liaralia | 23.12.2014 16:39 | Hallo Seven, nein WhoCrashed hat auch nichts gefunden. :/
edit./ Hups, ja man sollte es auch vom Desktop aus laufen lassen. Sorry, hier nochmal neu. :D Weiß zwar nicht ob es einen Unterschied macht, aber egal.
FRST.txt
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-12-2014 01
Ran by Julia Katharina (administrator) on JULIA on 23-12-2014 16:50:43
Running from C:\Users\Julia Katharina\Desktop
Loaded Profile: Julia Katharina (Available profiles: Julia Katharina)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe
(Spotify Ltd) C:\Users\Julia Katharina\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Config.Msi\565b5.rbf
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\Julia Katharina\AppData\Roaming\Spotify\spotify.exe
() C:\Users\Julia Katharina\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Julia Katharina\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Julia Katharina\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Julia Katharina\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Julia Katharina\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Julia Katharina\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2894152 2013-11-04] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13674712 2014-07-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1389936 2014-07-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_SRSSA] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1389936 2014-07-18] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-10-14] (Adobe Systems Incorporated)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\Run: [Spotify Web Helper] => C:\Users\Julia Katharina\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-11] (Spotify Ltd)
HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\Run: [GoogleChromeAutoLaunch_700797C5FD25A9D44CE34EF536B76C0F] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\Run: [Spotify] => C:\Users\Julia Katharina\AppData\Roaming\Spotify\spotify.exe [6737976 2014-12-11] (Spotify Ltd)
HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\Run: [Remote Mouse] => C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe [2043904 2014-09-29] (RemoteMouse.net)
HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30872168 2014-12-11] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com
SearchScopes: HKU\S-1-5-21-2027014631-3366834958-3693072843-1001 -> DefaultScope {8ED0DBFC-D795-412D-8AD0-7A2B30B7B09B} URL =
SearchScopes: HKU\S-1-5-21-2027014631-3366834958-3693072843-1001 -> {8ED0DBFC-D795-412D-8AD0-7A2B30B7B09B} URL =
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Julia Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\m40jld03.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF user.js: detected! => C:\Users\Julia Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\m40jld03.default\user.js
FF Extension: YouTube Unblocker - C:\Users\Julia Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\m40jld03.default\Extensions\youtubeunblocker@unblocker.yt [2014-11-11]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Julia Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\m40jld03.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900} [2014-12-11]
FF Extension: YouTube High Definition - C:\Users\Julia Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\m40jld03.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2014-11-11]
FF Extension: {bae321f3-cea8-4cea-a66e-995c74d96824} - C:\Users\Julia Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\m40jld03.default\Extensions\{bae321f3-cea8-4cea-a66e-995c74d96824}.xpi [2014-11-11]
FF Extension: Adblock Plus - C:\Users\Julia Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\m40jld03.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-11]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2014-12-11]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com
FF Extension: Модуль блокування небезпечних веб-сайтів - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2014-12-22]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Віртуальна клавіатура - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2014-12-22]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com
FF Extension: Безпечні платежі - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2014-12-22]
FF HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-12-11]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
FF Extension: No Name - content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com [Not Found]
FF Extension: No Name - virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com [Not Found]
FF Extension: No Name - online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com [Not Found]
Chrome:
=======
CHR Profile: C:\Users\Julia Katharina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Julia Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-12]
CHR Extension: (HD for YouTube™) - C:\Users\Julia Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjbfncbadcmnkopckegnmjgihagponf [2014-11-12]
CHR Extension: (Google Docs) - C:\Users\Julia Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-12]
CHR Extension: (Google Drive) - C:\Users\Julia Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-12]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Julia Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-12]
CHR Extension: (YouTube) - C:\Users\Julia Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-12]
CHR Extension: (Google-Suche) - C:\Users\Julia Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-12]
CHR Extension: (Google Tabellen) - C:\Users\Julia Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-12]
CHR Extension: (AdBlock) - C:\Users\Julia Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-11-12]
CHR Extension: (Google Wallet) - C:\Users\Julia Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-12]
CHR Extension: (YouTube Unblocker) - C:\Users\Julia Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnkeeiehehhefofiekoflfedgehcdhl [2014-11-14]
CHR Extension: (Google Mail) - C:\Users\Julia Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-12]
CHR HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593152 2014-01-29] (Samsung Electronics CO., LTD.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [100104 2013-09-05] (ELAN Microelectronics Corp.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3000664 2014-10-21] (Samsung Electronics CO., LTD.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2014-07-21] (Advanced Micro Devices, Inc.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
