| |
| |||||||
Log-Analyse und Auswertung: Keine Symptome; Allgemeiner CheckWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
09.01.2014, 18:51
| #1 |
 |  Keine Symptome; Allgemeiner Check Hallo zusammen, ich hoffe, ich poste das hier im richtigen Forum. Es geht um folgendes: Ich wollte mal generell checken, wie es meinem Rechner so geht. Konkrete Symptome habe ich keine, außer ein hin und wieder bei wenigen Websites aufploppendes Popup von Zalandoo (das ich bisher als 'normale Werbung') eingestuft habe. Ich bin kein ganz unbeholfener User und habe früher mein System immer selbst gecheckt (durch aufmerksames Beobachten und im Zweifel mit HijackThis). Seitdem hier aber auf immer andere Scan Tools Bezug genommen wird, reicht mir meine bisher bewährte Methode nicht mehr aus. Ganz konkret: Darf ich euch um einen generellen Check meines Systems bitten und welche Logs von welchen Scantools wollte ihr dazu? Ich wäre euch um eine kurze Rückmeldung dankbar  Schöne Grüße, GF |
|
09.01.2014, 22:00
| #2 |
| /// the machine /// TB-Ausbilder    | Keine Symptome; Allgemeiner Check hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
09.01.2014, 23:07
| #3 |
| | Keine Symptome; Allgemeiner Check Hi Schrauber,
__________________danke schonmal so weit. Hier die beiden Logfiles: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-01-2014
Ran by Mein Name (administrator) on SAMSUNGLAPTOP on 09-01-2014 22:53:09
Running from C:\Users\Mein Name\Desktop
Windows 8.1 Pro (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\PSE9\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\IFXSPMGT.exe
(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\IFXTCS.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\IfxPsdSv.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\SAMSUNG\SW Update Service\SWMAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\PSDrt.exe
(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\SpTNA.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(SoftPerfect Research) C:\Program Files\NetWorx\networx.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(6 Wunderkinder GmbH) C:\Program Files (x86)\Wunderlist2\Wunderlist.exe
(Banamalon) C:\Program Files (x86)\Banamalon\Windows Remote Service\WindowsRemoteService.exe
(Dropbox, Inc.) C:\Users\Mein Name\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\POWERPNT.EXE
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2894152 2013-11-04] (ELAN Microelectronics Corp.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [NetWorx] - C:\Program Files\NetWorx\networx.exe [5019344 2013-11-06] (SoftPerfect Research)
HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] - rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [Greenshot] - C:\Program Files\Greenshot\Greenshot.exe [495616 2013-12-12] (Greenshot)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-03-20] (Geek Software GmbH)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707984 2013-10-10] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4956176 2013-11-07] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKCU\...\Run: [Wunderlist] - C:\Program Files (x86)\Wunderlist2\Wunderlist.exe [13021792 2013-12-02] (6 Wunderkinder GmbH)
HKCU\...\Run: [SkyDrive] - C:\Users\Mein Name\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136 2013-08-14] (Microsoft Corporation)
HKCU\...\Run: [Remote Control Server] - C:\Program Files (x86)\Remote Control Server\Remote Control Server.exe
HKCU\...\Run: [Windows Remote Service] - C:\Program Files (x86)\Banamalon\Windows Remote Service\WindowsRemoteService.exe [173568 2013-05-24] (Banamalon)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
Startup: C:\Users\Mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Mein Name\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Thunderbird.lnk
ShortcutTarget: Mozilla Thunderbird.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
Startup: C:\Users\Mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung13.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com
SearchScopes: HKLM - DefaultScope {5F28D8B8-DAE0-468D-9DF7-D340F488D8A3} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM - {5F28D8B8-DAE0-468D-9DF7-D340F488D8A3} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - DefaultScope {5F28D8B8-DAE0-468D-9DF7-D340F488D8A3} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - {5F28D8B8-DAE0-468D-9DF7-D340F488D8A3} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKCU - DefaultScope {5F28D8B8-DAE0-468D-9DF7-D340F488D8A3} URL =
SearchScopes: HKCU - {5F28D8B8-DAE0-468D-9DF7-D340F488D8A3} URL =
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Citavi Picker - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21
Tcpip\..\Interfaces\{AFE99069-6278-4F21-97E4-F6094F53CE4B}: [NameServer]131.130.1.11,131.130.1.12
FireFox:
========
FF ProfilePath: C:\Users\Mein Name\AppData\Roaming\Mozilla\Firefox\Profiles\1ub0ucch.default
FF Homepage: www.tagesschau.de
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF Viewer\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF Viewer\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF Viewer\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF Viewer\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF Viewer\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Users\Mein Name\AppData\Roaming\Mozilla\Firefox\Profiles\1ub0ucch.default\searchplugins\ecosia.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: MinimizeToTray revived (MinTrayR) - C:\Users\Mein Name\AppData\Roaming\Mozilla\Firefox\Profiles\1ub0ucch.default\Extensions\mintrayr@tn123.ath.cx
FF Extension: Bookmark Favicon Changer - C:\Users\Mein Name\AppData\Roaming\Mozilla\Firefox\Profiles\1ub0ucch.default\Extensions\bookmarkfaviconchanger@sonthakit.xpi
FF Extension: Ghostery - C:\Users\Mein Name\AppData\Roaming\Mozilla\Firefox\Profiles\1ub0ucch.default\Extensions\firefox@ghostery.com.xpi
FF Extension: Multirow Bookmarks Toolbar Plus - C:\Users\Mein Name\AppData\Roaming\Mozilla\Firefox\Profiles\1ub0ucch.default\Extensions\{4c7097f7-08f2-4ef2-9b9f-f95fa4cbb064}.xpi
FF Extension: NoScript - C:\Users\Mein Name\AppData\Roaming\Mozilla\Firefox\Profiles\1ub0ucch.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
Chrome:
=======
CHR DefaultSearchKeyword: ecosia.org
CHR DefaultSearchProvider: Ecosia
CHR DefaultSearchURL: hxxp://ecosia.org/search.php?q={searchTerms}&addon=opensearch
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (PDF-XChange Viewer) - C:\Program Files (x86)\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\bin\plugin2\npjp2.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.16) - C:\windows\SysWOW64\npDeployJava1.dll No File
CHR Extension: (Google Docs) - C:\Users\Mein Name\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Mein Name\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Mein Name\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Mein Name\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Wallet) - C:\Users\Mein Name\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Citavi Picker) - C:\Users\Mein Name\AppData\Local\Google\Chrome\User Data\Default\Extensions\piehhloihgjjiomhieeddiidpekaajio\2013.11.1_0
CHR Extension: (Gmail) - C:\Users\Mein Name\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [piehhloihgjjiomhieeddiidpekaajio] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Chrome\ChromePicker.crx
==================== Services (Whitelisted) =================
R2 AdobeActiveFileMonitor9.0; C:\Program Files (x86)\Adobe\PSE9\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [169408 2010-09-06] (Adobe Systems Incorporated)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3478544 2013-11-11] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-08-26] (Samsung Electronics CO., LTD.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [100104 2013-09-05] (ELAN Microelectronics Corp.)
