Hallo!

Folgendes Problem: Notebook ist trotz keiner wirklichen Installation von vielen Anwendungen sehr langsam geworden. Wenn ich im Internet eine Seite runterscrollen möchte, reagiert er erstmal gar nicht und wenn er das tut dann kein flüßiges scrollen sondern verhackt. Zwischen Fenstern wechseln dauert auch länger. Das nervt mich nun doch mittlerweile sehr, bitte um eure Hilfe! Kann keinen Tag mehr länger so aushalten...

P.S.: Wenn es geht, bitte kein Combofix - davor hab' ich bissl Bammel, bin kein Experte und auf Notebook angewiesen.

DANKESCHÖN VORAB.

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...

• Bitte arbeite alle Schritte der Reihe nach ab.
• Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
• Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
• Bitte kein Crossposting (posten in mehreren Foren).
• Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
• Speichere alle unsere Tools auf dem Desktop ab.
• Poste die Logfiles direkt in Deinen Thread in Code-Tags.
• Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.

Los geht's:

Schritt 1


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

• Starte jetzt FRST.
• Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
• Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
• Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

• Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
• Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
• Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
• Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

So, hier die 2 Files

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-06-2014 02
Ran by XXXX at 2014-06-29 15:54:47

Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.00 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 13.0.0.111 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.9) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 12.5.100.30128 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{3FF69337-3AAB-140F-3F86-5500EDB4810E}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
AMD VISION Engine Control Center (x32 Version: 2013.0128.209.3730 - Advanced Micro Devices, Inc.) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.672 - Avira)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bitcasa version 0.9.20.4135 (HKLM\...\{EDA09459-AD7D-4434-BA0C-647F6703EA12}_is1) (Version: 0.9.20.4135 - Bitcasa Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0128.209.3730 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0128.209.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0128.209.3730 - Advanced Micro Devices, Inc.) Hidden
Citavi 4 (HKLM-x32\...\{CC0A85B2-734A-45B3-B678-05F6A6499AC7}) (Version: 4.3.0.15 - Swiss Academic Software)
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version:  - DownloadHelper)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1912 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1912 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4421.02 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.4421.02 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{2A16B95F-7377-410A-B961-EFD9394E1AF3}) (Version:  - Microsoft)
Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.6 - Samsung Electronics CO.,LTD.)
Elements 11 Organizer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
ETDWare X64 11.7.5.5_WHQL (HKLM\...\Elantech) (Version: 11.7.5.5 - ELAN Microelectronic Corp.)
Flixster (HKLM-x32\...\com.wb.DC2) (Version: 2.2.2 - Warner Bros. Entertainment, Inc.)
Flixster (x32 Version: 2.2.2 - Warner Bros. Entertainment, Inc.) Hidden
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Help Desk (HKLM\...\{22B32087-797D-4A1B-AFA7-072C87580ADC}) (Version: 1.0.9 - Samsung Electronics CO., LTD.)
HP Deskjet 1050 J410 series - Grundlegende Software für das Gerät (HKLM\...\{C3F12DD0-54B1-4B2B-A82B-FA43502BC550}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 1050 J410 series Hilfe (HKLM-x32\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Lexmark Pro800-Pro900 Series (HKLM\...\Lexmark Pro800-Pro900 Series) (Version:  - Lexmark International, Inc.)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.1.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.1.1 (x86 de)) (Version: 24.1.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
Nitro Reader 3 (HKLM\...\{4756C731-B54E-451A-9AF1-86E8AB1BEBBB}) (Version: 3.5.6.5 - Nitro)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.51 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.14 - Symantec Corporation) Hidden
OEM Application Profile (HKLM-x32\...\{24301870-5EEA-A07A-6265-2EA1E4A6A7CC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
OpenVPN 2.3.2-I003  (HKLM-x32\...\OpenVPN) (Version: 2.3.2-I003 - )
Opera Stable 18.0.1284.68 (HKLM-x32\...\Opera 18.0.1284.68) (Version: 18.0.1284.68 - Opera Software ASA)
PDF24 Creator 6.3.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.214.2 - Tracker Software Products Ltd)
Phone Screen Sharing (HKLM-x32\...\{DF02C515-40B5-45AC-A601-5DC69D03885C}) (Version: 1.3.0.1 - RSUPPORT)
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Plants vs. Zombies (HKLM-x32\...\Plants vs. Zombies) (Version:  - PopCap Games)
Project 64 version 2.1.0.1 (HKLM-x32\...\Project 64_is1) (Version: 2.1.0.1 - )
PSE11 STI Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.216 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.4.907.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6818 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.9.6 - Samsung Electronics CO., LTD.)
S Agent (Version: 1.1.45 - Samsung Electronics CO., LTD.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.2.13021_11 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.2.13021_11 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.22.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
Settings (HKLM-x32\...\{8CB5C357-12E5-41B1-A024-D57D4E6F32D9}) (Version: 2.0.1 - Samsung Electronics CO., LTD.)
Shrew Soft VPN Client (HKLM\...\Shrew Soft VPN Client) (Version:  - )
Side Sync (HKLM-x32\...\{C6DA306C-B288-452A-B85C-01265DBFF0DA}) (Version: 1.1.12 - Samsung Electronics CO., LTD.)
Skype™ 6.1 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.1.129 - Skype Technologies S.A.)
Support Center (HKLM\...\{50E36BBB-36A5-400A-8AC5-9F7C0BD751A2}) (Version: 2.1.80 - Samsung Electronics CO., LTD.)
Support Center FAQ (x32 Version: 1.0.8 - Samsung Electronics CO., LTD.) Hidden
SW Update (HKLM-x32\...\{DA06101F-FD76-4BF0-88BD-B26A197005E3}) (Version: 2.1.21 - Samsung Electronics CO., LTD.)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{84B191B5-5319-463A-A305-8C4D53B1D20A}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{1AA82E2E-7DB7-4C70-910C-BBB657A6B3A5}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{6E760BBA-B83F-4C2D-918F-5F91EF6C9861}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0044-0407-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{64D96F30-CF4C-4CCE-AAF2-F8909348BF35}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{9F6507AC-7D8F-46C1-B90F-59C7828E0E0D}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-0410-1000-0000000FF1CE}_Office14.PROPLUS_{B2508D75-61CF-4CC0-84C0-CF257219201D}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0407-1000-0000000FF1CE}_Office14.PROPLUS_{6164E0E5-C903-488C-93AF-1B7AF7EBC331}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A20A650C-F820-4CE4-AEA5-EC140192FAFB}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0018-0407-1000-0000000FF1CE}_Office14.PROPLUS_{FD360122-6829-4497-97C1-1BF578EF695B}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F6F342A1-530B-4D48-A468-1E3F70928984}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{C950A55F-82E3-4CC8-8FA2-E8A2A0F651F3}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{89FDC8D9-FB84-4EFE-950D-AF4EECC3B64C}) (Version:  - Microsoft)
User Guide (HKLM-x32\...\{A6C17C20-4464-4A2A-968D-684C083B9424}) (Version: 1.0.00 - Samsung Electronics CO., LTD.)
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Wise Folder Hider 2.02 (HKLM-x32\...\Wise Folder Hider_is1) (Version: 2.02 - WiseCleaner.com, Inc.)

==================== Restore Points  =========================

10-06-2014 18:08:47 Windows Update
19-06-2014 15:01:43 Windows Update
24-06-2014 17:03:45 Windows Update
27-06-2014 20:11:18 Windows Update

