|
Plagegeister aller Art und deren Bekämpfung: Notebook reagiert verzögert und hängt sich auf, scrollen ist kaum möglich - sehr langsamWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
29.06.2014, 13:37 | #1 |
| Notebook reagiert verzögert und hängt sich auf, scrollen ist kaum möglich - sehr langsam Hallo! Folgendes Problem: Notebook ist trotz keiner wirklichen Installation von vielen Anwendungen sehr langsam geworden. Wenn ich im Internet eine Seite runterscrollen möchte, reagiert er erstmal gar nicht und wenn er das tut dann kein flüßiges scrollen sondern verhackt. Zwischen Fenstern wechseln dauert auch länger. Das nervt mich nun doch mittlerweile sehr, bitte um eure Hilfe! Kann keinen Tag mehr länger so aushalten... P.S.: Wenn es geht, bitte kein Combofix - davor hab' ich bissl Bammel, bin kein Experte und auf Notebook angewiesen. DANKESCHÖN VORAB. |
29.06.2014, 14:31 | #2 |
/// TB-Ausbilder /// Anleitungs-Guru | Notebook reagiert verzögert und hängt sich auf, scrollen ist kaum möglich - sehr langsamMein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...
Hinweis: Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst. Los geht's: Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Lesestoff Posten in CODE-Tags: So gehts... Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
29.06.2014, 15:21 | #3 |
| Notebook reagiert verzögert und hängt sich auf, scrollen ist kaum möglich - sehr langsam So, hier die 2 Files
__________________Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-06-2014 02 Ran by XXXX at 2014-06-29 15:54:47 Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.00 - Adobe Systems) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated) Adobe AIR (x32 Version: 13.0.0.111 - Adobe Systems Incorporated) Hidden Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated) Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated) Hidden Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated) Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated) Adobe Photoshop Elements 11 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden Adobe Reader X (10.1.9) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.9 - Adobe Systems Incorporated) AMD Accelerated Video Transcoding (Version: 12.5.100.30128 - Advanced Micro Devices, Inc.) Hidden AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden AMD Catalyst Install Manager (HKLM\...\{3FF69337-3AAB-140F-3F86-5500EDB4810E}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.) AMD VISION Engine Control Center (x32 Version: 2013.0128.209.3730 - Advanced Micro Devices, Inc.) Hidden Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.672 - Avira) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Bitcasa version 0.9.20.4135 (HKLM\...\{EDA09459-AD7D-4434-BA0C-647F6703EA12}_is1) (Version: 0.9.20.4135 - Bitcasa Inc.) Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center InstallProxy (x32 Version: 2013.0128.209.3730 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Localization All (x32 Version: 2013.0128.209.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Standard (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Traditional (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help Czech (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help Danish (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help Dutch (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help English (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help Finnish (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help French (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help German (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help Greek (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help Hungarian (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help Italian (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help Japanese (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help Korean (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help Norwegian (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help Polish (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help Portuguese (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help Russian (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help Spanish (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help Swedish (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help Thai (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help Turkish (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden ccc-utility64 (Version: 2013.0128.209.3730 - Advanced Micro Devices, Inc.) Hidden Citavi 4 (HKLM-x32\...\{CC0A85B2-734A-45B3-B678-05F6A6499AC7}) (Version: 4.3.0.15 - Swiss Academic Software) ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version: - DownloadHelper) CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1912 - CyberLink Corp.) CyberLink Power2Go 8 (x32 Version: 8.0.0.1912 - CyberLink Corp.) Hidden CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4421.02 - CyberLink Corp.) CyberLink PowerDVD 10 (x32 Version: 10.0.4421.02 - CyberLink Corp.) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{2A16B95F-7377-410A-B961-EFD9394E1AF3}) (Version: - Microsoft) Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.6 - Samsung Electronics CO.,LTD.) Elements 11 Organizer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.) ETDWare X64 11.7.5.5_WHQL (HKLM\...\Elantech) (Version: 11.7.5.5 - ELAN Microelectronic Corp.) Flixster (HKLM-x32\...\com.wb.DC2) (Version: 2.2.2 - Warner Bros. Entertainment, Inc.) Flixster (x32 Version: 2.2.2 - Warner Bros. Entertainment, Inc.) Hidden Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com) Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Help Desk (HKLM\...\{22B32087-797D-4A1B-AFA7-072C87580ADC}) (Version: 1.0.9 - Samsung Electronics CO., LTD.) HP Deskjet 1050 J410 series - Grundlegende Software für das Gerät (HKLM\...\{C3F12DD0-54B1-4B2B-A82B-FA43502BC550}) (Version: 28.0.1313.0 - Hewlett-Packard Co.) HP Deskjet 1050 J410 series Hilfe (HKLM-x32\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard) Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden Lexmark Pro800-Pro900 Series (HKLM\...\Lexmark Pro800-Pro900 Series) (Version: - Lexmark International, Inc.) Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) Mozilla Thunderbird 24.1.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.1.1 (x86 de)) (Version: 24.1.1 - Mozilla) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden Nitro Reader 3 (HKLM\...\{4756C731-B54E-451A-9AF1-86E8AB1BEBBB}) (Version: 3.5.6.5 - Nitro) Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.51 - Symantec Corporation) Norton Online Backup ARA (x32 Version: 4.1.0.14 - Symantec Corporation) Hidden OEM Application Profile (HKLM-x32\...\{24301870-5EEA-A07A-6265-2EA1E4A6A7CC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation) OpenVPN 2.3.2-I003 (HKLM-x32\...\OpenVPN) (Version: 2.3.2-I003 - ) Opera Stable 18.0.1284.68 (HKLM-x32\...\Opera 18.0.1284.68) (Version: 18.0.1284.68 - Opera Software ASA) PDF24 Creator 6.3.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.214.2 - Tracker Software Products Ltd) Phone Screen Sharing (HKLM-x32\...\{DF02C515-40B5-45AC-A601-5DC69D03885C}) (Version: 1.3.0.1 - RSUPPORT) Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Plants vs. Zombies (HKLM-x32\...\Plants vs. Zombies) (Version: - PopCap Games) Project 64 version 2.1.0.1 (HKLM-x32\...\Project 64_is1) (Version: 2.1.0.1 - ) PSE11 STI Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.216 - Qualcomm Atheros Communications) Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros) Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.4.907.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6818 - Realtek Semiconductor Corp.) Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.9.6 - Samsung Electronics CO., LTD.) S Agent (Version: 1.1.45 - Samsung Electronics CO., LTD.) Hidden Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.2.13021_11 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.5.2.13021_11 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.22.0 - SAMSUNG Electronics Co., Ltd.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden Settings (HKLM-x32\...\{8CB5C357-12E5-41B1-A024-D57D4E6F32D9}) (Version: 2.0.1 - Samsung Electronics CO., LTD.) Shrew Soft VPN Client (HKLM\...\Shrew Soft VPN Client) (Version: - ) Side Sync (HKLM-x32\...\{C6DA306C-B288-452A-B85C-01265DBFF0DA}) (Version: 1.1.12 - Samsung Electronics CO., LTD.) Skype™ 6.1 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.1.129 - Skype Technologies S.A.) Support Center (HKLM\...\{50E36BBB-36A5-400A-8AC5-9F7C0BD751A2}) (Version: 2.1.80 - Samsung Electronics CO., LTD.) Support Center FAQ (x32 Version: 1.0.8 - Samsung Electronics CO., LTD.) Hidden SW Update (HKLM-x32\...\{DA06101F-FD76-4BF0-88BD-B26A197005E3}) (Version: 2.1.21 - Samsung Electronics CO., LTD.) TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - ) Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{84B191B5-5319-463A-A305-8C4D53B1D20A}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{1AA82E2E-7DB7-4C70-910C-BBB657A6B3A5}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{6E760BBA-B83F-4C2D-918F-5F91EF6C9861}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0044-0407-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{64D96F30-CF4C-4CCE-AAF2-F8909348BF35}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{9F6507AC-7D8F-46C1-B90F-59C7828E0E0D}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-0410-1000-0000000FF1CE}_Office14.PROPLUS_{B2508D75-61CF-4CC0-84C0-CF257219201D}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0407-1000-0000000FF1CE}_Office14.PROPLUS_{6164E0E5-C903-488C-93AF-1B7AF7EBC331}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A20A650C-F820-4CE4-AEA5-EC140192FAFB}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0018-0407-1000-0000000FF1CE}_Office14.PROPLUS_{FD360122-6829-4497-97C1-1BF578EF695B}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version: - Microsoft) Update for Microsoft Visio 2010 (KB2880526) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F6F342A1-530B-4D48-A468-1E3F70928984}) (Version: - Microsoft) Update for Microsoft Visio Viewer 2010 (KB2837587) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{C950A55F-82E3-4CC8-8FA2-E8A2A0F651F3}) (Version: - Microsoft) Update for Microsoft Word 2010 (KB2880529) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{89FDC8D9-FB84-4EFE-950D-AF4EECC3B64C}) (Version: - Microsoft) User Guide (HKLM-x32\...