Zitat:
Zitat von schrauber
(Beitrag 1378989)
hi,
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
- Starte jetzt FRST.
- Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
- Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
- Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)
| Windows 8 gibt mir ne Meldung aus, dass die FRST.exe-Datei eventuell meinen Rechner gefährdet? Was tun?
Grüße
Deano
Naja habs ma riskiert, lief vermutlich schon wie's laufen sollte!
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-11-2014
Ran by (administrator) on on 01-11-2014 19:44:38
Running from C:\Users\\Downloads
Loaded Profile: (Available profiles: Tom & UpdatusUser)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
() C:\Program Files (x86)\Tor\tor.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Ventis Media Inc.) C:\Program Files (x86)\MediaMonkey\MediaMonkey (non-skinned).exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2862448 2012-08-06] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764032 2012-08-10] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-10] (Atheros Communications)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2239376 2013-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [165168 2014-09-23] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3774421412-1007907057-219690849-1002\...\Run: [rfxsrvtray] => C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe [1838872 2013-02-07] (Tobit.Software)
HKU\S-1-5-21-3774421412-1007907057-219690849-1002\...\Run: [Akamai NetSession Interface] => "C:\Users\Tom\AppData\Local\Akamai\netsession_win.exe"
AppInit_DLLs: C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs: C:\Program Files (x86)\GS_x64.Enabler => C:\Program Files (x86)\GS_x64.Ena File Not Found
Startup: C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe-BackupByPhotoshopCS4Portable\Calibration\Adobe Gamma Loader.exe (No File)
Startup: C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/software/
URLSearchHook: HKCU - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
SearchScopes: HKLM - DefaultScope {0AD69A11-BE0B-4770-8FD4-BF91E4435485} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM - {0AD69A11-BE0B-4770-8FD4-BF91E4435485} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {0AD69A11-BE0B-4770-8FD4-BF91E4435485} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKCU - DefaultScope {0AD69A11-BE0B-4770-8FD4-BF91E4435485} URL =
SearchScopes: HKCU - {0AD69A11-BE0B-4770-8FD4-BF91E4435485} URL =
SearchScopes: HKCU - {629750CE-D6C6-4043-A843-025530A2CB8A} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=3717f4f7-6128-4c25-b682-2e1b3fba6e53&apn_sauid=FDEEF9E2-19F5-40D8-8A15-D64AEB4794A2
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: IEExtension.VDownloaderBHO -> {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} -> C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\n1scajj7.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Tom\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.)
FF Plugin HKCU: pokki.com/PokkiDownloadHelper -> C:\Users\Tom\AppData\Local\Pokki\Download Helper\npPokkiDownloadHelper.1.2.0.78.dll No File
FF Plugin HKCU: vitzo.com/VDownloader -> C:\Program Files\VDownloader\Addons\npVDownloader.dll (Vitzo)
FF SearchPlugin: C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\n1scajj7.default\searchplugins\avira-safesearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\n1scajj7.default\Extensions\abs@avira.com [2014-08-30]
FF Extension: DownloadHelper - C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\n1scajj7.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-08-14]
FF Extension: Adblock Plus - C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\n1scajj7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-01]
FF HKLM-x32\...\Firefox\Extensions: [support@vdownloader.com] - C:\Program Files\VDownloader\Addons\FireFox
FF Extension: VDownloader - C:\Program Files\VDownloader\Addons\FireFox [2012-12-24]
Chrome:
=======
CHR Profile: C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Emoticons for Facebook 2014) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\bldlebdchfchnclgjhehlijjdeagejfh [2014-04-29]
CHR Extension: (Facebook Secret Emoticons) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpgpffljkgjmijjdmjbdppndoojdgboe [2014-03-16]
CHR Extension: (Adblock Plus) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-03-12]
CHR Extension: (timeStats) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejifodhjoeeenihgfpjijjmpomaphmah [2014-03-30]
CHR Extension: (Avira Browser Safety) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-08-07]
CHR Extension: (AdBlock) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-01]
