Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-04-2015
Ran by MaggieSmalls at 2015-04-14 16:49:30
Running from C:\Users\MaggieSmalls\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Reader X (10.1.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)
Avira (HKLM-x32\...\{bd538030-07d4-4999-a525-7fafa2483f56}) (Version: 1.1.30.21727 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.30.21727 - Avira Operations & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.9.504 - Avira Operations GmbH & Co. KG)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.28.50 - Conexant)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Edirol HQ Orchestral v1.01 (HKLM-x32\...\Edirol HQ Orchestral v1.01) (Version: - )
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo)
Energy Manager (x32 Version: 1.0.0.35 - Lenovo) Hidden
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version: - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version: - )
Focusrite USB 2.0 Audio Driver 2.5.1 (HKLM\...\Focusrite USB 2.0 Audio Driver_is1) (Version: 2.5.1 - Focusrite Audio Engineering Limited.)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4156 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
LaCie Desktop Manager 1.7.0 (HKLM\...\{3845209F-142E-4F48-B61A-AA34D2DB54BB}_is1) (Version: 1.7.0 - LaCie)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10249 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.31.1 - ELAN Microelectronic Corp.)
Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 37.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 de)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla)
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.4.3.307 - Native Instruments)
NVIDIA GeForce Experience 1.7 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.7 - NVIDIA Corporation)
NVIDIA Grafiktreiber 332.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.33 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.805.802.010814 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0238 - REALTEK Semiconductor Corp.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Waves Complete V9r20 (HKLM-x32\...\{93000001-C561-4E32-99EB-3C5AD3683A70}) (Version: 9.3.20 - Waves)
Windows-Treiberpaket - Focusrite USB 2.0 Audio Driver (09/25/2013 2.5.128.1) (HKLM\...\CF1FC201D237269A9CD51A3A6B14ADBF67175C32) (Version: 09/25/2013 2.5.128.1 - Focusrite)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3212640167-3842111366-1548579613-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Restore Points =========================
12-04-2015 10:56:43 Geplanter Prüfpunkt
13-04-2015 15:35:07 Installed Waves Complete V9r20
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {2D544D0A-58F7-46FC-A025-97AA8113FA1E} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {6A98B7F1-C66B-468B-B94D-6A26BC4BFEE0} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {6B63BD2E-6F52-450C-96C4-E09B66A0BBBC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-02-26] (Microsoft Corporation)
Task: {7EB9876D-8BAD-4CDE-9DFF-1806A5F653A9} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {8A1BC64D-8A09-45AA-A6EE-099C6B9E9A1B} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {9258105F-404B-4B63-A733-A48EB1D003BE} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {CF0FF07C-FF98-480D-87E4-0FC1D651A667} - System32\Tasks\Samsung_PSSD_Registration => C:\ProgramData\Samsung Apps\Portable SSD\Samsung Portable SSD Daemon.exe [2014-12-03] (Samsung Electronics)
Task: {E9660045-DCAD-47F4-A38B-776E50CE5628} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
==================== Loaded Modules (whitelisted) ==============
2014-11-10 17:01 - 2014-01-06 10:13 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-11-10 17:06 - 2014-01-06 15:56 - 00079872 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2015-03-26 15:40 - 2015-03-26 15:40 - 00085504 _____ () C:\Users\MaggieSmalls\AppData\Local\CopyEditor\CopyEditor.exe
2015-03-26 15:40 - 2015-03-26 15:40 - 01051136 _____ () C:\Users\MaggieSmalls\AppData\Local\CopyEditor\CopyEditor_run.exe
2015-04-10 18:34 - 2013-09-19 12:00 - 01380352 _____ () C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe
2015-04-14 16:18 - 2015-04-14 16:18 - 00509120 _____ () C:\Users\MaggieSmalls\AppData\Local\CopyEditor\ykanv\krfqvuxx.exe
2015-03-26 15:40 - 2015-03-26 15:40 - 02199552 _____ () C:\Users\MaggieSmalls\AppData\Local\CopyEditor\CopyEditor_run.dll
2015-04-05 13:28 - 2015-04-05 13:28 - 06225408 _____ () C:\Users\MaggieSmalls\AppData\Local\CopyEditor\rlurm.dll
2015-03-26 15:40 - 2015-03-26 15:40 - 01819136 _____ () C:\Users\MaggieSmalls\AppData\Local\CopyEditor\zvfodu.dll
2015-04-05 13:28 - 2015-04-14 16:18 - 00063644 _____ () C:\Users\MaggieSmalls\AppData\Local\CopyEditor\ykanv\mnmvmhs.dll