R3 ETDSMBus; C:\Windows\System32\drivers\ETDSMBus.sys [22832 2013-07-24] (ELAN Microelectronic Corp.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [150536 2014-12-22] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [247480 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [799944 2014-12-22] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [68616 2014-12-22] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [77512 2014-12-22] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew00.sys [3345376 2013-10-08] (Intel Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)
S1 KLIM6; \SystemRoot\system32\DRIVERS\klim6.sys [X]
U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-23 16:50 - 2014-12-23 16:50 - 00027123 _____ () C:\Users\Julia Katharina\Desktop\FRST.txt
2014-12-23 16:22 - 2014-12-23 16:23 - 00058765 _____ () C:\Users\Julia Katharina\Downloads\FRST.txt
2014-12-23 16:22 - 2014-12-23 16:23 - 00032839 _____ () C:\Users\Julia Katharina\Downloads\Addition.txt
2014-12-23 16:21 - 2014-12-23 16:50 - 00000000 ____D () C:\FRST
2014-12-23 16:19 - 2014-12-23 16:21 - 02122240 _____ (Farbar) C:\Users\Julia Katharina\Desktop\FRST64.exe
2014-12-23 16:19 - 2014-12-23 16:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed
2014-12-23 16:19 - 2014-12-23 16:19 - 00000000 ____D () C:\Program Files\WhoCrashed
2014-12-23 16:17 - 2014-12-23 16:18 - 02668480 _____ (Resplendence Software Projects Sp. ) C:\Users\Julia Katharina\Downloads\whocrashedSetup.exe
2014-12-22 19:06 - 2014-12-22 19:06 - 00001122 _____ () C:\Users\Julia Katharina\Desktop\EVEREST Home Edition.lnk
2014-12-22 19:06 - 2014-12-22 19:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
2014-12-22 19:05 - 2014-12-22 19:05 - 00000000 ____D () C:\Program Files (x86)\Lavalys
2014-12-22 19:04 - 2014-12-22 19:05 - 04179293 _____ (Lavalys, Inc. ) C:\Users\Julia Katharina\Downloads\everesthome220.exe
2014-12-22 19:03 - 2014-12-22 19:03 - 00001045 _____ () C:\Users\Public\Desktop\EaseUS Data Recovery Wizard 8.5.lnk
2014-12-22 19:03 - 2014-12-22 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard 8.5
2014-12-22 19:03 - 2014-12-22 19:03 - 00000000 ____D () C:\Program Files\EaseUS
2014-12-22 18:55 - 2014-12-22 18:56 - 10561416 _____ (EaseUS ) C:\Users\Julia Katharina\Downloads\drw85_free.exe
2014-12-22 18:52 - 2014-12-22 18:56 - 28598072 _____ (TuneUp Software) C:\Users\Julia Katharina\Downloads\TuneUpUtilities2014_34de-DE.exe
2014-12-22 18:43 - 2014-12-22 18:43 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft BlueScreenView
2014-12-22 18:43 - 2014-12-22 18:43 - 00000000 ____D () C:\Program Files (x86)\NirSoft
2014-12-22 18:42 - 2014-12-22 18:42 - 00141480 _____ () C:\Users\Julia Katharina\Downloads\bluescreenview_152setup.exe
2014-12-22 18:35 - 2014-12-22 18:35 - 00010240 _____ () C:\Users\Julia Katharina\Downloads\test_10k.bin
2014-12-22 17:55 - 2014-12-22 17:58 - 17086240 _____ (IObit) C:\Users\Julia Katharina\Downloads\iobituninstaller41.exe
2014-12-22 17:46 - 2014-12-22 17:46 - 00000197 _____ () C:\WINDOWS\system32\2014-12-22-16-46-02.039-AvastVBoxSVC.exe-2436.log
2014-12-22 17:23 - 2014-12-22 17:24 - 00000197 _____ () C:\WINDOWS\system32\2014-12-22-16-23-51.053-AvastVBoxSVC.exe-3508.log
2014-12-22 17:09 - 2014-12-22 17:10 - 00000197 _____ () C:\WINDOWS\system32\2014-12-22-16-09-12.054-AvastVBoxSVC.exe-3452.log
2014-12-22 17:01 - 2014-12-22 18:14 - 00000000 ____D () C:\WINDOWS\Minidump
2014-12-22 16:52 - 2014-12-22 16:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2014-12-22 16:52 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll
2014-12-22 16:51 - 2014-12-23 16:30 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-12-22 16:51 - 2014-12-22 16:51 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-12-22 16:50 - 2014-08-12 18:32 - 00247480 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klhk.sys
2014-12-22 16:47 - 2014-12-22 16:47 - 00000000 ____D () C:\ProgramData\Sun
2014-12-22 16:47 - 2014-12-22 16:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-22 16:47 - 2014-12-22 16:46 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-12-22 16:46 - 2014-12-22 16:46 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-22 16:46 - 2014-12-22 16:46 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-22 16:42 - 2014-12-22 16:42 - 00638888 _____ (Oracle Corporation) C:\Users\Julia Katharina\Downloads\chromeinstall-8u25.exe
2014-12-22 16:12 - 2014-12-22 16:48 - 204166464 _____ () C:\Users\Julia Katharina\Downloads\kis15.0.1.415de_6844.exe
2014-12-21 22:05 - 2014-12-21 22:13 - 00325462 _____ () C:\Users\Julia Katharina\Desktop\TOP.aep
2014-12-21 21:10 - 2014-12-21 21:12 - 05855315 _____ () C:\Users\Julia Katharina\Desktop\TOP.wmv
2014-12-21 21:00 - 2014-12-21 21:00 - 00025496 _____ () C:\Users\Julia Katharina\Desktop\TOP.veg
2014-12-21 20:44 - 2014-12-21 20:44 - 00000000 ____D () C:\Users\Julia Katharina\Desktop\Neue Helvetica
2014-12-21 20:44 - 2014-12-21 20:44 - 00000000 ____D () C:\Users\Julia Katharina\Desktop\Helvetica World
2014-12-21 20:44 - 2014-12-21 20:44 - 00000000 ____D () C:\Users\Julia Katharina\Desktop\Helvetica
2014-12-21 19:46 - 2014-12-21 19:46 - 00013712 _____ () C:\Users\Julia Katharina\Downloads\Sony Vegas Coloring #9 [ Seaside ].veg
2014-12-21 19:45 - 2014-12-21 19:45 - 00013840 _____ () C:\Users\Julia Katharina\Downloads\Sony Vegas Coloring #11 [ Menschen sind wie Lieder ].veg
2014-12-21 19:39 - 2014-12-21 19:39 - 00001313 _____ () C:\Users\Julia Katharina\Documents\iste1.txt
2014-12-19 18:19 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-19 18:19 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-12-17 10:45 - 2014-12-17 11:01 - 00000000 ____D () C:\Users\Julia Katharina\Desktop\DCIM
2014-12-11 15:38 - 2014-12-11 15:39 - 00000197 _____ () C:\WINDOWS\system32\2014-12-11-14-38-30.053-AvastVBoxSVC.exe-3624.log
2014-12-11 15:36 - 2014-11-26 22:10 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-12-11 15:36 - 2014-11-26 22:10 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-11 14:50 - 2014-12-11 14:51 - 09041655 _____ () C:\Users\Julia Katharina\Downloads\Screen Glitch - Free Stock Footage.mp4