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {183F37D8-5F9F-4AC2-8B9D-9ACF05DCA5BE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-20] (Google Inc.)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2309D5EE-FC95-4630-B117-D75326EFF766} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2013-02-01] (Samsung Electronics CO., LTD.)
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {266D3C96-40CF-41A5-A431-DF05227F8F01} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2013-03-12] (SEC)
Task: {6B383977-9B35-4F7E-A46B-135CD5153EEB} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
Task: {7C65C649-5C76-46E0-9B9E-17A52EEAD5A1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2014-06-11] (Microsoft Corporation)
Task: {919E2AEF-87C3-442A-9C05-17BA6CBEABA9} - System32\Tasks\{46825988-C6C3-40EF-84E6-FABEF0155EAB} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-01-08] (Skype Technologies S.A.)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {C9AA7F37-FF51-437C-9491-628D6040ECC8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-20] (Google Inc.)
Task: {CA09C20C-74E4-4AEE-8F57-CC60EE34C041} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2013-10-16] (Samsung Electronics CO., LTD.)
Task: {CCA341D9-35D1-4002-85BE-270A8ED2AE67} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F9E06569-49F2-4D28-B1D1-26A786507EE8} - System32\Tasks\SideSyncAutoRun => C:\Program Files (x86)\Samsung\Side Sync\SideSync.exe [2013-06-04] (Samsung Electronics CO., LTD.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-01-12 20:16 - 2009-11-04 09:17 - 00189440 _____ () C:\windows\system32\spool\PRTPROCS\x64\lxecdrpp.dll
2013-07-01 10:21 - 2013-07-01 10:21 - 01127736 _____ () C:\Program Files\ShrewSoft\VPN Client\iked.exe
2013-07-01 01:16 - 2013-07-01 01:16 - 00628224 _____ () C:\Program Files\ShrewSoft\VPN Client\libike.dll
2013-07-01 01:16 - 2013-07-01 01:16 - 00039936 _____ () C:\Program Files\ShrewSoft\VPN Client\libvnet.dll
2013-07-01 01:15 - 2013-07-01 01:15 - 00018432 _____ () C:\Program Files\ShrewSoft\VPN Client\libith.dll
2013-07-01 01:17 - 2013-07-01 01:17 - 00029184 _____ () C:\Program Files\ShrewSoft\VPN Client\libpfk.dll
2013-07-01 01:17 - 2013-07-01 01:17 - 00017920 _____ () C:\Program Files\ShrewSoft\VPN Client\libdtp.dll
2013-07-01 01:17 - 2013-07-01 01:17 - 00035840 _____ () C:\Program Files\ShrewSoft\VPN Client\libvflt.dll
2013-07-01 01:16 - 2013-07-01 01:16 - 00013312 _____ () C:\Program Files\ShrewSoft\VPN Client\liblog.dll
2013-07-01 01:16 - 2013-07-01 01:16 - 00116736 _____ () C:\Program Files\ShrewSoft\VPN Client\libip.dll
2013-07-01 01:15 - 2013-07-01 01:15 - 00022016 _____ () C:\Program Files\ShrewSoft\VPN Client\libidb.dll
2013-07-01 10:21 - 2013-07-01 10:21 - 00810808 _____ () C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
2013-02-01 03:52 - 2013-02-01 03:52 - 00085040 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-02-21 13:22 - 2014-02-21 13:23 - 00176048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2012-12-05 13:44 - 2012-12-05 13:44 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2012-12-05 13:39 - 2012-12-05 13:39 - 00020992 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\de-DE\BtTray.de-DE.dll
2012-12-05 13:41 - 2012-12-05 13:41 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2012-12-05 13:44 - 2012-12-05 13:44 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2014-01-12 20:13 - 2013-01-23 14:35 - 00772712 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe
2014-01-12 20:13 - 2013-01-23 14:35 - 00150264 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe
2013-10-16 19:15 - 2013-10-16 19:15 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll
2013-06-04 17:52 - 2013-06-04 17:52 - 00815104 _____ () C:\Program Files (x86)\Samsung\Side Sync\adb.exe
2013-02-01 03:52 - 2013-02-01 03:52 - 00029232 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2013-02-01 03:52 - 2013-02-01 03:52 - 01106480 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2013-02-01 03:52 - 2013-02-01 03:52 - 00111152 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2013-02-01 03:52 - 2013-02-01 03:52 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2013-02-01 03:52 - 2013-02-01 03:52 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2013-02-01 03:52 - 2013-02-01 03:52 - 00027184 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2013-02-01 03:52 - 2013-02-01 03:52 - 00111152 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2013-02-01 03:52 - 2013-02-01 03:52 - 00060976 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2013-02-01 03:52 - 2013-02-01 03:52 - 00103472 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2014-01-12 20:13 - 2010-04-01 13:23 - 00389120 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecscw.dll
2014-01-12 20:13 - 2009-05-27 08:16 - 00192512 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecdatr.dll
2014-01-12 20:13 - 2010-04-01 13:24 - 01159168 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecDRS.dll
2014-01-12 20:13 - 2009-03-10 01:43 - 00155648 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxeccaps.dll
2014-01-12 20:13 - 2009-02-20 04:48 - 00381440 _____ () C:\windows\SYSTEM32\lxecsm.dll
2014-01-12 20:13 - 2009-04-28 03:56 - 00024064 _____ () C:\windows\system32\lxecsmr.dll
2014-01-12 20:13 - 2010-04-05 06:56 - 00716954 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Epwizard.DLL
2014-01-12 20:13 - 2010-04-05 06:55 - 00159890 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\customui.dll
2014-01-12 20:13 - 2010-04-05 06:54 - 00123033 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Eputil.DLL
2014-01-12 20:13 - 2010-04-05 06:55 - 00061604 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Epfunct.DLL
2014-01-12 20:13 - 2010-04-05 06:54 - 00143502 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Imagutil.DLL
2014-01-12 20:13 - 2009-06-23 07:09 - 02203648 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\EPWizRes.dll
2014-01-12 20:13 - 2009-06-23 07:10 - 00045056 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\epstring.dll
2014-01-12 20:13 - 2009-06-23 07:11 - 00102400 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\EPOEMDll.dll
2014-01-12 20:13 - 2009-04-07 15:25 - 00409600 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\iptk.dll
2014-01-12 20:13 - 2009-03-02 10:25 - 00151552 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecptp.dll
2013-03-15 09:54 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 04:34 - 2012-06-08 04:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2012-09-23 20:43 - 2012-09-23 20:43 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\de_de\acrotray.deu
2013-05-06 13:41 - 2013-05-06 13:41 - 01679408 _____ () C:\Program Files (x86)\Samsung\Side Sync\SideSyncNetworkFramework.dll
2014-06-10 19:41 - 2014-06-10 19:42 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============

Name: Shrew Soft Virtual Adapter
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/29/2014 03:21:04 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (06/29/2014 03:21:03 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (06/29/2014 03:21:03 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (06/29/2014 03:21:02 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (06/29/2014 03:21:01 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (06/29/2014 03:21:01 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (06/29/2014 03:20:30 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (06/29/2014 03:17:58 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (06/29/2014 03:17:58 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (06/29/2014 03:17:58 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.


System errors:
=============
Error: (06/29/2014 01:24:16 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Aktualisierung für Skype für Windows Desktop 6.11 (KB2876229)

Error: (06/28/2014 06:33:17 AM) (Source: DCOM) (EventID: 10010) (User: XXXX)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (06/28/2014 06:33:17 AM) (Source: DCOM) (EventID: 10010) (User: XXXX)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (06/28/2014 06:33:17 AM) (Source: DCOM) (EventID: 10010) (User: XXXX)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (06/28/2014 06:33:17 AM) (Source: DCOM) (EventID: 10010) (User: XXXX)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (06/28/2014 03:42:53 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Aktualisierung für Skype für Windows Desktop 6.11 (KB2876229)

Error: (06/28/2014 03:35:04 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Aktualisierung für Skype für Windows Desktop 6.11 (KB2876229)

Error: (06/27/2014 10:12:49 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Aktualisierung für Skype für Windows Desktop 6.11 (KB2876229)

Error: (06/27/2014 02:08:50 AM) (Source: DCOM) (EventID: 10010) (User: XXXX)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (06/27/2014 02:08:50 AM) (Source: DCOM) (EventID: 10010) (User: XXXX)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}


Microsoft Office Sessions:
=========================
Error: (06/29/2014 03:21:04 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\windows\System32\lxecsm.dllC:\windows\System32\lxecsm.dll9

Error: (06/29/2014 03:21:03 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\windows\SysWOW64\LXECsm.dllC:\windows\SysWOW64\LXECsm.dll9

Error: (06/29/2014 03:21:03 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Program Files\Lexmark Pro800-Pro900 Series\Drivers\X64\lxecsm64.dllC:\Program Files\Lexmark Pro800-Pro900 Series\Drivers\X64\lxecsm64.dll9

Error: (06/29/2014 03:21:02 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Program Files\Lexmark Pro800-Pro900 Series\Drivers\I386\lxecsm.dllC:\Program Files\Lexmark Pro800-Pro900 Series\Drivers\I386\lxecsm.dll9

Error: (06/29/2014 03:21:01 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Lexmark\drivers\Pro800\drivers\win_xp2k\x64\LXECsm64.dllC:\Lexmark\drivers\Pro800\drivers\win_xp2k\x64\LXECsm64.dll9

Error: (06/29/2014 03:21:01 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Lexmark\drivers\Pro800\drivers\win_xp2k\i386\LXECsm.dllC:\Lexmark\drivers\Pro800\drivers\win_xp2k\i386\LXECsm.dll9

Error: (06/29/2014 03:20:30 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Program Files (x86)\Samsung\Side Sync\SideSync.exe

Error: (06/29/2014 03:17:58 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\windows\System32\lxecsm.dllC:\windows\System32\lxecsm.dll9

Error: (06/29/2014 03:17:58 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\windows\SysWOW64\LXECsm.dllC:\windows\SysWOW64\LXECsm.dll9

Error: (06/29/2014 03:17:58 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Program Files\Lexmark Pro800-Pro900 Series\Drivers\X64\lxecsm64.dllC:\Program Files\Lexmark Pro800-Pro900 Series\Drivers\X64\lxecsm64.dll9


==================== Memory info =========================== 

Percentage of memory in use: 25%
Total physical RAM: 5717.37 MB
Available physical RAM: 4256.96 MB
Total Pagefile: 11605.38 MB
Available Pagefile: 9172.29 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:675.19 GB) (Free:607.27 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 699 GB) (Disk ID: 66FB1E3A)

Partition: GPT Partition Type.