R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [102224 2012-08-17] (Condusiv Technologies)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 IFXSpMgtSrv; C:\Program Files (x86)\Infineon\Security Platform Software\ifxspmgt.exe [1143120 2013-06-26] (Infineon Technologies AG)
R2 IFXTCS; C:\Program Files (x86)\Infineon\Security Platform Software\ifxtcs.exe [1012048 2013-06-26] (Infineon Technologies AG)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 PersonalSecureDriveService; C:\Program Files (x86)\Infineon\Security Platform Software\IfxPsdSv.exe [214864 2013-06-26] (Infineon Technologies AG)
R2 PSI_SVC_2_x64; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3018800 2013-10-21] (Samsung Electronics CO., LTD.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [148792 2013-09-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [241464 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192824 2013-09-02] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-08-20] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [252728 2013-07-30] (AVG Technologies CZ, s.r.o.)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00B\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [22832 2013-07-24] (ELAN Microelectronic Corp.)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23376 2012-08-17] (Condusiv Technologies)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [103248 2012-08-17] (Condusiv Technologies)
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [39248 2013-03-15] (Paragon Software Group)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-09-30] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew00.sys [3345376 2013-10-08] (Intel Corporation)
R1 networx; C:\Windows\System32\drivers\networx.sys [43512 2013-10-21] (NetFilterSDK.com)
R1 PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [44576 2012-02-03] (Infineon Technologies AG)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-10-10] (Windows (R) 2003 DDK 3790 provider)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R1 UimBus; C:\Windows\System32\drivers\uimx64.sys [90960 2013-03-15] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [633680 2013-03-15] (Paragon)
R1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [390352 2013-03-15] (Paragon)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
R3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52080 2013-10-10] (Cisco Systems, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-09 22:53 - 2014-01-09 22:53 - 00028115 _____ C:\Users\Mein Name\Desktop\FRST.txt
2014-01-09 22:53 - 2014-01-09 22:53 - 00000000 ____D C:\FRST
2014-01-09 22:48 - 2014-01-09 22:46 - 01931772 _____ (Farbar) C:\Users\Mein Name\Desktop\FRST64.exe
2014-01-09 18:43 - 2014-01-09 18:43 - 00088420 _____ C:\Users\Mein Name\Desktop\Extras_anonym.Txt
2014-01-09 18:42 - 2014-01-09 18:42 - 00161812 _____ C:\Users\Mein Name\Desktop\OTL_anonym.Txt
2014-01-08 22:32 - 2014-01-08 22:32 - 00161952 _____ C:\Users\Mein Name\Desktop\OTL.Txt
2014-01-08 22:32 - 2014-01-08 22:32 - 00088466 _____ C:\Users\Mein Name\Desktop\Extras.Txt
2014-01-08 19:54 - 2014-01-08 19:54 - 00000000 ____D C:\Users\Mein Name\Desktop\Adobe
2014-01-06 00:07 - 2014-01-06 00:07 - 00000000 ___SH C:\DkHyperbootSync
2014-01-05 14:00 - 2014-01-05 14:00 - 00000000 ____D C:\ProgramData\scripts
2014-01-05 12:53 - 2014-01-05 12:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-05 02:43 - 2014-01-05 02:43 - 00001989 _____ C:\Users\Public\Desktop\Samsung Kies 3.lnk
2014-01-05 02:16 - 2014-01-05 02:16 - 00000000 ____D C:\Users\Mein Name\Documents\SelfMV
2014-01-05 02:14 - 2014-01-05 02:28 - 00000000 ____D C:\Users\Mein Name\AppData\Roaming\Samsung
2014-01-05 02:14 - 2014-01-05 02:14 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2014-01-05 02:13 - 2014-01-05 02:13 - 00000000 ____D C:\Users\Mein Name\Documents\samsung
2014-01-05 02:12 - 2014-01-05 02:14 - 00000000 ____D C:\Windows\LastGood
2014-01-05 01:17 - 2013-10-30 12:13 - 04659712 _____ (Dmitry Streblechenko) C:\Windows\SysWOW64\Redemption.dll
2014-01-05 01:03 - 2014-01-06 09:34 - 00000000 ____D C:\Users\Mein Name\AppData\Roaming\Banamalon
2014-01-05 01:02 - 2014-01-05 01:02 - 00001323 _____ C:\Users\Public\Desktop\Windows Remote Service.lnk
2014-01-05 01:02 - 2014-01-05 01:02 - 00000000 ____D C:\ProgramData\Banamalon
2014-01-05 01:02 - 2014-01-05 01:02 - 00000000 ____D C:\Program Files (x86)\Banamalon
2014-01-05 00:13 - 2014-01-05 00:13 - 00000338 _____ C:\Windows\PFRO.log
2013-12-16 21:44 - 2013-12-16 21:44 - 00991922 _____ C:\Users\Mein Name\Desktop\PA_16-12.xlsx
2013-12-15 16:47 - 2013-12-15 16:47 - 00000000 _____ C:\hb_1F22.tmp
2013-12-15 11:49 - 2013-12-15 11:49 - 00000000 ____D C:\Program Files\Greenshot
2013-12-15 10:22 - 2014-01-05 02:43 - 00007914 _____ C:\Windows\setupact.log
2013-12-15 10:22 - 2013-12-15 10:22 - 00000000 _____ C:\Windows\setuperr.log
2013-12-14 19:29 - 2013-12-14 19:29 - 00000000 ____D C:\ProgramData\Protexis
2013-12-14 19:29 - 2013-12-14 19:29 - 00000000 ____D C:\Program Files\Common Files\Corel
2013-12-14 19:28 - 2013-12-14 19:39 - 00000000 ____D C:\ProgramData\CorelDRAW Graphics Suite X6.4
2013-12-14 10:14 - 2013-12-14 10:14 - 00000000 ____D C:\ProgramData\CorelDRAW Graphics Suite X6.1
2013-12-14 09:39 - 2013-12-14 09:35 - 00002865 _____ C:\Users\Public\Desktop\Corel PHOTO-PAINT X6 (64-Bit).lnk
2013-12-14 09:39 - 2013-12-14 09:34 - 00002849 _____ C:\Users\Public\Desktop\CorelDRAW X6 (64-Bit).lnk
2013-12-14 09:36 - 2013-12-14 09:36 - 00000000 ____D C:\Program Files\Common Files\Protexis
