|
Plagegeister aller Art und deren Bekämpfung: Avast! Free "Startzeit-Überprüfung" - falschmeldungen?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
29.03.2014, 17:08 | #1 |
| Avast! Free "Startzeit-Überprüfung" - falschmeldungen? Hallo, nachdem ich Routine mäßig eine "Startzeit-Überprüfung", also Überprüfung vor dem Windows Start, mit Avast! Free Antivirus durchgeführt habe, wurden folgendes gefunden: https://www.dropbox.com/s/98k3gaz82xmkzbg/Screenshot%202014-03-29%2016.56.56.png https://www.dropbox.com/s/ktfzvjefm761t4t/Screenshot%202014-03-29%2017.02.12.png Könnten dass Falschmeldungen sein? Oder soll ich das "volle Programm" durchziehen? LG Christian |
29.03.2014, 17:51 | #2 |
/// the machine /// TB-Ausbilder | Avast! Free "Startzeit-Überprüfung" - falschmeldungen? Hi,
__________________Bilder bitte direkt im Thema anhängen.
__________________ |
30.03.2014, 00:29 | #3 |
| Avast! Free "Startzeit-Überprüfung" - falschmeldungen? hier die bilder
__________________ |
30.03.2014, 12:52 | #4 |
/// the machine /// TB-Ausbilder | Avast! Free "Startzeit-Überprüfung" - falschmeldungen? hi, Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
16.04.2014, 13:29 | #5 |
| Avast! Free "Startzeit-Überprüfung" - falschmeldungen? war längere zeit nicht da, aber nun hier der Scan: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 14-04-2014 Ran by TyCore at 2014-04-16 12:37:59 Running from C:\Users\TyCore\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C} AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== 3DMark Vantage (HKLM\...\{C40C3C3D-97CF-44B5-836C-766E374464B3}) (Version: 1.1.0 - Futuremark Corporation) 7-Zip 9.20 (HKLM\...\7-Zip) (Version: - ) Adobe Acrobat XI Pro (HKLM\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.00 - Adobe Systems) Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.8.0.1430 - Adobe Systems Incorporated) Adobe AIR (Version: 3.8.0.1430 - Adobe Systems Incorporated) Hidden Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.3 - Adobe Systems Incorporated) Adobe Download Assistant (Version: 1.2.3 - Adobe Systems Incorporated) Hidden Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated) Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated) Adobe Help Manager (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe Help Manager (Version: 4.0.244 - Adobe Systems Incorporated) Hidden Adobe Illustrator CS6 (HKLM\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated) Adobe InDesign CS6 (HKLM\...\{CFB770D7-8D43-1014-922B-CC2715FADE3F}) (Version: 8.0 - Adobe Systems Incorporated) Adobe Photoshop CS6 (HKLM\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) Alien Swarm (HKLM\...\Steam App 630) (Version: - Valve) AMD Accelerated Video Transcoding (Version: 13.20.100.31206 - Advanced Micro Devices, Inc.) Hidden AMD Catalyst Control Center (Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden AMD Catalyst Install Manager (HKLM\...\{C2796CF4-6517-00C1-9F70-6A9C50680D29}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.) AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden AMD Fuel (Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden AMD OverDrive (HKLM\...\{34D5220A-58D0-473C-90E4-15136C3FB0E3}) (Version: 4.3.1.0690 - Advanced Micro Devices, Inc.) AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden ANT Drivers Installer x86 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden Apple Application Support (HKLM\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{E14ADE0E-75F3-4A46-87E5-26692DD626EC}) (Version: 6.1.0.13 - Apple Inc.) Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) AppsHat Mobile Apps (HKCU\...\AppsHat Mobile Apps) (Version: 1.0.0.0 - Somoto Ltd.) <==== ATTENTION Arma 3 Alpha Lite (HKLM\...\Steam App 228800) (Version: - Bohemia Interactive) ATI AVIVO Codecs (Version: 10.10.0.40914 - ATI Technologies Inc.) Hidden avast! Free Antivirus (HKLM\...\avast) (Version: 8.0.1497.0 - AVAST Software) Avery Wizard 4.0 (HKLM\...\{F5D84887-8A6F-4993-8560-B3AA44CB620D}) (Version: 4.0.201 - Avery) AVM FRITZ!WLAN (HKLM\...\AVMWLANCLI) (Version: - AVM Berlin) Battlefield 4™ (HKLM\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.2.0.0 - Electronic Arts) Battlelog Web Plugins (HKLM\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB) Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.) Canon LBP2900 (HKLM\...\Canon LBP2900) (Version: - ) Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Graphics Previews Common (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center InstallProxy (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Localization All (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Standard (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Traditional (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Czech (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Danish (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Dutch (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help English (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Finnish (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help French (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help German (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Greek (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Hungarian (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Italian (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Japanese (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Korean (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Norwegian (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Polish (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Portuguese (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Russian (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Spanish (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Swedish (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Thai (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Turkish (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden ccc-utility (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.07 - Piriform) CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.1.4003 - CDBurnerXP) Command & Conquer 3 (HKLM\...\{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}) (Version: 1.00.0000 - Ihr Firmenname) Command & Conquer Generals (HKLM\...\InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}) (Version: 0.50.0000 - Electronic Arts) Command & Conquer Generals (Version: 0.50.0000 - Electronic Arts) Hidden Command & Conquer™ 3: Kanes Rache (HKLM\...\{CC2422C9-F7B5-4175-B295-5EC2283AA674}) (Version: 1.00.0000 - Ihr Firmenname) Command and Conquer(TM) Generäle Die Stunde Null (HKLM\...\InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}) (Version: 1.00.0000 - Electronic Arts) Command and Conquer(TM) Generäle Die Stunde Null (Version: 1.00.0000 - Electronic Arts) Hidden DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.46.1.0327 - DT Soft Ltd) DH Driver Cleaner Professional Edition (HKLM\...