==================== End Of Log ============================
         

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-06-2014 02
Ran by XXXX at 2014-06-29 15:54:47

Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.00 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 13.0.0.111 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.9) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 12.5.100.30128 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{3FF69337-3AAB-140F-3F86-5500EDB4810E}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
AMD VISION Engine Control Center (x32 Version: 2013.0128.209.3730 - Advanced Micro Devices, Inc.) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.672 - Avira)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bitcasa version 0.9.20.4135 (HKLM\...\{EDA09459-AD7D-4434-BA0C-647F6703EA12}_is1) (Version: 0.9.20.4135 - Bitcasa Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0128.209.3730 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0128.209.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0128.209.3730 - Advanced Micro Devices, Inc.) Hidden
Citavi 4 (HKLM-x32\...\{CC0A85B2-734A-45B3-B678-05F6A6499AC7}) (Version: 4.3.0.15 - Swiss Academic Software)
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version:  - DownloadHelper)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1912 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1912 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4421.02 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.4421.02 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{2A16B95F-7377-410A-B961-EFD9394E1AF3}) (Version:  - Microsoft)
Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.6 - Samsung Electronics CO.,LTD.)
Elements 11 Organizer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
ETDWare X64 11.7.5.5_WHQL (HKLM\...\Elantech) (Version: 11.7.5.5 - ELAN Microelectronic Corp.)
Flixster (HKLM-x32\...\com.wb.DC2) (Version: 2.2.2 - Warner Bros. Entertainment, Inc.)
Flixster (x32 Version: 2.2.2 - Warner Bros. Entertainment, Inc.) Hidden
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Help Desk (HKLM\...\{22B32087-797D-4A1B-AFA7-072C87580ADC}) (Version: 1.0.9 - Samsung Electronics CO., LTD.)
HP Deskjet 1050 J410 series - Grundlegende Software für das Gerät (HKLM\...\{C3F12DD0-54B1-4B2B-A82B-FA43502BC550}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 1050 J410 series Hilfe (HKLM-x32\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Lexmark Pro800-Pro900 Series (HKLM\...\Lexmark Pro800-Pro900 Series) (Version:  - Lexmark International, Inc.)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.1.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.1.1 (x86 de)) (Version: 24.1.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
Nitro Reader 3 (HKLM\...\{4756C731-B54E-451A-9AF1-86E8AB1BEBBB}) (Version: 3.5.6.5 - Nitro)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.51 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.14 - Symantec Corporation) Hidden
OEM Application Profile (HKLM-x32\...\{24301870-5EEA-A07A-6265-2EA1E4A6A7CC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
OpenVPN 2.3.2-I003  (HKLM-x32\...\OpenVPN) (Version: 2.3.2-I003 - )
Opera Stable 18.0.1284.68 (HKLM-x32\...\Opera 18.0.1284.68) (Version: 18.0.1284.68 - Opera Software ASA)
PDF24 Creator 6.3.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.214.2 - Tracker Software Products Ltd)
Phone Screen Sharing (HKLM-x32\...\{DF02C515-40B5-45AC-A601-5DC69D03885C}) (Version: 1.3.0.1 - RSUPPORT)
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Plants vs. Zombies (HKLM-x32\...\Plants vs. Zombies) (Version:  - PopCap Games)
Project 64 version 2.1.0.1 (HKLM-x32\...\Project 64_is1) (Version: 2.1.0.1 - )
PSE11 STI Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.216 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.4.907.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6818 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.9.6 - Samsung Electronics CO., LTD.)
S Agent (Version: 1.1.45 - Samsung Electronics CO., LTD.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.2.13021_11 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.2.13021_11 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.22.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
Settings (HKLM-x32\...\{8CB5C357-12E5-41B1-A024-D57D4E6F32D9}) (Version: 2.0.1 - Samsung Electronics CO., LTD.)
Shrew Soft VPN Client (HKLM\...\Shrew Soft VPN Client) (Version:  - )
Side Sync (HKLM-x32\...\{C6DA306C-B288-452A-B85C-01265DBFF0DA}) (Version: 1.1.12 - Samsung Electronics CO., LTD.)
Skype™ 6.1 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.1.129 - Skype Technologies S.A.)
Support Center (HKLM\...\{50E36BBB-36A5-400A-8AC5-9F7C0BD751A2}) (Version: 2.1.80 - Samsung Electronics CO., LTD.)
Support Center FAQ (x32 Version: 1.0.8 - Samsung Electronics CO., LTD.) Hidden
SW Update (HKLM-x32\...\{DA06101F-FD76-4BF0-88BD-B26A197005E3}) (Version: 2.1.21 - Samsung Electronics CO., LTD.)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{84B191B5-5319-463A-A305-8C4D53B1D20A}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{1AA82E2E-7DB7-4C70-910C-BBB657A6B3A5}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{6E760BBA-B83F-4C2D-918F-5F91EF6C9861}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0044-0407-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{64D96F30-CF4C-4CCE-AAF2-F8909348BF35}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{9F6507AC-7D8F-46C1-B90F-59C7828E0E0D}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-0410-1000-0000000FF1CE}_Office14.PROPLUS_{B2508D75-61CF-4CC0-84C0-CF257219201D}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0407-1000-0000000FF1CE}_Office14.PROPLUS_{6164E0E5-C903-488C-93AF-1B7AF7EBC331}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A20A650C-F820-4CE4-AEA5-EC140192FAFB}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0018-0407-1000-0000000FF1CE}_Office14.PROPLUS_{FD360122-6829-4497-97C1-1BF578EF695B}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F6F342A1-530B-4D48-A468-1E3F70928984}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{C950A55F-82E3-4CC8-8FA2-E8A2A0F651F3}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{89FDC8D9-FB84-4EFE-950D-AF4EECC3B64C}) (Version:  - Microsoft)
User Guide (HKLM-x32\...\{A6C17C20-4464-4A2A-968D-684C083B9424}) (Version: 1.0.00 - Samsung Electronics CO., LTD.)
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Wise Folder Hider 2.02 (HKLM-x32\...\Wise Folder Hider_is1) (Version: 2.02 - WiseCleaner.com, Inc.)

==================== Restore Points  =========================

10-06-2014 18:08:47 Windows Update
19-06-2014 15:01:43 Windows Update
24-06-2014 17:03:45 Windows Update
27-06-2014 20:11:18 Windows Update