2014-12-11 14:20 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2014-12-11 14:20 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-11 14:20 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-11 14:20 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-11 14:16 - 2014-12-11 14:17 - 10115550 _____ () C:\Users\Julia Katharina\Downloads\tuts.mov
2014-12-11 14:07 - 2014-12-11 14:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue
2014-12-11 14:07 - 2014-12-11 14:09 - 00000000 ____D () C:\Program Files\NewBlue
2014-12-11 14:07 - 2014-12-11 14:09 - 00000000 ____D () C:\Program Files (x86)\NewBlue
2014-12-11 14:00 - 2014-12-21 16:38 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Local\LooksBuilder
2014-12-11 13:35 - 2014-10-13 03:43 - 00238912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-12-11 13:35 - 2014-10-13 03:43 - 00153920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-11 13:35 - 2014-10-13 03:43 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-11 13:35 - 2014-10-13 03:43 - 00039744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-12-11 13:34 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-11 13:34 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-11 13:34 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-11 13:34 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-11 13:34 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-11 13:34 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-11 13:34 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-11 13:34 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-11 13:34 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-11 13:34 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-11 13:34 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-12-11 13:34 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-11 13:34 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-11 13:34 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-11 13:34 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-11 13:34 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-11 13:34 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-11 13:34 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-11 13:34 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-11 13:34 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-11 13:34 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-11 13:34 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-11 13:34 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-11 13:34 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-11 13:34 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-11 13:34 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-11 13:34 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-11 13:34 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-11 13:34 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-11 13:34 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-11 13:34 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-11 13:34 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-11 13:34 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-11 13:34 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-11 13:34 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-11 13:34 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-11 13:34 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-11 13:34 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-11 13:34 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-12-11 13:34 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-11 13:34 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-11 13:34 - 2014-11-01 00:57 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-11 13:34 - 2014-11-01 00:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-11 13:27 - 2014-12-11 14:06 - 00000000 ____D () C:\Users\Julia Katharina\Desktop\musik
2014-12-11 13:21 - 2014-12-11 13:21 - 00000000 ____D () C:\Users\Public\Documents\Red Giant
2014-12-11 13:21 - 2014-12-11 13:21 - 00000000 ____D () C:\Users\Public\Documents\Knoll Software
2014-12-11 13:01 - 2014-12-11 13:01 - 00004234 _____ () C:\WINDOWS\System32\Tasks\Red Giant Link
2014-12-11 13:01 - 2014-12-11 13:01 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Roaming\Red Giant Link
2014-12-11 13:00 - 2014-12-11 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant
2014-12-11 13:00 - 2014-12-11 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Bullet Looks
2014-12-11 13:00 - 2014-12-11 13:00 - 00000000 ____D () C:\Program Files\Magic Bullet Looks Vegas
2014-12-11 13:00 - 2014-12-11 13:00 - 00000000 ____D () C:\Program Files (x86)\Red Giant Link
2014-12-11 13:00 - 2014-12-11 13:00 - 00000000 ____D () C:\Program Files (x86)\LooksBuilder
2014-12-11 12:48 - 2014-12-11 13:21 - 00000000 ____D () C:\ProgramData\RedGiant
2014-12-11 12:45 - 2014-12-11 12:45 - 00000000 ____D () C:\ProgramData\REVisionEffects
2014-12-11 12:45 - 2014-12-11 12:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REVisionEffects
2014-12-11 12:25 - 2014-12-11 12:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-12-11 12:24 - 2014-12-11 12:25 - 05532869 _____ () C:\Users\Julia Katharina\Downloads\Headlock.rar
2014-12-11 12:23 - 2014-12-11 12:23 - 00000000 ____D () C:\Program Files (x86)\Free Codec Pack
2014-12-11 12:22 - 2014-12-11 12:25 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-12-11 12:22 - 2014-12-11 12:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-11 12:21 - 2014-12-11 12:26 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Roaming\DVDVideoSoft
2014-12-11 12:20 - 2014-12-11 12:20 - 03529352 _____ (DVDVideoSoft Ltd. ) C:\Users\Julia Katharina\Downloads\FreeStudio.exe
2014-12-09 20:42 - 2014-12-09 20:42 - 03981488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2014-12-07 17:19 - 2014-12-07 17:19 - 23573675 _____ () C:\Users\Julia Katharina\Downloads\discord part 7 (liaralia).wmv
2014-12-07 15:46 - 2014-12-07 15:46 - 00000968 _____ () C:\Users\Julia Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\osu!.lnk
2014-12-07 15:44 - 2014-12-07 15:47 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Local\osu!
2014-12-07 15:44 - 2014-12-07 15:44 - 03160648 _____ (ppy) C:\Users\Julia Katharina\Downloads\osu!install.exe
2014-12-07 15:44 - 2014-12-07 15:44 - 00000000 ____D () C:\Users\Julia Katharina\Downloads\Localisation