CHR Extension: (DVDVideoSoft) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2014-03-29]
CHR Extension: (Google Wallet) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-08-02]
CHR HKLM-x32\...\Chrome\Extension: [eoccbpoodnckjdnackiffhjfkogfhnhh] - C:\Program Files\VDownloader\Addons\Chrome.crx [2012-12-24]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-02-26] (Adobe Systems) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [994552 2014-10-14] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160560 2014-09-23] (Avira Operations GmbH & Co. KG)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-08-24] (Samsung Electronics CO., LTD.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-04-16] (Microsoft Corporation)
S4 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1716264 2014-04-30] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-04-30] (pdfforge GmbH)
R2 Radio.fx; C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe [3999512 2013-06-03] ()
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
R2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-09-08] () [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-10] (Atheros) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 Apowersoft_AudioDevice; C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-01] (Wondershare)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131608 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00B\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-12-21] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2012-12-21] (Symantec Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [47632 2010-01-27] (CACE Technologies, Inc.)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-09-11] (Windows (R) 2003 DDK 3790 provider)
S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2013-09-17] (Anchorfree Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
R1 wStLib64; C:\Windows\System32\drivers\wStLib64.sys [61120 2014-03-18] (StdLib)
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-01 19:44 - 2014-11-01 19:46 - 00022801 _____ () C:\Users\Tom\Downloads\FRST.txt
2014-11-01 19:44 - 2014-11-01 19:45 - 00000000 ____D () C:\FRST
2014-11-01 19:43 - 2014-11-01 19:43 - 02114048 _____ (Farbar) C:\Users\Tom\Downloads\FRST64.exe
2014-11-01 19:36 - 2014-11-01 19:36 - 01105920 _____ (Farbar) C:\Users\Tom\Downloads\FRST.exe
2014-10-30 22:51 - 2014-10-30 22:51 - 00000000 ____D () C:\Users\Tom\Downloads\backups
2014-10-30 22:39 - 2014-10-30 22:45 - 00011486 _____ () C:\Users\Tom\Downloads\hijackthis.log
2014-10-30 22:38 - 2014-10-30 22:38 - 00388608 _____ (Trend Micro Inc.) C:\Users\Tom\Downloads\HiJackThis204.exe
2014-10-30 16:30 - 2014-10-30 16:30 - 00040389 _____ () C:\Users\Tom\Downloads\Unbenannt 1.odt
2014-10-29 09:19 - 2014-10-29 09:19 - 00000000 ____D () C:\ProgramData\Canneverbe Limited
2014-10-29 09:18 - 2014-10-29 09:18 - 00001167 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-10-29 09:18 - 2014-10-29 09:18 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2014-10-29 09:18 - 2014-10-29 09:18 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\Canneverbe Limited
2014-10-29 09:18 - 2014-10-29 09:18 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-10-29 09:17 - 2014-10-29 09:17 - 05402840 _____ (Canneverbe Limited ) C:\Users\Tom\Downloads\cdbxp_setup_4.5.4.5143_minimal.exe
2014-10-29 09:11 - 2014-10-29 09:11 - 00000000 ___RD () C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-10-15 09:28 - 2014-09-04 01:10 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-10-15 09:28 - 2014-09-04 00:57 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-10-15 09:28 - 2014-09-04 00:49 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-10-15 09:27 - 2014-10-09 23:16 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-10-15 09:27 - 2014-10-08 23:09 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-10-15 09:27 - 2014-09-19 02:24 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-10-15 09:27 - 2014-09-13 07:02 - 02779648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-10-15 09:27 - 2014-09-13 06:30 - 03117568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-10-15 09:27 - 2014-08-29 02:58 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-10-15 09:27 - 2014-08-29 00:56 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-10-15 09:27 - 2014-08-29 00:47 - 02321920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-10-15 08:47 - 2014-09-27 23:25 - 04183040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-10-15 08:47 - 2014-09-08 04:15 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-10-15 08:47 - 2014-09-08 02:46 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-10-15 08:47 - 2014-09-08 02:46 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-10-15 