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {183F37D8-5F9F-4AC2-8B9D-9ACF05DCA5BE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-20] (Google Inc.)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2309D5EE-FC95-4630-B117-D75326EFF766} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2013-02-01] (Samsung Electronics CO., LTD.)
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {266D3C96-40CF-41A5-A431-DF05227F8F01} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2013-03-12] (SEC)
Task: {6B383977-9B35-4F7E-A46B-135CD5153EEB} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
Task: {7C65C649-5C76-46E0-9B9E-17A52EEAD5A1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2014-06-11] (Microsoft Corporation)
Task: {919E2AEF-87C3-442A-9C05-17BA6CBEABA9} - System32\Tasks\{46825988-C6C3-40EF-84E6-FABEF0155EAB} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-01-08] (Skype Technologies S.A.)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {C9AA7F37-FF51-437C-9491-628D6040ECC8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-20] (Google Inc.)
Task: {CA09C20C-74E4-4AEE-8F57-CC60EE34C041} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2013-10-16] (Samsung Electronics CO., LTD.)
Task: {CCA341D9-35D1-4002-85BE-270A8ED2AE67} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F9E06569-49F2-4D28-B1D1-26A786507EE8} - System32\Tasks\SideSyncAutoRun => C:\Program Files (x86)\Samsung\Side Sync\SideSync.exe [2013-06-04] (Samsung Electronics CO., LTD.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-01-12 20:16 - 2009-11-04 09:17 - 00189440 _____ () C:\windows\system32\spool\PRTPROCS\x64\lxecdrpp.dll
2013-07-01 10:21 - 2013-07-01 10:21 - 01127736 _____ () C:\Program Files\ShrewSoft\VPN Client\iked.exe
2013-07-01 01:16 - 2013-07-01 01:16 - 00628224 _____ () C:\Program Files\ShrewSoft\VPN Client\libike.dll
2013-07-01 01:16 - 2013-07-01 01:16 - 00039936 _____ () C:\Program Files\ShrewSoft\VPN Client\libvnet.dll
2013-07-01 01:15 - 2013-07-01 01:15 - 00018432 _____ () C:\Program Files\ShrewSoft\VPN Client\libith.dll
2013-07-01 01:17 - 2013-07-01 01:17 - 00029184 _____ () C:\Program Files\ShrewSoft\VPN Client\libpfk.dll
2013-07-01 01:17 - 2013-07-01 01:17 - 00017920 _____ () C:\Program Files\ShrewSoft\VPN Client\libdtp.dll
2013-07-01 01:17 - 2013-07-01 01:17 - 00035840 _____ () C:\Program Files\ShrewSoft\VPN Client\libvflt.dll
2013-07-01 01:16 - 2013-07-01 01:16 - 00013312 _____ () C:\Program Files\ShrewSoft\VPN Client\liblog.dll
2013-07-01 01:16 - 2013-07-01 01:16 - 00116736 _____ () C:\Program Files\ShrewSoft\VPN Client\libip.dll
2013-07-01 01:15 - 2013-07-01 01:15 - 00022016 _____ () C:\Program Files\ShrewSoft\VPN Client\libidb.dll
2013-07-01 10:21 - 2013-07-01 10:21 - 00810808 _____ () C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
2013-02-01 03:52 - 2013-02-01 03:52 - 00085040 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-02-21 13:22 - 2014-02-21 13:23 - 00176048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2012-12-05 13:44 - 2012-12-05 13:44 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2012-12-05 13:39 - 2012-12-05 13:39 - 00020992 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\de-DE\BtTray.de-DE.dll
2012-12-05 13:41 - 2012-12-05 13:41 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2012-12-05 13:44 - 2012-12-05 13:44 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2014-01-12 20:13 - 2013-01-23 14:35 - 00772712 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe
2014-01-12 20:13 - 2013-01-23 14:35 - 00150264 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe
2013-10-16 19:15 - 2013-10-16 19:15 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll
2013-06-04 17:52 - 2013-06-04 17:52 - 00815104 _____ () C:\Program Files (x86)\Samsung\Side Sync\adb.exe
2013-02-01 03:52 - 2013-02-01 03:52 - 00029232 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2013-02-01 03:52 - 2013-02-01 03:52 - 01106480 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2013-02-01 03:52 - 2013-02-01 03:52 - 00111152 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2013-02-01 03:52 - 2013-02-01 03:52 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2013-02-01 03:52 - 2013-02-01 03:52 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2013-02-01 03:52 - 2013-02-01 03:52 - 00027184 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2013-02-01 03:52 - 2013-02-01 03:52 - 00111152 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2013-02-01 03:52 - 2013-02-01 03:52 - 00060976 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2013-02-01 03:52 - 2013-02-01 03:52 - 00103472 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2014-01-12 20:13 - 2010-04-01 13:23 - 00389120 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecscw.dll
2014-01-12 20:13 - 2009-05-27 08:16 - 00192512 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecdatr.dll
2014-01-12 20:13 - 2010-04-01 13:24 - 01159168 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecDRS.dll
2014-01-12 20:13 - 2009-03-10 01:43 - 00155648 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxeccaps.dll
2014-01-12 20:13 - 2009-02-20 04:48 - 00381440 _____ () C:\windows\SYSTEM32\lxecsm.dll
2014-01-12 20:13 - 2009-04-28 03:56 - 00024064 _____ () C:\windows\system32\lxecsmr.dll
2014-01-12 20:13 - 2010-04-05 06:56 - 00716954 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Epwizard.DLL
2014-01-12 20:13 - 2010-04-05 06:55 - 00159890 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\customui.dll
2014-01-12 20:13 - 2010-04-05 06:54 - 00123033 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Eputil.DLL
2014-01-12 20:13 - 2010-04-05 06:55 - 00061604 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Epfunct.DLL
2014-01-12 20:13 - 2010-04-05 06:54 - 00143502 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Imagutil.DLL
2014-01-12 20:13 - 2009-06-23 07:09 - 02203648 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\EPWizRes.dll
2014-01-12 20:13 - 2009-06-23 07:10 - 00045056 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\epstring.dll
2014-01-12 20:13 - 2009-06-23 07:11 - 00102400 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\EPOEMDll.dll
2014-01-12 20:13 - 2009-04-07 15:25 - 00409600 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\iptk.dll
2014-01-12 20:13 - 2009-03-02 10:25 - 00151552 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecptp.dll
2013-03-15 09:54 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 04:34 - 2012-06-08 04:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2012-09-23 20:43 - 2012-09-23 20:43 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\de_de\acrotray.deu
2013-05-06 13:41 - 2013-05-06 13:41 - 01679408 _____ () C:\Program Files (x86)\Samsung\Side Sync\SideSyncNetworkFramework.dll
2014-06-10 19:41 - 2014-06-10 19:42 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============

Name: Shrew Soft Virtual Adapter
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/29/2014 03:21:04 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (06/29/2014 03:21:03 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (06/29/2014 03:21:03 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (06/29/2014 03:21:02 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (06/29/2014 03:21:01 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (06/29/2014 03:21:01 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (06/29/2014 03:20:30 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (06/29/2014 03:17:58 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (06/29/2014 03:17:58 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (06/29/2014 03:17:58 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.


System errors:
=============
Error: (06/29/2014 01:24:16 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Aktualisierung für Skype für Windows Desktop 6.11 (KB2876229)

Error: (06/28/2014 06:33:17 AM) (Source: DCOM) (EventID: 10010) (User: XXXX)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (06/28/2014 06:33:17 AM) (Source: DCOM) (EventID: 10010) (User: XXXX)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (06/28/2014 06:33:17 AM) (Source: DCOM) (EventID: 10010) (User: XXXX)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (06/28/2014 06:33:17 AM) (Source: DCOM) (EventID: 10010) (User: XXXX)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (06/28/2014 03:42:53 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Aktualisierung für Skype für Windows Desktop 6.11 (KB2876229)

Error: (06/28/2014 03:35:04 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Aktualisierung für Skype für Windows Desktop 6.11 (KB2876229)

Error: (06/27/2014 10:12:49 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Aktualisierung für Skype für Windows Desktop 6.11 (KB2876229)

Error: (06/27/2014 02:08:50 AM) (Source: DCOM) (EventID: 10010) (User: XXXX)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (06/27/2014 02:08:50 AM) (Source: DCOM) (EventID: 10010) (User: XXXX)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}


Microsoft Office Sessions:
=========================
Error: (06/29/2014 03:21:04 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\windows\System32\lxecsm.dllC:\windows\System32\lxecsm.dll9

Error: (06/29/2014 03:21:03 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\windows\SysWOW64\LXECsm.dllC:\windows\SysWOW64\LXECsm.dll9

Error: (06/29/2014 03:21:03 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Program Files\Lexmark Pro800-Pro900 Series\Drivers\X64\lxecsm64.dllC:\Program Files\Lexmark Pro800-Pro900 Series\Drivers\X64\lxecsm64.dll9

Error: (06/29/2014 03:21:02 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Program Files\Lexmark Pro800-Pro900 Series\Drivers\I386\lxecsm.dllC:\Program Files\Lexmark Pro800-Pro900 Series\Drivers\I386\lxecsm.dll9

Error: (06/29/2014 03:21:01 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Lexmark\drivers\Pro800\drivers\win_xp2k\x64\LXECsm64.dllC:\Lexmark\drivers\Pro800\drivers\win_xp2k\x64\LXECsm64.dll9

Error: (06/29/2014 03:21:01 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Lexmark\drivers\Pro800\drivers\win_xp2k\i386\LXECsm.dllC:\Lexmark\drivers\Pro800\drivers\win_xp2k\i386\LXECsm.dll9

Error: (06/29/2014 03:20:30 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Program Files (x86)\Samsung\Side Sync\SideSync.exe

Error: (06/29/2014 03:17:58 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\windows\System32\lxecsm.dllC:\windows\System32\lxecsm.dll9

Error: (06/29/2014 03:17:58 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\windows\SysWOW64\LXECsm.dllC:\windows\SysWOW64\LXECsm.dll9

Error: (06/29/2014 03:17:58 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Program Files\Lexmark Pro800-Pro900 Series\Drivers\X64\lxecsm64.dllC:\Program Files\Lexmark Pro800-Pro900 Series\Drivers\X64\lxecsm64.dll9


==================== Memory info =========================== 

Percentage of memory in use: 25%
Total physical RAM: 5717.37 MB
Available physical RAM: 4256.96 MB
Total Pagefile: 11605.38 MB
Available Pagefile: 9172.29 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:675.19 GB) (Free:607.27 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 699 GB) (Disk ID: 66FB1E3A)

Partition: GPT Partition Type.

==================== End Of Log ============================
         

FRST fehlt...

Du hast zweimal die Addition gepostet...

Frst vergessen...