2014-12-07 14:42 - 2014-12-07 14:42 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-12-06 23:21 - 2014-12-06 23:24 - 00000197 _____ () C:\WINDOWS\system32\2014-12-06-22-21-15.091-AvastVBoxSVC.exe-4460.log
2014-12-06 23:14 - 2014-12-06 23:14 - 00003434 _____ () C:\WINDOWS\System32\Tasks\Settings
2014-12-06 23:13 - 2014-12-06 23:14 - 00000197 _____ () C:\WINDOWS\system32\2014-12-06-22-13-45.088-AvastVBoxSVC.exe-3968.log
2014-12-06 23:13 - 2014-12-06 23:13 - 00001216 _____ () C:\Users\Julia Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\S Agent.lnk
2014-12-06 22:51 - 2014-12-06 22:51 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-12-06 22:49 - 2014-07-07 19:55 - 00000008 _____ () C:\WINDOWS\system32\Drivers\rtkhdaud.dat
2014-12-06 22:48 - 2014-07-21 21:28 - 04016216 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2014-12-06 22:48 - 2014-07-21 13:52 - 01279373 _____ () C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2014-12-06 22:48 - 2014-07-07 14:07 - 02860760 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2014-12-06 22:48 - 2014-07-04 11:07 - 01024728 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2014-12-06 22:48 - 2014-06-17 13:32 - 01286872 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2014-12-06 22:48 - 2014-05-09 11:17 - 00628952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2014-12-06 22:48 - 2014-04-10 12:19 - 02101848 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2014-12-06 22:48 - 2014-03-06 16:35 - 01959128 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2014-12-06 22:48 - 2014-02-06 11:28 - 05804772 _____ () C:\WINDOWS\system32\Drivers\rtvienna.dat
2014-12-06 22:48 - 2013-10-11 11:31 - 00947760 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2014-12-06 22:47 - 2014-07-18 18:10 - 02810736 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2014-12-06 22:47 - 2014-07-18 14:22 - 00955096 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2014-12-06 22:47 - 2014-07-16 14:36 - 67245056 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2014-12-06 22:47 - 2014-06-09 10:59 - 00560328 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2014-12-06 22:47 - 2014-04-10 12:19 - 14863448 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2014-12-06 22:47 - 2014-04-10 12:19 - 02041432 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2014-12-06 22:47 - 2014-04-10 12:19 - 01063512 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2014-12-06 22:47 - 2014-04-07 16:03 - 06218072 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2014-12-06 22:47 - 2014-04-07 16:03 - 01939800 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2014-12-06 22:47 - 2014-04-07 16:03 - 00315736 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2014-12-06 22:47 - 2014-04-07 16:03 - 00261464 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2014-12-06 22:47 - 2014-02-18 17:04 - 02770976 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2014-12-06 22:47 - 2013-10-11 12:47 - 00113576 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2014-12-06 22:47 - 2013-08-14 15:36 - 00662784 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2014-12-06 22:47 - 2013-08-14 15:35 - 00663296 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2014-12-06 22:39 - 2014-12-06 22:39 - 00000000 ____D () C:\Program Files\DIFX
2014-12-06 22:36 - 2014-12-06 22:36 - 00003126 _____ () C:\WINDOWS\System32\Tasks\advRecovery
2014-12-06 22:29 - 2014-12-22 18:03 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Roaming\Skype
2014-12-06 22:29 - 2014-12-22 17:49 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-06 22:29 - 2014-12-22 17:48 - 00000000 ____D () C:\ProgramData\Skype
2014-12-06 22:29 - 2014-12-06 22:29 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2014-12-06 22:29 - 2014-12-06 22:29 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Local\Skype
2014-12-06 22:29 - 2014-12-06 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-12-06 22:29 - 2013-04-25 18:12 - 09889352 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RtsUVStoricon.dll
2014-12-06 22:27 - 2013-07-26 15:07 - 00827096 _____ (Realtek ) C:\WINDOWS\system32\Drivers\Rt630x64.sys
2014-12-06 22:27 - 2013-07-26 15:07 - 00074456 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2014-12-06 22:26 - 2014-12-06 22:26 - 01806364 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2014-12-06 22:25 - 2014-12-06 22:25 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Roaming\Intel Corporation
2014-12-06 22:25 - 2013-07-24 14:57 - 00022832 _____ (ELAN Microelectronic Corp.) C:\WINDOWS\system32\Drivers\ETDSMBus.sys
2014-12-06 22:24 - 2014-12-06 22:25 - 01548384 _____ (Skype Technologies S.A.) C:\Users\Julia Katharina\Downloads\SkypeSetup.exe
2014-12-06 22:24 - 2014-12-06 22:24 - 00000000 ____D () C:\WINDOWS\RSTLog
2014-12-06 22:14 - 2014-12-06 22:14 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2014-12-06 22:08 - 2014-12-06 22:08 - 22850288 _____ () C:\Users\Julia Katharina\Downloads\SWUpdate_2.2.1.0 (1).ZIP
2014-12-06 22:06 - 2014-12-06 22:07 - 22850288 _____ () C:\Users\Julia Katharina\Downloads\SWUpdate_2.2.1.0.ZIP
2014-12-06 21:43 - 2014-12-06 21:45 - 00000197 _____ () C:\WINDOWS\system32\2014-12-06-20-43-57.011-AvastVBoxSVC.exe-3880.log
2014-12-06 19:02 - 2014-12-06 19:02 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Roaming\Publish Providers
2014-12-06 19:01 - 2014-12-06 19:01 - 00002552 _____ () C:\Users\Julia Katharina\Documents\Vegas Pro registrieren.htm
2014-12-06 18:58 - 2014-12-06 18:58 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Local\Sony
2014-12-06 18:53 - 2014-12-06 18:53 - 00000000 ____D () C:\ProgramData\Sony
2014-12-06 18:53 - 2014-12-06 18:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-12-06 18:53 - 2014-12-06 18:53 - 00000000 ____D () C:\Program Files\Sony
2014-12-06 18:53 - 2014-12-06 18:53 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-12-06 18:22 - 2014-12-06 19:02 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Roaming\Sony
2014-12-06 11:12 - 2014-12-06 11:12 - 00000197 _____ () C:\WINDOWS\system32\2014-12-06-10-12-37.093-AvastVBoxSVC.exe-3628.log
2014-12-05 12:42 - 2014-12-05 12:42 - 00000247 _____ () C:\WINDOWS\system32\2014-12-05-11-42-30.066-aswFe.exe-6580.log
2014-12-05 12:34 - 2014-12-05 12:42 - 00000247 _____ () C:\WINDOWS\system32\2014-12-05-11-34-46.071-aswFe.exe-4272.log
2014-12-05 12:31 - 2014-12-05 12:34 - 00000247 _____ () C:\WINDOWS\system32\2014-12-05-11-31-23.002-aswFe.exe-4396.log