\Driver Cleaner Pro) (Version: Version 1.5 - Ruud Ketelaars) Diablo III (HKLM\...\Diablo III) (Version: 1.0.5.12811 - Blizzard Entertainment) Dr. Hardware 2014 14.0d (HKLM\...\Dr. Hardware 2014_is1) (Version: - Peter A. Gebhard) Dropbox (HKCU\...\Dropbox) (Version: 2.6.2 - Dropbox, Inc.) Elevated Installer (Version: 3.1.7.0 - Garmin Ltd or its subsidiaries) Hidden ElsterFormular (HKLM\...\ElsterFormular) (Version: 14.3.11574 - Landesfinanzdirektion Thüringen) eReg (Version: 1.20.138.34 - Logitech, Inc.) Hidden ESN Sonar (HKLM\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB) Everything 1.2.1.371 (HKLM\...\Everything) (Version: - ) Fallout 3 (HKLM\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks) File Type Advisor 1.0 (HKLM\...\File Type Advisor_is1) (Version: - filetypeadvisor.com) FileZilla Client 3.2.6.1 (HKLM\...\FileZilla Client) (Version: 3.2.6.1 - ) FLV Player 2.0 (build 25) (HKLM\...\FLV Player) (Version: 2.0 (build 25) - Martijn de Visser) foobar2000 v1.2.1 (HKLM\...\foobar2000) (Version: 1.2.1 - Peter Pawlowski) Free M4a to MP3 Converter 8.0 (HKLM\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com) Free Video to MP3 Converter version 5.0.28.812 (HKLM\...\Free Video to MP3 Converter_is1) (Version: 5.0.28.812 - DVDVideoSoft Ltd.) Freemake Video Downloader (HKLM\...\Freemake Video Downloader_is1) (Version: 3.4.0 - Ellora Assets Corporation) Futuremark SystemInfo (HKLM\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.15.0 - Futuremark Corporation) Game Booster 3 (HKLM\...\Game Booster_is1) (Version: 3.4 - IObit) Garmin Express (HKLM\...\{50b02c70-f203-47ba-a926-5e4d816688db}) (Version: 3.1.7.0 - Garmin Ltd or its subsidiaries) Garmin Express (Version: 3.1.7.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Express Tray (Version: 3.1.7.0 - Garmin Ltd or its subsidiaries) Hidden Garmin USB Drivers (HKLM\...\{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries) Garmin WebUpdater (HKLM\...\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries) Geeks3D FurMark 1.12.0 (HKLM\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D) Google Earth Plug-in (HKLM\...\{33286280-8617-11E1-8FF6-B8AC6F97B88E}) (Version: 6.2.2.6613 - Google) ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!) iTunes (HKLM\...\{91FD46D2-4FB7-4A51-8637-556E1BE1DB7C}) (Version: 11.0.4.4 - Apple Inc.) Jagged Alliance Back in Action Demo Version 1.0 (HKLM\...\{47C555CA-1CFD-44F9-9479-D2D900683520}_is1) (Version: 1.0 - Kalypso Media) Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle) Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden JDownloader 0.9 (HKLM\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH) JMicron JMB36X Driver (HKLM\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.59.0 - JMicron Technology Corp.) LineIn plugin for WinAMP v1.80 (remove only) (HKLM\...\LineIn plugin for WinAMP) (Version: - ) Live Update 5 (HKLM\...\{E8BAA541-D161-4C9B-85BF-01F05A56BD7F}}_is1) (Version: 5.0.114 - MSI) Logitech SetPoint 6.52 (HKLM\...\sp6) (Version: 6.52.74 - Logitech) Microsoft .NET Framework 1.1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft) Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation) Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden Microsoft Camera Codec Pack (HKLM\...\{908C5B2E-D684-425E-A54D-FE77D5C5A076}) (Version: 16.4.1970.0624 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Access Runtime (German) 2007 (HKLM\...\{90120000-001C-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Ultimate 2007 (HKLM\...\ULTIMATER) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Ultimate 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC90_ATL_x86 (Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_MFC_x86 (Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000 - Adobe) Hidden MilkDrop for Winamp 2x (remove only) (HKLM\...\vis_milk.dllWinamp) (Version: - ) Mouse Editor (HKLM\...\InstallShield_{3A4218DE-B9DB-4AD5-9DB2-5853D3AA0335}) (Version: 12.08.0006 - Ihr Firmenname) MOUSE Editor (Version: 12.08.0006 - Ihr Firmenname) Hidden Mozilla Firefox 28.0 (x86 de) (HKLM\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla) MSI Afterburner 2.3.1 (HKLM\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD) MSI GamingApp (HKLM\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 1.0.0.7 - MSI) MyPhoneExplorer (HKLM\...\MPE) (Version: 1.8.5 - F.J. Wechselberger) Natural Selection 2 (HKLM\...\Steam App 4920) (Version: - Unknown Worlds Entertainment) NVIDIA PhysX (HKLM\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation) Origin (HKLM\...\Origin) (Version: 9.4.1.116 - Electronic Arts, Inc.) PDF Settings CS6 (Version: 11.0 - Adobe Systems Incorporated) Hidden PDF24 Creator 5.7.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.206.0 - Tracker Software Products Ltd) PowerStrip 3 (remove only) (HKLM\...\PowerStrip 3 (remove only)) (Version: - ) PS3 Media Server (HKLM\...\PS3 Media Server) (Version: 1.72.0 - PS3 Media Server) PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) Raptr (HKLM\...\Raptr) (Version: - ) Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6813 - Realtek Semiconductor Corp.) Revo Uninstaller 1.94 (HKLM\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group) Samsung SSD Magician (HKLM\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 3.1 - Samsung Electronics) Skype™ 6.3 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.107 - Skype Technologies S.A.) Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited) StarCraft II (HKLM\...\StarCraft II) (Version: - Blizzard Entertainment) Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) SugarSync (HKLM\...\SugarSync) (Version: 2.0.45.124340 - SugarSync, Inc.) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.10.1 - TeamSpeak Systems GmbH) TeamViewer 8 (HKLM\...\TeamViewer 8) (Version: 8.0.26038 - TeamViewer) The Witcher 2 (HKLM\...\{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}) (Version: 1.00.0000 - CD Projekt Red) The Witcher 2 Assassins of Kings version 1.0 (HKLM\...\{3F5FA47E-B4DE-45B4-85E3-11CD5E4974A3}_is1) (Version: 1.0 - Atari) Tom Clancy's Rainbow Six Vegas 2 (HKLM\...\{FD416706-875C-4B0B-A23A-9E740DAE029E}) (Version: 1.03 - Ubisoft) TreeSize Free V2.7 (HKLM\...