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-06-2014 02
Ran by XXXX (administrator) on XXXX on 29-06-2014 15:52:58
Running from C:\Users\XXXX\Downloads
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\windows\System32\atiesrxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Microsoft Corporation) C:\windows\System32\dasHost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
() C:\Program Files\ShrewSoft\VPN Client\iked.exe
() C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
( ) C:\windows\System32\lxeccoms.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(AMD) C:\windows\System32\atieclxx.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
() C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe
() C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Side Sync\SideSync.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files (x86)\Samsung\Side Sync\adb.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13263072 2012-12-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1260256 2013-01-04] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [766080 2012-12-05] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [128640 2012-12-05] (Atheros Communications)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [Bitcasa] => C:\Program Files\Bitcasa\Bitcasa.exe [4365824 2012-12-27] (Bitcasa, Inc)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2872176 2012-10-08] (ELAN Microelectronics Corp.)
HKLM\...\Run: [lxecmon.exe] => C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe [772712 2013-01-23] ()
HKLM\...\Run: [EzPrint] => C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe [150264 2013-01-23] ()
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-01-27] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310640 2013-03-07] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3477640 2012-09-23] (Adobe Systems Inc.)
HKU\S-1-5-21-1375823238-2140254550-1769909406-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [18705664 2013-01-08] (Skype Technologies S.A.)
Startup: C:\Users\Renate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 1050 J410 series.lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Deskjet 1050 J410 series.lnk -> C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: 1EldosIconOverlay -> {9E2D270D-EAB0-40E3-82A9-221EC3EEB4F9} => C:\windows\SYSTEM32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: BitcasaIconOverlay -> {A6975448-A999-49BB-B3E4-7730CF6A82C0} => C:\Program Files\Bitcasa\ExplorerMenu.dll (Bitcasa, Inc)
ShellIconOverlayIdentifiers: BitcasaProgressOverlay -> {6FB8D52A-0064-45B2-B687-F596FEAD09C2} => C:\Program Files\Bitcasa\ExplorerMenu.dll (Bitcasa, Inc)
ShellIconOverlayIdentifiers: EldosIconOverlay -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: 1EldosIconOverlay -> {9E2D270D-EAB0-40E3-82A9-221EC3EEB4F9} => C:\windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: EldosIconOverlay -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com
SearchScopes: HKLM - {2A76B414-BC32-449F-A8E9-E19A7000C4D9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - {2A76B414-BC32-449F-A8E9-E19A7000C4D9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKCU - DefaultScope {2A76B414-BC32-449F-A8E9-E19A7000C4D9} URL = 
SearchScopes: HKCU - {2A76B414-BC32-449F-A8E9-E19A7000C4D9} URL = 
BHO: Citavi Picker - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Citavi Picker - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{E15EC66B-4595-4676-9B72-1D24AB910003}: [NameServer]141.78.7.250,141.78.7.200

FireFox:
========
FF ProfilePath: C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\ewzecyo2.default-1397762976425
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\ewzecyo2.default-1397762976425\Extensions\ich@maltegoetz.de [2014-05-12]
FF Extension: Print pages to PDF - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\ewzecyo2.default-1397762976425\Extensions\printPages2Pdf@reinhold.ripper [2014-06-13]
FF Extension: YouTube Unblocker - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\ewzecyo2.default-1397762976425\Extensions\youtubeunblocker@unblocker.yt [2014-05-12]
FF Extension: DownloadHelper - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\ewzecyo2.default-1397762976425\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-06-16]
FF Extension: Flash and Video Download - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\ewzecyo2.default-1397762976425\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2014-06-27]
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2014-02-25]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-04-22]