2015-04-05 13:28 - 2015-04-14 16:18 - 01018240 _____ () C:\Users\MaggieSmalls\AppData\Local\CopyEditor\ykanv\kejmvp.dll
2015-04-05 13:28 - 2015-04-14 16:18 - 00005120 _____ () C:\Users\MaggieSmalls\AppData\Local\CopyEditor\ykanv\mbmfauq.dll
2015-04-05 13:28 - 2015-04-14 16:18 - 00509120 _____ () C:\Users\MaggieSmalls\AppData\Local\CopyEditor\ykanv\snzr.dll
2014-11-10 17:04 - 2013-09-16 21:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Windows:nlsPreferences
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDWFP => ""="Driver"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3212640167-3842111366-1548579613-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\MaggieSmalls\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "ETDCtrl"
HKLM\...\StartupApproved\Run: => "ForteConfig"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "LaCie Desktop Manager Launcher"
HKLM\...\StartupApproved\Run: => "BtServer"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "avgnt"
HKU\S-1-5-21-3212640167-3842111366-1548579613-1002\...\StartupApproved\Run: => "DAEMON Tools Lite"
==================== Accounts: =============================
Administrator (S-1-5-21-3212640167-3842111366-1548579613-500 - Administrator - Disabled)
Gast (S-1-5-21-3212640167-3842111366-1548579613-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3212640167-3842111366-1548579613-1004 - Limited - Enabled)
MaggieSmalls (S-1-5-21-3212640167-3842111366-1548579613-1002 - Administrator - Enabled) => C:\Users\MaggieSmalls
UpdatusUser (S-1-5-21-3212640167-3842111366-1548579613-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/14/2015 04:23:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FL64.exe, Version 1.1.5.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 12ec
Startzeit: 01d076be62ce315f
Endzeit: 11
Anwendungspfad: C:\Program Files (x86)\Image-Line\FL Studio 11\FL64.exe
Berichts-ID: df2b67dd-e2b1-11e4-8271-c0389670a11e
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (04/14/2015 04:20:03 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
Error: (04/14/2015 03:31:45 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" in Zeile WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (04/14/2015 03:31:45 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" in Zeile WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (04/14/2015 02:52:05 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
Error: (04/13/2015 08:06:59 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" in Zeile WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition: WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (04/13/2015 08:06:58 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" in Zeile WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (04/13/2015 08:06:58 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" in Zeile WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (04/13/2015 06:49:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: MG)
Description: Das Paket „winstore_1.0.0.0_neutral_neutral_cw5n1h2txyewy+Windows.Store“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (04/13/2015 06:49:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm WWAHost.exe, Version 6.3.9600.17031 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1528
Startzeit: 01d07609b526cd1a
Endzeit: 4294967295
Anwendungspfad: C:\Windows\System32\WWAHost.exe
Berichts-ID: 035ab2cb-e1fd-11e4-826f-68f7281ed26d
Vollständiger Name des fehlerhaften Pakets: winstore_1.0.0.0_neutral_neutral_cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Windows.Store
System errors:
=============
Error: (04/14/2015 03:12:51 PM) (Source: DCOM) (EventID: 10010) (User: MG)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (04/14/2015 03:12:21 PM) (Source: DCOM) (EventID: 10010) (User: MG)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (04/13/2015 09:01:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "LaCieDesktopManagerService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (04/13/2015 09:01:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (04/13/2015 07:17:31 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "FRITZ-NAS",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{2C3FA58A-F417-4A15-A68B-51BEEAC27BAA}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (04/13/2015 07:09:30 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "FRITZ-NAS",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{2C3FA58A-F417-4A15-A68B-51BEEAC27BAA}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (04/13/2015 06:56:12 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000133 (0x0000000000000000, 0x0000000000000501, 0x0000000000000500, 0x0000000000000000)C:\WINDOWS\MEMORY.DMP041315-4937-01
Error: (04/13/2015 06:56:11 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 13.04.2015 um 18:47:02 unerwartet heruntergefahren.