\TreeSize Free_is1) (Version: 2.7 - JAM Software) TrueCrypt (HKLM\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation) Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for Microsoft .NET Framework 4.5 (KB2750147) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2750147) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4.5 (KB2805221) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2805221) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4.5 (KB2805226) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2805226) (Version: 1 - Microsoft Corporation) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ULTIMATER_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (HKLM\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{128A5449-CF71-4DA4-A746-F49E3B5DB584}) (Version: - Microsoft) Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ULTIMATER_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft) Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ULTIMATER_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ULTIMATER_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft) Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ULTIMATER_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft) Uplay (HKLM\...\Uplay) (Version: 2.0 - Ubisoft) VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN) vtigercrm-5.4.0 (HKCU\...\vtigercrm-5.4.0) (Version: - ) Warframe (HKLM\...\Steam App 230410) (Version: - ) Winamp (HKLM\...\Winamp) (Version: 5.63 - Nullsoft, Inc) Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin) Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation) Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation) Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.) Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software) XCOM: Enemy Unknown (HKLM\...\Steam App 200510) (Version: - ) ZoneAlarm Antivirus (Version: 10.2.078.000 - Check Point Software Technologies Ltd.) Hidden ==================== Restore Points ========================= 16-04-2014 07:39:11 Windows Update ==================== Hosts content: ========================== 2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {194B49BD-5DE6-4C8B-9823-903F326EF088} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files\IObit\Game Booster 3\AutoUpdate.exe [2013-08-24] () Task: {2A200BD1-A663-4088-B363-9C254047A18C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-10-20] (Google Inc.) Task: {5BE970B1-44F6-4AED-89C8-071F921F03D3} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation) Task: {6EB80934-2A00-46F6-996A-673CCACC39C9} - System32\Tasks\AdobeAAMUpdater-1.0-Chris-TyCore => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated) Task: {70E103DA-6B3D-4DAA-A052-B503C929D105} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-10-20] (Google Inc.) Task: {8B399F0C-C755-489B-8908-B498CEE2F455} - System32\Tasks\FileAdvisorUpdate => C:\Program Files\File Type Advisor\fileadvisor.exe [2013-07-12] (File Type Advisor) Task: {8F383D37-DF1C-4DAC-96C8-669593A4E2BE} - System32\Tasks\AdobeAAMUpdater-1.0-Chris-TyCore_Admin => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated) Task: {B38697B6-ABDB-43E6-A7AE-A26103428CFB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-22] (Piriform Ltd) Task: {CEC51287-0ED1-4B61-A5C4-0A40E8F82A4D} - System32\Tasks\FileAdvisorCheck => C:\Program Files\File Type Advisor\file-type-advisor.exe [2013-07-12] (filetypeadvisor.com ) Task: {D41463EC-F27F-42E4-9639-A0685A27B7DC} - System32\Tasks\GarminUpdaterTask => C:\Program Files\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-04-01] () Task: {D9E8FB1A-EEB5-42D6-8DA7-B34E82C1AC3D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-15] (Adobe Systems Incorporated) Task: {F385EE49-FCB8-4D35-A615-08A3C33EB1A8} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-08-30] (AVAST Software) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\vtigerCRM Email Reminder.job => ? Task: C:\Windows\Tasks\vtigerCRM Notification Scheduler.job => ? Task: C:\Windows\Tasks\vtigerCRM Recurring Invoice.job => ? Task: C:\Windows\Tasks\vtigerCRM WorkFlow.job => ? ==================== Loaded Modules (whitelisted) ============= 2014-04-16 09:08 - 2014-04-15 20:26 - 02289664 _____ () C:\Program Files\AVAST Software\Avast\defs\14041501\algo.dll 2007-04-27 04:31 - 2007-04-27 04:31 - 00010752 _____ () C:\Windows\System32\KOBJAJ_L.dll 2013-10-05 14:48 - 2013-06-06 08:24 - 00019448 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\TeamViewer_PrintProcessor.dll 2013-12-06 17:05 - 2013-12-06 17:05 - 00203776 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll 2013-07-26 06:18 - 2013-07-26 06:18 - 03854336 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll 2013-07-26 06:18 - 2013-07-26 06:18 - 00618496 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll 2013-02-10 08:08 - 2014-02-16 18:49 - 00076888 _____ () C:\Windows\system32\PnkBstrA.exe 2009-07-02 00:46 - 2009-07-02 00:46 - 00093696 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll 2013-10-11 07:56 - 2014-02-27 05:16 - 00238944 _____ () C:\Program Files\SugarSync\SugarSyncVFSNamespace32.dll 2012-08-16 05:11 - 2012-08-16 05:11 - 03333632 _____ () C:\Program Files\MOUSE Editor\MouseEditor.exe 2010-12-02 11:56 - 2010-12-02 11:56 - 00815104 _____ () C:\Program Files\MOUSE Editor\Data\MouseEditor\Forms\OSD_Text\OSD_Text.dll 2011-01-09 14:45 - 2011-01-09 14:45 - 00088064 _____ () C:\Program Files\MOUSE Editor\DLL\DLL_MouseDeviceManager.dll 2012-06-14 09:59 - 2012-06-14 09:59 - 02414080 _____ () C:\Program Files\MOUSE Editor\Data\MouseEditor\Forms\ScreenCapture\ScreenCapture.dll 2012-05-17 05:17 - 2012-05-17 05:17 - 01000448 _____ () C:\Program Files\MOUSE Editor\Data\MouseEditor\Forms\TrayIconWebAdvertisement\TrayIconWebAdvertisement.dll 2010-09-20 08:18 - 2010-09-20 08:18 - 00085504 _____ () C:\Program Files\MOUSE Editor\DLL\DLL_ZoomControl.dll 2010-09-20 08:18 - 2010-09-20 08:18 - 00054272 _____ () C:\Program Files\MOUSE Editor\DLL\DLL_ScrollbarControl.dll 2011-04-12 09:14 - 2011-04-12 09:14 - 00063488 _____ () C:\Program Files\MOUSE Editor\DLL\DLL_AnalyzeGesturesInRight.dll 2010-11-01 14:16 - 2010-11-01 14:16 - 00062976 _____ () C:\Program Files\MOUSE Editor\DLL\DLL_AnalyzeGesturesInOne.dll 2012-04-27 05:40 - 2012-04-27 05:40 - 00118272 _____ () C:\Program Files\MOUSE Editor\DLL\DLL_Wheel4D.dll 2013-12-06 17:04 - 2013-12-06 17:04 - 00095744 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll 2014-04-11 07:09 - 2014-04-11 07:09 - 00041984 _____ () c:\users\tycore\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpsfqnbv.dll 2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\TyCore\AppData\Roaming\Dropbox\bin\libcef.dll 2013-10-04 00:28 - 2013-10-04 00:28 - 00052736 _____ () C:\Program Files\SugarSync\librsync.dll 2010-11-23 00:56 - 2010-11-23 00:56 - 00087040 _____ () C:\Program Files\Raptr\_ctypes.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00043008 _____ () C:\Program Files\Raptr\_socket.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00805376 _____ () C:\Program Files\Raptr\_ssl.pyd 2014-02-22 00:32 - 2014-02-22 00:32 - 05812736 _____ () C:\Program Files\Raptr\PyQt4.QtGui.pyd 2014-02-22 00:32 - 2014-02-22 00:32 - 00067584 _____ () C:\Program Files\Raptr\sip.pyd 2014-02-22 00:32 - 2014-02-22 00:32 - 01662464 _____ () C:\Program Files\Raptr\PyQt4.QtCore.pyd 2014-02-22 00:32 - 2014-02-22 00:32 - 00494592 _____ () C:\Program Files\Raptr\PyQt4.QtNetwork.pyd 2010-11-23 00:57 - 2010-11-23 00:57 - 00096256 _____ () C:\Program Files\Raptr\win32api.