2013-12-14 09:34 - 2013-12-14 09:34 - 00000000 ____D C:\Users\Public\Documents\Corel
2013-12-14 09:34 - 2013-12-14 09:34 - 00000000 ____D C:\Program Files\Corel
2013-12-13 16:47 - 2013-12-13 16:47 - 00000000 ____D C:\Windows\LastGood.Tmp
2013-12-12 20:43 - 2013-12-12 21:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-12-10 20:30 - 2013-12-10 20:30 - 00000000 ____D C:\Windows\PCHEALTH
2013-12-10 20:22 - 2013-11-12 00:41 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-10 20:22 - 2013-11-12 00:40 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-10 20:22 - 2013-11-12 00:27 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2013-12-10 20:22 - 2013-11-12 00:24 - 00840704 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2013-12-10 20:22 - 2013-11-11 03:48 - 00039768 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2013-12-10 20:22 - 2013-11-09 12:55 - 00325464 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2013-12-10 20:22 - 2013-11-09 07:37 - 01756160 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe
2013-12-10 20:22 - 2013-11-09 06:56 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe
2013-12-10 20:22 - 2013-11-08 11:26 - 00358896 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2013-12-10 20:22 - 2013-11-08 06:23 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\appmgr.dll
2013-12-10 20:22 - 2013-11-08 05:43 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2013-12-10 20:22 - 2013-11-08 05:42 - 00366080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appmgr.dll
2013-12-10 20:22 - 2013-11-08 05:28 - 13177344 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2013-12-10 20:22 - 2013-11-08 05:26 - 11674624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-12-10 20:22 - 2013-11-08 05:16 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2013-12-10 20:22 - 2013-11-08 05:15 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2013-12-10 20:22 - 2013-11-08 05:07 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2013-12-10 20:22 - 2013-11-08 04:41 - 01302528 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2013-12-10 20:22 - 2013-11-08 04:14 - 00922624 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2013-12-10 20:22 - 2013-11-05 15:19 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2013-12-10 20:22 - 2013-11-05 15:03 - 00637952 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2013-12-10 20:22 - 2013-11-05 14:57 - 00479744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2013-12-10 20:22 - 2013-11-05 14:33 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2013-12-10 20:22 - 2013-11-05 14:32 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2013-12-10 20:22 - 2013-11-04 18:13 - 01530200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-12-10 20:22 - 2013-11-04 18:13 - 00382808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2013-12-10 20:22 - 2013-11-04 14:07 - 01843712 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2013-12-10 20:22 - 2013-11-04 12:50 - 02143744 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2013-12-10 20:22 - 2013-11-04 11:32 - 02570240 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2013-12-10 20:22 - 2013-11-04 03:28 - 01816576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2013-12-10 20:22 - 2013-11-04 02:30 - 01765376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2013-12-10 20:22 - 2013-11-01 12:39 - 00086872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2013-12-10 20:22 - 2013-11-01 07:08 - 00747008 _____ (Microsoft Corporation) C:\Windows\system32\wlidcli.dll
2013-12-10 20:22 - 2013-11-01 06:57 - 00544768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcli.dll
2013-12-10 20:22 - 2013-10-31 01:58 - 00372568 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2013-12-10 20:22 - 2013-10-31 01:42 - 07399256 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-12-10 20:22 - 2013-10-31 01:33 - 01642016 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2013-12-10 20:22 - 2013-10-31 01:33 - 01506680 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2013-12-10 20:22 - 2013-10-31 01:33 - 01476184 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2013-12-10 20:22 - 2013-10-31 01:33 - 01345536 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2013-12-10 20:22 - 2013-10-26 02:54 - 00146776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\SerCx2.sys
2013-12-10 20:22 - 2013-10-24 10:31 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\CredentialMigrationHandler.dll
2013-12-10 20:22 - 2013-10-24 10:12 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredentialMigrationHandler.dll
2013-12-10 20:22 - 2013-10-17 12:21 - 02896896 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2013-12-10 20:22 - 2013-10-17 11:36 - 02266624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2013-12-10 20:22 - 2013-10-05 15:21 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-12-10 20:22 - 2013-10-05 15:21 - 00516496 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-12-10 20:22 - 2013-10-05 13:05 - 01765384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-12-10 20:22 - 2013-10-05 13:05 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-12-10 20:17 - 2013-11-23 04:32 - 04105728 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2013-12-10 20:17 - 2013-11-23 04:10 - 00568832 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2013-12-10 20:17 - 2013-10-19 09:53 - 00075360 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-10 20:17 - 2013-10-19 08:14 - 