2014-12-05 12:31 - 2014-12-05 12:31 - 00000197 _____ () C:\WINDOWS\system32\2014-12-05-11-31-20.024-AvastVBoxSVC.exe-5212.log
2014-12-05 12:22 - 2014-12-05 12:22 - 00000000 ____D () C:\WINDOWS\SysWOW64\vbox
2014-12-05 12:22 - 2014-12-05 12:22 - 00000000 ____D () C:\WINDOWS\system32\vbox
2014-12-05 12:14 - 2014-12-05 12:14 - 00000000 __SHD () C:\found.003
2014-11-29 16:39 - 2014-11-29 16:39 - 00707224 _____ (Remote Mouse ) C:\Users\Julia Katharina\Downloads\RemoteMouse.exe
2014-11-29 16:39 - 2014-11-29 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Mouse
2014-11-29 16:39 - 2014-11-29 16:39 - 00000000 ____D () C:\Program Files (x86)\Remote Mouse
2014-11-29 13:23 - 2014-11-29 13:23 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Roaming\Dropbox
2014-11-29 13:09 - 2014-12-22 18:00 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-11-29 13:05 - 2014-11-29 13:07 - 131078000 _____ (AVAST Software) C:\Users\Julia Katharina\Downloads\avast_free_antivirus_setup.exe
2014-11-27 20:52 - 2014-11-27 20:52 - 00000000 __SHD () C:\found.002
2014-11-27 20:52 - 2014-11-27 20:52 - 00000000 __SHD () C:\found.001
2014-11-27 20:52 - 2014-11-27 20:52 - 00000000 __SHD () C:\found.000
2014-11-26 21:01 - 2014-11-26 21:01 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Local\AirMouse
2014-11-26 21:00 - 2014-12-11 13:03 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Local\Downloaded Installations
2014-11-26 21:00 - 2014-11-26 21:00 - 10247768 _____ (RPA Tech, Inc ) C:\Users\Julia Katharina\Downloads\setup3.2.2.exe
2014-11-26 20:59 - 2014-12-19 16:49 - 00003846 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1417031848
2014-11-26 20:57 - 2014-12-19 16:49 - 00001057 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-11-26 20:55 - 2014-11-26 20:55 - 32532552 _____ (Opera Software) C:\Users\Julia Katharina\Downloads\Opera_26.0.1656.24_Setup.exe
2014-11-23 10:38 - 2014-11-10 00:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-11-23 10:38 - 2014-11-10 00:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-11-23 10:38 - 2014-11-10 00:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2014-11-23 10:38 - 2014-11-10 00:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-23 16:42 - 2014-11-11 15:17 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-12-23 16:25 - 2014-11-11 08:33 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Roaming\Spotify
2014-12-23 16:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-12-22 21:53 - 2014-11-12 09:48 - 00001140 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-22 20:17 - 2014-11-10 11:01 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2027014631-3366834958-3693072843-1001
2014-12-22 18:56 - 2014-11-10 20:23 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-12-22 18:07 - 2013-01-17 08:47 - 00000000 ____D () C:\ProgramData\WinClon
2014-12-22 18:02 - 2014-11-12 09:49 - 00000000 ___RD () C:\Users\Julia Katharina\Google Drive
2014-12-22 18:01 - 2014-11-12 09:47 - 00001136 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-22 18:00 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-12-22 17:59 - 2014-11-11 17:34 - 00000000 ____D () C:\Users\Julia Katharina
2014-12-22 17:57 - 2014-08-20 18:04 - 00799944 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klif.sys
2014-12-22 17:57 - 2014-08-18 14:43 - 00150536 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klflt.sys
2014-12-22 17:57 - 2014-08-13 19:34 - 00077512 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klwtp.sys
2014-12-22 17:57 - 2014-07-25 13:13 - 00068616 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klwfp.sys
2014-12-22 17:50 - 2014-11-11 09:16 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Local\Spotify
2014-12-22 17:48 - 2014-11-10 10:55 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Local\Adobe
2014-12-22 17:01 - 2013-08-22 15:44 - 10514768 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-12-22 16:52 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-12-22 16:51 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-12-22 16:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-12-22 16:14 - 2014-11-10 20:34 - 00007620 _____ () C:\Users\Julia Katharina\AppData\Local\Resmon.ResmonCfg
2014-12-22 09:45 - 2014-11-12 17:16 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Roaming\vlc
2014-12-21 21:48 - 2014-11-12 16:54 - 00000414 _____ () C:\Users\Julia Katharina\Documents\DesignLibrary_Photoshop.log
2014-12-21 20:45 - 2014-09-24 07:17 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-21 20:45 - 2014-09-24 06:43 - 00766620 _____ () C:\WINDOWS\system32\perfh007.dat
2014-12-21 20:45 - 2014-09-24 06:43 - 00159902 _____ () C:\WINDOWS\system32\perfc007.dat
2014-12-21 16:36 - 2014-11-19 12:52 - 00000000 ____D () C:\Users\Julia Katharina\Desktop\Samsung_Quality_Report
2014-12-19 19:08 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-19 19:04 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-19 18:22 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-12-19 16:49 - 2014-11-12 09:37 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-12-11 15:26 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-12-11 15:24 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-11 15:24 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-11 15:24 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-11 14:37 - 2014-11-11 11:42 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-11 14:31 - 2014-11-11 11:42 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-11 13:21 - 2013-01-17 08:18 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-11 13:00 - 2014-11-12 10:26 - 00000000 ____D () C:\Program Files\Adobe
2014-12-09 20:42 - 2014-11-11 15:17 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-12-07 14:21 - 2014-11-12 13:30 - 00000000 ____D () C:\Users\Julia Katharina\Documents\Adobe
2014-12-06 23:13 - 2013-01-17 08:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2014-12-06 23:08 - 2014-11-11 17:27 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-12-06 23:08 - 2014-11-11 17:26 - 00000000 ____D () C:\Program Files\Elantech
2014-12-06 22:52 - 2013-01-17 08:43 - 00000206 _____ () C:\setup.log
2014-12-06 22:52 - 2013-01-17 08:18 - 00002787 _____ () C:\RHDSetup.log
2014-12-06 22:52 - 2013-01-17 08:18 - 00000000 ___HD () C:\Program Files (x86)\Temp