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00110592 _____ () C:\Program Files\Raptr\pywintypes26.dll 2010-11-23 00:56 - 2010-11-23 00:56 - 00324608 _____ () C:\Program Files\Raptr\PIL._imaging.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00356864 _____ () C:\Program Files\Raptr\_hashlib.pyd 2010-11-23 00:57 - 2010-11-23 00:57 - 00036352 _____ () C:\Program Files\Raptr\win32process.pyd 2010-11-23 00:57 - 2010-11-23 00:57 - 00111104 _____ () C:\Program Files\Raptr\win32file.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00124928 _____ () C:\Program Files\Raptr\_elementtree.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00127488 _____ () C:\Program Files\Raptr\pyexpat.pyd 2012-02-06 22:28 - 2012-02-06 22:28 - 00031744 _____ () C:\Program Files\Raptr\Crypto.Cipher.AES.pyd 2012-02-06 22:28 - 2012-02-06 22:28 - 00010752 _____ () C:\Program Files\Raptr\Crypto.Random.OSRNG.winrandom.pyd 2012-02-06 22:28 - 2012-02-06 22:28 - 00011264 _____ () C:\Program Files\Raptr\Crypto.Util._counter.pyd 2011-05-10 21:01 - 2011-05-10 21:01 - 00030208 _____ () C:\Program Files\Raptr\simplejson._speedups.pyd 2014-02-22 00:32 - 2014-02-22 00:32 - 00313856 _____ () C:\Program Files\Raptr\PyQt4.QtWebKit.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00044544 _____ () C:\Program Files\Raptr\_sqlite3.pyd 2011-02-15 20:17 - 2011-02-15 20:17 - 00417501 _____ () C:\Program Files\Raptr\sqlite3.dll 2010-11-23 00:56 - 2010-11-23 00:56 - 00354304 _____ () C:\Program Files\Raptr\pythoncom26.dll 2010-11-23 00:57 - 2010-11-23 00:57 - 00016384 _____ () C:\Program Files\Raptr\win32trace.pyd 2010-11-23 00:57 - 2010-11-23 00:57 - 00167936 _____ () C:\Program Files\Raptr\win32gui.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00009216 _____ () C:\Program Files\Raptr\winsound.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00010240 _____ () C:\Program Files\Raptr\select.pyd 2013-11-21 02:05 - 2013-11-21 02:05 - 00256000 _____ () C:\Program Files\Raptr\amd_ags.dll 2010-11-23 00:56 - 2010-11-23 00:56 - 00583680 _____ () C:\Program Files\Raptr\unicodedata.pyd 2010-11-23 00:57 - 2010-11-23 00:57 - 00263168 _____ () C:\Program Files\Raptr\win32com.shell.shell.pyd 2010-11-23 00:57 - 2010-11-23 00:57 - 00141312 _____ () C:\Program Files\Raptr\gobject._gobject.pyd 2014-02-20 22:40 - 2014-02-20 22:40 - 02717595 _____ () C:\Program Files\Raptr\heliotrope._purple.pyd 2011-02-15 20:17 - 2011-02-15 20:17 - 01213633 _____ () C:\Program Files\Raptr\libxml2-2.dll 2010-11-23 01:06 - 2010-11-23 01:06 - 00055808 _____ () C:\Program Files\Raptr\zlib1.dll 2013-05-10 01:52 - 2013-05-10 01:52 - 00495680 _____ () C:\Program Files\Raptr\plugins\libaim.dll 2013-05-10 01:52 - 2013-05-10 01:52 - 01183699 _____ () C:\Program Files\Raptr\liboscar.dll 2013-05-10 01:52 - 2013-05-10 01:52 - 00483306 _____ () C:\Program Files\Raptr\plugins\libicq.dll 2013-05-03 20:57 - 2013-05-03 20:57 - 00655356 _____ () C:\Program Files\Raptr\plugins\libirc.dll 2013-05-03 20:56 - 2013-05-03 20:56 - 01306387 _____ () C:\Program Files\Raptr\plugins\libmsn.dll 2013-05-03 20:56 - 2013-05-03 20:56 - 00565461 _____ () C:\Program Files\Raptr\plugins\libxmpp.dll 2013-05-03 20:57 - 2013-05-03 20:57 - 01640221 _____ () C:\Program Files\Raptr\libjabber.dll 2013-05-03 20:56 - 2013-05-03 20:56 - 00506276 _____ () C:\Program Files\Raptr\plugins\libyahoo.dll 2013-05-03 20:57 - 2013-05-03 20:57 - 01053730 _____ () C:\Program Files\Raptr\libymsg.dll 2013-05-03 20:57 - 2013-05-03 20:57 - 00497782 _____ () C:\Program Files\Raptr\plugins\libyahoojp.dll 2013-05-03 20:57 - 2013-05-03 20:57 - 00603326 _____ () C:\Program Files\Raptr\plugins\ssl-nss.dll 2013-05-03 20:57 - 2013-05-03 20:57 - 00474199 _____ () C:\Program Files\Raptr\plugins\ssl.dll 2009-02-26 14:46 - 2009-02-26 14:46 - 00064344 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\ColleagueImport.dll 2012-09-23 21:43 - 2012-09-23 21:43 - 00025600 _____ () C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Locale\de_de\PDFMaker\PDFMOutlookAddin.DEU 2012-09-23 21:43 - 2012-09-23 21:43 - 03989656 _____ () C:\Program Files\Adobe\Acrobat 11.0\PDFMaker\Common\AdobePDFMakerX.dll 2012-09-23 21:43 - 2012-09-23 21:43 - 01446912 _____ () C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Locale\de_DE\PDFMaker\AdobePDFMakerX.DEU 2011-06-22 12:46 - 2011-06-22 12:46 - 00434016 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll 2013-07-10 19:07 - 2013-07-10 19:07 - 00756888 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL 2012-03-09 17:26 - 2012-03-09 17:26 - 00100352 _____ () C:\Program Files\Common Files\Adobe\CS6ServiceManager\zlib1.dll 2013-04-11 20:35 - 2014-03-29 12:09 - 03642480 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll 2012-09-23 21:43 - 2012-09-23 21:43 - 00313992 _____ () C:\Program Files\Adobe\Acrobat 11.0\Acrobat\sqlite.dll 2012-09-23 21:43 - 2012-09-23 21:43 - 00101888 _____ () C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Locale\de_de\PDFMaker\PDFMOfficeAddin.DEU 2014-03-15 11:02 - 2014-03-15 11:02 - 16276872 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== Disabled items from MSCONFIG ============== MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: AODService => 2 MSCONFIG\Services: Apple Mobile Device => 2 MSCONFIG\Services: AVM WLAN Connection Service => 2 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: Futuremark SystemInfo Service => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: iPod Service => 3 MSCONFIG\Services: LBTServ => 3 MSCONFIG\Services: PnkBstrA => 2 MSCONFIG\Services: SBSDWSCService => 2 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: SwitchBoard => 3 MSCONFIG\Services: Updater Service for AMZN => 2 MSCONFIG\Services: vtigercrmApache540 => 2 MSCONFIG\Services: vtigercrmMysql540 => 2 MSCONFIG\Services: vToolbarUpdater14.2.0 => 2 MSCONFIG\startupfolder: C:^Users^TyCore^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Produktregistrierung.lnk => C:\Windows\pss\Logitech . Produktregistrierung.lnk.Startup MSCONFIG\startupfolder: C:^Users^TyCore^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PowerStrip.lnk => C:\Windows\pss\PowerStrip.lnk.Startup MSCONFIG\startupreg: AppsHat => C:\Users\TyCore\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: AVMWlanClient => C:\Program Files\avmwlanstick\wlangui.exe MSCONFIG\startupreg: Copernic Desktop Search - Home => "C:\Program Files\Copernic Desktop Search - Home\DesktopSearchService.exe" /tray MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun MSCONFIG\startupreg: EvtMgr6 => C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: Steam => "C:\SSD_Games\Steam(SSD)\steam.exe" -silent MSCONFIG\startupreg: WinampAgent => "C:\Program Files\Winamp\winampa.exe" ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Unknown Device Description: Unknown Device Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standard-USB-Hostcontroller) Service: Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. ==================== Event log errors: ========================= Application errors: ================== Error: (04/16/2014 09:42:57 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3. Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig. Error: (04/16/2014 09:42:10 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (04/16/2014 09:42:06 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (04/12/2014 04:09:10 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3. Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig. Error: (04/12/2014 04:08:25 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (04/12/2014 04:08:21 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (04/11/2014 07:56:02 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3. Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig. Error: (04/11/2014 07:55:18 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (04/11/2014 07:55:13 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (04/11/2014 07:13:29 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT) Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich. System errors: ============= Error: (04/16/2014 09:09:42 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%-2140993535 Error: (04/16/2014 09:09:42 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: %%-2140993535 Error: (04/16/2014 09:09:42 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%-2140993535 Error: (04/16/2014 09:09:42 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: %%-2140993535 Error: (04/16/2014 09:09:42 AM) (Source: PNRPSvc) (User: ) Description: 0x80630801 Error: (04/16/2014 09:09:42 AM) (Source: PNRPSvc) (User: ) Description: 0x80630801 Error: (04/16/2014 09:08:23 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%-2140993535 Error: (04/16/2014 09:08:23 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: %%-2140993535 Error: (04/16/2014 09:08:23 AM) (Source: PNRPSvc) (User: ) Description: 0x80630801 Error: (04/16/2014 09:08:21 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: %%-2140993535 Microsoft Office Sessions: ========================= Error: (03/29/2014 00:17:33 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 953284 seconds with 3360 seconds of active time. This session ended with a crash. Error: (12/01/2013 11:06:58 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 205746 seconds with 6300 seconds of active time. This session ended with a crash. Error: (11/17/2013 07:22:51 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 84851 seconds with 4320 seconds of active time. This session ended with a crash. Error: (07/02/2013 10:44:33 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 41528 seconds with 0 seconds of active time. This session ended with a crash. Error: (06/23/2013 10:47:37 AM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 166 seconds with 120 seconds of active time. This session ended with a crash. Error: (04/04/2013 08:28:17 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 314 seconds with 0 seconds of active time. This session ended with a crash. Error: (01/23/2013 11:14:55 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5001, Microsoft Office Version: 12.0.4518.1014. This session lasted 9931 seconds with 240 seconds of active time. This session ended with a crash. CodeIntegrity Errors: =================================== Date: 2013-03-01 11:59:32.808 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-03-01 11:48:56.112 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-03-01 10:25:19.692 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-03-01 10:16:52.479 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-03-01 09:29:07.308 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-03-01 08:59:14.602 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-03-01 01:21:59.465 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-02-28 21:49:56.578 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-02-28 21:29:50.746 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-02-27 22:38:41.727 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Percentage of memory in use: 40% Total physical RAM: 8189.24 MB Available physical RAM: 4846.81 MB Total Pagefile: 15150.93 MB Available Pagefile: 10844.91 MB Total Virtual: 2047.88 MB Available Virtual: 1886.46 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:119.24 GB) (Free:2.34 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive f: (Business) (Fixed) (Total:25.12 GB) (Free:0.15 GB) NTFS Drive g: (Games) (Fixed) (Total:359.34 GB) (Free:28.83 GB) NTFS Drive h: () (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive m: (Media) (Fixed) (Total:300 GB) (Free:57.12 GB) NTFS Drive p: (Daten) (Fixed) (Total:200 GB) (Free:6.28 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931 GB) (Disk ID: B86285E9) Partition: GPT Partition Type. ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: 9834133B) Partition 1: (Active) - (Size=119 GB) - (Type=07 NTFS) ==================== End Of Log ============================ FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-04-2014 Ran by TyCore (administrator) on CHRIS on 16-04-2014 12:37:40 Running from C:\Users\TyCore\Downloads Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\system32\atiesrxx.exe (AMD) C:\Windows\system32\atieclxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe (Freemake) C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe (Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe () C:\Windows\system32\PnkBstrA.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (CANON INC.) C:\Windows\system32\CNAB4RPK.EXE (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\tv_w32.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe (Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe () C:\Program Files\MOUSE Editor\MouseEditor.exe (Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Express Tray\ExpressTray.exe (ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Micro-Star International) C:\Program Files\MSI\Live Update 5\LU5.exe (Dropbox, Inc.) C:\Users\TyCore\AppData\Roaming\Dropbox\bin\Dropbox.exe (SugarSync, Inc.) C:\Program Files\SugarSync\SugarSync.exe (Raptr, Inc) C:\Program Files\Raptr\raptr.exe (Raptr, Inc) C:\Program Files\Raptr\raptr_im.exe (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Adobe Systems, Incorporated) P:\Photoshop\Adobe Photoshop CS6\Photoshop.exe (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\system32\prevhost.exe (Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\WINWORD.EXE (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe (Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe (Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [43608 2010-09-07] () HKLM\...