00070680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-10 20:16 - 2013-11-23 05:34 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-10 20:16 - 2013-11-23 05:13 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-10 20:16 - 2013-10-15 09:54 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-10 20:16 - 2013-10-15 09:03 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-10 20:15 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-10 20:15 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-10 20:15 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-10 20:15 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-10 20:15 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-10 20:15 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-10 20:15 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-10 20:15 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-10 20:15 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-10 20:15 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-10 20:15 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-10 20:15 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-10 20:15 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-10 20:15 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-10 20:15 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-10 20:15 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-10 20:15 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-10 20:15 - 2013-11-09 07:34 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2013-12-10 20:15 - 2013-11-09 07:34 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2013-12-10 20:15 - 2013-11-09 06:52 - 00240128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2013-12-10 20:15 - 2013-11-08 08:21 - 04191744 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
==================== One Month Modified Files and Folders =======
2014-01-09 22:53 - 2014-01-09 22:53 - 00028115 _____ C:\Users\Mein Name\Desktop\FRST.txt
2014-01-09 22:53 - 2014-01-09 22:53 - 00000000 ____D C:\FRST
2014-01-09 22:46 - 2014-01-09 22:48 - 01931772 _____ (Farbar) C:\Users\Mein Name\Desktop\FRST64.exe
2014-01-09 22:32 - 2013-05-17 16:28 - 00000000 ____D C:\Users\Mein Name\AppData\Roaming\Skype
2014-01-09 22:19 - 2013-06-27 13:58 - 00001154 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-09 22:19 - 2013-06-17 17:22 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-09 22:00 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\sru
2014-01-09 18:43 - 2014-01-09 18:43 - 00088420 _____ C:\Users\Mein Name\Desktop\Extras_anonym.Txt
2014-01-09 18:42 - 2014-01-09 18:42 - 00161812 _____ C:\Users\Mein Name\Desktop\OTL_anonym.Txt
2014-01-09 17:46 - 2013-05-17 14:32 - 00000000 ____D C:\ProgramData\MFAData
2014-01-09 17:03 - 2013-06-26 21:26 - 00000000 ____D C:\Users\Mein Name\Documents\Citavi 4
2014-01-09 16:12 - 2013-10-09 11:07 - 00011186 _____ C:\Users\Mein Name\Desktop\DesktopOK.ini
2014-01-09 15:42 - 2013-11-08 12:54 - 01533324 _____ C:\Windows\WindowsUpdate.log
2014-01-09 15:34 - 2013-05-16 19:32 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4124678924-2661541123-2960085061-1002
2014-01-09 15:23 - 2013-05-17 14:39 - 00000000 ____D C:\Users\Mein Name\AppData\Roaming\Dropbox
2014-01-09 15:22 - 2013-06-27 13:57 - 00001150 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-08 22:51 - 2013-05-17 14:43 - 00000000 ____D C:\Users\Mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-08 22:51 - 2013-05-16 19:27 - 00000000 ___RD C:\Users\Mein Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-08 22:32 - 2014-01-08 22:32 - 00161952 _____ C:\Users\Mein Name\Desktop\OTL.Txt
2014-01-08 22:32 - 2014-01-08 22:32 - 00088466 _____ C:\Users\Mein Name\Desktop\Extras.Txt
2014-01-08 19:54 - 2014-01-08 19:54 - 00000000 ____D C:\Users\Mein Name\Desktop\Adobe
2014-01-08 19:02 - 2013-11-04 11:02 - 00003102 _____ C:\Windows\System32\Tasks\Microsoft SkyDrive Auto Update Task-S-1-5-21-4124678924-2661541123-2960085061-1002
2014-01-07 11:30 - 2013-05-18 14:17 - 00000000 ____D C:\Users\Mein Name\AppData\Roaming\Jumping Bytes
2014-01-06 09:34 - 2014-01-05 01:03 - 00000000 ____D C:\Users\Mein Name\AppData\Roaming\Banamalon
2014-01-06 00:07 - 2014-01-06 00:07 - 00000000 ___SH C:\DkHyperbootSync
2014-01-05 22:16 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2014-01-05 22:11 - 2013-05-18 12:21 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2014-01-05 14:00 - 2014-01-05 14:00 - 00000000 ____D C:\ProgramData\scripts
2014-01-05 13:03 - 2013-08-08 09:49 - 00000949 _____ C:\Users\Public\Desktop\PureSync.lnk
2014-01-05 13:03 - 2013-05-18 12:19 - 00000000 ____D C:\Program Files (x86)\PureSync
2014-01-05 12:56 - 2013-09-30 05:14 - 01780340 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-05 12:56 - 2013-09-30 04:56 - 00766620 _____ C:\Windows\system32\perfh007.dat
2014-01-05 12:56 - 2013-09-30 04:56 - 00159902 _____ C:\Windows\system32\perfc007.dat
2014-01-05 12:53 - 2014-01-05 12:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-05 12:53 - 2013-05-17 14:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-05 12:19 - 2013-05-18 15:55 - 00000000 ___RD C:\Users\Mein Name\Desktop\Desktop Verknüpfungen
2014-01-05 12:13 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-05 02:43 - 2014-01-05 02:43 - 00001989 _____ C:\Users\Public\Desktop\Samsung Kies 3.lnk
2014-01-05 02:43 - 2013-12-15 10:22 - 00007914 _____ C:\Windows\setupact.log
2014-01-05 02:41 - 2012-08-23 17:31 - 00000000 ____D C:\Program Files (x86)\Samsung
