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27722\_elementtree.pyd 2013-09-11 11:12 - 2013-09-11 11:12 - 00127488 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27722\pyexpat.pyd 2013-09-11 11:12 - 2013-09-11 11:12 - 00557056 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27722\pysqlite2._sqlite.pyd 2013-09-11 11:12 - 2013-09-11 11:12 - 00087040 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27722\_ctypes.pyd 2013-09-11 11:12 - 2013-09-11 11:12 - 00119808 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27722\win32file.pyd 2013-09-11 11:12 - 2013-09-11 11:12 - 00108544 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27722\win32security.pyd 2013-09-11 11:12 - 2013-09-11 11:12 - 00018432 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27722\win32event.pyd 2013-09-11 11:12 - 2013-09-11 11:12 - 00038912 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27722\win32inet.pyd 2013-09-11 11:12 - 2013-09-11 11:12 - 00122368 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27722\wx._wizard.pyd 2013-09-11 11:12 - 2013-09-11 11:12 - 00686080 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27722\unicodedata.pyd 2013-09-11 11:12 - 2013-09-11 11:12 - 00026624 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27722\_multiprocessing.pyd 2013-09-11 11:12 - 2013-09-11 11:12 - 00070656 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27722\wx._html2.pyd 2013-09-11 11:12 - 2013-09-11 11:12 - 00091648 _____ (wxWidgets development team) D:\Users\Tempel\AppData\Local\Temp\_MEI27722\wxmsw294u_webview_vc90.dll 2013-09-11 11:12 - 2013-09-11 11:12 - 00010240 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27722\select.pyd 2013-09-11 11:12 - 2013-09-11 11:12 - 00025600 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27722\win32pdh.pyd 2013-09-11 11:12 - 2013-09-11 11:12 - 00504832 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27722\windows._cacheinvalidation.pyd 2013-09-11 11:12 - 2013-09-11 11:12 - 00421200 _____ (Microsoft Corporation) D:\Users\Tempel\AppData\Local\Temp\_MEI27722\MSVCP100.dll 2013-09-11 11:12 - 2013-09-11 11:12 - 00773968 _____ (Microsoft Corporation) D:\Users\Tempel\AppData\Local\Temp\_MEI27722\MSVCR100.dll 2013-09-11 11:12 - 2013-09-11 11:12 - 00011264 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27722\win32crypt.pyd 2013-09-11 11:12 - 2013-09-11 11:12 - 00035840 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27722\win32process.pyd 2013-09-11 11:12 - 2013-09-11 11:12 - 00017408 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27722\win32profile.pyd 2013-09-11 11:12 - 2013-09-11 11:12 - 00022528 _____ () D:\Users\Tempel\AppData\Local\Temp\_MEI27722\win32ts.pyd 2013-07-19 23:29 - 2013-07-19 23:29 - 00063376 _____ () D:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll 2013-09-04 08:29 - 2013-09-02 22:34 - 47074256 _____ (Google Inc.) D:\Users\Tempel\AppData\Local\Google\Chrome\Application\29.0.1547.66\chrome.dll 2013-09-04 08:29 - 2013-09-02 22:35 - 09962960 _____ (The ICU Project) D:\Users\Tempel\AppData\Local\Google\Chrome\Application\29.0.1547.66\icudt.dll 2013-05-25 02:36 - 2013-05-25 02:36 - 00130736 _____ (Dropbox, Inc.) D:\Users\Tempel\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll 2013-09-04 08:29 - 2013-09-02 20:46 - 03231688 _____ (Microsoft Corporation) D:\Users\Tempel\AppData\Local\Google\Chrome\Application\29.0.1547.66\D3DCompiler_46.dll 2013-09-04 08:29 - 2013-09-02 22:35 - 00709584 _____ () D:\Users\Tempel\AppData\Local\Google\Chrome\Application\29.0.1547.66\libglesv2.dll 2013-09-04 08:29 - 2013-09-02 22:35 - 00099792 _____ () D:\Users\Tempel\AppData\Local\Google\Chrome\Application\29.0.1547.66\libegl.dll 2013-09-04 08:29 - 2013-09-02 22:35 - 04053456 _____ () D:\Users\Tempel\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll 2013-09-04 08:29 - 2013-09-02 22:35 - 00410576 _____ () D:\Users\Tempel\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll 2013-09-04 08:29 - 2013-09-02 22:35 - 02110928 _____ (Google Inc.) D:\Users\Tempel\AppData\Local\Google\Chrome\Application\29.0.1547.66\libpeerconnection.dll 2013-09-04 08:29 - 2013-09-02 22:35 - 01604560 _____ () D:\Users\Tempel\AppData\Local\Google\Chrome\Application\29.0.1547.66\ffmpegsumo.dll 2013-09-04 08:29 - 2013-09-02 22:35 - 13599184 _____ () D:\Users\Tempel\AppData\Local\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========== ==================== Faulty Device