\Run: [] => [X] HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11734240 2012-12-12] (Realtek Semiconductor) HKLM\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH) HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [602624 2009-03-13] () HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [747264 2013-12-06] (Advanced Micro Devices, Inc.) HKLM\...\Run: [LiveUpdate 5] => C:\Program Files\MSI\Live Update 5\BootStartLiveupdate.exe [322544 2014-03-05] () HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKU\.DEFAULT\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [118104 2014-04-01] (Garmin Ltd or its subsidiaries) HKU\.DEFAULT\...\RunOnce: [AOD] - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [276992 2013-12-06] (Advanced Micro Devices, Inc.) HKU\S-1-5-19\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1174016 2010-11-20] (Microsoft Corporation) HKU\S-1-5-20\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1174016 2010-11-20] (Microsoft Corporation) HKU\S-1-5-21-1024634046-3595237814-37750553-1003\...\Run: [OscarEditor] => C:\Program Files\MOUSE Editor\MouseEditor.exe [3333632 2012-08-16] () HKU\S-1-5-21-1024634046-3595237814-37750553-1003\...\Run: [Raptr] => C:\Program Files\Raptr\raptrstub.exe [55360 2014-03-28] (Raptr, Inc) HKU\S-1-5-21-1024634046-3595237814-37750553-1003\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [118104 2014-04-01] (Garmin Ltd or its subsidiaries) HKU\S-1-5-21-1024634046-3595237814-37750553-1003\...\RunOnce: [DeleteGrabPro] - rundll32.exe advpack.dll,DelNodeRunDLL32 "C:\Program Files\Orbitdownloader\GrabPro.dll" HKU\S-1-5-21-1024634046-3595237814-37750553-1003\...\MountPoints2: I - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\launcher\\launcher.hta HKU\S-1-5-21-1024634046-3595237814-37750553-1003\...\MountPoints2: {2cccdb3d-41ef-11e2-a974-001d6a39d2cf} - I:\FalloutLauncher.exe HKU\S-1-5-21-1024634046-3595237814-37750553-1003\...\MountPoints2: {6e9c6894-04c0-11e2-b36d-806e6f6e6963} - D:\ASRSetup.exe HKU\S-1-5-21-1024634046-3595237814-37750553-1003\...\MountPoints2: {9c6a5119-24f6-11e2-8753-001d6a39d2cf} - N:\LaunchU3.exe -a Startup: C:\Users\TyCore\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\TyCore\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\TyCore\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SugarSync.lnk ShortcutTarget: SugarSync.lnk -> C:\Program Files\SugarSync\SugarSync.exe (SugarSync, Inc.) Startup: C:\Users\TyCore_Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerStrip.lnk ShortcutTarget: PowerStrip.lnk -> C:\Program Files\PowerStrip\PStrip.exe (EnTech Taiwan) Startup: C:\Users\TyCore_Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung SSD Magician.lnk ShortcutTarget: Samsung SSD Magician.lnk -> C:\Program Files\Samsung SSD Magician\Samsung SSD Magician.exe (Samsung Electronics.) SSODL: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\system32\SSCbFsMntNtf3.dll (EldoS Corporation) ==================== Internet (Whitelisted) ==================== ProxyServer: 91.73.134.148:80 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startfenster.de HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x3C1111EEDD5ACE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE URLSearchHook: HKCU - UsProvider Class - {539F76FD-084E-4858-86D5-62F02F54AE86} - C:\Program Files\Minibar\Minibar.dll (KangoExtensions) SearchScopes: HKLM - DefaultScope {21B39592-155E-4B09-9C2A-EDB94713908C} URL = hxxp://www.sm.de/?q={searchTerms} SearchScopes: HKLM - {21B39592-155E-4B09-9C2A-EDB94713908C} URL = hxxp://www.sm.de/?q={searchTerms} SearchScopes: HKCU - DefaultScope {21B39592-155E-4B09-9C2A-EDB94713908C} URL = hxxp://www.sm.de/?q={searchTerms} SearchScopes: HKCU - {21B39592-155E-4B09-9C2A-EDB94713908C} URL = hxxp://www.sm.de/?q={searchTerms} BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO: MinibarBHO - {AA74D58F-ACD0-450D-A85E-6C04B171C044} - C:\Program Files\Minibar\Minibar.dll (KangoExtensions) BHO: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Toolbar: HKCU - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File Toolbar: HKCU - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Handler: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - No File Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.220.1 FireFox: ======== FF ProfilePath: C:\Users\TyCore\AppData\Roaming\Mozilla\Firefox\Profiles\vd33nyj2.default FF user.js: detected! => C:\Users\TyCore\AppData\Roaming\Mozilla\Firefox\Profiles\vd33nyj2.default\user.js FF SearchEngineOrder.1: SuchMaschine FF Homepage: https://app.asana.com/0/8463566731431/8463566731431; https://ixquick.com/do/preferences.pl?language_ui=english&prf=fa30a8bb20b26d05479d226ddcb6431b&prfh=lang_homepageEEEs/air/eng/N1NsslEEE1N1Nfont_sizeEEEmediumN1Nrecent_results_filterEEE0N1Nlanguage_uiEEEenglishN1Ndisable_open_in_new_windowEEE0N1Ndisable_family_filterEEE1N1Ncolor_schemeEEEnewN1Nnum_of_resultsEEE10N1Npicture_privacyEEEonN1N&redirect=1#showurlgenMessage FF Keyword.URL: hxxp://www.sm.de/?q= FF NetworkProxy: "http", "94.200.108.10" FF NetworkProxy: "http_port", 3128 FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll () FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin: @checkpoint.com/FFApi - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll No File FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin: @esn.me/esnsonar,version=0.70.4 - C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF Plugin: @esn/npbattlelog,version=2.3.2 - C:\Program Files\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: Adobe Acrobat - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.) FF SearchPlugin: C:\Users\TyCore\AppData\Roaming\Mozilla\Firefox\Profiles\vd33nyj2.default\searchplugins\search_engine.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: DoNotTrackMe: Online Privacy Protection - C:\Users\TyCore\AppData\Roaming\Mozilla\Firefox\Profiles\vd33nyj2.default\Extensions\donottrackplus@abine.com [2014-03-16] FF Extension: ProxTube - Unblock YouTube - C:\Users\TyCore\AppData\Roaming\Mozilla\Firefox\Profiles\vd33nyj2.default\Extensions\ich@maltegoetz.de [2013-12-13] FF Extension: Youtube MP3 Podcaster - C:\Users\TyCore\AppData\Roaming\Mozilla\Firefox\Profiles\vd33nyj2.default\Extensions\youtubemp3podcaster@jeremy.d.gregorio.com [2014-03-23] FF Extension: DownloadHelper - C:\Users\TyCore\AppData\Roaming\Mozilla\Firefox\Profiles\vd33nyj2.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25] FF Extension: convert2mp3.net YouTube2MP3 Converter - C:\Users\TyCore\AppData\Roaming\Mozilla\Firefox\Profiles\vd33nyj2.default\Extensions\info@convert2mp3.net.xpi [2014-01-01] FF Extension: Beef Taco (Targeted Advertising Cookie Opt-Out) - C:\Users\TyCore\AppData\Roaming\Mozilla\Firefox\Profiles\vd33nyj2.default\Extensions\john@velvetcache.org.xpi [2013-01-13] FF Extension: Personas Plus - C:\Users\TyCore\AppData\Roaming\Mozilla\Firefox\Profiles\vd33nyj2.default\Extensions\personas@christopher.beard.xpi [2013-09-29] FF Extension: Redirect Cleaner - C:\Users\TyCore\AppData\Roaming\Mozilla\Firefox\Profiles\vd33nyj2.default\Extensions\redirectcleaner@example.net.xpi [2013-07-27] FF Extension: PrivacyChoice TrackerBlock - C:\Users\TyCore\AppData\Roaming\Mozilla\Firefox\Profiles\vd33nyj2.default\Extensions\trackerblock@privacychoice.org.xpi [2013-01-13] FF Extension: Adblock Plus - C:\Users\TyCore\AppData\Roaming\Mozilla\Firefox\Profiles\vd33nyj2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-01-13] FF Extension: BetterPrivacy - C:\Users\TyCore\AppData\Roaming\Mozilla\Firefox\Profiles\vd33nyj2.