\{A6C17C20-4464-4A2A-968D-684C083B9424}) (Version: 1.0.00 - Samsung Electronics CO., LTD.) Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation) Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Wise Folder Hider 2.02 (HKLM-x32\...\Wise Folder Hider_is1) (Version: 2.02 - WiseCleaner.com, Inc.) ==================== Restore Points ========================= 10-06-2014 18:08:47 Windows Update 19-06-2014 15:01:43 Windows Update 24-06-2014 17:03:45 Windows Update 27-06-2014 20:11:18 Windows Update ==================== Hosts content: ========================== 2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {183F37D8-5F9F-4AC2-8B9D-9ACF05DCA5BE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-20] (Google Inc.) Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask Task: {2309D5EE-FC95-4630-B117-D75326EFF766} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2013-02-01] (Samsung Electronics CO., LTD.) Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList Task: {266D3C96-40CF-41A5-A431-DF05227F8F01} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2013-03-12] (SEC) Task: {6B383977-9B35-4F7E-A46B-135CD5153EEB} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated) Task: {7C65C649-5C76-46E0-9B9E-17A52EEAD5A1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2014-06-11] (Microsoft Corporation) Task: {919E2AEF-87C3-442A-9C05-17BA6CBEABA9} - System32\Tasks\{46825988-C6C3-40EF-84E6-FABEF0155EAB} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-01-08] (Skype Technologies S.A.) Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState Task: {C9AA7F37-FF51-437C-9491-628D6040ECC8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-20] (Google Inc.) Task: {CA09C20C-74E4-4AEE-8F57-CC60EE34C041} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2013-10-16] (Samsung Electronics CO., LTD.) Task: {CCA341D9-35D1-4002-85BE-270A8ED2AE67} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation) Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask Task: {F9E06569-49F2-4D28-B1D1-26A786507EE8} - System32\Tasks\SideSyncAutoRun => C:\Program Files (x86)\Samsung\Side Sync\SideSync.exe [2013-06-04] (Samsung Electronics CO., LTD.) Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-01-12 20:16 - 2009-11-04 09:17 - 00189440 _____ () C:\windows\system32\spool\PRTPROCS\x64\lxecdrpp.dll 2013-07-01 10:21 - 2013-07-01 10:21 - 01127736 _____ () C:\Program Files\ShrewSoft\VPN Client\iked.exe 2013-07-01 01:16 - 2013-07-01 01:16 - 00628224 _____ () C:\Program Files\ShrewSoft\VPN Client\libike.dll 2013-07-01 01:16 - 2013-07-01 01:16 - 00039936 _____ () C:\Program Files\ShrewSoft\VPN Client\libvnet.dll 2013-07-01 01:15 - 2013-07-01 01:15 - 00018432 _____ () C:\Program Files\ShrewSoft\VPN Client\libith.dll 2013-07-01 01:17 - 2013-07-01 01:17 - 00029184 _____ () C:\Program Files\ShrewSoft\VPN Client\libpfk.dll 2013-07-01 01:17 - 2013-07-01 01:17 - 00017920 _____ () C:\Program Files\ShrewSoft\VPN Client\libdtp.dll 2013-07-01 01:17 - 2013-07-01 01:17 - 00035840 _____ () C:\Program Files\ShrewSoft\VPN Client\libvflt.dll 2013-07-01 01:16 - 2013-07-01 01:16 - 00013312 _____ () C:\Program Files\ShrewSoft\VPN Client\liblog.dll 2013-07-01 01:16 - 2013-07-01 01:16 - 00116736 _____ () C:\Program Files\ShrewSoft\VPN Client\libip.dll 2013-07-01 01:15 - 2013-07-01 01:15 - 00022016 _____ () C:\Program Files\ShrewSoft\VPN Client\libidb.dll 2013-07-01 10:21 - 2013-07-01 10:21 - 00810808 _____ () C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe 2013-02-01 03:52 - 2013-02-01 03:52 - 00085040 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe 2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2014-02-21 13:22 - 2014-02-21 13:23 - 00176048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll 2012-12-05 13:44 - 2012-12-05 13:44 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll 2012-12-05 13:39 - 2012-12-05 13:39 - 00020992 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\de-DE\BtTray.de-DE.dll 2012-12-05 13:41 - 2012-12-05 13:41 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll 2012-12-05 13:44 - 2012-12-05 13:44 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe 2014-01-12 20:13 - 2013-01-23 14:35 - 00772712 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe 2014-01-12 20:13 - 2013-01-23 14:35 - 00150264 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe 2013-10-16 19:15 - 2013-10-16 19:15 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll 2013-06-04 17:52 - 2013-06-04 17:52 - 00815104 _____ () C:\Program Files (x86)\Samsung\Side Sync\adb.exe 2013-02-01 03:52 - 2013-02-01 03:52 - 00029232 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll 2013-02-01 03:52 - 2013-02-01 03:52 - 01106480 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll 2013-02-01 03:52 - 2013-02-01 03:52 - 00111152 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll 2013-02-01 03:52 - 2013-02-01 03:52 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll 2013-02-01 03:52 - 2013-02-01 03:52 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll 2013-02-01 03:52 - 2013-02-01 03:52 - 00027184 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll 2013-02-01 03:52 - 2013-02-01 03:52 - 00111152 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll 2013-02-01 03:52 - 2013-02-01 03:52 - 00060976 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll 2013-02-01 03:52 - 2013-02-01 03:52 - 00103472 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll 2014-01-12 20:13 - 2010-04-01 13:23 - 00389120 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecscw.dll 2014-01-12 20:13 - 2009-05-27 08:16 - 00192512 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecdatr.dll 2014-01-12 20:13 - 2010-04-01 13:24 - 01159168 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecDRS.dll 2014-01-12 20:13 - 2009-03-10 01:43 - 00155648 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxeccaps.dll 2014-01-12 20:13 - 2009-02-20 04:48 - 00381440 _____ () C:\windows\SYSTEM32\lxecsm.dll 2014-01-12 20:13 - 2009-04-28 03:56 - 00024064 _____ () C:\windows\system32\lxecsmr.dll 2014-01-12 20:13 - 2010-04-05 06:56 - 00716954 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Epwizard.DLL 2014-01-12 20:13 - 2010-04-05 06:55 - 00159890 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\customui.dll 2014-01-12 20:13 - 2010-04-05 06:54 - 00123033 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Eputil.DLL 2014-01-12 20:13 - 2010-04-05 06:55 - 00061604 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Epfunct.DLL 2014-01-12 20:13 - 2010-04-05 06:54 - 00143502 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Imagutil.DLL 2014-01-12 20:13 - 2009-06-23 07:09 - 02203648 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\EPWizRes.dll 2014-01-12 20:13 - 2009-06-23 07:10 - 00045056 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\epstring.dll 2014-01-12 20:13 - 2009-06-23 07:11 - 00102400 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\EPOEMDll.dll 2014-01-12 20:13 - 2009-04-07 15:25 - 00409600 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\iptk.dll 2014-01-12 20:13 - 2009-03-02 10:25 - 00151552 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecptp.dll 2013-03-15 09:54 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll 2012-06-08 04:34 - 2012-06-08 04:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll 2012-09-23 20:43 - 2012-09-23 20:43 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\de_de\acrotray.deu 2013-05-06 13:41 - 2013-05-06 13:41 - 01679408 _____ () C:\Program Files (x86)\Samsung\Side Sync\SideSyncNetworkFramework.dll 2014-06-10 19:41 - 2014-06-10 19:42 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== EXE Association (whitelisted) ============= ==================== MSCONFIG/TASK MANAGER disabled items ========= ==================== Faulty Device Manager Devices ============= Name: Shrew Soft Virtual Adapter Description: Shrew Soft Virtual Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Shrew Soft Service: vnet Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (06/29/2014 03:21:04 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3. Ungültige XML-Syntax. Error: (06/29/2014 03:21:03 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3. Ungültige XML-Syntax. Error: (06/29/2014 03:21:03 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3. Ungültige XML-Syntax. Error: (06/29/2014 03:21:02 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3. Ungültige XML-Syntax. Error: (06/29/2014 03:21:01 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3. Ungültige XML-Syntax. Error: (06/29/2014 03:21:01 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3. Ungültige XML-Syntax. Error: (06/29/2014 03:20:30 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest. Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest. Error: (06/29/2014 03:17:58 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3. Ungültige XML-Syntax. Error: (06/29/2014 03:17:58 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3. Ungültige XML-Syntax. Error: (06/29/2014 03:17:58 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3. Ungültige XML-Syntax. System errors: ============= Error: (06/29/2014 01:24:16 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Aktualisierung für Skype für Windows Desktop 6.11 (KB2876229) Error: (06/28/2014 06:33:17 AM) (Source: DCOM) (EventID: 10010) (User: XXXX) Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Error: (06/28/2014 06:33:17 AM) (Source: DCOM) (EventID: 10010) (User: XXXX) Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Error: (06/28/2014 06:33:17 AM) (Source: DCOM) (EventID: 10010) (User: XXXX) Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Error: (06/28/2014 06:33:17 AM) (Source: DCOM) (EventID: 10010) (User: XXXX) Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Error: (06/28/2014 03:42:53 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Aktualisierung für Skype für Windows Desktop 6.11 (KB2876229) Error: (06/28/2014 03:35:04 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Aktualisierung für Skype für Windows Desktop 6.11 (KB2876229) Error: (06/27/2014 10:12:49 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Aktualisierung für Skype für Windows Desktop 6.11 (KB2876229) Error: (06/27/2014 02:08:50 AM) (Source: DCOM) (EventID: 10010) (User: XXXX) Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Error: (06/27/2014 02:08:50 AM) (Source: DCOM) (EventID: 10010) (User: XXXX) Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Microsoft Office Sessions: ========================= Error: (06/29/2014 03:21:04 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: C:\windows\System32\lxecsm.dllC:\windows\System32\lxecsm.dll9 Error: (06/29/2014 03:21:03 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: C:\windows\SysWOW64\LXECsm.dllC:\windows\SysWOW64\LXECsm.dll9 Error: (06/29/2014 03:21:03 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: C:\Program Files\Lexmark Pro800-Pro900 Series\Drivers\X64\lxecsm64.dllC:\Program Files\Lexmark Pro800-Pro900 Series\Drivers\X64\lxecsm64.dll9 Error: (06/29/2014 03:21:02 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: C:\Program Files\Lexmark Pro800-Pro900 Series\Drivers\I386\lxecsm.dllC:\Program Files\Lexmark Pro800-Pro900 Series\Drivers\I386\lxecsm.dll9 Error: (06/29/2014 03:21:01 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: C:\Lexmark\drivers\Pro800\drivers\win_xp2k\x64\LXECsm64.dllC:\Lexmark\drivers\Pro800\drivers\win_xp2k\x64\LXECsm64.dll9 Error: (06/29/2014 03:21:01 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: C:\Lexmark\drivers\Pro800\drivers\win_xp2k\i386\LXECsm.dllC:\Lexmark\drivers\Pro800\drivers\win_xp2k\i386\LXECsm.dll9 Error: (06/29/2014 03:20:30 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Program Files (x86)\Samsung\Side Sync\SideSync.exe Error: (06/29/2014 03:17:58 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: C:\windows\System32\lxecsm.dllC:\windows\System32\lxecsm.dll9 Error: (06/29/2014 03:17:58 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: C:\windows\SysWOW64\LXECsm.dllC:\windows\SysWOW64\LXECsm.dll9 Error: (06/29/2014 03:17:58 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: C:\Program Files\Lexmark Pro800-Pro900 Series\Drivers\X64\lxecsm64.dllC:\Program Files\Lexmark Pro800-Pro900 Series\Drivers\X64\lxecsm64.dll9 ==================== Memory info =========================== Percentage of memory in use: 25% Total physical RAM: 5717.37 MB Available physical RAM: 4256.96 MB Total Pagefile: 11605.38 MB Available Pagefile: 9172.29 MB Total Virtual: 8192 MB Available Virtual: 8191.78 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:675.19 GB) (Free:607.27 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 699 GB) (Disk ID: 66FB1E3A) Partition: GPT Partition Type. ==================== End Of Log ============================ Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-06-2014 02 Ran by XXXX at 2014-06-29 15:54:47 Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.00 - Adobe Systems) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated) Adobe AIR (x32 Version: 13.0.0.111 - Adobe Systems Incorporated) Hidden Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated) Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated) Hidden Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated) Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated) Adobe Photoshop Elements 11 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden Adobe Reader X (10.1.9) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.9 - Adobe Systems Incorporated) AMD Accelerated Video Transcoding (Version: 12.5.100.30128 - Advanced Micro Devices, Inc.) Hidden AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden AMD Catalyst Install Manager (HKLM\...\{3FF69337-3AAB-140F-3F86-5500EDB4810E}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.) AMD VISION Engine Control Center (x32 Version: 2013.0128.209.3730 - Advanced Micro Devices, Inc.) Hidden Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.672 - Avira) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Bitcasa version 0.9.20.4135 (HKLM\...\{EDA09459-AD7D-4434-BA0C-647F6703EA12}_is1) (Version: 0.9.20.4135 - Bitcasa Inc.) Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center InstallProxy (x32 Version: 2013.0128.209.3730 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Localization All (x32 Version: 2013.0128.209.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Standard (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Traditional (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help Czech (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help Danish (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help Dutch (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help English (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help Finnish (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help French (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help German (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help Greek (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help Hungarian (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help Italian (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help Japanese (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help Korean (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help Norwegian (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help Polish (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help Portuguese (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help Russian (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help Spanish (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help Swedish (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help Thai (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden CCC Help Turkish (x32 Version: 2013.0128.0208.3730 - Advanced Micro Devices, Inc.) Hidden ccc-utility64 (Version: 2013.0128.209.3730 - Advanced Micro Devices, Inc.) Hidden Citavi 4 (HKLM-x32\...\{CC0A85B2-734A-45B3-B678-05F6A6499AC7}) (Version: 4.3.0.15 - Swiss Academic Software) ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version: - DownloadHelper) CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1912 - CyberLink Corp.) CyberLink Power2Go 8 (x32 Version: 8.0.0.1912 - CyberLink Corp.) Hidden CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4421.02 - CyberLink Corp.) CyberLink PowerDVD 10 (x32 Version: 10.0.4421.02 - CyberLink Corp.) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{2A16B95F-7377-410A-B961-EFD9394E1AF3}) (Version: - Microsoft) Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.6 - Samsung Electronics CO.,LTD.) Elements 11 Organizer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.) ETDWare X64 11.7.5.5_WHQL (HKLM\...\Elantech) (Version: 11.7.5.5 - ELAN Microelectronic Corp.) Flixster (HKLM-x32\...\com.wb.DC2) (Version: 2.2.2 - Warner Bros. Entertainment, Inc.) Flixster (x32 Version: 2.2.2 - Warner Bros. Entertainment, Inc.) Hidden Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com) Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Help Desk (HKLM\...\{22B32087-797D-4A1B-AFA7-072C87580ADC}) (Version: 1.0.9 - Samsung Electronics CO., LTD.) HP Deskjet 1050 J410 series - Grundlegende Software für das Gerät (HKLM\...\{C3F12DD0-54B1-4B2B-A82B-FA43502BC550}) (Version: 28.0.1313.0 - Hewlett-Packard Co.) HP Deskjet 1050 J410 series Hilfe (HKLM-x32\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard) Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden Lexmark Pro800-Pro900 Series (HKLM\...\Lexmark Pro800-Pro900 Series) (Version: - Lexmark International, Inc.) Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) Mozilla Thunderbird 24.1.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.1.1 (x86 de)) (Version: 24.1.1 - Mozilla) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden Nitro Reader 3 (HKLM\...\{4756C731-B54E-451A-9AF1-86E8AB1BEBBB}) (Version: 3.5.6.5 - Nitro) Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.51 - Symantec Corporation) Norton Online Backup ARA (x32 Version: 4.1.0.14 - Symantec Corporation) Hidden OEM Application Profile (HKLM-x32\...\{24301870-5EEA-A07A-6265-2EA1E4A6A7CC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation) OpenVPN 2.3.2-I003 (HKLM-x32\...\OpenVPN) (Version: 2.3.2-I003 - ) Opera Stable 18.0.1284.68 (HKLM-x32\...\Opera 18.0.1284.68) (Version: 18.0.1284.68 - Opera Software ASA) PDF24 Creator 6.3.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.214.2 - Tracker Software Products Ltd) Phone Screen Sharing (HKLM-x32\...