Manager Devices ============= Name: Cisco Systems VPN Adapter for 64-bit Windows Description: Cisco Systems VPN Adapter for 64-bit Windows Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Cisco Systems Service: CVirtA Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Cisco Systems Service: vpnva Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (09/11/2013 11:21:30 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (09/11/2013 00:25:53 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (09/10/2013 05:44:08 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (09/10/2013 05:44:01 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (09/10/2013 04:36:42 PM) (Source: Application Hang) (User: ) Description: Programm explorer.exe, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1024 Startzeit: 01ceae32fcebb3d6 Endzeit: 0 Anwendungspfad: C:\Windows\explorer.exe Berichts-ID: Error: (09/10/2013 04:35:25 PM) (Source: Application Hang) (User: ) Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 524 Startzeit: 01ceae3106eb96a2 Endzeit: 15 Anwendungspfad: C:\Windows\Explorer.EXE Berichts-ID: Error: (09/06/2013 02:24:58 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Error: (09/06/2013 08:20:17 AM) (Source: Microsoft-Windows-CAPI2) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed. System Error: 0xC0000039 (unresolvable). Error: (09/03/2013 00:21:25 PM) (Source: Microsoft-Windows-CAPI2) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed. System Error: 0xC0000039 (unresolvable). Error: (09/03/2013 00:21:25 PM) (Source: Microsoft-Windows-CAPI2) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed. System Error: 0xC0000039 (unresolvable). System errors: ============= Error: (09/11/2013 11:21:26 AM) (Source: DCOM) (User: ) Description: {0002DF01-0000-0000-C000-000000000046} Error: (09/10/2013 04:22:05 PM) (Source: bowser) (User: ) Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "KATHARINA-PC", der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{B8CC2442-4DC9-4717-8C69-B17E0B1816F1}-Transport zu sein scheint. Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen. Error: (09/10/2013 01:27:57 PM) (Source: bowser) (User: ) Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "KATHARINA-PC", der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{B8CC2442-4DC9-4717-8C69-B17E0B1816F1}-Transport zu sein scheint. Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen. Error: (09/10/2013 11:34:55 AM) (Source: bowser) (User: ) Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "KATHARINA-PC", der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{B8CC2442-4DC9-4717-8C69-B17E0B1816F1}-Transport zu sein scheint. Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen. Error: (09/10/2013 11:22:57 AM) (Source: bowser) (User: ) Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "KATHARINA-PC", der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{B8CC2442-4DC9-4717-8C69-B17E0B1816F1}-Transport zu sein scheint. Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen. Error: (09/10/2013 08:25:58 AM) (Source: Service Control Manager) (User: ) Description: Dienst "Adobe Flash Player Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (09/09/2013 09:34:35 PM) (Source: bowser) (User: ) Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "FLACHBOOK-PC", der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{B8CC2442-4DC9-4717-8C69-B17E0B1816F1}-Transport zu sein scheint. Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen. Error: (09/07/2013 08:58:08 PM) (Source: bowser) (User: ) Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "KATHARINA-PC", der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{B8CC2442-4DC9-4717-8C69-B17E0B1816F1}-Transport zu sein scheint. Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen. Error: (09/06/2013 00:37:20 PM) (Source: BROWSER) (User: ) Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{B8CC2442-4DC9-4717-8C69-B17E0B1816F1}" zu oft fehl. Der Sicherungssuchdienst wird beendet. Error: (09/06/2013 08:21:03 AM) (Source: Service Control Manager) (User: ) Description: Dienst "Tor Win32 Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Microsoft Office Sessions: ========================= Error: (09/11/2013 11:21:30 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\Users\Tempel\Downloads\esetsmartinstaller_enu.exe Error: (09/11/2013 00:25:53 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe Error: (09/10/2013 05:44:08 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\Users\Tempel\Downloads\esetsmartinstaller_enu.exe Error: (09/10/2013 05:44:01 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\Users\Tempel\Downloads\esetsmartinstaller_enu.exe Error: (09/10/2013 04:36:42 PM) (Source: Application Hang)(User: ) Description: explorer.exe6.1.7601.17567102401ceae32fcebb3d60C:\Windows\explorer.exe Error: (09/10/2013 04:35:25 PM) (Source: Application Hang)(User: ) Description: Explorer.EXE6.1.7601.1756752401ceae3106eb96a215C:\Windows\Explorer.EXE Error: (09/06/2013 02:24:58 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestD:\Users\Tempel\Downloads\SoftonicDownloader_fuer_artistic-font-collection.exe Error: (09/06/2013 08:20:17 AM) (Source: Microsoft-Windows-CAPI2)(User: ) Description: Details: AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed. System Error: 0xC0000039 (unresolvable) Error: (09/03/2013 00:21:25 PM) (Source: Microsoft-Windows-CAPI2)(User: ) Description: Details: AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed. System Error: 0xC0000039 (unresolvable) Error: (09/03/2013 00:21:25 PM) (Source: Microsoft-Windows-CAPI2)(User: ) Description: Details: AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed. System Error: 0xC0000039 (unresolvable) ==================== Memory info =========================== Percentage of memory in use: 30% Total physical RAM: 8103.51 MB Available physical RAM: 5616.14 MB Total Pagefile: 24485.69 MB Available Pagefile: 21504.23 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:59.53 GB) (Free:19.43 GB) NTFS Drive d: () (Fixed) (Total:931.51 GB) (Free:475.17 GB) NTFS Drive j: (Volume) (Fixed) (Total:931.51 GB) (Free:810.84 GB) NTFS Drive k: () (Removable) (Total:30.23 GB) (Free:26.8 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 60 GB) (Disk ID: 2F84E159) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=60 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 63ACE089) Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 307D522B) Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS) ======================================================== Disk: 7 (Size: 30 GB) (Disk ID: 00000000) Partition 1: (Not Active) - (Size=30 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
|
11.09.2013, 13:06
| #6 |
| /// the machine /// TB-Ausbilder | Win 7 / Avira meldet Trojaner Fakeadb.A Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter R2 tor; D:\Program Files (x86)\Tor\tor.exe [3233806 2013-09-01] ()
D:\Program Files (x86)\Tor
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ --> Win 7 / Avira meldet Trojaner Fakeadb.A |
|
11.09.2013, 13:46
| #7 |
| | Win 7 / Avira meldet Trojaner Fakeadb.A Hier das FRST Fixlog: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-09-2013
Ran by Tempel at 2013-09-11 14:37:52 Run:1
Running from D:\Users\Tempel\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
R2 tor; D:\Program Files (x86)\Tor\tor.exe [3233806 2013-09-01] ()
D:\Program Files (x86)\Tor
*****************
tor => Service deleted successfully.
"D:\Program Files (x86)\Tor" directory move:
Could not move "D:\Program Files (x86)\Tor\tor.exe" => Scheduled to move on reboot.
Could not move "D:\Program Files (x86)\Tor" directory. => Scheduled to move on reboot.
=========== Result of Scheduled Files to move ===========
D:\Program Files (x86)\Tor\tor.exe => Moved successfully.
D:\Program Files (x86)\Tor => Moved successfully.
==== End of Fixlog ====
|
|
11.09.2013, 17:13
| #8 |
| /// the machine /// TB-Ausbilder | Win 7 / Avira meldet Trojaner Fakeadb.A Fertig Die Reihenfolge ist hier entscheidend.
Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
12.09.2013, 20:18
| #9 |
| | Win 7 / Avira meldet Trojaner Fakeadb.A Vielen vielen Dank! |
|
13.09.2013, 08:48
| #10 |
| /// the machine /// TB-Ausbilder | Win 7 / Avira meldet Trojaner Fakeadb.A Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Win 7 / Avira meldet Trojaner Fakeadb.A |
| 4d36e972-e325-11ce-bfc1-08002be10318, adblock, antivir, antivirus, avira, bonjour, branding, browser, canon, computer, defender, dllhost.exe, farbar, farbar recovery scan tool, fehler, flash player, google, helper, homepage, iexplore.exe, mozilla, msiexec.exe, picasa, plug-in, programm, realtek, registry, richtlinie, rundll, scan, services.exe, software, svchost.exe, system, trojaner, usb, wickel, win64 |
Linear-Darstellung