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2013-01-13] FF Extension: QuickProxy - C:\Users\TyCore\AppData\Roaming\Mozilla\Firefox\Profiles\vd33nyj2.default\Extensions\{d5ea4520-61a1-11da-8cd6-0800200c9a66}.xpi [2013-10-26] FF Extension: DownThemAll! - C:\Users\TyCore\AppData\Roaming\Mozilla\Firefox\Profiles\vd33nyj2.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-05-30] FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-01-27] FF HKLM\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-03-01] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-09-12] ========================== Services (Whitelisted) ================= R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [276992 2013-12-06] (Advanced Micro Devices, Inc.) S2 AODService; C:\Program Files\AMD\OverDrive\AODAssist.exe [137584 2014-01-08] () R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software) S4 AVM WLAN Connection Service; C:\Program Files\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101376 2012-11-23] (Freemake) R2 FreemakeVideoCapture; C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe [8704 2012-11-23] (Freemake) S4 Futuremark SystemInfo Service; C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe [137488 2012-12-17] (Futuremark Corporation) R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [431960 2014-04-01] (Garmin Ltd or its subsidiaries) R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2014-02-16] () S4 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.) S4 vtigercrmApache540; C:\Program Files\vtigercrm-5.4.0\apache\bin\Apache.exe [20541 2009-05-08] (Apache Software Foundation) S4 vtigercrmMysql540; C:\Program Files\vtigercrm-5.4.0\mysql\my.ini [2982 2013-07-13] () ==================== Drivers (Whitelisted) ==================== R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [50432 2013-09-20] (Advanced Micro Devices) R2 AODDriver4.3.0; C:\Program Files\AMD\OverDrive\i386\AODDriver2.sys [50408 2014-01-08] (Advanced Micro Devices) S3 AR5523; C:\Windows\System32\DRIVERS\ar5523.sys [379584 2007-09-21] ( ) R2 aswFsBlk; C:\Windows\system32\Drivers\aswFsBlk.sys [29816 2013-08-30] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-08-30] (AVAST Software) R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [61680 2013-08-30] (AVAST Software) R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49376 2013-08-30] () R1 aswSnx; C:\Windows\system32\Drivers\aswSnx.sys [770344 2013-08-30] (AVAST Software) R1 aswSP; C:\Windows\system32\Drivers\aswSP.sys [369584 2013-08-30] (AVAST Software) R1 aswTdi; C:\Windows\system32\Drivers\aswTdi.sys [56080 2013-08-30] (AVAST Software) R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [177864 2013-08-30] () S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [4352 2010-10-22] (AVM Berlin) R2 drhard; C:\Windows\system32\Drivers\drhard.sys [23600 2005-12-01] (Licensed for Gebhard Software) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-12-09] (DT Soft Ltd) S3 fwlanusb4; C:\Windows\System32\DRIVERS\fwlanusb4.sys [926080 2010-10-22] (AVM GmbH) R0 JRAID; C:\Windows\System32\DRIVERS\jraid.sys [104024 2010-09-07] (JMicron Technology Corp.) R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [133208 2012-01-09] (Kaspersky Lab ZAO) R1 kl2; C:\Windows\System32\DRIVERS\kl2.sys [11352 2012-01-09] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [468272 2012-01-09] (Kaspersky Lab) R3 MonitorFunction; C:\Windows\System32\DRIVERS\TVMonitor.sys [13304 2013-06-06] (TeamViewer GmbH) R3 NTIOLib_1_0_4; C:\Program Files\MSI\Live Update 5\NTIOLib.sys [7680 2010-10-20] (MSI) R1 PStrip; C:\Windows\System32\drivers\pstrip.sys [27992 2007-07-15] (EnTech Taiwan) R3 SSCBFS3; C:\Windows\System32\DRIVERS\sscbfs3.sys [295488 2012-10-30] (EldoS Corporation) R3 teamviewervpn; C:\Windows\System32\DRIVERS\teamviewervpn.sys [25088 2012-11-28] (TeamViewer GmbH) S3 WinRing0_1_2_0; C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys [14416 2010-11-01] (OpenLibSys.org) S3 amdiox86; system32\DRIVERS\amdiox86.sys [X] S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x32.sys [X] S3 MSI_MSIBIOS_010507; \??\C:\Program Files\MSI\Live Update 5\msibios32_100507.sys [X] S4 Msseddemmp; No ImagePath S3 NTIOLib_1_0_1; \??\C:\Program Files\MSI\ControlCenter\NTIOLib.sys [X] U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-16 12:37 - 2014-04-16 12:37 - 00023050 _____ () C:\Users\TyCore\Downloads\FRST.txt 2014-04-16 12:37 - 2014-04-16 12:37 - 00000000 ____D () C:\FRST 2014-04-16 12:36 - 2014-04-16 12:36 - 01042944 _____ (Farbar) C:\Users\TyCore\Downloads\FRST.exe 2014-04-10 08:27 - 2014-04-10 08:27 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Garmin 2014-04-10 08:27 - 2014-04-10 08:27 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Garmin 2014-04-01 22:58 - 2014-04-01 22:58 - 08422123 _____ () C:\Users\TyCore\Downloads\cosdogmgnm-95114110157-eoo87o.zip 2014-04-01 22:08 - 2014-04-01 22:08 - 00000000 ____D () C:\Users\TyCore\Documents\Garmin 2014-04-01 22:06 - 2014-04-01 22:06 - 00000000 ____D () C:\Users\TyCore\AppData\Local\Garmin 2014-04-01 22:04 - 2014-04-10 08:27 - 00001858 _____ () C:\Users\Public\Desktop\Garmin Express.lnk 2014-04-01 22:04 - 2014-04-10 08:27 - 00000000 ____D () C:\ProgramData\Garmin 2014-04-01 22:03 - 2014-04-01 22:03 - 30567968 _____ (Garmin Ltd or its subsidiaries) C:\Users\TyCore\Downloads\GarminExpress.exe 2014-04-01 21:44 - 2014-04-10 08:27 - 00000000 ____D () C:\Program Files\Garmin 2014-04-01 21:44 - 2014-04-01 22:04 - 00000000 ____D () C:\Program Files\DIFX 2014-04-01 21:43 - 2014-04-01 21:43 - 11390192 _____ () C:\Users\TyCore\Downloads\WebUpdater_WindowsXPSP3andnewer__256.exe 2014-04-01 13:43 - 2014-04-01 13:43 - 00000205 _____ () C:\Users\TyCore\Documents\Vintage_Tannwald3_A3.log 2014-04-01 13:41 - 2014-04-01 13:41 - 00000205 _____ () C:\Users\TyCore\Documents\Vintage_Tannwald_A3_.log 2014-04-01 12:22 - 2014-04-01 12:22 - 11459724 _____ () C:\Users\TyCore\Documents\3_Bühl-Kirchgaßweg2.psd 2014-03-20 10:57 - 2014-03-20 10:57 - 00000000 ____D () C:\Users\TyCore\cityguide 2014-03-17 18:14 - 2014-03-17 18:14 - 00000000 ____D () C:\Users\TyCore\AppData\Roaming\Oracle 2014-03-17 18:08 - 2014-03-17 18:07 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-03-17 18:08 - 2014-03-17 18:07 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-03-17 18:08 - 2014-03-17 18:07 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-03-17 