\{DF02C515-40B5-45AC-A601-5DC69D03885C}) (Version: 1.3.0.1 - RSUPPORT) Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Plants vs. Zombies (HKLM-x32\...\Plants vs. Zombies) (Version: - PopCap Games) Project 64 version 2.1.0.1 (HKLM-x32\...\Project 64_is1) (Version: 2.1.0.1 - ) PSE11 STI Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.216 - Qualcomm Atheros Communications) Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros) Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.4.907.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6818 - Realtek Semiconductor Corp.) Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.9.6 - Samsung Electronics CO., LTD.) S Agent (Version: 1.1.45 - Samsung Electronics CO., LTD.) Hidden Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.2.13021_11 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.5.2.13021_11 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.22.0 - SAMSUNG Electronics Co., Ltd.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden Settings (HKLM-x32\...\{8CB5C357-12E5-41B1-A024-D57D4E6F32D9}) (Version: 2.0.1 - Samsung Electronics CO., LTD.) Shrew Soft VPN Client (HKLM\...\Shrew Soft VPN Client) (Version: - ) Side Sync (HKLM-x32\...\{C6DA306C-B288-452A-B85C-01265DBFF0DA}) (Version: 1.1.12 - Samsung Electronics CO., LTD.) Skype™ 6.1 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.1.129 - Skype Technologies S.A.) Support Center (HKLM\...\{50E36BBB-36A5-400A-8AC5-9F7C0BD751A2}) (Version: 2.1.80 - Samsung Electronics CO., LTD.) Support Center FAQ (x32 Version: 1.0.8 - Samsung Electronics CO., LTD.) Hidden SW Update (HKLM-x32\...\{DA06101F-FD76-4BF0-88BD-B26A197005E3}) (Version: 2.1.21 - Samsung Electronics CO., LTD.) TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - ) Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{84B191B5-5319-463A-A305-8C4D53B1D20A}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{1AA82E2E-7DB7-4C70-910C-BBB657A6B3A5}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{6E760BBA-B83F-4C2D-918F-5F91EF6C9861}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0044-0407-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{64D96F30-CF4C-4CCE-AAF2-F8909348BF35}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{9F6507AC-7D8F-46C1-B90F-59C7828E0E0D}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-0410-1000-0000000FF1CE}_Office14.PROPLUS_{B2508D75-61CF-4CC0-84C0-CF257219201D}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0407-1000-0000000FF1CE}_Office14.PROPLUS_{6164E0E5-C903-488C-93AF-1B7AF7EBC331}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A20A650C-F820-4CE4-AEA5-EC140192FAFB}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0018-0407-1000-0000000FF1CE}_Office14.PROPLUS_{FD360122-6829-4497-97C1-1BF578EF695B}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version: - Microsoft) Update for Microsoft Visio 2010 (KB2880526) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F6F342A1-530B-4D48-A468-1E3F70928984}) (Version: - Microsoft) Update for Microsoft Visio Viewer 2010 (KB2837587) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{C950A55F-82E3-4CC8-8FA2-E8A2A0F651F3}) (Version: - Microsoft) Update for Microsoft Word 2010 (KB2880529) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{89FDC8D9-FB84-4EFE-950D-AF4EECC3B64C}) (Version: - Microsoft) User Guide (HKLM-x32\...\{A6C17C20-4464-4A2A-968D-684C083B9424}) (Version: 1.0.00 - Samsung Electronics CO., LTD.) Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation) Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Wise Folder Hider 2.02 (HKLM-x32\...\Wise Folder Hider_is1) (Version: 2.02 - WiseCleaner.com, Inc.) ==================== Restore Points ========================= 10-06-2014 18:08:47 Windows Update 19-06-2014 15:01:43 Windows Update 24-06-2014 17:03:45 Windows Update 27-06-2014 20:11:18 Windows Update ==================== Hosts content: ========================== 2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {183F37D8-5F9F-4AC2-8B9D-9ACF05DCA5BE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-20] (Google Inc.) Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask Task: {2309D5EE-FC95-4630-B117-D75326EFF766} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2013-02-01] (Samsung Electronics CO., LTD.) Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList Task: {266D3C96-40CF-41A5-A431-DF05227F8F01} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2013-03-12] (SEC) Task: {6B383977-9B35-4F7E-A46B-135CD5153EEB} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated) Task: {7C65C649-5C76-46E0-9B9E-17A52EEAD5A1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2014-06-11] (Microsoft Corporation) Task: {919E2AEF-87C3-442A-9C05-17BA6CBEABA9} - System32\Tasks\{46825988-C6C3-40EF-84E6-FABEF0155EAB} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-01-08] (Skype Technologies S.A.) Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState Task: {C9AA7F37-FF51-437C-9491-628D6040ECC8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-20] (Google Inc.) Task: {CA09C20C-74E4-4AEE-8F57-CC60EE34C041} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2013-10-16] (Samsung Electronics CO., LTD.) Task: {CCA341D9-35D1-4002-85BE-270A8ED2AE67} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation) Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask Task: {F9E06569-49F2-4D28-B1D1-26A786507EE8} - System32\Tasks\SideSyncAutoRun => C:\Program Files (x86)\Samsung\Side Sync\SideSync.exe [2013-06-04] (Samsung Electronics CO., LTD.) Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-01-12 20:16 - 2009-11-04 09:17 - 00189440 _____ () C:\windows\system32\spool\PRTPROCS\x64\lxecdrpp.dll 2013-07-01 10:21 - 2013-07-01 10:21 - 01127736 _____ () C:\Program Files\ShrewSoft\VPN Client\iked.exe 2013-07-01 01:16 - 2013-07-01 01:16 - 00628224 _____ () C:\Program Files\ShrewSoft\VPN Client\libike.dll 2013-07-01 01:16 - 2013-07-01 01:16 - 00039936 _____ () C:\Program Files\ShrewSoft\VPN Client\libvnet.dll 2013-07-01 01:15 - 2013-07-01 01:15 - 00018432 _____ () C:\Program Files\ShrewSoft\VPN Client\libith.dll 2013-07-01 01:17 - 2013-07-01 01:17 - 00029184 _____ () C:\Program Files\ShrewSoft\VPN Client\libpfk.dll 2013-07-01 01:17 - 2013-07-01 01:17 - 00017920 _____ () C:\Program Files\ShrewSoft\VPN Client\libdtp.dll 2013-07-01 01:17 - 2013-07-01 01:17 - 00035840 _____ () C:\Program Files\ShrewSoft\VPN Client\libvflt.dll 2013-07-01 01:16 - 2013-07-01 01:16 - 00013312 _____ () C:\Program Files\ShrewSoft\VPN Client\liblog.dll 2013-07-01 01:16 - 2013-07-01 01:16 - 00116736 _____ () C:\Program Files\ShrewSoft\VPN Client\libip.dll 2013-07-01 01:15 - 2013-07-01 01:15 - 00022016 _____ () C:\Program Files\ShrewSoft\VPN Client\libidb.dll 2013-07-01 10:21 - 2013-07-01 10:21 - 00810808 _____ () C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe 2013-02-01 03:52 - 2013-02-01 03:52 - 00085040 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe 2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2014-02-21 13:22 - 2014-02-21 13:23 - 00176048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll 2012-12-05 13:44 - 2012-12-05 13:44 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll 2012-12-05 13:39 - 2012-12-05 13:39 - 00020992 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\de-DE\BtTray.de-DE.dll 2012-12-05 13:41 - 2012-12-05 13:41 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll 2012-12-05 13:44 - 2012-12-05 13:44 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe 2014-01-12 20:13 - 2013-01-23 14:35 - 00772712 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe 2014-01-12 20:13 - 2013-01-23 14:35 - 00150264 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe 2013-10-16 19:15 - 2013-10-16 19:15 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll 2013-06-04 17:52 - 2013-06-04 17:52 - 00815104 _____ () C:\Program Files (x86)\Samsung\Side Sync\adb.exe 2013-02-01 03:52 - 2013-02-01 03:52 - 00029232 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll 2013-02-01 03:52 - 2013-02-01 03:52 - 01106480 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll 2013-02-01 03:52 - 2013-02-01 03:52 - 00111152 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll 2013-02-01 03:52 - 2013-02-01 03:52 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll 2013-02-01 03:52 - 2013-02-01 03:52 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll 2013-02-01 03:52 - 2013-02-01 03:52 - 00027184 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll 2013-02-01 03:52 - 2013-02-01 03:52 - 00111152 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll 2013-02-01 03:52 - 2013-02-01 03:52 - 00060976 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll 2013-02-01 03:52 - 2013-02-01 03:52 - 00103472 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll 2014-01-12 20:13 - 2010-04-01 13:23 - 00389120 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecscw.dll 2014-01-12 20:13 - 2009-05-27 08:16 - 00192512 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecdatr.dll 2014-01-12 20:13 - 2010-04-01 13:24 - 01159168 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecDRS.dll 2014-01-12 20:13 - 2009-03-10 01:43 - 00155648 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxeccaps.dll 2014-01-12 20:13 - 2009-02-20 04:48 - 00381440 _____ () C:\windows\SYSTEM32\lxecsm.dll 2014-01-12 20:13 - 2009-04-28 03:56 - 00024064 _____ () C:\windows\system32\lxecsmr.dll 2014-01-12 20:13 - 2010-04-05 06:56 - 00716954 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Epwizard.DLL 2014-01-12 20:13 - 2010-04-05 06:55 - 00159890 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\customui.dll 2014-01-12 20:13 - 2010-04-05 06:54 - 