2014-01-05 02:41 - 2012-08-23 17:27 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2014-01-05 02:35 - 2013-08-22 14:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2014-01-05 02:31 - 2012-08-23 18:01 - 00000000 ____D C:\ProgramData\SAMSUNG
2014-01-05 02:28 - 2014-01-05 02:14 - 00000000 ____D C:\Users\Mein Name\AppData\Roaming\Samsung
2014-01-05 02:16 - 2014-01-05 02:16 - 00000000 ____D C:\Users\Mein Name\Documents\SelfMV
2014-01-05 02:15 - 2013-06-26 21:23 - 00000000 ____D C:\Users\Mein Name\AppData\Local\Downloaded Installations
2014-01-05 02:14 - 2014-01-05 02:14 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2014-01-05 02:14 - 2014-01-05 02:12 - 00000000 ____D C:\Windows\LastGood
2014-01-05 02:14 - 2013-05-16 19:28 - 00000000 ____D C:\Users\Mein Name\AppData\Local\Samsung
2014-01-05 02:13 - 2014-01-05 02:13 - 00000000 ____D C:\Users\Mein Name\Documents\samsung
2014-01-05 01:28 - 2013-05-17 16:28 - 00000000 ___RD C:\Program Files (x86)\Skype
2014-01-05 01:28 - 2013-05-17 16:28 - 00000000 ____D C:\ProgramData\Skype
2014-01-05 01:02 - 2014-01-05 01:02 - 00001323 _____ C:\Users\Public\Desktop\Windows Remote Service.lnk
2014-01-05 01:02 - 2014-01-05 01:02 - 00000000 ____D C:\ProgramData\Banamalon
2014-01-05 01:02 - 2014-01-05 01:02 - 00000000 ____D C:\Program Files (x86)\Banamalon
2014-01-05 00:18 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2014-01-05 00:15 - 2013-11-04 10:29 - 00000000 ____D C:\Users\Mein Name
2014-01-05 00:13 - 2014-01-05 00:13 - 00000338 _____ C:\Windows\PFRO.log
2013-12-16 21:44 - 2013-12-16 21:44 - 00991922 _____ C:\Users\Mein Name\Desktop\PA_16-12.xlsx
2013-12-15 16:47 - 2013-12-15 16:47 - 00000000 _____ C:\hb_1F22.tmp
2013-12-15 11:49 - 2013-12-15 11:49 - 00000000 ____D C:\Program Files\Greenshot
2013-12-15 10:22 - 2013-12-15 10:22 - 00000000 _____ C:\Windows\setuperr.log
2013-12-14 19:39 - 2013-12-14 19:28 - 00000000 ____D C:\ProgramData\CorelDRAW Graphics Suite X6.4
2013-12-14 19:29 - 2013-12-14 19:29 - 00000000 ____D C:\ProgramData\Protexis
2013-12-14 19:29 - 2013-12-14 19:29 - 00000000 ____D C:\Program Files\Common Files\Corel
2013-12-14 15:57 - 2013-05-18 12:22 - 00000000 ____D C:\Users\Mein Name\AppData\Roaming\Winamp
2013-12-14 10:47 - 2013-05-18 11:54 - 00000000 ____D C:\Program Files\CCleaner
2013-12-14 10:44 - 2013-05-17 20:30 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-14 10:18 - 2013-08-19 09:58 - 00000000 ____D C:\ProgramData\Corel
2013-12-14 10:14 - 2013-12-14 10:14 - 00000000 ____D C:\ProgramData\CorelDRAW Graphics Suite X6.1
2013-12-14 09:38 - 2013-08-19 09:59 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 9.0
2013-12-14 09:36 - 2013-12-14 09:36 - 00000000 ____D C:\Program Files\Common Files\Protexis
2013-12-14 09:35 - 2013-12-14 09:39 - 00002865 _____ C:\Users\Public\Desktop\Corel PHOTO-PAINT X6 (64-Bit).lnk
2013-12-14 09:34 - 2013-12-14 09:39 - 00002849 _____ C:\Users\Public\Desktop\CorelDRAW X6 (64-Bit).lnk
2013-12-14 09:34 - 2013-12-14 09:34 - 00000000 ____D C:\Users\Public\Documents\Corel
2013-12-14 09:34 - 2013-12-14 09:34 - 00000000 ____D C:\Program Files\Corel
2013-12-13 19:14 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2013-12-13 17:08 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-12-13 16:47 - 2013-12-13 16:47 - 00000000 ____D C:\Windows\LastGood.Tmp
2013-12-12 21:00 - 2013-12-12 20:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-12-10 20:34 - 2013-08-22 15:44 - 00704792 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-10 20:32 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData
2013-12-10 20:32 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\WinStore
2013-12-10 20:32 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\MediaViewer
2013-12-10 20:32 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\FileManager
2013-12-10 20:32 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\Camera
2013-12-10 20:30 - 2013-12-10 20:30 - 00000000 ____D C:\Windows\PCHEALTH
2013-12-10 20:29 - 2013-07-24 18:33 - 00000000 ____D C:\Windows\system32\MRT
2013-12-10 20:26 - 2013-05-16 21:02 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-10 20:19 - 2013-06-17 17:22 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
Files to move or delete:
====================
C:\ProgramData\ECReset_Partition.bat
C:\ProgramData\ExpressCacheRun.exe
C:\ProgramData\MakeMarkerFile.exe
C:\ProgramData\PKP_DLeo.DAT
C:\Users\EasySurvey\EasySurvey.exe
Some content of TEMP:
====================
C:\Users\Mein Name\AppData\Local\Temp\PureSyncInst.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-07 12:45
==================== End Of Log ============================
--- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-01-2014
Ran by Mein Name at 2014-01-09 22:53:42
Running from C:\Users\Mein Name\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
==================== Installed Programs ======================
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (x32 Version: 3.7.0.2090 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.7.0.2090 - Adobe Systems Incorporated) Hidden
Adobe Community Help (x32 Version: 3.2.1 - Adobe Systems Incorporated) Hidden
Adobe Community Help (x32 Version: 3.2.1.650 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (x32 Version: 9.0.3.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (x32 Version: 9.0.3.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop Lightroom 5.2 64-bit (Version: 5.2.1 - Adobe)
Allshare Play Link (x32 Version: 1.0.0 - Samsung)
AllSharePlayLink (x32 Version: 1.0.0 - Samsung Electronics Co., Ltd.)