2014-12-06 22:50 - 2014-11-11 17:28 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-12-06 22:34 - 2013-01-17 08:20 - 00000000 ____D () C:\Program Files\Samsung
2014-12-06 22:29 - 2013-01-17 08:18 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-12-06 22:24 - 2013-01-17 08:41 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-12-06 22:24 - 2013-01-17 08:19 - 00000000 ____D () C:\ProgramData\Intel
2014-12-06 22:24 - 2013-01-17 08:19 - 00000000 ____D () C:\Program Files\Intel
2014-12-06 22:17 - 2013-01-17 08:41 - 00003936 _____ () C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d
2014-12-06 22:17 - 2013-01-17 08:41 - 00003690 _____ () C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon
2014-12-06 22:09 - 2013-01-17 08:47 - 00000000 ____D () C:\ProgramData\Samsung
2014-11-29 13:15 - 2013-01-17 08:48 - 00000000 ____D () C:\Users\EasySurvey
2014-11-29 13:15 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated
2014-11-26 20:59 - 2014-11-12 09:37 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Roaming\Opera Software
2014-11-26 20:59 - 2014-11-12 09:37 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Local\Opera Software
Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-21 11:13
==================== End Of Log ============================ --- --- ---
ADDITION.txt Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-12-2014 01
Ran by Julia Katharina at 2014-12-23 16:51:11
Running from C:\Users\Julia Katharina\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe After Effects CC 2014 (HKLM-x32\...\{2B22C750-5C3B-4738-B621-BA786AC7A494}) (Version: 13.1.1 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.8.1.451 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Illustrator CC 2014 (HKLM-x32\...\{2B4B4082-8043-4646-8334-B0A29E641211}) (Version: 18.1.0 - Adobe Systems Incorporated)
Adobe InDesign CC 2014 (HKLM-x32\...\{CCDCB9C4-72BA-1014-A3F8-D123F2F18BC2}) (Version: 10.1.0.070 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.1.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2.1 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.6 64-bit (HKLM\...\{D19E99C2-6D9D-4075-B446-B4387EAF70A5}) (Version: 5.6.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2014 (HKLM-x32\...\{07BE616F-9E42-4C90-AF4F-0F32A5B088E7}) (Version: 8.1.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.3) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.3 - Adobe Systems Incorporated)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated)
AMD Catalyst Install Manager (HKLM\...\{77A7CE43-5A1E-8282-931B-E0CC4C075793}) (Version: 8.0.891.0 - Advanced Micro Devices, Inc.)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
EaseUS Data Recovery Wizard 8.5 (HKLM\...\EaseUS Data Recovery Wizard 8.5_is1) (Version: - EaseUS)
Effects Suite 64-bit (HKLM-x32\...\InstallShield_{76D21FF6-B4B6-4BE1-A43D-AB01EA6A2B69}) (Version: 11.0.1 - Red Giant)
Effects Suite 64-bit (Version: 11.0.1 - Red Giant) Hidden
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
ETDWare X64 11.7.19.9_WHQL (HKLM\...\Elantech) (Version: 11.7.19.9 - ELAN Microelectronic Corp.)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Free Studio version 6.4.0.1122 (HKLM-x32\...\Free Studio_is1) (Version: 6.4.0.1122 - DVDVideoSoft Ltd.)
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Help Desk (HKLM\...\{AEC9D273-E162-4614-83F1-722B8C74B185}) (Version: 1.0.96 - Samsung Electronics CO., LTD.)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33070) (Version: 3.6.1.33070.11 - Intel)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{E77289CF-12B9-4CAB-A49E-FEAE947F4D95}) (Version: 15.5.4.0423 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.1.415 - Kaspersky Lab) Hidden
Keying Suite 64-bit (HKLM-x32\...\InstallShield_{456BB962-D316-40BC-8949-4CEC32F2AA7A}) (Version: 11.0.2 - Red Giant)
Keying Suite 64-bit (Version: 11.0.2 - Red Giant) Hidden
LibreOffice 4.3.3.2 (HKLM-x32\...\{87C753BB-81E3-403B-BD87-6293F870B20B}) (Version: 4.3.3.2 - The Document Foundation)
Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{E7676EF4-3896-4B7E-B030-1356EEC477CE}) (Version: 11.4.4 - Red Giant)
Magic Bullet Suite 64-bit (Version: 11.4.4 - Red Giant) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.2.0 - Mozilla)
Mozilla Thunderbird 31.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.2.0 (x86 de)) (Version: 31.2.0 - Mozilla)
NewBlue 3D Explosions for Windows (HKLM-x32\...\NewBlue 3D Explosions for Windows) (Version: 1.4 - NewBlue)
NewBlue Motion Blends for Windows (HKLM-x32\...\NewBlue Motion Blends for Windows) (Version: 2.4 - NewBlue)
NewBlue Motion Effects for Windows (HKLM-x32\...\NewBlue Motion Effects for Windows) (Version: 2.4 - NewBlue)
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version: - )
OEM Application Profile (HKLM-x32\...\{EE55B368-EBDF-98F3-CFE7-7CE4ADBC4553}) (Version: 1.00.0004 - Advanced Micro Devices, Inc.)
Opera Stable 26.0.1656.60 (HKLM-x32\...\Opera 26.0.1656.60) (Version: 26.0.1656.60 - Opera Software ASA)
osu! (HKLM-x32\...\{89f7a08e-cd9f-4ec4-86d7-ee81a2070ea0}) (Version: latest - ppy Pty Ltd)
PowerXpressHybrid (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
RE:Vision Effects Twixtor AE (HKLM\...\Twixtor AE 6.1.0_is1) (Version: 6.1.0 - Team V.R)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7299 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.12.18 - Samsung Electronics CO., LTD.)
Remote Mouse version 2.56 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 2.56 - Remote Mouse)
S Agent (Version: 1.1.50 - Samsung Electronics CO., LTD.) Hidden
Settings (HKLM-x32\...\{8CB5C357-12E5-41B1-A024-D57D4E6F32D9}) (Version: 2.0.1 - Samsung Electronics CO., LTD.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
SRS Premium Sound (HKLM-x32\...\{E44F8A34-529E-4318-A0E1-1893C337A47F}) (Version: 1.00.2000 - SRS Labs)
Support Center (HKLM\...\{3EB3E946-FB88-45C2-A19B-410D254657D9}) (Version: 2.1.20 - Samsung Electronics CO., LTD.)
Support Center FAQ (x32 Version: 1.0.6 - Samsung Electronics CO., LTD.) Hidden
SW Update (HKLM-x32\...\{4F1936F8-82B4-437E-BC47-FAB9136A04B2}) (Version: 2.2.2 - Samsung Electronics CO., LTD.)
Trapcode Suite 64-bit (HKLM-x32\...\InstallShield_{9528F9CB-29E3-4E33-8BAA-181B336E24F8}) (Version: 12.1.1 - Red Giant)
Trapcode Suite 64-bit (Version: 12.1.1 - Red Giant) Hidden
User Guide (HKLM-x32\...\{66172F70-0BDE-4BAB-A973-E2E4EF501F6D}) (Version: 1.2.00 - Samsung Electronics CO., LTD.)