00123033 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Eputil.DLL 2014-01-12 20:13 - 2010-04-05 06:55 - 00061604 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Epfunct.DLL 2014-01-12 20:13 - 2010-04-05 06:54 - 00143502 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Imagutil.DLL 2014-01-12 20:13 - 2009-06-23 07:09 - 02203648 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\EPWizRes.dll 2014-01-12 20:13 - 2009-06-23 07:10 - 00045056 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\epstring.dll 2014-01-12 20:13 - 2009-06-23 07:11 - 00102400 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\EPOEMDll.dll 2014-01-12 20:13 - 2009-04-07 15:25 - 00409600 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\iptk.dll 2014-01-12 20:13 - 2009-03-02 10:25 - 00151552 _____ () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecptp.dll 2013-03-15 09:54 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll 2012-06-08 04:34 - 2012-06-08 04:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll 2012-09-23 20:43 - 2012-09-23 20:43 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\de_de\acrotray.deu 2013-05-06 13:41 - 2013-05-06 13:41 - 01679408 _____ () C:\Program Files (x86)\Samsung\Side Sync\SideSyncNetworkFramework.dll 2014-06-10 19:41 - 2014-06-10 19:42 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== EXE Association (whitelisted) ============= ==================== MSCONFIG/TASK MANAGER disabled items ========= ==================== Faulty Device Manager Devices ============= Name: Shrew Soft Virtual Adapter Description: Shrew Soft Virtual Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Shrew Soft Service: vnet Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (06/29/2014 03:21:04 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3. Ungültige XML-Syntax. Error: (06/29/2014 03:21:03 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3. Ungültige XML-Syntax. Error: (06/29/2014 03:21:03 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3. Ungültige XML-Syntax. Error: (06/29/2014 03:21:02 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3. Ungültige XML-Syntax. Error: (06/29/2014 03:21:01 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3. Ungültige XML-Syntax. Error: (06/29/2014 03:21:01 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3. Ungültige XML-Syntax. Error: (06/29/2014 03:20:30 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest. Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest. Error: (06/29/2014 03:17:58 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3. Ungültige XML-Syntax. Error: (06/29/2014 03:17:58 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3. Ungültige XML-Syntax. Error: (06/29/2014 03:17:58 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3. Ungültige XML-Syntax. System errors: ============= Error: (06/29/2014 01:24:16 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Aktualisierung für Skype für Windows Desktop 6.11 (KB2876229) Error: (06/28/2014 06:33:17 AM) (Source: DCOM) (EventID: 10010) (User: XXXX) Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Error: (06/28/2014 06:33:17 AM) (Source: DCOM) (EventID: 10010) (User: XXXX) Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Error: (06/28/2014 06:33:17 AM) (Source: DCOM) (EventID: 10010) (User: XXXX) Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Error: (06/28/2014 06:33:17 AM) (Source: DCOM) (EventID: 10010) (User: XXXX) Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Error: (06/28/2014 03:42:53 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Aktualisierung für Skype für Windows Desktop 6.11 (KB2876229) Error: (06/28/2014 03:35:04 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Aktualisierung für Skype für Windows Desktop 6.11 (KB2876229) Error: (06/27/2014 10:12:49 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Aktualisierung für Skype für Windows Desktop 6.11 (KB2876229) Error: (06/27/2014 02:08:50 AM) (Source: DCOM) (EventID: 10010) (User: XXXX) Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Error: (06/27/2014 02:08:50 AM) (Source: DCOM) (EventID: 10010) (User: XXXX) Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Microsoft Office Sessions: ========================= Error: (06/29/2014 03:21:04 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: C:\windows\System32\lxecsm.dllC:\windows\System32\lxecsm.dll9 Error: (06/29/2014 03:21:03 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: C:\windows\SysWOW64\LXECsm.dllC:\windows\SysWOW64\LXECsm.dll9 Error: (06/29/2014 03:21:03 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: C:\Program Files\Lexmark Pro800-Pro900 Series\Drivers\X64\lxecsm64.dllC:\Program Files\Lexmark Pro800-Pro900 Series\Drivers\X64\lxecsm64.dll9 Error: (06/29/2014 03:21:02 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: C:\Program Files\Lexmark Pro800-Pro900 Series\Drivers\I386\lxecsm.dllC:\Program Files\Lexmark Pro800-Pro900 Series\Drivers\I386\lxecsm.dll9 Error: (06/29/2014 03:21:01 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: C:\Lexmark\drivers\Pro800\drivers\win_xp2k\x64\LXECsm64.dllC:\Lexmark\drivers\Pro800\drivers\win_xp2k\x64\LXECsm64.dll9 Error: (06/29/2014 03:21:01 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: C:\Lexmark\drivers\Pro800\drivers\win_xp2k\i386\LXECsm.dllC:\Lexmark\drivers\Pro800\drivers\win_xp2k\i386\LXECsm.dll9 Error: (06/29/2014 03:20:30 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Program Files (x86)\Samsung\Side Sync\SideSync.exe Error: (06/29/2014 03:17:58 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: C:\windows\System32\lxecsm.dllC:\windows\System32\lxecsm.dll9 Error: (06/29/2014 03:17:58 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: C:\windows\SysWOW64\LXECsm.dllC:\windows\SysWOW64\LXECsm.dll9 Error: (06/29/2014 03:17:58 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: C:\Program Files\Lexmark Pro800-Pro900 Series\Drivers\X64\lxecsm64.dllC:\Program Files\Lexmark Pro800-Pro900 Series\Drivers\X64\lxecsm64.dll9 ==================== Memory info =========================== Percentage of memory in use: 25% Total physical RAM: 5717.37 MB Available physical RAM: 4256.96 MB Total Pagefile: 11605.38 MB Available Pagefile: 9172.29 MB Total Virtual: 8192 MB Available Virtual: 8191.78 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:675.19 GB) (Free:607.27 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 699 GB) (Disk ID: 66FB1E3A) Partition: GPT Partition Type. ==================== End Of Log ============================ |
29.06.2014, 15:23 | #4 |
/// TB-Ausbilder /// Anleitungs-Guru | Notebook reagiert verzögert und hängt sich auf, scrollen ist kaum möglich - sehr langsam FRST fehlt... Du hast zweimal die Addition gepostet...
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
29.06.2014, 15:26 | #5 |
| Notebook reagiert verzögert und hängt sich auf, scrollen ist kaum möglich - sehr langsam Frst vergessen... FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-06-2014 02 Ran by XXXX (administrator) on XXXX on 29-06-2014 15:52:58 Running from C:\Users\XXXX\Downloads Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\windows\System32\atiesrxx.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe (Microsoft Corporation) C:\windows\System32\dasHost.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe () C:\Program Files\ShrewSoft\VPN Client\iked.exe () C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe ( ) C:\windows\System32\lxeccoms.exe (Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (AMD) C:\windows\System32\atieclxx.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe (Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe () C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe (Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe (Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Side Sync\SideSync.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe () C:\Program Files (x86)\Samsung\Side Sync\adb.exe (Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13263072 2012-12-12] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1260256 2013-01-04] (Realtek Semiconductor) HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [766080 2012-12-05] (Qualcomm Atheros) HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [128640 2012-12-05] (Atheros Communications) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated) HKLM\...\Run: [Bitcasa] => C:\Program Files\Bitcasa\Bitcasa.exe [4365824 2012-12-27] (Bitcasa, Inc) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2872176 2012-10-08] (ELAN Microelectronics Corp.) HKLM\...\Run: [lxecmon.exe] => C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe [772712 2013-01-23] () HKLM\...