ArcGIS 10.2 for Desktop (x32 Version: 10.2.3348 - Environmental Systems Research Institute, Inc.)
ArcGIS 10.2 for Desktop (x32 Version: 10.2.3348 - Environmental Systems Research Institute, Inc.) Hidden
Audacity 2.0 (x32 Version: - Audacity Team)
AVG 2014 (Version: 14.0.3658 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4259 - AVG Technologies) Hidden
AVG 2014 (Version: 2014.0.4259 - AVG Technologies)
BurnAware Free 6.4 (x32 Version: - Burnaware)
CCleaner (Version: 4.08 - Piriform)
CDex extraction audio (x32 Version: - )
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04072 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04072 - Cisco Systems, Inc.) Hidden
Citavi 4 (Alpha) (x32 Version: 4.2.9.1 - Swiss Academic Software)
Corel Graphics - Windows Shell Extension (Version: 16.4.0.1280 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 16.4.1280 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 16.4.1280 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - BR (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Capture (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Common (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Connect (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Custom Data (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - DE (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Draw (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - EN (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - ES (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Filters (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - FontNav (x64) (Version: 16.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - FR (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IPM (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IPM (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IPM Content (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IT (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - NL (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Photozoom Plugin (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Redist (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Setup Files (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VBA (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VideoBrowser (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VSTA (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Writing Tools (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 (64-Bit) (Version: 16.4.0.1280 - Corel Corporation)
CorelDRAW Graphics Suite X6 (x64) (Version: 16.6 - Corel Corporation) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32 Version: - Microsoft)
DivX-Setup (x32 Version: 2.6.1.87 - DivX, LLC)
Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)
Easy File Share (x32 Version: 1.3.4 - Samsung Electronics CO.,LTD.)
Elements 9 Organizer (x32 Version: 9.0 - Ihr Firmenname) Hidden
Elements STI Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
ETDWare X64 11.7.19.9_WHQL (Version: 11.7.19.9 - ELAN Microelectronic Corp.)
ExpressCache (Version: 1.0.94 - Condusiv Technologies)
FormatFactory 3.0.1 (x32 Version: 3.0.1 - Free Time)
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
GPL Ghostscript (Version: 9.07 - Artifex Software Inc.)
Greenshot 1.1.7.17 (Version: 1.1.7.17 - Greenshot)
Help Desk (Version: 1.0.96 - Samsung Electronics CO., LTD.)
HL-2130 (x32 Version: 1.1.6.0 - Brother Industries, Ltd.)
Hotfix für Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (x32 Version: 1 - Microsoft Corporation)
Infineon TPM Professional Package (Version: 4.3.200.3390 - Infineon Technologies AG)
Inkscape 0.48.4 (x32 Version: 0.48.4 - )
Intel AppUp(SM) center (x32 Version: 3.6.1.33070.11 - Intel)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (x32 Version: 11.1.048 - Intel Corporation)
Intel(R) Manageability Engine Firmware Recovery Agent (x32 Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (x32 Version: 9.5.15.1730 - Intel Corporation)
Intel(R) PRO/Wireless Driver (Version: 16.01.5000.0577 - Intel Corporation) Hidden
Intel(R) Processor Graphics (x32 Version: 10.18.10.3304 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) Hidden
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149 - Intel Corporation)
Intel(R) WiDi (Version: 3.5.40.0 - Intel Corporation)
Intel® PROSet/Wireless Software (x32 Version: 16.1.5 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.01.5000.0269 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.31.8.1 - Intel Corporation) Hidden
Java 7 Update 45 (64-bit) (Version: 7.0.450 - Oracle)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Joe (x32 Version: 4.00.0050 - Wirth IT Design)
Licensing Service (03000201) (x32 Version: 03.00.02.15 - Protexis Inc.) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual Basic for Applications 7.1 (x64) (Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) English (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) German (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
MozBackup 1.4.2 (x32 Version: - Pavel Cvrcek)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
Mozilla Thunderbird 24.2.0 (x86 de) (x32 Version: 24.2.0 - Mozilla)
Mp3tag v2.55 (x32 Version: v2.55 - Florian Heidenreich)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
NetWorx 5.2.11 (Version: - Softperfect Research)
Norton Online Backup ARA (x32 Version: 4.1.0.11 - Symantec Corporation) Hidden
NVIDIA Grafiktreiber 327.02 (Version: 327.02 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.14.17 (Version: 1.14.17 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.1031 (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Systemsteuerung 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
NVIDIA Update 1.14.17 (Version: 1.14.17 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.14.17 - NVIDIA Corporation) Hidden
Paragon Backup & Recovery™ 2013 Free (x32 Version: 90.00.0003 - Paragon Software)
PDF24 Creator 5.4.0 (x32 Version: - PDF24.org)
PDF-Viewer (Version: 2.5.213.1 - Tracker Software Products Ltd)
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
PureSync (x32 Version: 3.7.9 - Jumping Bytes) Hidden
PureSync 3.7.9 (x32 Version: 3.7.9 - Jumping Bytes)
Quick Starter (Version: 1.0.2 - Samsung Electronics CO., LTD.)
Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (x32 Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.7055 - Realtek Semiconductor Corp.)
Recovery (x32 Version: 6.0.11.0 - Samsung Electronics CO., LTD.)
S Agent (Version: 1.1.45 - Samsung Electronics CO., LTD.) Hidden
Samsung Kies3 (x32 Version: 3.2.13114.22 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.13114.22 - Samsung Electronics Co., Ltd.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Settings (x32 Version: 2.0.0 - Samsung Electronics CO., LTD.)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
Speccy (Version: 1.22 - Piriform)
Support Center (Version: 2.1.1201 - Samsung Electronics CO., LTD.)
Support Center FAQ (x32 Version: 1.0.11 - Samsung Electronics CO., LTD.) Hidden
SW Update (x32 Version: 2.1.21 - Samsung Electronics CO., LTD.)