==================== Services (Whitelisted) =================

R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [172104 2013-01-26] (Adobe Systems Incorporated)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1039952 2014-05-15] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [231552 2012-12-05] (Qualcomm Atheros Commnucations)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1594416 2013-02-01] (Samsung Electronics CO., LTD.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [90992 2012-10-08] (ELAN Microelectronics Corp.)
R2 iked; C:\Program Files\ShrewSoft\VPN Client\iked.exe [1127736 2013-07-01] ()
R2 ipsecd; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [810808 2013-07-01] ()
S2 lxecCATSCustConnectService; C:\windows\system32\spool\DRIVERS\x64\3\\lxecserv.exe [45736 2010-04-14] (Lexmark International, Inc.)
R2 lxec_device; C:\windows\system32\lxeccoms.exe [1052328 2010-04-14] ( )
R2 lxec_device; C:\windows\SysWOW64\lxeccoms.exe [598696 2010-04-14] ( )
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [32568 2013-08-22] (The OpenVPN Project)
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3018800 2013-10-21] (Samsung Electronics CO., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-12-05] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-18] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-05-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-19] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [84720 2013-12-18] (Avira Operations GmbH & Co. KG)
R3 BTATH_HID; C:\Windows\system32\DRIVERS\btath_hid.sys [222360 2012-12-05] (Qualcomm Atheros)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-05] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 cbfs3; C:\windows\system32\drivers\cbfs3.sys [352456 2012-08-06] (EldoS Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-09] (Corel Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
R2 WiseFS; C:\Program Files (x86)\Wise\Wise Folder Hider\WiseFs64.sys [10280 2014-03-14] ()
S3 SBIOSIO; \??\C:\MfgDiag\DiagTools\AMDAutoOnClear\SBIOSIO64.SYS [X]
S3 TVICPORT; \??\C:\windows\system32\DRIVERS\TVICPORT.SYS [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-29 15:52 - 2014-06-29 15:53 - 00025177 _____ () C:\Users\XXXX\Downloads\FRST.txt
2014-06-29 15:52 - 2014-06-29 15:53 - 00000000 ____D () C:\FRST
2014-06-29 15:52 - 2014-06-29 15:52 - 02083328 _____ (Farbar) C:\Users\XXXX\Downloads\FRST64.exe
2014-06-28 21:02 - 2014-06-28 21:02 - 00000000 ___RD () C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-06-20 19:28 - 2014-06-20 19:28 - 00058056 _____ () C:\Users\XXXX\AppData\Local\recently-used.xbel
2014-06-19 12:13 - 2014-06-19 12:13 - 00279680 _____ () C:\windows\Minidump\061914-44725-01.dmp
2014-06-16 01:16 - 2014-06-16 01:16 - 00000000 ____D () C:\Program Files (x86)\ConvertHelper
2014-06-16 01:15 - 2014-06-16 01:15 - 03782822 _____ (DownloadHelper ) C:\Users\XXXX\Downloads\ConvertHelperSetup.exe
2014-06-13 17:56 - 2014-06-13 17:56 - 00000000 ____D () C:\Users\XXXX\Desktop\Uni Hohenheim
2014-06-12 00:26 - 2014-06-13 00:48 - 00000000 ____D () C:\Users\XXXX\AppData\Local\Windows Live
2014-06-12 00:16 - 2014-06-12 00:16 - 33938942 _____ () C:\Users\XXXX\Downloads\Letter%20from%20a%20Fan%20v.1.0.mp4
2014-06-11 04:31 - 2014-06-11 04:31 - 00000000 ____D () C:\4cf0ef62782c49422017e2806b
2014-06-10 20:21 - 2014-05-03 07:47 - 03246592 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-06-10 20:21 - 2014-05-03 05:34 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2014-06-10 20:20 - 2014-05-24 04:48 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-06-10 20:20 - 2014-05-24 04:47 - 02239488 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-06-10 20:20 - 2014-05-24 04:47 - 01366016 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-06-10 20:20 - 2014-05-24 04:47 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-06-10 20:20 - 2014-05-24 04:47 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-06-10 20:20 - 2014-05-24 04:46 - 19290112 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-06-10 20:20 - 2014-05-24 04:46 - 15368704 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-06-10 20:20 - 2014-05-24 04:46 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-06-10 20:20 - 2014-05-24 04:46 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-06-10 20:20 - 2014-05-24 04:46 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-06-10 20:20 - 2014-05-24 04:46 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-06-10 20:20 - 2014-05-24 04:46 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-06-10 20:20 - 2014-05-24 04:46 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-06-10 20:20 - 2014-05-24 04:46 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-06-10 20:20 - 2014-05-24 04:46 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-06-10 20:20 - 2014-05-24 04:45 - 01508864 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-06-10 20:20 - 2014-05-24 04:45 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-06-10 20:20 - 2014-05-24 04:45 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-06-10 20:20 - 2014-05-24 03:26 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-06-10 20:20 - 2014-05-24 03:26 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-06-10 20:20 - 2014-05-24 03:26 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-06-10 20:20 - 2014-05-24 03:26 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-06-10 20:20 - 2014-05-24 03:26 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-06-10 20:20 - 2014-05-24 03:25 - 13731328 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-06-10 20:20 - 2014-05-24 03:25 - 01440768 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-06-10 20:20 - 2014-05-24 03:25 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-06-10 20:20 - 2014-05-24 03:25 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-06-10 20:20 - 2014-05-24 03:25 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-06-10 20:20 - 2014-05-24 03:25 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-06-10 20:20 - 2014-05-24 03:25 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-06-10 20:20 - 2014-05-24 03:25 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-06-10 20:20 - 2014-05-24 03:09 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-06-10 20:20 - 2014-05-24 03:03 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-06-10 20:20 - 2014-05-24 00:37 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-06-10 20:20 - 2014-04-30 00:32 - 01301504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-06-10 20:20 - 2014-04-30 00:22 - 01023488 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-06-10 20:20 - 2014-04-03 13:19 - 00328024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Classpnp.sys
2014-06-10 20:20 - 2014-04-03 05:44 - 00619008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2014-06-10 20:20 - 2014-04-01 00:08 - 00387268 _____ () C:\windows\system32\ApnDatabase.xml
2014-06-10 20:20 - 2014-03-25 01:42 - 00305152 _____ (Microsoft Corporation) C:\windows\SysWOW64\wusa.exe
2014-06-10 20:20 - 2014-03-25 00:56 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\wusa.exe
2014-06-10 20:19 - 2014-05-24 04:46 - 03958784 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-06-10 20:19 - 2014-05-24 04:46 - 02650112 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-06-10 20:19 - 2014-05-24 03:26 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-06-10 20:19 - 2014-05-24 03:25 - 02050560 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-06-10 20:19 - 2014-05-24 03:25 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-06-10 20:18 - 2014-05-24 03:26 - 14365696 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-06-10 20:18 - 2014-05-24 03:25 - 02862080 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-06-10 20:18 - 2014-04-03 13:22 - 02233176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-06-10 20:18 - 2014-03-07 02:47 - 01419264 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-06-10 20:18 - 2014-03-07 02:08 - 01845760 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-06-10 19:41 - 2014-06-10 19:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-08 13:36 - 2014-06-08 13:36 - 00000000 ____D () C:\Users\XXXX\AppData\Roaming\Avira
2014-06-08 11:28 - 2014-06-08 11:33 - 00000000 ____D () C:\Users\XXXX\.android
2014-06-07 22:51 - 2014-06-08 14:21 - 00003600 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1375823238-2140254550-1769909406-1004
2014-06-07 22:51 - 2014-06-07 22:51 - 00000000 ____D () C:\Users\XXXX\AppData\Local\Macromedia
2014-06-07 22:50 - 2014-06-07 22:50 - 00000000 ____D () C:\Users\XXXX\AppData\Roaming\Mozilla
2014-06-07 22:50 - 2014-06-07 22:50 - 00000000 ____D () C:\Users\XXXX\AppData\Local\Mozilla
2014-06-07 22:49 - 2014-06-07 22:49 - 00000000 ____D () C:\Users\XXXX\AppData\Roaming\HpUpdate
2014-06-07 20:48 - 2014-06-09 01:23 - 00000000 ____D () C:\Users\XXXX\Documents\Bluetooth Folder
2014-06-07 20:48 - 2014-06-07 22:49 - 00000000 ____D () C:\Users\XXXX\AppData\Local\Adobe
2014-06-07 20:48 - 2014-06-07 20:48 - 00000000 ____D () C:\Users\XXXX\AppData\Roaming\ATI
2014-06-07 20:48 - 2014-06-07 20:48 - 00000000 ____D () C:\Users\XXXX\AppData\Roaming\Atheros
2014-06-07 20:48 - 2014-06-07 20:48 - 00000000 ____D () C:\Users\XXXX\AppData\Local\Power2Go8
2014-06-07 20:48 - 2014-06-07 20:48 - 00000000 ____D () C:\Users\XXXX\AppData\Local\BMExplorer
2014-06-07 20:48 - 2014-06-07 20:48 - 00000000 ____D () C:\Users\XXXX\AppData\Local\ATI
2014-06-07 20:47 - 2014-06-07 22:49 - 00000000 ____D () C:\Users\XXXX\AppData\Roaming\Adobe
2014-06-07 20:47 - 2014-06-07 20:47 - 00001442 _____ () C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-07 20:46 - 2014-06-07 20:46 - 00000000 ____D () C:\Users\XXXX\AppData\Local\VirtualStore
2014-06-07 20:45 - 2014-06-08 11:28 - 00000000 ____D () C:\Users\XXXX
2014-06-07 20:45 - 2014-06-07 20:47 - 00000000 ____D () C:\Users\XXXX\AppData\Local\Packages
2014-06-07 20:45 - 2014-06-07 20:45 - 00000020 ___SH () C:\Users\XXXX\ntuser.ini
2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\Vorlagen
2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\Startmenü
2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\Netzwerkumgebung
2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\Lokale Einstellungen
2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\Eigene Dateien
2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\Druckumgebung
2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\Documents\Eigene Musik
2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\Documents\Eigene Bilder
2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\AppData\Local\Verlauf
2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\AppData\Local\Anwendungsdaten
2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\Anwendungsdaten
2014-06-07 20:45 - 2014-05-19 09:51 - 00000000 ___RD () C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-07 20:45 - 2014-04-22 17:06 - 00000000 ____D () C:\Users\XXXX\AppData\Roaming\Macromedia
2014-06-07 20:45 - 2014-02-25 13:28 - 00000000 ____D () C:\Users\XXXX\AppData\Local\Microsoft Help
2014-06-07 20:45 - 2013-12-06 21:17 - 00002225 _____ () C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-06-07 20:45 - 2013-08-04 13:00 - 00000000 ___RD () C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-06-07 20:45 - 2012-07-26 10:13 - 00000000 ___RD () C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-07 20:45 - 2012-07-26 10:13 - 00000000 ____D () C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-06-05 13:34 - 2014-06-05 13:34 - 00279736 _____ () C:\windows\Minidump\060514-30591-01.dmp
2014-06-01 16:08 - 2014-06-01 16:08 - 00279736 _____ () C:\windows\Minidump\060114-30560-01.dmp
2014-05-31 15:11 - 2014-06-18 19:19 - 00000000 ____D () C:\Users\XXXX\Desktop\Neuer Ordner