\Run: [EzPrint] => C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe [150264 2013-01-23] () HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-01-27] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.) HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink) HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-12-18] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation) HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310640 2013-03-07] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-15] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3477640 2012-09-23] (Adobe Systems Inc.) HKU\S-1-5-21-1375823238-2140254550-1769909406-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [18705664 2013-01-08] (Skype Technologies S.A.) Startup: C:\Users\Renate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 1050 J410 series.lnk ShortcutTarget: Tintenwarnungen überwachen - HP Deskjet 1050 J410 series.lnk -> C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.) SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation) SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation) ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File ShellIconOverlayIdentifiers: 1EldosIconOverlay -> {9E2D270D-EAB0-40E3-82A9-221EC3EEB4F9} => C:\windows\SYSTEM32\CbFsMntNtf3.dll (EldoS Corporation) ShellIconOverlayIdentifiers: BitcasaIconOverlay -> {A6975448-A999-49BB-B3E4-7730CF6A82C0} => C:\Program Files\Bitcasa\ExplorerMenu.dll (Bitcasa, Inc) ShellIconOverlayIdentifiers: BitcasaProgressOverlay -> {6FB8D52A-0064-45B2-B687-F596FEAD09C2} => C:\Program Files\Bitcasa\ExplorerMenu.dll (Bitcasa, Inc) ShellIconOverlayIdentifiers: EldosIconOverlay -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation) ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File ShellIconOverlayIdentifiers-x32: 1EldosIconOverlay -> {9E2D270D-EAB0-40E3-82A9-221EC3EEB4F9} => C:\windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation) ShellIconOverlayIdentifiers-x32: EldosIconOverlay -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation) ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung13.msn.com HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com SearchScopes: HKLM - {2A76B414-BC32-449F-A8E9-E19A7000C4D9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS SearchScopes: HKLM-x32 - {2A76B414-BC32-449F-A8E9-E19A7000C4D9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS SearchScopes: HKCU - DefaultScope {2A76B414-BC32-449F-A8E9-E19A7000C4D9} URL = SearchScopes: HKCU - {2A76B414-BC32-449F-A8E9-E19A7000C4D9} URL = BHO: Citavi Picker - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\windows\system32\mscoree.dll (Microsoft Corporation) BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: Citavi Picker - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\windows\SysWOW64\mscoree.dll (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{E15EC66B-4595-4676-9B72-1D24AB910003}: [NameServer]141.78.7.250,141.78.7.200 FireFox: ======== FF ProfilePath: C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\ewzecyo2.default-1397762976425 FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll () FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems) FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: ProxTube - Unblock YouTube - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\ewzecyo2.default-1397762976425\Extensions\ich@maltegoetz.de [2014-05-12] FF Extension: Print pages to PDF - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\ewzecyo2.default-1397762976425\Extensions\printPages2Pdf@reinhold.ripper [2014-06-13] FF Extension: YouTube Unblocker - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\ewzecyo2.default-1397762976425\Extensions\youtubeunblocker@unblocker.yt [2014-05-12] FF Extension: DownloadHelper - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\ewzecyo2.default-1397762976425\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-06-16] FF Extension: Flash and Video Download - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\ewzecyo2.default-1397762976425\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2014-06-27] FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2014-02-25] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-04-22] ==================== Services (Whitelisted) ================= R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [172104 2013-01-26] (Adobe Systems Incorporated) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-15] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-15] (Avira Operations GmbH & Co. KG) R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1039952 2014-05-15] (Avira Operations GmbH & Co. KG) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [231552 2012-12-05] (Qualcomm Atheros Commnucations) R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1594416 2013-02-01] (Samsung Electronics CO., LTD.) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [90992 2012-10-08] (ELAN Microelectronics Corp.) R2 iked; C:\Program Files\ShrewSoft\VPN Client\iked.exe [1127736 2013-07-01] () R2 ipsecd; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [810808 2013-07-01] () S2 lxecCATSCustConnectService; C:\windows\system32\spool\DRIVERS\x64\3\\lxecserv.exe [45736 2010-04-14] (Lexmark International, Inc.) R2 lxec_device; C:\windows\system32\lxeccoms.exe [1052328 2010-04-14] ( ) R2 lxec_device; C:\windows\SysWOW64\lxeccoms.exe [598696 2010-04-14] ( ) R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software) R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation) S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [32568 2013-08-22] (The OpenVPN Project) R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3018800 2013-10-21] (Samsung Electronics CO., LTD.) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation) R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-12-05] (Atheros) [File not signed] ==================== Drivers (Whitelisted) ==================== R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-18] (Advanced Micro Devices) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-15] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-05-15] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-19] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [84720 2013-12-18] (Avira Operations GmbH & Co. KG) R3 BTATH_HID; C:\Windows\system32\DRIVERS\btath_hid.sys [222360 2012-12-05] (Qualcomm Atheros) R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-05] (Qualcomm Atheros) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation) R1 cbfs3; C:\windows\system32\drivers\cbfs3.sys [352456 2012-08-06] (EldoS Corporation) R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink) R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-09] (Corel Corporation) R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider) R2 WiseFS; C:\Program Files (x86)\Wise\Wise Folder Hider\WiseFs64.sys [10280 2014-03-14] () S3 SBIOSIO; \??\C:\MfgDiag\DiagTools\AMDAutoOnClear\SBIOSIO64.SYS [X] S3 TVICPORT; \??\C:\windows\system32\DRIVERS\TVICPORT.SYS [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-29 15:52 - 2014-06-29 15:53 - 00025177 _____ () C:\Users\XXXX\Downloads\FRST.txt 2014-06-29 15:52 - 2014-06-29 15:53 - 00000000 ____D () C:\FRST 2014-06-29 15:52 - 2014-06-29 15:52 - 02083328 _____ (Farbar) C:\Users\XXXX\Downloads\FRST64.exe 2014-06-28 21:02 - 2014-06-28 21:02 - 00000000 ___RD () C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2014-06-20 19:28 - 2014-06-20 19:28 - 00058056 _____ () C:\Users\XXXX\AppData\Local\recently-used.xbel 2014-06-19 12:13 - 2014-06-19 12:13 - 00279680 _____ () C:\windows\Minidump\061914-44725-01.dmp 2014-06-16 01:16 - 2014-06-16 01:16 - 00000000 ____D () C:\Program Files (x86)\ConvertHelper 2014-06-16 01:15 - 2014-06-16 01:15 - 03782822 _____ (DownloadHelper ) C:\Users\XXXX\Downloads\ConvertHelperSetup.exe 2014-06-13 17:56 - 2014-06-13 17:56 - 00000000 ____D () C:\Users\XXXX\Desktop\Uni Hohenheim 2014-06-12 00:26 - 2014-06-13 00:48 - 00000000 ____D () C:\Users\XXXX\AppData\Local\Windows Live 2014-06-12 00:16 - 2014-06-12 00:16 - 33938942 _____ () C:\Users\XXXX\Downloads\Letter%20from%20a%20Fan%20v.1.0.mp4 2014-06-11 04:31 - 2014-06-11 04:31 - 00000000 ____D () C:\4cf0ef62782c49422017e2806b 2014-06-10 20:21 - 2014-05-03 07:47 - 03246592 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll 2014-06-10 20:21 - 2014-05-03 05:34 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll 2014-06-10 20:20 - 2014-05-24 04:48 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe 2014-06-10 20:20 - 2014-05-24 04:47 - 02239488 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2014-06-10 20:20 - 2014-05-24 04:47 - 01366016 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2014-06-10 20:20 - 2014-05-24 04:47 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll 2014-06-10 20:20 - 2014-05-24 04:47 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll 2014-06-10 20:20 - 2014-05-24 04:46 - 19290112 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2014-06-10 20:20 - 2014-05-24 04:46 - 15368704 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2014-06-10 20:20 - 2014-05-24 04:46 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll 2014-06-10 20:20 - 2014-05-24 04:46 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2014-06-10 20:20 - 2014-05-24 04:46 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll 2014-06-10 20:20 - 2014-05-24 04:46 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll 2014-06-10 20:20 - 2014-05-24 04:46 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll 2014-06-10 20:20 - 2014-05-24 04:46 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll 2014-06-10 20:20 - 2014-05-24 04:46 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll 2014-06-10 20:20 - 2014-05-24 04:46 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll 2014-06-10 20:20 - 2014-05-24 04:45 - 01508864 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2014-06-10 20:20 - 2014-05-24 04:45 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll 2014-06-10 20:20 - 2014-05-24 04:45 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll 2014-06-10 20:20 - 2014-05-24 03:26 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll 2014-06-10 20:20 - 2014-05-24 03:26 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll 2014-06-10 20:20 - 2014-05-24 03:26 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll 2014-06-10 20:20 - 2014-05-24 03:26 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll 2014-06-10 20:20 - 2014-05-24 03:26 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll 2014-06-10 20:20 - 2014-05-24 03:25 - 13731328 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll 2014-06-10 20:20 - 