TeamViewer 9 (x32 Version: 9.0.24951 - TeamViewer)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (x32 Version: - Microsoft)
User Guide (x32 Version: 1.1.00 - Samsung Electronics CO., LTD.)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (x32 Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Winamp (x32 Version: 5.63 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1 - Nullsoft, Inc)
WinCDEmu (x32 Version: 3.6 - Bazis)
Windows Driver Package - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass (07/27/2012 20.57.1.735) (Version: 07/27/2012 20.57.1.735 - Samsung Electronics Co. Ltd.)
Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Remote Service (Version: 1.2.9 - Banamalon)
Wunderlist (x32 Version: 2.3.0.31 - 6 Wunderkinder GmbH) Hidden
==================== Restore Points =========================
==================== Hosts content: ==========================
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {023C6694-886D-4CAA-A3D0-0119240EFAC5} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {08643C4D-A096-4575-BE58-51A1A0121DD8} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1CD2E045-7F69-46BE-A898-5C445E617EA1} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2013-10-25] (SEC)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {374E5F4C-1D68-4F54-AF50-1A3671956DFA} - System32\Tasks\Microsoft SkyDrive Auto Update Task-S-1-5-21-4124678924-2661541123-2960085061-1002 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\System32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {61303FF4-3AF1-46E5-98F7-4B91774D2014} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\System32\MRT.exe [2013-12-10] (Microsoft Corporation)
Task: {641DF68F-8C51-4FD8-B549-208DD23E6C81} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-27] (Google Inc.)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7CCD8177-5D0A-47BF-A94B-2C4D14EE7B97} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-27] (Google Inc.)
Task: {813D6D1E-8A84-497F-9518-760B1E38AE28} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2012-08-26] (Samsung Electronics CO., LTD.)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9057E6FC-F3FB-4771-B7BE-F3C7EA69AEB6} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-mein.name@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2010-07-29] (Adobe Systems Incorporated)
Task: {93D02A00-35D5-408A-9FBA-6ED4BCACC65D} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2013-10-16] (Samsung Electronics CO., LTD.)
Task: {98C08DF2-A0AC-408C-A6D5-BBA8F8F8FFF5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {ABE8849E-383D-4993-98B1-D08C8C37B6B2} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {B0F30519-5BEB-400F-945B-B791009C91B6} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe
Task: {C44C2B10-457B-4EC9-A81D-3E5F11E4B3D5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10] (Adobe Systems Incorporated)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D85E6D08-D6B2-4DC2-BFC0-8C40BF91F2BA} - System32\Tasks\WLANStartup => C:\Program Files (x86)\Samsung\Easy Settings\WLANStartup.exe
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-10-20 18:55 - 2013-10-05 09:01 - 00699392 _____ () C:\Program Files\NetWorx\sqlite.dll
2013-10-03 23:42 - 2013-10-03 23:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-12-06 15:06 - 2013-12-06 15:06 - 01627648 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\ReactiveUI\b34ac5541d5b10c7ea8098da47ff579e\ReactiveUI.ni.dll
2013-12-06 15:06 - 2013-12-06 15:06 - 00045056 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Wunderkinded9c6edae#\6c9e70561a5bd0836d988bd228bd3a38\Wunderkinder.Wunderlist.Presentation.ni.dll
2013-12-06 15:06 - 2013-12-06 15:06 - 00033280 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Wunderkinde6f42a4a9#\44e821a1ccf727ec75f159ee933e64c3\Wunderkinder.Wunderlist.Data.Realtime.ni.dll
2013-12-06 15:06 - 2013-12-06 15:06 - 00509952 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Akavache.Portable\082c61f625463e16331412ce514bc0ee\Akavache.Portable.ni.dll
2013-12-06 15:06 - 2013-12-06 15:06 - 00877056 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\AutoMapper\440ac344ee79e7eda4dd8821b833b109\AutoMapper.ni.dll
2013-10-01 13:33 - 2013-10-01 13:33 - 00028160 _____ () C:\Program Files (x86)\Wunderlist2\AutoMapper.Net4.dll
2013-10-16 19:15 - 2013-10-16 19:15 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll
2013-10-10 22:48 - 2013-10-10 22:48 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2013-11-04 11:52 - 2013-09-16 12:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2012-08-26 10:48 - 2012-08-26 10:48 - 00028280 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2012-08-26 10:48 - 2012-08-26 10:48 - 01015416 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2012-08-26 10:48 - 2012-08-26 10:48 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2012-08-26 10:48 - 2012-08-26 10:48 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2012-08-26 10:48 - 2012-08-26 10:48 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2012-08-26 10:48 - 2012-08-26 10:48 - 00026232 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2012-08-26 10:48 - 2012-08-26 10:48 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2012-08-26 10:48 - 2012-08-26 10:48 - 00029816 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2012-08-26 10:48 - 2012-08-26 10:48 - 00091768 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2014-01-05 01:02 - 2010-04-18 13:58 - 00904704 _____ () C:\Program Files (x86)\Banamalon\Windows Remote Service\lib\System.Data.SQLite.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\Mein Name\AppData\Roaming\Dropbox\bin\libcef.dll
2013-12-12 20:43 - 2013-12-12 20:43 - 03017840 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2013-12-12 20:43 - 2013-12-12 20:43 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2013-12-12 20:43 - 2013-12-12 20:43 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2013-05-17 15:26 - 2012-11-21 06:26 - 00008704 _____ () C:\Users\Mein Name\AppData\Roaming\Thunderbird\Profiles\tago39nq.standard\extensions\mintrayr@tn123.ath.cx\lib\tray_x86-msvc.dll
2013-08-29 01:25 - 2013-08-29 01:25 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/09/2014 06:32:08 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 26.0.0.5087, Zeitstempel: 0x52a0d273
Name des fehlerhaften Moduls: xul.dll, Version: 26.0.0.5087, Zeitstempel: 0x52a0d20a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0014e1a8
ID des fehlerhaften Prozesses: 0x1584
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3
Vollständiger Name des fehlerhaften Pakets: firefox.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: firefox.exe5
Error: (01/08/2014 01:40:39 PM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\srtasks.exe ExecuteScheduledSPPCreation; Beschreibung = Geplanter Prüfpunkt; Fehler = 0x80070422).