Vegas Pro 10.0 (64-bit) (HKLM\...\{C71D49C0-11F5-11E0-B8FB-0013D3D69929}) (Version: 10.0.470 - Sony)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WhoCrashed 5.01 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows-Treiberpaket - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass (08/23/2013 6.2.8400.4218) (HKLM\...\26BFE384C802803107F583AE1A739E4FEB56134B) (Version: 08/23/2013 6.2.8400.4218 - Samsung Electronics Co. Ltd.)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2027014631-3366834958-3693072843-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Restore Points =========================
06-12-2014 18:47:39 Removed Vegas Pro 10.0 (64-bit)
11-12-2014 12:52:40 Installed Trapcode Suite 64-bit
19-12-2014 18:19:50 Windows Update
22-12-2014 17:52:07 avast! antivirus system restore point
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1D63BFC5-58FC-4985-AF00-1298B6C77136} - System32\Tasks\Opera scheduled Autoupdate 1417031848 => C:\Program Files (x86)\Opera\launcher.exe [2014-12-17] (Opera Software)
Task: {33E5A254-FF6F-4EDF-A7C8-8EE9B0F061A9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-12] (Google Inc.)
Task: {6A93FA23-05DB-4421-8AF9-6F0AF5BB62F5} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2014-10-10] (Samsung Electronics CO., LTD.)
Task: {892E81A8-8BDD-4C78-AD73-2D2A77F4FCA9} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2014-11-12] (SEC)
Task: {9817CC61-ED33-47ED-A115-6EEE989C26C7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-11] (Microsoft Corporation)
Task: {C065C0C6-A44B-4F5B-B418-75FB44FF29C3} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {CA15129A-1094-40C8-9A23-28DDCE305A24} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-12] (Google Inc.)
Task: {CB4846F5-B3D2-47DD-87C7-F9C8C0EB3766} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd)
Task: {DAC83684-33A8-4A0B-A7E8-FD9688313F5D} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated)
Task: {DFC4AAEC-BF33-4ABC-9781-A2D9810BBCC6} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2014-01-29] (Samsung Electronics CO., LTD.)
Task: {E190DBC2-7FDA-48B7-9B50-E6DDD9D4557D} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Common\Red Giant Link.exe [2013-01-02] ()
Task: {E4DCB770-374D-4D9D-96AD-70468D7492FD} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {F7A5F1B7-902B-46E1-B302-ACA51103C2C4} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-09-26 14:41 - 2014-09-26 14:41 - 01021088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00084800 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
2014-10-10 20:35 - 2014-10-10 20:35 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll
2014-10-23 20:19 - 2014-10-23 20:19 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2013-05-09 17:58 - 2013-05-09 17:58 - 00119808 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
2014-11-11 09:16 - 2014-12-11 13:22 - 00374840 _____ () C:\Users\Julia Katharina\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-08-30 17:12 - 2014-08-30 17:12 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\kpcengine.2.3.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00025920 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00109888 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00059712 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00102720 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00027968 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 01141056 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00109888 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2014-11-29 16:39 - 2013-11-19 22:34 - 00152576 _____ () C:\Program Files (x86)\Remote Mouse\FileS.dll
2014-12-06 22:14 - 2013-09-16 12:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2011-08-15 12:12 - 2011-08-15 12:12 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll
2013-03-07 12:53 - 2013-03-07 12:53 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll
2011-08-15 12:12 - 2011-08-15 12:12 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll
2011-08-15 12:15 - 2011-08-15 12:15 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll
2011-08-17 08:41 - 2011-08-17 08:41 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll
2011-08-17 08:48 - 2011-08-17 08:48 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll
2011-08-17 08:48 - 2011-08-17 08:48 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll
2011-08-15 11:23 - 2011-08-15 11:23 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll
2013-03-07 12:55 - 2013-03-07 12:55 - 00472576 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll
2013-03-07 12:58 - 2013-03-07 12:58 - 00499488 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll
2013-03-07 12:54 - 2013-03-07 12:54 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll
2011-07-19 08:05 - 2011-07-19 08:05 - 14978048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll
2011-08-15 12:17 - 2011-08-15 12:17 - 09224704 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll
2011-07-19 08:04 - 2011-07-19 08:04 - 00317952 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll
2014-12-19 16:57 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-19 16:57 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-19 16:57 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-19 16:57 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-11-11 09:16 - 2014-12-11 13:22 - 36966968 _____ () C:\Users\Julia Katharina\AppData\Roaming\Spotify\Data\libcef.dll
2014-11-11 09:16 - 2014-12-11 13:22 - 00867896 _____ () C:\Users\Julia Katharina\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2014-11-11 09:16 - 2014-12-11 13:22 - 00886840 _____ () C:\Users\Julia Katharina\AppData\Roaming\Spotify\Data\libglesv2.dll
2014-11-11 09:16 - 2014-12-11 13:22 - 00108600 _____ () C:\Users\Julia Katharina\AppData\Roaming\Spotify\Data\libegl.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Norton Online Backup"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\StartupApproved\Run: => "AdobeBridge"
HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_700797C5FD25A9D44CE34EF536B76C0F"
HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\StartupApproved\Run: => "Skype"
========================= Accounts: ==========================
Administrator (S-1-5-21-2027014631-3366834958-3693072843-500 - Administrator - Disabled)
Gast (S-1-5-21-2027014631-3366834958-3693072843-501 - Limited - Disabled)
Julia Katharina (S-1-5-21-2027014631-3366834958-3693072843-1001 - Administrator - Enabled) => C:\Users\Julia Katharina
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/22/2014 06:31:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Julia)
Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (12/22/2014 06:31:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17031 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1778
Startzeit: 01d01e0d0f03527f
Endzeit: 4294967295
Anwendungspfad: C:\WINDOWS\system32\wwahost.exe
Berichts-ID: 5684469f-8a00-11e4-be96-c8f733e8efb7
Vollständiger Name des fehlerhaften Pakets: Microsoft.BingWeather_3.0.4.249_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (12/22/2014 06:31:18 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Julia)
Description: Die App „Microsoft.BingWeather_3.0.4.249_x64__8wekyb3d8bbwe+App“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.