08:47 - 2014-09-08 01:08 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-10-15 08:47 - 2014-09-08 01:07 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-10-15 08:47 - 2014-09-08 01:05 - 03448320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-10-15 08:47 - 2014-09-08 01:04 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-10-15 08:47 - 2014-09-08 01:04 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-10-15 08:47 - 2014-09-08 01:03 - 01702400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-10-15 08:47 - 2014-09-08 01:03 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-10-15 08:47 - 2014-09-08 00:59 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-10-15 08:47 - 2014-09-08 00:59 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-10-15 08:47 - 2014-09-08 00:56 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-10-15 08:47 - 2014-09-08 00:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-10-15 08:46 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-10-15 08:46 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-10-15 08:46 - 2014-09-13 07:29 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-10-15 08:46 - 2014-09-13 06:49 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-10-15 08:45 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-10-15 08:45 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-10-15 08:45 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-10-15 08:45 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-10-15 08:45 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-10-15 08:45 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-10-15 08:45 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-10-15 08:45 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-10-15 08:45 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-10-15 08:45 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-10-15 08:45 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-10-15 08:45 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-10-15 08:45 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-10-15 08:45 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-10-15 08:45 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-10-15 08:45 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-10-15 08:45 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-10-15 08:45 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-10-15 08:45 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-10-15 08:45 - 2014-09-19 01:42 - 00363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-10-15 08:45 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-10-15 08:45 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-10-15 08:45 - 2014-09-19 01:20 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-10-15 08:45 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-10-15 08:45 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-10-15 08:45 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-10-15 08:45 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-10-15 08:45 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-10-15 08:45 - 2014-09-04 01:12 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-10-15 08:45 - 2014-09-04 01:01 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-10-15 08:45 - 2014-08-16 05:08 - 21195616 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-10-15 08:45 - 2014-08-16 05:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-10-15 08:45 - 2014-08-16 05:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-10-15 08:45 - 2014-08-16 04:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-10-15 08:45 - 2014-08-16 04:57 - 02498880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-10-15 08:45 - 2014-08-16 04:57 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-10-15 08:45 - 2014-08-16 04:16 - 18722600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-10-15 08:45 - 2014-08-16 04:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-10-15 08:45 - 2014-08-16 04:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-10-15 08:45 - 2014-08-16 02:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-10-15 08:45 - 2014-08-16 02:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2014-10-15 08:45 - 2014-08-16 01:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-10-15 08:45 - 2014-08-16 01:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-10-15 08:45 - 2014-08-16 01:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2014-10-15 08:45 - 2014-08-16 01:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-10-15 08:45 - 2014-08-16 01:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2014-10-15 08:45 - 2014-08-16 01:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-10-15 08:45 - 2014-08-16 01:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-10-15 08:45 - 2014-08-16 01:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2014-10-15 08:45 - 2014-08-16 01:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-15 08:45 - 2014-08-16 01:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-10-15 08:45 - 2014-08-16 01:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-10-15 08:45 - 2014-08-16 01:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-10-15 08:45 - 2014-08-16 01:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-15 08:45 - 2014-08-16 01:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-10-15 08:45 - 2014-08-16 01:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-10-15 08:45 - 2014-08-16 01:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-10-15 08:45 - 2014-08-16 01:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-10-15 08:45 - 2014-08-16 01:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-10-15 08:45 - 2014-08-16 01:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-10-15 08:45 - 2014-08-16 01:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-10-15 08:45 - 2014-08-16 01:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-10-15 08:45 - 2014-08-16 01:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-10-15 08:45 - 2014-08-16 01:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-10-15 08:45 - 2014-08-01 00:22 - 00388729 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-10-13 12:23 - 2014-10-13 12:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-13 11:30 - 2014-10-13 11:30 - 00000000 ____D () C:\Users\Tom\AppData\Local\Rockstar Games
2014-10-13 11:27 - 2014-10-13 11:27 - 00072097 _____ () C:\Users\Tom\Downloads\xliveless - v0.999b7 (patch 1.0.7.0. and EFLC 1.1.2.0).zip
2014-10-13 11:24 - 2014-10-13 11:24 - 00000000 __SHD () C:\ProgramData\SecuROM
2014-10-10 12:44 - 2014-10-10 12:54 - 18069827 _____ () C:\Users\Tom\Downloads\016_Hardcore_Photo.zip
2014-10-10 11:25 - 2014-10-10 12:14 - 142451760 _____ () C:\Users\Tom\Downloads\Kimberhot.flv
2014-10-08 14:25 - 2014-10-08 14:25 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Tom\Downloads\SpyHunter-Installer.exe
2014-10-03 13:08 - 2014-10-03 13:09 - 00000000 ____D () C:\Users\Tom\Desktop\Lebenslauf (2)
2014-10-03 13:08 - 2014-10-03 13:09 - 00000000 ____D () C:\Users\Tom\Desktop\Lebenslauf (1)
2014-10-03 13:07 - 2014-10-03 13:07 - 00000000 ____D () C:\Users\Tom\Desktop\Lebenslauf (3)
2014-10-03 13:06 - 2014-10-30 23:10 - 00000000 ____D () C:\Users\Tom\Desktop\Lebenslauf (4)
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-01 19:37 - 2014-04-23 09:53 - 00003918 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7F1FFF7C-9236-430C-89C5-C480F631AF12}
2014-11-01 19:31 - 2014-04-16 13:17 - 01979843 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-01 19:28 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-11-01 19:23 - 2013-04-13 13:03 - 00001120 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-01 19:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-10-31 11:10 - 2013-11-17 23:03 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-10-31 00:42 - 2012-12-30 21:37 - 00000936 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3774421412-1007907057-219690849-1002UA.job
2014-10-31 00:41 - 2012-12-21 14:27 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3774421412-1007907057-219690849-1002
2014-10-30 23:17 - 2013-05-03 14:59 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-30 23:16 - 2014-09-10 09:07 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2014-10-30 23:16 - 2012-08-23 04:32 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-30 23:10 - 2014-03-11 11:31 - 00000000 ____D () C:\Users\Tom\Desktop\Lebenslauf (11)
2014-10-30 23:10 - 2013-02-03 15:33 - 02851328 ___SH () C:\Users\Tom\Desktop\Thumbs.db
2014-10-30 23:05 - 2012-12-21 14:45 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-30 23:04 - 2014-04-16 14:13 - 00000000 ___DC () C:\WINDOWS\Panther
2014-10-30 22:16 - 2012-12-22 23:54 - 02013184 ___SH () C:\Users\Tom\Downloads\Thumbs.db
2014-10-30 21:50 - 2013-10-10 21:17 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\Spotify
2014-10-30 14:05 - 2013-10-10 21:18 - 00000000 ____D () C:\Users\Tom\AppData\Local\Spotify
2014-10-29 11:39 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-10-29 09:18 - 2012-08-23 05:25 - 00000000 ____D () C:\ProgramData\WinClon
2014-10-29 09:11 - 2014-09-13 06:44 - 00001153 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-10-29 09:11 - 2014-04-16 14:57 - 00000000 ___DO () C:\Users\Tom\OneDrive