==================== One Month Modified Files and Folders =======

2014-06-29 15:53 - 2014-06-29 15:52 - 00025177 _____ () C:\Users\XXXX\Downloads\FRST.txt
2014-06-29 15:53 - 2014-06-29 15:52 - 00000000 ____D () C:\FRST
2014-06-29 15:52 - 2014-06-29 15:52 - 02083328 _____ (Farbar) C:\Users\XXXX\Downloads\FRST64.exe
2014-06-29 15:46 - 2013-12-20 22:43 - 00000000 ____D () C:\Users\XXXX\AppData\Roaming\Skype
2014-06-29 15:44 - 2013-06-30 12:15 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-06-29 15:10 - 2013-03-15 07:09 - 01598562 _____ () C:\windows\WindowsUpdate.log
2014-06-29 15:00 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\sru
2014-06-29 14:59 - 2013-12-20 23:27 - 00001124 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-29 13:24 - 2013-12-21 01:59 - 00000000 ____D () C:\ProgramData\Skype
2014-06-28 23:59 - 2013-12-20 23:27 - 00001120 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-28 21:05 - 2013-03-15 10:00 - 00000000 ____D () C:\ProgramData\WinClon
2014-06-28 21:02 - 2014-06-28 21:02 - 00000000 ___RD () C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-06-28 21:01 - 2014-01-12 20:14 - 00118273 _____ () C:\ProgramData\lxecscan.log
2014-06-28 15:15 - 2014-03-09 22:41 - 00000000 ____D () C:\Users\XXXX\AppData\Local\Battle.net
2014-06-28 15:15 - 2014-03-09 22:41 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-06-28 03:05 - 2014-02-25 15:55 - 00000000 ____D () C:\Users\XXXX\Documents\Citavi 4
2014-06-26 02:50 - 2013-06-01 21:56 - 00000000 ____D () C:\Users\XXXX
2014-06-23 23:01 - 2012-08-05 23:07 - 00483148 _____ () C:\windows\PFRO.log
2014-06-23 23:01 - 2012-07-26 09:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-06-20 21:44 - 2014-04-19 14:12 - 00000000 ____D () C:\Users\XXXX\Desktop\Bewerbung April
2014-06-20 19:28 - 2014-06-20 19:28 - 00058056 _____ () C:\Users\XXXX\AppData\Local\recently-used.xbel
2014-06-20 19:28 - 2013-12-24 01:12 - 00000000 ____D () C:\Users\XXXX\AppData\Local\gtk-2.0
2014-06-20 19:28 - 2013-12-24 01:10 - 00000000 ____D () C:\Users\XXXX\.gimp-2.8
2014-06-19 22:32 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\rescache
2014-06-19 17:10 - 2012-07-26 09:59 - 00000000 ____D () C:\windows\CbsTemp
2014-06-19 17:06 - 2014-02-21 12:00 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-19 16:16 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-06-19 12:13 - 2014-06-19 12:13 - 00279680 _____ () C:\windows\Minidump\061914-44725-01.dmp
2014-06-19 12:13 - 2014-01-08 22:15 - 00000000 ____D () C:\windows\Minidump
2014-06-19 12:12 - 2014-01-18 15:43 - 489268099 _____ () C:\windows\MEMORY.DMP
2014-06-19 03:19 - 2013-03-15 22:30 - 00753134 _____ () C:\windows\system32\perfh007.dat
2014-06-19 03:19 - 2013-03-15 22:30 - 00155826 _____ () C:\windows\system32\perfc007.dat
2014-06-19 03:19 - 2012-07-26 09:28 - 01745416 _____ () C:\windows\system32\PerfStringBackup.INI
2014-06-18 23:54 - 2013-12-20 23:27 - 00004096 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-18 23:54 - 2013-12-20 23:27 - 00003860 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-18 19:19 - 2014-05-31 15:11 - 00000000 ____D () C:\Users\XXXX\Desktop\Neuer Ordner
2014-06-16 01:29 - 2013-06-16 19:49 - 00000000 ____D () C:\Users\XXXX\AppData\Roaming\CyberLink
2014-06-16 01:16 - 2014-06-16 01:16 - 00000000 ____D () C:\Program Files (x86)\ConvertHelper
2014-06-16 01:15 - 2014-06-16 01:15 - 03782822 _____ (DownloadHelper ) C:\Users\XXXX\Downloads\ConvertHelperSetup.exe
2014-06-16 01:14 - 2014-04-06 19:07 - 00000000 ____D () C:\Users\XXXX\dwhelper
2014-06-13 17:56 - 2014-06-13 17:56 - 00000000 ____D () C:\Users\XXXX\Desktop\Uni Hohenheim
2014-06-13 00:48 - 2014-06-12 00:26 - 00000000 ____D () C:\Users\XXXX\AppData\Local\Windows Live
2014-06-12 00:16 - 2014-06-12 00:16 - 33938942 _____ () C:\Users\XXXX\Downloads\Letter%20from%20a%20Fan%20v.1.0.mp4
2014-06-11 18:14 - 2013-06-30 11:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-11 04:31 - 2014-06-11 04:31 - 00000000 ____D () C:\4cf0ef62782c49422017e2806b
2014-06-11 04:31 - 2013-08-28 23:11 - 00000000 ____D () C:\windows\system32\MRT
2014-06-11 04:31 - 2013-06-27 23:49 - 95414520 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-06-11 01:10 - 2014-03-09 22:56 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-06-10 19:42 - 2014-06-10 19:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-09 01:23 - 2014-06-07 20:48 - 00000000 ____D () C:\Users\XXXX\Documents\Bluetooth Folder
2014-06-09 01:23 - 2014-03-27 12:20 - 00000000 ____D () C:\Users\XXXX\Documents\Bluetooth Folder
2014-06-08 14:21 - 2014-06-07 22:51 - 00003600 _____ () C:\windows\XXXX\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1375823238-2140254550-1769909406-1004
2014-06-08 13:36 - 2014-06-08 13:36 - 00000000 ____D () C:\Users\XXXX\AppData\Roaming\Avira
2014-06-08 11:33 - 2014-06-08 11:28 - 00000000 ____D () C:\Users\XXXX\.android
2014-06-08 11:28 - 2014-06-07 20:45 - 00000000 ____D () C:\Users\XXXX
2014-06-07 22:51 - 2014-06-07 22:51 - 00000000 ____D () C:\Users\XXXX\AppData\Local\Macromedia
2014-06-07 22:50 - 2014-06-07 22:50 - 00000000 ____D () C:\Users\XXXX\AppData\Roaming\Mozilla
2014-06-07 22:50 - 2014-06-07 22:50 - 00000000 ____D () C:\Users\XXXX\AppData\Local\Mozilla
2014-06-07 22:49 - 2014-06-07 22:49 - 00000000 ____D () C:\Users\XXXX\AppData\Roaming\HpUpdate
2014-06-07 22:49 - 2014-06-07 20:48 - 00000000 ____D () C:\Users\XXXX\AppData\Local\Adobe
2014-06-07 22:49 - 2014-06-07 20:47 - 00000000 ____D () C:\Users\XXXX\AppData\Roaming\Adobe
2014-06-07 20:48 - 2014-06-07 20:48 - 00000000 ____D () C:\Users\XXXX\AppData\Roaming\ATI
2014-06-07 20:48 - 2014-06-07 20:48 - 00000000 ____D () C:\Users\XXXX\AppData\Roaming\Atheros
2014-06-07 20:48 - 2014-06-07 20:48 - 00000000 ____D () C:\Users\XXXX\AppData\Local\Power2Go8
2014-06-07 20:48 - 2014-06-07 20:48 - 00000000 ____D () C:\Users\XXXX\AppData\Local\BMExplorer
2014-06-07 20:48 - 2014-06-07 20:48 - 00000000 ____D () C:\Users\XXXX\AppData\Local\ATI
2014-06-07 20:48 - 2013-03-15 10:40 - 00000000 ____D () C:\ProgramData\Atheros
2014-06-07 20:47 - 2014-06-07 20:47 - 00001442 _____ () C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-07 20:47 - 2014-06-07 20:45 - 00000000 ____D () C:\Users\XXXX\AppData\Local\Packages
2014-06-07 20:47 - 2013-06-01 22:02 - 00000000 ____D () C:\windows\System32\Tasks\WPD
2014-06-07 20:46 - 2014-06-07 20:46 - 00000000 ____D () C:\Users\XXXX\AppData\Local\VirtualStore
2014-06-07 20:45 - 2014-06-07 20:45 - 00000020 ___SH () C:\Users\XXXX\ntuser.ini
2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXXVorlagen
2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\Startmenü
2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\Netzwerkumgebung
2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\Lokale Einstellungen
2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\Eigene Dateien
2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\Druckumgebung
2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\Documents\Eigene Musik
2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\Documents\Eigene Bilder
2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\AppData\Local\Verlauf
2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\AppData\Local\Anwendungsdaten
2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXXAnwendungsdaten
2014-06-05 15:31 - 2014-03-05 22:06 - 00000000 ____D () C:\Users\XXXX\Documents\Mix2
2014-06-05 13:34 - 2014-06-05 13:34 - 00279736 _____ () C:\windows\Minidump\060514-30591-01.dmp
2014-06-01 16:08 - 2014-06-01 16:08 - 00279736 _____ () C:\windows\Minidump\060114-30560-01.dmp
2014-05-31 10:24 - 2014-03-08 20:52 - 00000000 ____D () C:\Users\XXXX\Documents\Bachelorarbeit Zusammenfassung
2014-05-31 09:14 - 2014-02-24 20:16 - 00000000 ____D () C:\Users\XXXX\Documents\Bachelorarbeit
2014-05-31 07:16 - 2013-11-19 01:25 - 00703992 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-05-31 07:16 - 2013-11-19 01:25 - 00105464 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-30 23:36 - 2014-05-27 13:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird

Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe


Some content of TEMP:
====================
C:\Users\XXXX\AppData\Local\Temp\avgnt.exe
C:\Users\XXXX\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-26 18:41

==================== End Of Log ============================
         

--- --- ---

Wir machen jetzt ein paar Scans um Malware/Adware als Grund für Deine Probleme auszuschließen.

Schritt 1

Bitte deinstalliere folgende Programme:

Java 7 Update 45


Versuche es bei Windows 8 mit der Windowstaste + X über .

Sollte das nicht gehen, lade Dir bitte Revo Uninstallerhier herunter. Entpacke die zip-Datei auf den Desktop.

• Starte die Revouninstaller.exe
• Klicke auf Optionen und wähle als Sprache Deutsch.
• Suche im Uninstallerfeld nach den oben angegebenen Programmen und wähle sie einzeln aus.
  Klicke jedesmal auf Uninstall.
• Wähle anschließend den Modus "Moderat" aus.
  
• Reste löschen:
  Klicke auf dann auf und dann auf .

Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter:

Schritt 2
Downloade Dir bitte AdwCleaner auf deinen Desktop.

• Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
• Starte die AdwCleaner.exe mit einem Doppelklick.
• Stimme den Nutzungsbedingungen zu.
• Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
  • "Tracing" Schlüssel löschen
  • Winsock Einstellungen zurücksetzen
  • Proxy Einstellungen zurücksetzen
  • Internet Explorer Richtlinien zurücksetzen
  • Chrome Richtlinien zurücksetzen
  • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
• Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
• Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
• Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
• Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 3

Malwarebytes Antimalware

• Download-Link
• Installiere das Programm in den vorgegebenen Pfad.
• Starte Malwarebytes' Anti-Malware (MBAM).
• Sollte die Benutzeroberfläche noch in Englisch sein, klicke auf Settings und wähle bei Language Deutsch aus.
• Unter Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
• Klicke im Anschluss auf "Suchlauf", wähle den Bedrohungssuchlauf aus, aktualisiere die Datenbanken und klicke auf "Suchlauf jetzt starten".
• Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. (geht so...)
• Poste mir den Inhalt der Logdatei (geht so...). Klicke dazu auf Verlauf und dann auf Anwendungsprotokolle.
• Wähle das neueste Suchlauf-Protokoll aus und klicke auf Ansicht. Klicke auf "In Zwischenablage kopieren" poste mir den Inhalt in Code-Tags als Antwort in den Thread.