Error: (01/07/2014 11:30:36 AM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = PureSync wird installiert; Fehler = 0x80070422).
Error: (01/07/2014 11:30:35 AM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = Installed PureSync; Fehler = 0x80070422).
Error: (01/05/2014 08:35:42 PM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\srtasks.exe ExecuteScheduledSPPCreation; Beschreibung = Geplanter Prüfpunkt; Fehler = 0x80070422).
Error: (01/05/2014 07:57:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: SamsungLaptop)
Description: Bei der Aktivierung der App „DefaultBrowser_NOPUBLISHERID!Chrome“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (01/05/2014 05:28:03 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: SamsungLaptop)
Description: Bei der Aktivierung der App „DefaultBrowser_NOPUBLISHERID!Chrome“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (01/05/2014 05:15:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: SamsungLaptop)
Description: Bei der Aktivierung der App „DefaultBrowser_NOPUBLISHERID!Chrome“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (01/05/2014 01:03:52 PM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = PureSync wird entfernt; Fehler = 0x80070422).
Error: (01/05/2014 01:03:47 PM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = PureSync wird entfernt; Fehler = 0x80070422).
System errors:
=============
Error: (01/09/2014 05:09:53 PM) (Source: DCOM) (User: SamsungLaptop)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (01/09/2014 05:09:19 PM) (Source: DCOM) (User: SamsungLaptop)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (01/09/2014 03:35:17 PM) (Source: DCOM) (User: SamsungLaptop)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (01/09/2014 03:34:47 PM) (Source: DCOM) (User: SamsungLaptop)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (01/08/2014 07:01:55 PM) (Source: DCOM) (User: SamsungLaptop)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (01/08/2014 07:01:55 PM) (Source: DCOM) (User: SamsungLaptop)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (01/08/2014 07:01:54 PM) (Source: DCOM) (User: SamsungLaptop)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (01/08/2014 07:01:54 PM) (Source: DCOM) (User: SamsungLaptop)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (01/08/2014 07:01:53 PM) (Source: DCOM) (User: SamsungLaptop)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (01/08/2014 07:01:53 PM) (Source: DCOM) (User: SamsungLaptop)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Microsoft Office Sessions:
=========================
Error: (01/09/2014 06:32:08 PM) (Source: Application Error)(User: )
Description: firefox.exe26.0.0.508752a0d273xul.dll26.0.0.508752a0d20ac00000050014e1a8158401cf0d4d80350417C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dllf6577b7f-7953-11e3-bef7-50b7c36fc76c
Error: (01/08/2014 01:40:39 PM) (Source: System Restore)(User: )
Description: C:\Windows\system32\srtasks.exe ExecuteScheduledSPPCreationGeplanter Prüfpunkt0x80070422
Error: (01/07/2014 11:30:36 AM) (Source: System Restore)(User: )
Description: C:\Windows\system32\msiexec.exe /VPureSync wird installiert0x80070422
Error: (01/07/2014 11:30:35 AM) (Source: System Restore)(User: )
Description: C:\Windows\system32\msiexec.exe /VInstalled PureSync0x80070422
Error: (01/05/2014 08:35:42 PM) (Source: System Restore)(User: )
Description: C:\Windows\system32\srtasks.exe ExecuteScheduledSPPCreationGeplanter Prüfpunkt0x80070422
Error: (01/05/2014 07:57:58 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: SamsungLaptop)
Description: DefaultBrowser_NOPUBLISHERID!Chrome-2144927148
Error: (01/05/2014 05:28:03 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: SamsungLaptop)
Description: DefaultBrowser_NOPUBLISHERID!Chrome-2144927148
Error: (01/05/2014 05:15:41 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: SamsungLaptop)
Description: DefaultBrowser_NOPUBLISHERID!Chrome-2144927148
Error: (01/05/2014 01:03:52 PM) (Source: System Restore)(User: )
Description: C:\Windows\system32\msiexec.exe /VPureSync wird entfernt0x80070422
Error: (01/05/2014 01:03:47 PM) (Source: System Restore)(User: )
Description: C:\Windows\system32\msiexec.exe /VPureSync wird entfernt0x80070422
==================== Memory info ===========================
Percentage of memory in use: 40%
Total physical RAM: 7893.53 MB
Available physical RAM: 4707.88 MB
Total Pagefile: 9237.53 MB
Available Pagefile: 5138.16 MB
Total Virtual: 131072 MB
Available Virtual: 131071.76 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:194.97 GB) (Free:125.08 GB) NTFS
Drive e: (Volume) (Fixed) (Total:711.65 GB) (Free:524.9 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: F6EEE945)
Partition: GPT Partition Type
========================================================
Disk: 1 (Size: 15 GB) (Disk ID: 74F02DEA)
Partition 1: (Not Active) - (Size=15 GB) - (Type=73)
==================== End Of Log ============================
 ,G.F. |
|
10.01.2014, 14:27
| #4 |
| /// the machine /// TB-Ausbilder | Keine Symptome; Allgemeiner Check sieht gut aus
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.01.2014, 13:38
| #5 |
| | Keine Symptome; Allgemeiner Check Perfekt! Vielen Dank! |
|
12.01.2014, 08:02
| #6 |
| /// the machine /// TB-Ausbilder | Keine Symptome; Allgemeiner Check Gern Geschehen
__________________ --> Keine Symptome; Allgemeiner Check |
|
| Themen zu Keine Symptome; Allgemeiner Check |
| andere, check, checken, eingestuft, folge, folgendes, generell, hallo zusammen, hijack, hijackthis, hoffe, kurze, methode, nicht mehr, popup, poste, rechner, rückmeldung, scan, system, systems, tools, websites, werbung, zusammen |
Linear-Darstellung