2014-10-29 09:11 - 2013-02-27 22:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-10-29 09:11 - 2013-02-27 22:05 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-10-29 09:05 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-29 09:04 - 2013-08-22 15:44 - 05071784 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-29 09:03 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-10-29 09:00 - 2014-07-12 18:19 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-10-29 09:00 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-10-29 09:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-10-29 09:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-10-29 09:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-10-29 09:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-10-29 00:44 - 2014-05-17 13:57 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\MediaMonkey
2014-10-29 00:37 - 2013-05-23 19:02 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\foobar2000
2014-10-28 23:27 - 2014-09-02 21:09 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-28 23:27 - 2014-03-18 10:25 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2014-10-28 23:27 - 2014-03-18 10:25 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2014-10-28 22:54 - 2013-11-10 10:11 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\vlc
2014-10-23 20:42 - 2012-12-30 21:37 - 00000914 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3774421412-1007907057-219690849-1002Core.job
2014-10-18 10:02 - 2013-10-04 09:05 - 00000642 _____ () C:\Users\Tom\Desktop\Lebenslauf (4).lnk
2014-10-17 14:05 - 2013-07-12 13:02 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-10-17 13:55 - 2012-12-22 13:20 - 103265616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-10-16 15:07 - 2014-08-27 12:05 - 00000000 ___RD () C:\Users\Tom\Dropbox
2014-10-16 15:07 - 2014-08-27 11:56 - 00000000 ____D () C:\Users\Tom\AppData\Roaming\Dropbox
2014-10-16 08:25 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-10-14 15:21 - 2013-05-06 10:15 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2014-10-14 15:21 - 2013-04-01 20:54 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2014-10-14 15:21 - 2013-04-01 20:54 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2014-10-13 22:11 - 2014-04-16 13:26 - 00000000 ____D () C:\Users\Tom
2014-10-13 17:48 - 2013-10-03 21:33 - 00000000 ____D () C:\Users\Tom\Documents\GTA San Andreas User Files
2014-10-13 12:20 - 2014-07-25 18:20 - 00000000 ____D () C:\ProgramData\Origin
2014-10-13 11:58 - 2014-03-18 10:40 - 00000000 ____D () C:\Program Files\Windows Journal
2014-10-13 11:58 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-10-13 11:58 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-13 11:58 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-13 11:58 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2014-10-13 11:58 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\InputMethod
2014-10-13 11:58 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-10-13 11:58 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-10-11 11:35 - 2014-09-13 12:12 - 00000000 ____D () C:\Users\Tom\Documents\TmForever
2014-10-07 21:16 - 2013-10-13 22:02 - 00000000 ____D () C:\Users\Tom\AppData\Local\WMTools Downloaded Files
2014-10-07 18:30 - 2014-03-09 00:35 - 00000000 ____D () C:\Users\Tom\Desktop\Lebenslauf (18)
2014-10-07 18:12 - 2013-04-04 13:54 - 00019456 _____ () C:\Users\Tom\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
Some content of TEMP:
====================
C:\Users\Tom\AppData\Local\Temp\avgnt.exe
C:\Users\Tom\AppData\Local\Temp\drm_dyndata_7410004.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-29 09:40
==================== End Of Log ============================ --- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-11-2014
Ran by at 2014-11-01 19:48:44
Running from C:\Users\\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.870 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.3.0.322 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Reader X (10.1.3) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.3 - Adobe Systems Incorporated)
Allshare Play Link (HKLM-x32\...\{91786428-D4AA-476D-8AF9-A63FFAC2901F}) (Version: 1.0.0 - Samsung)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avira (HKLM-x32\...\{9bd9b85e-7792-483b-a318-cc51ff0877ed}) (Version: 1.1.22.50000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.22.50000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.306 - Avira)
CCleaner (HKLM\...\CCleaner) (Version: 4.01 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5143 - CDBurnerXP)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1912 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4415.02 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.4 - Samsung Electronics CO.,LTD.)
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