18:08 - 2014-03-17 18:07 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll ==================== One Month Modified Files and Folders ======= 2014-04-16 12:37 - 2014-04-16 12:37 - 00023050 _____ () C:\Users\TyCore\Downloads\FRST.txt 2014-04-16 12:37 - 2014-04-16 12:37 - 00000000 ____D () C:\FRST 2014-04-16 12:36 - 2014-04-16 12:36 - 01042944 _____ (Farbar) C:\Users\TyCore\Downloads\FRST.exe 2014-04-16 12:02 - 2013-11-07 19:55 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-04-16 11:39 - 2012-10-20 11:29 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-04-16 09:39 - 2012-10-20 11:29 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-04-16 09:39 - 2012-09-22 16:23 - 01454588 _____ () C:\Windows\WindowsUpdate.log 2014-04-16 09:09 - 2014-02-15 01:27 - 00000000 ____D () C:\Users\TyCore\AppData\Roaming\Raptr 2014-04-16 09:09 - 2012-09-27 01:32 - 00000000 ____D () C:\Users\TyCore\AppData\Local\Adobe 2014-04-16 09:08 - 2014-02-06 10:29 - 00000000 ____D () C:\Users\TyCore\AppData\Roaming\Dropbox 2014-04-16 09:08 - 2013-11-18 07:41 - 00024321 _____ () C:\Windows\setupact.log 2014-04-16 09:08 - 2013-08-15 13:25 - 00000000 ____D () C:\Program Files\File Type Advisor 2014-04-11 10:30 - 2014-02-06 10:31 - 00000000 ___RD () C:\Users\TyCore\Dropbox 2014-04-11 07:14 - 2009-07-14 06:34 - 00014960 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-04-11 07:14 - 2009-07-14 06:34 - 00014960 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-04-11 07:13 - 2012-09-22 16:29 - 00006610 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-04-11 07:07 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-04-10 08:28 - 2014-02-02 12:23 - 00000000 ____D () C:\ProgramData\Package Cache 2014-04-10 08:27 - 2014-04-10 08:27 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Garmin 2014-04-10 08:27 - 2014-04-10 08:27 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Garmin 2014-04-10 08:27 - 2014-04-01 22:04 - 00001858 _____ () C:\Users\Public\Desktop\Garmin Express.lnk 2014-04-10 08:27 - 2014-04-01 22:04 - 00000000 ____D () C:\ProgramData\Garmin 2014-04-10 08:27 - 2014-04-01 21:44 - 00000000 ____D () C:\Program Files\Garmin 2014-04-09 18:58 - 2014-02-15 01:15 - 00000000 ____D () C:\Program Files\Raptr 2014-04-01 22:58 - 2014-04-01 22:58 - 08422123 _____ () C:\Users\TyCore\Downloads\cosdogmgnm-95114110157-eoo87o.zip 2014-04-01 22:08 - 2014-04-01 22:08 - 00000000 ____D () C:\Users\TyCore\Documents\Garmin 2014-04-01 22:06 - 2014-04-01 22:06 - 00000000 ____D () C:\Users\TyCore\AppData\Local\Garmin 2014-04-01 22:06 - 2013-05-14 17:59 - 00000000 ____D () C:\Users\TyCore\AppData\Roaming\Garmin 2014-04-01 22:04 - 2014-04-01 21:44 - 00000000 ____D () C:\Program Files\DIFX 2014-04-01 22:03 - 2014-04-01 22:03 - 30567968 _____ (Garmin Ltd or its subsidiaries) C:\Users\TyCore\Downloads\GarminExpress.exe 2014-04-01 21:43 - 2014-04-01 21:43 - 11390192 _____ () C:\Users\TyCore\Downloads\WebUpdater_WindowsXPSP3andnewer__256.exe 2014-04-01 21:08 - 2014-02-28 17:47 - 00000000 ____D () C:\Users\TyCore\AppData\Local\SugarSync 2014-04-01 17:06 - 2013-03-11 11:48 - 00001456 _____ () C:\Users\TyCore\AppData\Local\Adobe Für Web speichern 13.0 Prefs 2014-04-01 13:43 - 2014-04-01 13:43 - 00000205 _____ () C:\Users\TyCore\Documents\Vintage_Tannwald3_A3.log 2014-04-01 13:41 - 2014-04-01 13:41 - 00000205 _____ () C:\Users\TyCore\Documents\Vintage_Tannwald_A3_.log 2014-04-01 12:22 - 2014-04-01 12:22 - 11459724 _____ () C:\Users\TyCore\Documents\3_Bühl-Kirchgaßweg2.psd 2014-04-01 12:22 - 2013-01-24 16:04 - 00286720 ___SH () C:\Users\TyCore\Documents\Thumbs.db 2014-03-31 09:35 - 2012-09-22 16:43 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-03-29 17:49 - 2013-02-28 23:41 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-03-29 17:49 - 2012-09-22 17:16 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-03-29 13:21 - 2013-02-08 16:15 - 00000000 _RSHD () C:\Kernels 2014-03-29 12:10 - 2013-04-11 20:35 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-03-29 12:06 - 2012-11-14 19:18 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-03-26 06:49 - 2013-01-31 18:11 - 00000000 ____D () C:\Users\TyCore\AppData\Roaming\FileZilla 2014-03-20 22:20 - 2013-11-05 21:55 - 00000000 ____D () C:\Program Files\Everything 2014-03-20 10:57 - 2014-03-20 10:57 - 00000000 ____D () C:\Users\TyCore\cityguide 2014-03-20 10:57 - 2012-09-22 19:14 - 00000000 ____D () C:\Users\TyCore 2014-03-18 11:36 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\system32\FxsTmp 2014-03-17 22:39 - 2013-01-03 22:05 - 00000000 ____D () C:\Program Files\SugarSync 2014-03-17 18:14 - 2014-03-17 18:14 - 00000000 ____D () C:\Users\TyCore\AppData\Roaming\Oracle 2014-03-17 18:14 - 2013-09-29 09:26 - 00000000 ____D () C:\ProgramData\Oracle 2014-03-17 18:07 - 2014-03-17 18:08 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-03-17 18:07 - 2014-03-17 18:08 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-03-17 18:07 - 2014-03-17 18:08 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-03-17 18:07 - 2014-03-17 18:08 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2014-03-17 18:06 - 2013-01-04 16:05 - 00000000 ____D () C:\Users\TyCore\AppData\Roaming\IrfanView Files to move or delete: ==================== C:\Users\Public\AlexaNSISPlugin.3068.dll C:\Users\Public\AlexaNSISPlugin.5116.dll C:\Users\Public\AlexaNSISPlugin.7348.dll Some content of TEMP: ==================== C:\Users\Admin\AppData\Local\Temp\AskSLib.dll C:\Users\TyCore\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpsfqnbv.dll C:\Users\TyCore_Admin\AppData\Local\Temp\oi_{048E4B5D-7D08-407D-BD7A-78E82D492ECD}.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\system32\winlogon.exe => MD5 is legit C:\Windows\system32\wininit.exe => MD5 is legit C:\Windows\system32\svchost.exe => MD5 is legit C:\Windows\system32\services.exe => MD5 is legit C:\Windows\system32\User32.dll => MD5 is legit C:\Windows\system32\userinit.exe => MD5 is legit C:\Windows\system32\rpcss.dll => MD5 is legit C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION! LastRegBack: 2014-04-09 19:41 ==================== End Of Log ============================ --- --- --- --- --- --- Geändert von TyCore (16.04.2014 um 13:36 Uhr) |
17.04.2014, 10:04 | #6 |
/// the machine /// TB-Ausbilder | Avast! Free "Startzeit-Überprüfung" - falschmeldungen? Was ist Laufwerk M:? Revo Uninstaller - Download - Filepony Damit alles deinstallieren was Du in der Additional.txt findest mit dem Zusatz <== ATTENTION Mit Revo auch Moderat die Reste entfernen lassen. Downloade Dir bitte Malwarebytes Anti-Malware
Downloade Dir bitte AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> Avast! Free "Startzeit-Überprüfung" - falschmeldungen? |
Themen zu Avast! Free "Startzeit-Überprüfung" - falschmeldungen? |
antivirus, avast, avast!, durchgeführt, folge, folgendes, free, gefunde, gen, glaskugel, programm, routine, volle, windows, windows start |