Error: (04/13/2015 00:09:26 PM) (Source: DCOM) (EventID: 10010) (User: MG)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (04/12/2015 10:53:47 AM) (Source: DCOM) (EventID: 10010) (User: MG)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Microsoft Office Sessions:
=========================
Error: (04/14/2015 04:23:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FL64.exe1.1.5.012ec01d076be62ce315f11C:\Program Files (x86)\Image-Line\FL Studio 11\FL64.exedf2b67dd-e2b1-11e4-8271-c0389670a11e
Error: (04/14/2015 04:20:03 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
Error: (04/14/2015 03:31:45 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0"C:\Program Files (x86)\Waves\Applications\GTR 3.5.exeC:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST8
Error: (04/14/2015 03:31:45 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0"C:\Program Files (x86)\Waves\Applications\Element App.exeC:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST8
Error: (04/14/2015 02:52:05 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
Error: (04/13/2015 08:06:59 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0"C:\Program Files (x86)\Waves\Applications\wlc.exeC:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.8.2_Win32_Release\WavesQtLibs_4.8.2_Win32_Release.MANIFEST8
Error: (04/13/2015 08:06:58 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0"C:\Program Files (x86)\Waves\Applications\GTR 3.5.exeC:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST8
Error: (04/13/2015 08:06:58 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0"C:\Program Files (x86)\Waves\Applications\Element App.exeC:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST8
Error: (04/13/2015 06:49:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: MG)
Description: winstore_1.0.0.0_neutral_neutral_cw5n1h2txyewy+Windows.Store
Error: (04/13/2015 06:49:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: WWAHost.exe6.3.9600.17031152801d07609b526cd1a4294967295C:\Windows\System32\WWAHost.exe035ab2cb-e1fd-11e4-826f-68f7281ed26dwinstore_1.0.0.0_neutral_neutral_cw5n1h2txyewyWindows.Store
CodeIntegrity Errors:
===================================
Date: 2015-04-12 10:53:01.032
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-04-11 19:06:56.572
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-04-02 19:18:05.068
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz
Percentage of memory in use: 13%
Total physical RAM: 16276.27 MB
Available physical RAM: 14101.99 MB
Total Pagefile: 32660.27 MB
Available Pagefile: 30110.92 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:197.39 GB) (Free:116.91 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.69 GB) NTFS
Drive f: (Samsung_T1) (Fixed) (Total:232.87 GB) (Free:96.68 GB) exFAT
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 1B44C274)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 232.9 GB) (Disk ID: 78E732FC)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)
==================== End Of Log ============================ Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-04-14 16:58:28
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000002d SAMSUNG_MZYTE256HMHP-000L2 rev.EXT06L0Q 238,47GB
Running: zwzowgch.exe; Driver: C:\Users\MAGGIE~1\AppData\Local\Temp\uxtdypow.sys
---- User code sections - GMER 2.1 ----
.text C:\WINDOWS\system32\nvvsvc.exe[960] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ff9912c169a 4 bytes [2C, 91, F9, 7F]
.text C:\WINDOWS\system32\nvvsvc.exe[960] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ff9912c16a2 4 bytes [2C, 91, F9, 7F]
.text C:\WINDOWS\system32\nvvsvc.exe[960] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ff9912c181a 4 bytes [2C, 91, F9, 7F]
.text C:\WINDOWS\system32\nvvsvc.exe[960] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ff9912c1832 4 bytes [2C, 91, F9, 7F]