ETDWare PS/2-X64 11.7.2.1_WHQL (HKLM\...\Elantech) (Version: 11.7.2.1 - ELAN Microelectronic Corp.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
foobar2000 v1.3 beta 2 (HKLM-x32\...\foobar2000) (Version: 1.3 beta 2 - Peter Pawlowski)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free Audio Converter version 5.0.31.1125 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.31.1125 - DVDVideoSoft Ltd.)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Free YouTube to MP3 Converter version 3.12.9.725 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.9.725 - DVDVideoSoft Ltd.)
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.117 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Gothic 3 (HKLM-x32\...\{359ADF3A-F727-40F1-9D8A-6699EE355287}) (Version: 1.0.0 - JoWood)
Gothic III Demo (HKLM-x32\...\{9F1941D2-45A2-4CA6-8041-EA2B10CD2ECD}) (Version: 1.00.0000 - JoWooD Productions Software AG)
Grand Theft Auto: Episodes from Liberty City (x32 Version: 1.0.0003.135 - Rockstar Games Inc.) Hidden
GS.Supporter 1.80 (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{1a34a8e0}) (Version: - Verified Publisher) <==== ATTENTION
GTA2 (HKLM-x32\...\{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}) (Version: 1.00.001 - )
Help Desk (HKLM\...\{C85A891D-7AB4-46AE-84F0-B0C3FAC82280}) (Version: 1.0.4 - Samsung Electronics CO., LTD.)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33070) (Version: 3.6.1.33070.11 - Intel)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36702 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{0E5D76AD-A3FB-48D5-8400-8903B10317D3}) (Version: 11.0.1.12 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.670 - Oracle)
LibreOffice 4.0.2.2 (HKLM-x32\...\{1062AD6C-80F4-4BC6-AB7C-A28892B497B8}) (Version: 4.0.2.2 - The Document Foundation)
Little Fighter 2 version 2.0 (HKLM-x32\...\Little Fighter 2) (Version: version 2.0 - )
MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Morrowind (HKLM-x32\...\{1D108D70-E7D1-4089-9A0A-99629C4D0CB8}) (Version: - )
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MTA:SA v1.0.5 (HKLM-x32\...\MTA:SA) (Version: v1.0.5 - Multi Theft Auto)
MTA:SA v1.3.4 (HKLM-x32\...\MTA:SA 1.3) (Version: v1.3.4 - Multi Theft Auto)
MTA:SA v1.4.0 (HKLM-x32\...\MTA:SA 1.4) (Version: v1.4.0 - Multi Theft Auto)
Nexon Game Manager (HKLM-x32\...\{289AC7E0-0AEE-4a7b-913C-709D9803D23E}) (Version: - )
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.45 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.11 - Symantec Corporation) Hidden
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
Oblivion (HKLM-x32\...\{C66BF9FD-D367-4E13-8EB8-385FFEA20DB3}) (Version: 1.2.0416 - Bethesda Softworks)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{46889070-D447-4936-A5D3-246DB972FA2E}) (Version: 2.0.6.16537 - pdfforge GmbH)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Plants vs. Zombies (HKLM-x32\...\Plants vs. Zombies) (Version: - PopCap Games)
Pokki Download Helper (HKCU\...\PokkiDownloadHelper) (Version: 1.3.1.282 - Pokki)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.206 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Quick Starter (HKLM\...\{EC36E2BC-86F7-44C9-84B2-93930F0FBDBF}) (Version: 1.0.0 - Samsung Electronics CO., LTD.)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Radio.fx (HKLM-x32\...\Tobit Radio.fx Server) (Version: - Tobit.Software)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.4.0 - Samsung Electronics CO., LTD.)
Roll (HKLM-x32\...\RollerCoaster Tycoon Setup) (Version: - )
RollerCoaster Tycoon: Deluxe (HKLM-x32\...\Steam App 285310) (Version: - Chris Sawyer Productions)
S Agent (Version: 1.0.7 - Samsung Electronics CO., LTD.) Hidden
Scribus 1.4.3 (HKLM-x32\...\Scribus 1.4.3) (Version: 1.4.3 - The Scribus Team)
Settings (HKLM-x32\...\{52E5DE60-C96B-42CC-9A37-FE04725940AE}) (Version: 2.0.0 - Samsung Electronics CO., LTD.)
Spotify (HKCU\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
SUPER © v2014.build.60+Recorder (2014/02/18) Version v2014.buil (HKLM-x32\...\{8E2A18E2-96AF-8549-4DE7-5C06B75719A4}_is1) (Version: v2014.build.60+Recorder - eRightSoft)
Support Center (HKLM\...\{332518C0-0D31-4FFA-9D15-24C9C3D70B08}) (Version: 2.0.7 - Samsung Electronics CO., LTD.)
Support Center FAQ (x32 Version: 1.0.0 - Samsung Electronics CO., LTD.) Hidden
SW Update (HKLM-x32\...\{3B4E6027-AED5-4169-B030-B450E5A0F396}) (Version: 2.0.14 - Samsung Electronics CO., LTD.)
TES Construction Set (HKLM-x32\...\{58D68DF0-4E8B-4E9E-B425-670F9E37C1A8}) (Version: - )
The Elder Scrolls III: Morrowind (HKLM-x32\...\Steam App 22320) (Version: - Bethesda Game Studios®)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo)
User Guide (HKLM-x32\...\{039EA659-E421-45C6-8913-BED5D69B5536}) (Version: 1.1.00 - Samsung Electronics CO., LTD.)