Error: (12/21/2014 09:10:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vegas100.exe, Version: 10.0.0.470, Zeitstempel: 0x4d18eee3
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eebd22
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000f0d6c
ID des fehlerhaften Prozesses: 0x4038
Startzeit der fehlerhaften Anwendung: 0xvegas100.exe0
Pfad der fehlerhaften Anwendung: vegas100.exe1
Pfad des fehlerhaften Moduls: vegas100.exe2
Berichtskennung: vegas100.exe3
Vollständiger Name des fehlerhaften Pakets: vegas100.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vegas100.exe5
Error: (12/21/2014 08:59:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Adobe Premiere Pro.exe, Version: 8.1.0.81, Zeitstempel: 0x5426694c
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eebd22
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000003fd4b
ID des fehlerhaften Prozesses: 0x3724
Startzeit der fehlerhaften Anwendung: 0xAdobe Premiere Pro.exe0
Pfad der fehlerhaften Anwendung: Adobe Premiere Pro.exe1
Pfad des fehlerhaften Moduls: Adobe Premiere Pro.exe2
Berichtskennung: Adobe Premiere Pro.exe3
Vollständiger Name des fehlerhaften Pakets: Adobe Premiere Pro.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Adobe Premiere Pro.exe5
Error: (12/21/2014 08:57:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vegas100.exe, Version: 10.0.0.470, Zeitstempel: 0x4d18eee3
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eebd22
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000f0d6c
ID des fehlerhaften Prozesses: 0x1188
Startzeit der fehlerhaften Anwendung: 0xvegas100.exe0
Pfad der fehlerhaften Anwendung: vegas100.exe1
Pfad des fehlerhaften Moduls: vegas100.exe2
Berichtskennung: vegas100.exe3
Vollständiger Name des fehlerhaften Pakets: vegas100.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vegas100.exe5
Error: (12/21/2014 07:39:59 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4
Error: (12/21/2014 07:39:59 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
Error: (12/21/2014 07:39:59 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description:
Error: (12/21/2014 07:39:59 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4
System errors:
=============
Error: (12/23/2014 04:12:36 PM) (Source: DCOM) (EventID: 10010) (User: Julia)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (12/22/2014 07:13:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Lavalys EVEREST Kernel Driver" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error: (12/22/2014 07:13:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Lavalys EVEREST Kernel Driver" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error: (12/22/2014 06:37:44 PM) (Source: KLIF) (EventID: 0) (User: )
Description: Ñonnection is not established
Error: (12/22/2014 06:37:44 PM) (Source: KLIF) (EventID: 0) (User: )
Description: Ñonnection is not established
Error: (12/22/2014 06:37:42 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet:
%%1
Error: (12/22/2014 06:37:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Kaspersky Anti-Virus NDIS 6 Filter" wurde aufgrund folgenden Fehlers nicht gestartet:
%%5
Error: (12/22/2014 06:31:16 PM) (Source: DCOM) (EventID: 10016) (User: Julia)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}JuliaJulia KatharinaS-1-5-21-2027014631-3366834958-3693072843-1001LocalHost (unter Verwendung von LRPC)Microsoft.BingWeather_3.0.4.249_x64__8wekyb3d8bbweS-1-15-2-2040986369-264322980-3882385089-1970153872-3662121739-3363227934-2464603330
Error: (12/22/2014 05:44:01 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {F319F1B8-7587-4146-AF9C-0D6D77819BF1}
Error: (12/22/2014 05:43:39 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Bluetooth OBEX Service" wurde mit folgendem Fehler beendet:
%%2147500053
Microsoft Office Sessions:
=========================
Error: (12/22/2014 06:31:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Julia)
Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2144927142
Error: (12/22/2014 06:31:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.17031177801d01e0d0f03527f4294967295C:\WINDOWS\system32\wwahost.exe5684469f-8a00-11e4-be96-c8f733e8efb7Microsoft.BingWeather_3.0.4.249_x64__8wekyb3d8bbweApp
Error: (12/22/2014 06:31:18 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Julia)
Description: Microsoft.BingWeather_3.0.4.249_x64__8wekyb3d8bbwe+App
Error: (12/21/2014 09:10:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vegas100.exe10.0.0.4704d18eee3ntdll.dll6.3.9600.1727853eebd22c000037400000000000f0d6c403801d01d589977b712C:\Program Files\Sony\Vegas Pro 10.0\vegas100.exeC:\WINDOWS\SYSTEM32\ntdll.dll57e56871-894d-11e4-be8f-c8f733e8efb7
Error: (12/21/2014 08:59:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Adobe Premiere Pro.exe8.1.0.815426694cntdll.dll6.3.9600.1727853eebd22c0000005000000000003fd4b372401d01d585f35b872C:\Program Files\Adobe\Adobe Premiere Pro CC 2014\Adobe Premiere Pro.exeC:\WINDOWS\SYSTEM32\ntdll.dllcf9b5c22-894b-11e4-be8f-c8f733e8efb7
Error: (12/21/2014 08:57:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vegas100.exe10.0.0.4704d18eee3ntdll.dll6.3.9600.1727853eebd22c000037400000000000f0d6c118801d01d35cba18a67C:\Program Files\Sony\Vegas Pro 10.0\vegas100.exeC:\WINDOWS\SYSTEM32\ntdll.dll8b276f98-894b-11e4-be8f-c8f733e8efb7
Error: (12/21/2014 07:39:59 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4
Error: (12/21/2014 07:39:59 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
Error: (12/21/2014 07:39:59 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description:
Error: (12/21/2014 07:39:59 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4
CodeIntegrity Errors:
===================================
Date: 2014-12-22 19:13:11.544
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\JULIAK~1\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-22 19:13:11.444
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-3635QM CPU @ 2.40GHz
Percentage of memory in use: 28%
Total physical RAM: 8078.79 MB
Available physical RAM: 5764.45 MB
Total Pagefile: 16270.8 MB
Available Pagefile: 12712.92 MB
Total Virtual: 131072 MB
Available Virtual: 131071.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:908.68 GB) (Free:737.53 GB) NTFS
==================== MBR & Partition Table ==================
==================== End Of Log ============================ |