2014-05-24 03:25 - 01440768 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl 2014-06-10 20:20 - 2014-05-24 03:25 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll 2014-06-10 20:20 - 2014-05-24 03:25 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll 2014-06-10 20:20 - 2014-05-24 03:25 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll 2014-06-10 20:20 - 2014-05-24 03:25 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll 2014-06-10 20:20 - 2014-05-24 03:25 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll 2014-06-10 20:20 - 2014-05-24 03:25 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll 2014-06-10 20:20 - 2014-05-24 03:09 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb 2014-06-10 20:20 - 2014-05-24 03:03 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb 2014-06-10 20:20 - 2014-05-24 00:37 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll 2014-06-10 20:20 - 2014-04-30 00:32 - 01301504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll 2014-06-10 20:20 - 2014-04-30 00:22 - 01023488 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll 2014-06-10 20:20 - 2014-04-03 13:19 - 00328024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Classpnp.sys 2014-06-10 20:20 - 2014-04-03 05:44 - 00619008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys 2014-06-10 20:20 - 2014-04-01 00:08 - 00387268 _____ () C:\windows\system32\ApnDatabase.xml 2014-06-10 20:20 - 2014-03-25 01:42 - 00305152 _____ (Microsoft Corporation) C:\windows\SysWOW64\wusa.exe 2014-06-10 20:20 - 2014-03-25 00:56 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\wusa.exe 2014-06-10 20:19 - 2014-05-24 04:46 - 03958784 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2014-06-10 20:19 - 2014-05-24 04:46 - 02650112 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2014-06-10 20:19 - 2014-05-24 03:26 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll 2014-06-10 20:19 - 2014-05-24 03:25 - 02050560 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll 2014-06-10 20:19 - 2014-05-24 03:25 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll 2014-06-10 20:18 - 2014-05-24 03:26 - 14365696 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll 2014-06-10 20:18 - 2014-05-24 03:25 - 02862080 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll 2014-06-10 20:18 - 2014-04-03 13:22 - 02233176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys 2014-06-10 20:18 - 2014-03-07 02:47 - 01419264 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll 2014-06-10 20:18 - 2014-03-07 02:08 - 01845760 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll 2014-06-10 19:41 - 2014-06-10 19:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-08 13:36 - 2014-06-08 13:36 - 00000000 ____D () C:\Users\XXXX\AppData\Roaming\Avira 2014-06-08 11:28 - 2014-06-08 11:33 - 00000000 ____D () C:\Users\XXXX\.android 2014-06-07 22:51 - 2014-06-08 14:21 - 00003600 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1375823238-2140254550-1769909406-1004 2014-06-07 22:51 - 2014-06-07 22:51 - 00000000 ____D () C:\Users\XXXX\AppData\Local\Macromedia 2014-06-07 22:50 - 2014-06-07 22:50 - 00000000 ____D () C:\Users\XXXX\AppData\Roaming\Mozilla 2014-06-07 22:50 - 2014-06-07 22:50 - 00000000 ____D () C:\Users\XXXX\AppData\Local\Mozilla 2014-06-07 22:49 - 2014-06-07 22:49 - 00000000 ____D () C:\Users\XXXX\AppData\Roaming\HpUpdate 2014-06-07 20:48 - 2014-06-09 01:23 - 00000000 ____D () C:\Users\XXXX\Documents\Bluetooth Folder 2014-06-07 20:48 - 2014-06-07 22:49 - 00000000 ____D () C:\Users\XXXX\AppData\Local\Adobe 2014-06-07 20:48 - 2014-06-07 20:48 - 00000000 ____D () C:\Users\XXXX\AppData\Roaming\ATI 2014-06-07 20:48 - 2014-06-07 20:48 - 00000000 ____D () C:\Users\XXXX\AppData\Roaming\Atheros 2014-06-07 20:48 - 2014-06-07 20:48 - 00000000 ____D () C:\Users\XXXX\AppData\Local\Power2Go8 2014-06-07 20:48 - 2014-06-07 20:48 - 00000000 ____D () C:\Users\XXXX\AppData\Local\BMExplorer 2014-06-07 20:48 - 2014-06-07 20:48 - 00000000 ____D () C:\Users\XXXX\AppData\Local\ATI 2014-06-07 20:47 - 2014-06-07 22:49 - 00000000 ____D () C:\Users\XXXX\AppData\Roaming\Adobe 2014-06-07 20:47 - 2014-06-07 20:47 - 00001442 _____ () C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-06-07 20:46 - 2014-06-07 20:46 - 00000000 ____D () C:\Users\XXXX\AppData\Local\VirtualStore 2014-06-07 20:45 - 2014-06-08 11:28 - 00000000 ____D () C:\Users\XXXX 2014-06-07 20:45 - 2014-06-07 20:47 - 00000000 ____D () C:\Users\XXXX\AppData\Local\Packages 2014-06-07 20:45 - 2014-06-07 20:45 - 00000020 ___SH () C:\Users\XXXX\ntuser.ini 2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\Vorlagen 2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\Startmenü 2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\Netzwerkumgebung 2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\Lokale Einstellungen 2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\Eigene Dateien 2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\Druckumgebung 2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\Documents\Eigene Musik 2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\Documents\Eigene Bilder 2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\AppData\Local\Verlauf 2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\AppData\Local\Anwendungsdaten 2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\Anwendungsdaten 2014-06-07 20:45 - 2014-05-19 09:51 - 00000000 ___RD () C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-06-07 20:45 - 2014-04-22 17:06 - 00000000 ____D () C:\Users\XXXX\AppData\Roaming\Macromedia 2014-06-07 20:45 - 2014-02-25 13:28 - 00000000 ____D () C:\Users\XXXX\AppData\Local\Microsoft Help 2014-06-07 20:45 - 2013-12-06 21:17 - 00002225 _____ () C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk 2014-06-07 20:45 - 2013-08-04 13:00 - 00000000 ___RD () C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-06-07 20:45 - 2012-07-26 10:13 - 00000000 ___RD () C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-06-07 20:45 - 2012-07-26 10:13 - 00000000 ____D () C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-06-05 13:34 - 2014-06-05 13:34 - 00279736 _____ () C:\windows\Minidump\060514-30591-01.dmp 2014-06-01 16:08 - 2014-06-01 16:08 - 00279736 _____ () C:\windows\Minidump\060114-30560-01.dmp 2014-05-31 15:11 - 2014-06-18 19:19 - 00000000 ____D () C:\Users\XXXX\Desktop\Neuer Ordner ==================== One Month Modified Files and Folders ======= 2014-06-29 15:53 - 2014-06-29 15:52 - 00025177 _____ () C:\Users\XXXX\Downloads\FRST.txt 2014-06-29 15:53 - 2014-06-29 15:52 - 00000000 ____D () C:\FRST 2014-06-29 15:52 - 2014-06-29 15:52 - 02083328 _____ (Farbar) C:\Users\XXXX\Downloads\FRST64.exe 2014-06-29 15:46 - 2013-12-20 22:43 - 00000000 ____D () C:\Users\XXXX\AppData\Roaming\Skype 2014-06-29 15:44 - 2013-06-30 12:15 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job 2014-06-29 15:10 - 2013-03-15 07:09 - 01598562 _____ () C:\windows\WindowsUpdate.log 2014-06-29 15:00 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\sru 2014-06-29 14:59 - 2013-12-20 23:27 - 00001124 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-06-29 13:24 - 2013-12-21 01:59 - 00000000 ____D () C:\ProgramData\Skype 2014-06-28 23:59 - 2013-12-20 23:27 - 00001120 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-06-28 21:05 - 2013-03-15 10:00 - 00000000 ____D () C:\ProgramData\WinClon 2014-06-28 21:02 - 2014-06-28 21:02 - 00000000 ___RD () C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2014-06-28 21:01 - 2014-01-12 20:14 - 00118273 _____ () C:\ProgramData\lxecscan.log 2014-06-28 15:15 - 2014-03-09 22:41 - 00000000 ____D () C:\Users\XXXX\AppData\Local\Battle.net 2014-06-28 15:15 - 2014-03-09 22:41 - 00000000 ____D () C:\Program Files (x86)\Battle.net 2014-06-28 03:05 - 2014-02-25 15:55 - 00000000 ____D () C:\Users\XXXX\Documents\Citavi 4 2014-06-26 02:50 - 2013-06-01 21:56 - 00000000 ____D () C:\Users\XXXX 2014-06-23 23:01 - 2012-08-05 23:07 - 00483148 _____ () C:\windows\PFRO.log 2014-06-23 23:01 - 2012-07-26 09:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT 2014-06-20 21:44 - 2014-04-19 14:12 - 00000000 ____D () C:\Users\XXXX\Desktop\Bewerbung April 2014-06-20 19:28 - 2014-06-20 19:28 - 00058056 _____ () C:\Users\XXXX\AppData\Local\recently-used.xbel 2014-06-20 19:28 - 2013-12-24 01:12 - 00000000 ____D () C:\Users\XXXX\AppData\Local\gtk-2.0 2014-06-20 19:28 - 2013-12-24 01:10 - 00000000 ____D () C:\Users\XXXX\.gimp-2.8 2014-06-19 22:32 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\rescache 2014-06-19 17:10 - 2012-07-26 09:59 - 00000000 ____D () C:\windows\CbsTemp 2014-06-19 17:06 - 2014-02-21 12:00 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-06-19 16:16 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\AUInstallAgent 2014-06-19 12:13 - 2014-06-19 12:13 - 00279680 _____ () C:\windows\Minidump\061914-44725-01.dmp 2014-06-19 12:13 - 2014-01-08 22:15 - 00000000 ____D () C:\windows\Minidump 2014-06-19 12:12 - 2014-01-18 15:43 - 489268099 _____ () C:\windows\MEMORY.DMP 2014-06-19 03:19 - 2013-03-15 22:30 - 00753134 _____ () C:\windows\system32\perfh007.dat 2014-06-19 03:19 - 2013-03-15 22:30 - 00155826 _____ () C:\windows\system32\perfc007.dat 2014-06-19 03:19 - 2012-07-26 09:28 - 01745416 _____ () C:\windows\system32\PerfStringBackup.INI 2014-06-18 23:54 - 2013-12-20 23:27 - 00004096 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-06-18 23:54 - 2013-12-20 23:27 - 00003860 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-06-18 19:19 - 2014-05-31 15:11 - 00000000 ____D () C:\Users\XXXX\Desktop\Neuer Ordner 2014-06-16 01:29 - 2013-06-16 19:49 - 00000000 ____D () C:\Users\XXXX\AppData\Roaming\CyberLink 2014-06-16 01:16 - 2014-06-16 01:16 - 00000000 ____D () C:\Program Files (x86)\ConvertHelper 2014-06-16 01:15 - 2014-06-16 01:15 - 03782822 _____ (DownloadHelper ) C:\Users\XXXX\Downloads\ConvertHelperSetup.exe 2014-06-16 01:14 - 2014-04-06 19:07 - 00000000 ____D () C:\Users\XXXX\dwhelper 2014-06-13 17:56 - 2014-06-13 17:56 - 00000000 ____D () C:\Users\XXXX\Desktop\Uni Hohenheim 2014-06-13 00:48 - 2014-06-12 00:26 - 00000000 ____D () C:\Users\XXXX\AppData\Local\Windows Live 2014-06-12 00:16 - 2014-06-12 00:16 - 33938942 _____ () C:\Users\XXXX\Downloads\Letter%20from%20a%20Fan%20v.1.0.mp4 2014-06-11 18:14 - 2013-06-30 11:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-06-11 04:31 - 2014-06-11 04:31 - 00000000 ____D () C:\4cf0ef62782c49422017e2806b 2014-06-11 04:31 - 2013-08-28 23:11 - 00000000 ____D () C:\windows\system32\MRT 2014-06-11 04:31 - 2013-06-27 23:49 - 95414520 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe 2014-06-11 01:10 - 2014-03-09 22:56 - 00000000 ____D () C:\Program Files (x86)\Hearthstone 2014-06-10 19:42 - 2014-06-10 19:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-09 01:23 - 2014-06-07 20:48 - 00000000 ____D () C:\Users\XXXX\Documents\Bluetooth Folder 2014-06-09 01:23 - 2014-03-27 12:20 - 00000000 ____D () C:\Users\XXXX\Documents\Bluetooth Folder 2014-06-08 14:21 - 2014-06-07 22:51 - 00003600 _____ () C:\windows\XXXX\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1375823238-2140254550-1769909406-1004 2014-06-08 13:36 - 2014-06-08 13:36 - 00000000 ____D () C:\Users\XXXX\AppData\Roaming\Avira 2014-06-08 11:33 - 2014-06-08 11:28 - 00000000 ____D () C:\Users\XXXX\.android 2014-06-08 11:28 - 2014-06-07 20:45 - 00000000 ____D () C:\Users\XXXX 2014-06-07 22:51 - 2014-06-07 22:51 - 00000000 ____D () C:\Users\XXXX\AppData\Local\Macromedia 2014-06-07 22:50 - 2014-06-07 22:50 - 00000000 ____D () C:\Users\XXXX\AppData\Roaming\Mozilla 2014-06-07 22:50 - 2014-06-07 22:50 - 00000000 ____D () C:\Users\XXXX\AppData\Local\Mozilla 2014-06-07 22:49 - 2014-06-07 22:49 - 00000000 ____D () C:\Users\XXXX\AppData\Roaming\HpUpdate 2014-06-07 22:49 - 2014-06-07 20:48 - 00000000 ____D () C:\Users\XXXX\AppData\Local\Adobe 2014-06-07 22:49 - 2014-06-07 20:47 - 00000000 ____D () C:\Users\XXXX\AppData\Roaming\Adobe 2014-06-07 20:48 - 2014-06-07 20:48 - 00000000 ____D () C:\Users\XXXX\AppData\Roaming\ATI 2014-06-07 20:48 - 2014-06-07 20:48 - 00000000 ____D () C:\Users\XXXX\AppData\Roaming\Atheros 2014-06-07 20:48 - 2014-06-07 20:48 - 00000000 ____D () C:\Users\XXXX\AppData\Local\Power2Go8 2014-06-07 20:48 - 2014-06-07 20:48 - 00000000 ____D () C:\Users\XXXX\AppData\Local\BMExplorer 2014-06-07 20:48 - 2014-06-07 20:48 - 00000000 ____D () C:\Users\XXXX\AppData\Local\ATI 2014-06-07 20:48 - 2013-03-15 10:40 - 00000000 ____D () C:\ProgramData\Atheros 2014-06-07 20:47 - 2014-06-07 20:47 - 00001442 _____ () C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-06-07 20:47 - 2014-06-07 20:45 - 00000000 ____D () C:\Users\XXXX\AppData\Local\Packages 2014-06-07 20:47 - 2013-06-01 22:02 - 00000000 ____D () C:\windows\System32\Tasks\WPD 2014-06-07 20:46 - 2014-06-07 20:46 - 00000000 ____D () C:\Users\XXXX\AppData\Local\VirtualStore 2014-06-07 20:45 - 2014-06-07 20:45 - 00000020 ___SH () C:\Users\XXXX\ntuser.ini 2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXXVorlagen 2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\Startmenü 2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\Netzwerkumgebung 2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\Lokale Einstellungen 2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\Eigene Dateien 2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\Druckumgebung 2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\Documents\Eigene Musik 2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\Documents\Eigene Bilder 2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\AppData\Local\Verlauf 2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXX\AppData\Local\Anwendungsdaten 2014-06-07 20:45 - 2014-06-07 20:45 - 00000000 _SHDL () C:\Users\XXXXAnwendungsdaten 2014-06-05 15:31 - 2014-03-05 22:06 - 00000000 ____D () C:\Users\XXXX\Documents\Mix2 2014-06-05 13:34 - 2014-06-05 13:34 - 00279736 _____ () C:\windows\Minidump\060514-30591-01.dmp 2014-06-01 16:08 - 2014-06-01 16:08 - 00279736 _____ () C:\windows\Minidump\060114-30560-01.dmp 2014-05-31 10:24 - 2014-03-08 20:52 - 00000000 ____D () C:\Users\XXXX\Documents\Bachelorarbeit Zusammenfassung 2014-05-31 09:14 - 2014-02-24 20:16 - 00000000 ____D () C:\Users\XXXX\Documents\Bachelorarbeit 2014-05-31 07:16 - 2013-11-19 01:25 - 00703992 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe 2014-05-31 07:16 - 2013-11-19 01:25 - 00105464 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-05-30 23:36 - 2014-05-27 13:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird Files to move or delete: ==================== C:\ProgramData\MakeMarkerFile.exe C:\Users\EasySurvey\EasySurvey.exe Some content of TEMP: ==================== C:\Users\XXXX\AppData\Local\Temp\avgnt.exe C:\Users\XXXX\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-26 18:41 ==================== End Of Log ============================ |
29.06.2014, 15:30 | #6 |
/// TB-Ausbilder /// Anleitungs-Guru | Notebook reagiert verzögert und hängt sich auf, scrollen ist kaum möglich - sehr langsam Wir machen jetzt ein paar Scans um Malware/Adware als Grund für Deine Probleme auszuschließen. Schritt 1 Bitte deinstalliere folgende Programme: Java 7 Update 45 Versuche es bei Windows 8 mit der Windowstaste + X über . Sollte das nicht gehen, lade Dir bitte Revo Uninstallerhier herunter. Entpacke die zip-Datei auf den Desktop.
Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter: Schritt 2 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 3 Malwarebytes Antimalware
Schritt 4 Downloade Dir HitmanProauf Deinen Desktop: HitmanPro - 32 Bit HitmanPro - 64 Bit
__________________ --> Notebook reagiert verzögert und hängt sich auf, scrollen ist kaum möglich - sehr langsam |
29.06.2014, 17:55 | #7 |
| Notebook reagiert verzögert und hängt sich auf, scrollen ist kaum möglich - sehr langsam So, dann mal die Logfiles. Bitteschön: Code:
ATTFilter # AdwCleaner v3.213 - Bericht erstellt am 29/06/2014 um 16:54:22 # Aktualisiert 23/06/2014 von Xplode # Betriebssystem : Windows 8 (64 bits) # Benutzername : XXXX # Gestartet von : C:\Users\XXXX\Downloads\adwcleaner_3.213.exe # Option : Löschen ***** [ Dienste ] ***** ***** [ Dateien / Ordner ] ***** Datei Gelöscht : C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\ewzecyo2.default-1397762976425\foxydeal.sqlite ***** [ Verknüpfungen ] ***** ***** [ Registrierungsdatenbank ] ***** Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} ***** [ Browser ] ***** -\\ Internet Explorer v10.0.9200.16921 -\\ Mozilla Firefox v30.0 (de) [ Datei : C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\dorl4x5b.default\prefs.js ] [ Datei : C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\ewzecyo2.default-1397762976425\prefs.js ] ************************* AdwCleaner[R0].txt - [2217 octets] - [29/06/2014 16:48:14] AdwCleaner[S0].txt - [2126 octets] - [29/06/2014 16:54:22] ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2186 octets] ########## Code:
ATTFilter # AdwCleaner v3.213 - Bericht erstellt am 29/06/2014 um 16:48:14 # Aktualisiert 23/06/2014 von Xplode # Betriebssystem : Windows 8 (64 bits) # Benutzername : XXXX # Gestartet von : C:\Users\XXXX\Downloads\adwcleaner_3.213.exe # Option : Suchen ***** [ Dienste ] ***** ***** [ Dateien / Ordner ] ***** Datei Gefunden : C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\ewzecyo2.default-1397762976425\foxydeal.sqlite ***** [ Verknüpfungen ] ***** ***** [ Registrierungsdatenbank ] ***** Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\secman.DLL Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\protector_dll.protectorbho Schlüssel Gefunden : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager Schlüssel Gefunden : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} ***** [ Browser ] ***** -\\ Internet Explorer v10.0.9200.16921 -\\ Mozilla Firefox v30.0 (de) [ Datei : C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\dorl4x5b.default\prefs.js ] [ Datei : C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\ewzecyo2.default-1397762976425\prefs.js ] ************************* AdwCleaner[R0].txt - [2065 octets] - [29/06/2014 16:48:14] ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2125 octets] ########## Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 29.06.2014 Suchlauf-Zeit: 17:23:58 Logdatei: Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.06.29.06 Rootkit Datenbank: v2014.06.23.02 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Self-protection: Deaktiviert Betriebssystem: Windows 8 CPU: x64 Dateisystem: NTFS Benutzer: X Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 325730 Verstrichene Zeit: 37 Min, 2 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 0 (No malicious items detected) Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter
|
29.06.2014, 18:12 | #8 | |
/// TB-Ausbilder /// Anleitungs-Guru | Notebook reagiert verzögert und hängt sich auf, scrollen ist kaum möglich - sehr langsamZitat:
https://www.virustotal.com/de/file/f...3283/analysis/ Unsere Regeln zur Erinnerung: http://www.trojaner-board.de/95393-c...-software.html
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
Themen zu Notebook reagiert verzögert und hängt sich auf, scrollen ist kaum möglich - sehr langsam |
anwendungen, bissl, combofix, dauert, experte, fenster, fenstern, hilfe!, hängt, installation, interne, internet, langsam, nervt, notebook, problem, reagiert, scrollen, seite, stern, trotz, verzögert, wechsel, wechseln, zwischen |