VDownloader 3.9.1360 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1) (Version: - Vitzo Limited)
VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)
WarRock (HKLM-x32\...\Warrock EU) (Version: - )
Windows Driver Package - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass (07/27/2012 20.57.1.735) (HKLM\...\9F04C462DAB591BDCCE784F77E4D4F1736010B92) (Version: 07/27/2012 20.57.1.735 - Samsung Electronics Co. Ltd.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3774421412-1007907057-219690849-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3774421412-1007907057-219690849-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3774421412-1007907057-219690849-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3774421412-1007907057-219690849-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3774421412-1007907057-219690849-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3774421412-1007907057-219690849-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3774421412-1007907057-219690849-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3774421412-1007907057-219690849-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3774421412-1007907057-219690849-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
30-10-2014 22:12:54 Removed Facebook Video Calling 3.1.0.521
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1D10CC5C-77FA-4CFE-A3D0-D4F4EF9ADCF2} - \Scheduled Update for Ask Toolbar No Task File <==== ATTENTION
Task: {1DD6691F-2C4B-4F37-83FD-57F2F7A56024} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {1DE0CA86-2FC0-42EE-B3E5-675AE49C6571} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {21B08119-7C86-4AD3-919B-2767B4195514} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated)
Task: {2559CBD2-D54B-411A-84C9-E2A689E2115A} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {2B947F88-4F6A-41DF-9B0B-30AD2536C6F5} - \BrowserProtect No Task File <==== ATTENTION
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {31943EA0-66DF-49BF-9DB4-B245750FD8F7} - System32\Tasks\Freemium1ClickMaint => C:\Program Files (x86)\Covus Freemium\Free System Utilities\1Click.exe
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3E118B37-9ED6-44ED-BDEC-6F22731F6F7B} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2012-08-15] (SEC)
Task: {40E7FD81-07EF-4C7F-8B7D-97FE8A07CB89} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-04-23] (Piriform Ltd)
Task: {418C7C2B-799E-4813-AF80-6A6490A1A54C} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {47AFA574-7503-4D40-80AE-18D62BFA2E13} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2012-08-17] (Samsung Electronics CO., LTD.)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {55F7C387-6F13-4B0D-8D4F-3DBDEECD915F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3774421412-1007907057-219690849-1002UA => C:\Users\Tom\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-30] (Facebook Inc.)
Task: {581A1ED0-EFD5-4A21-B4EA-D417404D03D6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-13] (Google Inc.)
Task: {5B67CFF1-5FA9-4016-805E-28308D7343DB} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {70DADE89-37B0-4EB3-8DFC-5F9A6BCCBA04} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2012-08-24] (Samsung Electronics CO., LTD.)
Task: {72C032F4-F94D-4C3B-8FFD-804E350F06C6} - \Software Updater No Task File <==== ATTENTION
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7BB1EC61-3140-48A7-9245-3DD56ECC42BA} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {7D699BF9-6F86-44C3-942D-DBB78C705139} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {921909AE-1960-4321-9D28-0E74BF3BD2EA} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A0EA1B54-058D-4211-9DF3-101A08B601E2} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {C0667715-7681-4B61-AB4E-42F1065332A0} - System32\Tasks\WLANStartup => C:\Program Files (x86)\Samsung\Easy Settings\WLANStartup.exe
Task: {C67F2BEE-9BE0-435A-B23A-6CE0414D9264} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-13] (Google Inc.)
Task: {C9420534-789F-46B2-9D51-8D3E9A32797A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3774421412-1007907057-219690849-1002Core => C:\Users\Tom\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-30] (Facebook Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D4F1838F-B2D1-4B45-AEF2-FB800DF0E0ED} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {D5ABEADE-BC7D-4C42-9AD3-48C9A55D3C7D} - \EPUpdater No Task File <==== ATTENTION