.text C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe[1968] C:\WINDOWS\SYSTEM32\WSOCK32.dll!setsockopt + 194 00007ff988b61f6a 4 bytes [B6, 88, F9, 7F]
.text C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe[1968] C:\WINDOWS\SYSTEM32\WSOCK32.dll!setsockopt + 218 00007ff988b61f82 4 bytes [B6, 88, F9, 7F]
.text C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe[1968] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ff9912c169a 4 bytes [2C, 91, F9, 7F]
.text C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe[1968] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ff9912c16a2 4 bytes [2C, 91, F9, 7F]
.text C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe[1968] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ff9912c181a 4 bytes [2C, 91, F9, 7F]
.text C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe[1968] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ff9912c1832 4 bytes [2C, 91, F9, 7F]
.text C:\Program Files\Windows Defender\MsMpEng.exe[2120] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 506 00007ff9912c169a 4 bytes [2C, 91, F9, 7F]
.text C:\Program Files\Windows Defender\MsMpEng.exe[2120] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 514 00007ff9912c16a2 4 bytes [2C, 91, F9, 7F]
.text C:\Program Files\Windows Defender\MsMpEng.exe[2120] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 118 00007ff9912c181a 4 bytes [2C, 91, F9, 7F]
.text C:\Program Files\Windows Defender\MsMpEng.exe[2120] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 142 00007ff9912c1832 4 bytes [2C, 91, F9, 7F]
---- Threads - GMER 2.1 ----
Thread C:\WINDOWS\system32\csrss.exe [548:2020] fffff96000895b90
Thread C:\WINDOWS\system32\csrss.exe [548:3388] fffff96000895b90
---- Processes - GMER 2.1 ----
Process C:\Users\MaggieSmalls\AppData\Local\CopyEditor\CopyEditor.exe (*** suspicious ***) @ C:\Users\MaggieSmalls\AppData\Local\CopyEditor\CopyEditor.exe [1756](2015-03-26 13:40:30) 00000000002c0000
Process C:\Users\MaggieSmalls\AppData\Local\CopyEditor\CopyEditor_run.exe (*** suspicious ***) @ C:\Users\MaggieSmalls\AppData\Local\CopyEditor\CopyEditor_run.exe [1828](2015-03-26 13:40:30) 00000000001a0000
Library C:\Users\MaggieSmalls\AppData\Local\CopyEditor\CopyEditor_run.dll (*** suspicious ***) @ C:\Users\MaggieSmalls\AppData\Local\CopyEditor\CopyEditor_run.exe [1828](2015-03-26 13:40:30) 00000000737a0000
Library C:\Users\MaggieSmalls\AppData\Local\CopyEditor\rlurm.dll (*** suspicious ***) @ C:\Users\MaggieSmalls\AppData\Local\CopyEditor\CopyEditor_run.exe [1828](2015-04-05 11:28:23) 0000000072a00000
Library C:\Users\MaggieSmalls\AppData\Local\CopyEditor\zvfodu.dll (*** suspicious ***) @ C:\Users\MaggieSmalls\AppData\Local\CopyEditor\CopyEditor_run.exe [1828](2015-03-26 13:40:32) 0000000072830000
Library C:\Users\MaggieSmalls\AppData\Local\CopyEditor\ykanv\mnmvmhs.dll (*** suspicious ***) @ C:\Users\MaggieSmalls\AppData\Local\CopyEditor\CopyEditor_run.exe [1828] (FILE NOT FOUND) 0000000072160000
Library C:\Users\MaggieSmalls\AppData\Local\CopyEditor\ykanv\kejmvp.dll (*** suspicious ***) @ C:\Users\MaggieSmalls\AppData\Local\CopyEditor\CopyEditor_run.exe [1828] (FILE NOT FOUND) 0000000005fe0000
Library C:\Users\MaggieSmalls\AppData\Local\CopyEditor\ykanv\mbmfauq.dll (*** suspicious ***) @ C:\Users\MaggieSmalls\AppData\Local\CopyEditor\CopyEditor_run.exe [1828] (FILE NOT FOUND) 0000000006100000
Process C:\Users\MaggieSmalls\AppData\Local\CopyEditor\ykanv\krfqvuxx.exe (*** suspicious ***) @ C:\Users\MaggieSmalls\AppData\Local\CopyEditor\ykanv\krfqvuxx.exe [2688] (FILE NOT FOUND) 0000000000f70000
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ---- Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 16:47 on 14/04/2015 (MaggieSmalls)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
HKCU:DAEMON Tools Lite -> Removed
Checking for services/drivers...
-=E.O.F=- |