Schritt 4
Downloade Dir HitmanProauf Deinen Desktop:

HitmanPro - 32 Bit
HitmanPro - 64 Bit

• Starte die HitmanPro.exe
• Klicke auf Weiter und akzeptiere die Lizenzbedingungen. Klicke auf Weiter.
• Wähle "Nein, ich möchte nur einen Einmalscan zur Überprüfung dieses Computers ausführen" aus und klicke auf Weiter.
• Wenn der Scan beendet wurde, nichts löschen etc. sondern wähle unten links auf der Button-Leiste Logdatei speichern und speichere die Logdatei auf Deinem Desktop.
• Schließe HitmanPro und poste mir das Log.

So, dann mal die Logfiles. Bitteschön:

Code: Alles auswählenAufklappen

ATTFilter

# AdwCleaner v3.213 - Bericht erstellt am 29/06/2014 um 16:54:22
# Aktualisiert 23/06/2014 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : XXXX
# Gestartet von : C:\Users\XXXX\Downloads\adwcleaner_3.213.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gelöscht : C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\ewzecyo2.default-1397762976425\foxydeal.sqlite

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16921


-\\ Mozilla Firefox v30.0 (de)

[ Datei : C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\dorl4x5b.default\prefs.js ]


[ Datei : C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\ewzecyo2.default-1397762976425\prefs.js ]


*************************

AdwCleaner[R0].txt - [2217 octets] - [29/06/2014 16:48:14]
AdwCleaner[S0].txt - [2126 octets] - [29/06/2014 16:54:22]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2186 octets] ##########
         

Code: Alles auswählenAufklappen

ATTFilter

# AdwCleaner v3.213 - Bericht erstellt am 29/06/2014 um 16:48:14
# Aktualisiert 23/06/2014 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : XXXX
# Gestartet von : C:\Users\XXXX\Downloads\adwcleaner_3.213.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\ewzecyo2.default-1397762976425\foxydeal.sqlite

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16921


-\\ Mozilla Firefox v30.0 (de)

[ Datei : C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\dorl4x5b.default\prefs.js ]


[ Datei : C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\ewzecyo2.default-1397762976425\prefs.js ]


*************************

AdwCleaner[R0].txt - [2065 octets] - [29/06/2014 16:48:14]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2125 octets] ##########
         

Code: Alles auswählenAufklappen

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 29.06.2014
Suchlauf-Zeit: 17:23:58
Logdatei: 
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.06.29.06
Rootkit Datenbank: v2014.06.23.02
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 8
CPU: x64
Dateisystem: NTFS
Benutzer: X

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 325730
Verstrichene Zeit: 37 Min, 2 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)
         

Code: Alles auswählenAufklappen

ATTFilter

	
Code: 

Alles auswählenAufklappen 
ATTFilter

  
	
HitmanPro 3.7.9.219
www.hitmanpro.com

   Computer name . . . . : XXXX
   Windows . . . . . . . : 6.2.0.9200.X64/2
   User name . . . . . . : XXXX
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2014-06-29 18:25:29
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 9m 43s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 2
   Traces  . . . . . . . : 31

   Objects scanned . . . : 1.745.847
   Files scanned . . . . : 47.508
   Remnants scanned  . . : 514.127 files / 1.184.212 keys

Malware _____________________________________________________________________

   C:\Users\Renate\Music\32 Bit\mini-KMS_Activator_v1.2_Office2010_VL_ENG_FIXED.exe
      Size . . . . . . . : 1.051.648 bytes
      Age  . . . . . . . : 128.3 days (2014-02-21 11:56:40)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : FD47386E7CEBFF127DA53526768DB1E6861E0A8FC9AC18E21FB727549DC33283
      Needs elevation  . : Yes
      Product  . . . . . : mini-KMS Activator v1.2 Office2010 VL ENG
      Publisher  . . . . : FreeSoft
      Description  . . . : mini-KMS Activator
      Version  . . . . . : 1,2,0,0
      Copyright  . . . . : © 2010, FreeSoft
      LanguageID . . . . : 1033
    > Bitdefender  . . . : Trojan.Generic.6139748
      Fuzzy  . . . . . . : 108.0

   C:\Users\Renate\Music\64 Bit\mini-KMS_Activator_v1.2_Office2010_VL_ENG_FIXED.exe
      Size . . . . . . . : 1.051.648 bytes
      Age  . . . . . . . : 128.3 days (2014-02-21 11:58:17)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : FD47386E7CEBFF127DA53526768DB1E6861E0A8FC9AC18E21FB727549DC33283
      Needs elevation  . : Yes
      Product  . . . . . : mini-KMS Activator v1.2 Office2010 VL ENG
      Publisher  . . . . : FreeSoft
      Description  . . . : mini-KMS Activator
      Version  . . . . . : 1,2,0,0
      Copyright  . . . . : © 2010, FreeSoft
      LanguageID . . . . : 1033
    > Bitdefender  . . . : Trojan.Generic.6139748
      Fuzzy  . . . . . . : 108.0


Suspicious files ____________________________________________________________

   C:\Users\Renate\Desktop\FRST64.exe
      Size . . . . . . . : 2.083.328 bytes
      Age  . . . . . . . : 0.1 days (2014-06-29 15:52:16)
      Entropy  . . . . . : 7.5
      SHA-256  . . . . . : CC449B189EC631A9A65BDA95D2386D193E6AD8BAD7ED4C551B2DF2A39016D860
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.


Potential Unwanted Programs _________________________________________________

   C:\ProgramData\APN\ (AskBar)

Cookies _____________________________________________________________________

   C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\dorl4x5b.default\cookies.sqlite:ad.360yield.com
   C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\dorl4x5b.default\cookies.sqlite:ad.ad-srv.net
   C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\dorl4x5b.default\cookies.sqlite:ads.auto-motor-und-sport.de
   C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\dorl4x5b.default\cookies.sqlite:ads.creative-serving.com
   C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\dorl4x5b.default\cookies.sqlite:ads.yahoo.com
   C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\dorl4x5b.default\cookies.sqlite:adtech.de
   C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\dorl4x5b.default\cookies.sqlite:advertising.com
   C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\dorl4x5b.default\cookies.sqlite:atdmt.com
   C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\dorl4x5b.default\cookies.sqlite:bs.serving-sys.com
   C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\dorl4x5b.default\cookies.sqlite:burstnet.com
   C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\dorl4x5b.default\cookies.sqlite:doubleclick.net
   C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\dorl4x5b.default\cookies.sqlite:eas.apm.emediate.eu
   C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\dorl4x5b.default\cookies.sqlite:fastclick.net
   C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\dorl4x5b.default\cookies.sqlite:mediaplex.com
   C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\dorl4x5b.default\cookies.sqlite:revsci.net
   C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\dorl4x5b.default\cookies.sqlite:ru4.com
   C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\dorl4x5b.default\cookies.sqlite:serving-sys.com
   C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\dorl4x5b.default\cookies.sqlite:smartadserver.com
   C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\dorl4x5b.default\cookies.sqlite:track.adform.net
   C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\dorl4x5b.default\cookies.sqlite:uk.at.atwola.com
   C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\dorl4x5b.default\cookies.sqlite:www.googleadservices.com
   C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\dorl4x5b.default\cookies.sqlite:www4.smartadserver.com
   C:\Users\X\AppData\Roaming\Microsoft\Windows\Cookies\2RQMUZT3.txt
   C:\Users\X\AppData\Roaming\Microsoft\Windows\Cookies\GJKC3Z19.txt
   C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\ewzecyo2.default-1397762976425\cookies.sqlite:ad.360yield.com
   C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\ewzecyo2.default-1397762976425\cookies.sqlite:ads.yahoo.com
   C:\Users\X\AppData\Roaming\Mozilla\Firefox\Profiles\ewzecyo2.default-1397762976425\cookies.sqlite:burstnet.com
         
 
 

Zitat:

C:\Users\Renate\Music\32 Bit\mini-KMS_Activator_v1.2_Office2010_VL_ENG_FIXED.exe
Size . . . . . . . : 1.051.648 bytes
Age . . . . . . . : 128.3 days (2014-02-21 11:56:40)

Ist Dein Office gecrackt?

https://www.virustotal.com/de/file/f...3283/analysis/

Unsere Regeln zur Erinnerung:
http://www.trojaner-board.de/95393-c...-software.html