Task: {D7993ACD-EA41-41F8-93DA-3BB92F7070DE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-10-17] (Microsoft Corporation)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EC4921E0-CF05-48ED-9CB3-A66D47E194EB} - System32\Tasks\SWUpdateAgent => C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe [2012-08-22] (Samsung Electronics CO., LTD.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3774421412-1007907057-219690849-1002Core.job => C:\Users\Tom\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3774421412-1007907057-219690849-1002UA.job => C:\Users\Tom\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cf2abf6c65b5f8.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-09-05 01:36 - 2013-09-05 01:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-05-05 20:28 - 2013-06-03 12:06 - 03999512 _____ () C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
2013-09-08 09:07 - 2013-09-08 09:07 - 03233806 _____ () C:\Program Files (x86)\Tor\tor.exe
2013-12-13 12:20 - 2013-12-13 12:20 - 03359600 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2014-01-25 01:22 - 2014-01-25 01:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-21 11:39 - 2012-08-21 11:39 - 04237944 _____ () C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
2012-07-24 04:06 - 2012-07-24 04:06 - 00119808 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
2012-08-23 05:14 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2012-08-24 12:45 - 2012-08-24 12:45 - 00026232 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2012-08-24 12:45 - 2012-08-24 12:45 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2012-08-24 12:45 - 2012-08-24 12:45 - 00029816 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2012-08-24 12:45 - 2012-08-24 12:45 - 00091768 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2014-08-07 11:45 - 2014-08-27 14:00 - 00052472 ____N () C:\Users\Tom\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-05-17 13:57 - 2014-03-31 19:06 - 00581632 _____ () C:\Program Files (x86)\MediaMonkey\sqlite3MM.dll
2014-05-17 13:57 - 2014-03-31 19:12 - 00054784 _____ () C:\Program Files (x86)\MediaMonkey\MMHelper.dll
2014-05-17 13:57 - 2014-03-31 19:12 - 00390656 _____ () C:\Program Files (x86)\MediaMonkey\Plugins\f_aac.dll
2014-05-17 13:57 - 2014-03-31 19:12 - 00327680 _____ () C:\Program Files (x86)\MediaMonkey\Plugins\f_ape.dll
2014-05-17 13:57 - 2014-03-31 19:12 - 00306688 _____ () C:\Program Files (x86)\MediaMonkey\Plugins\f_AVI.dll
2014-05-17 13:57 - 2014-03-31 19:12 - 00133120 _____ () C:\Program Files (x86)\MediaMonkey\Plugins\f_flac.dll
2014-05-17 13:57 - 2014-03-31 19:12 - 00267264 _____ () C:\Program Files (x86)\MediaMonkey\Plugins\f_flac_codec.dll
2014-05-17 13:57 - 2014-03-31 19:12 - 00262656 _____ () C:\Program Files (x86)\MediaMonkey\Plugins\f_FLV.dll
2014-05-17 13:57 - 2014-03-31 19:12 - 00371200 _____ () C:\Program Files (x86)\MediaMonkey\Plugins\f_mkv.dll
2014-05-17 13:57 - 2014-03-31 19:12 - 00388608 _____ () C:\Program Files (x86)\MediaMonkey\Plugins\f_MP4.dll
2014-05-17 13:57 - 2014-03-31 19:12 - 00328192 _____ () C:\Program Files (x86)\MediaMonkey\Plugins\f_mpc.dll
2014-05-17 13:57 - 2014-03-31 19:12 - 00269824 _____ () C:\Program Files (x86)\MediaMonkey\Plugins\f_MPG.dll
2014-05-17 13:57 - 2014-03-31 19:12 - 00352768 _____ () C:\Program Files (x86)\MediaMonkey\Plugins\f_ogg.dll
2014-05-17 13:57 - 2014-03-31 19:12 - 00141824 _____ () C:\Program Files (x86)\MediaMonkey\Plugins\f_video.dll
2014-05-17 13:57 - 2014-03-31 19:12 - 00335360 _____ () C:\Program Files (x86)\MediaMonkey\Plugins\f_wave.dll
2014-05-17 13:57 - 2014-03-31 19:07 - 00373760 _____ () C:\Program Files (x86)\MediaMonkey\Plugins\f_WMV.dll
2014-05-17 13:57 - 2014-03-31 19:12 - 00061440 _____ () C:\Program Files (x86)\MediaMonkey\Plugins\in_mfaudio.dll
2014-05-17 13:57 - 2010-06-17 15:13 - 00077824 _____ () C:\Program Files (x86)\MediaMonkey\Plugins\in_mpc.dll
2014-05-17 13:57 - 2014-03-31 19:12 - 00321536 _____ () C:\Program Files (x86)\MediaMonkey\Plugins\in_vorbis.dll
2014-05-17 13:57 - 2014-03-31 19:12 - 00081920 _____ () C:\Program Files (x86)\MediaMonkey\Plugins\in_wav.dll
2014-05-17 13:57 - 2014-03-31 19:12 - 00222720 _____ () C:\Program Files (x86)\MediaMonkey\Plugins\in_wma.dll
2014-05-17 13:57 - 2014-03-31 19:12 - 00103936 _____ () C:\Program Files (x86)\MediaMonkey\Plugins\in_wmp3.dll
2014-05-17 13:57 - 2014-03-31 19:12 - 00348672 _____ () C:\Program Files (x86)\MediaMonkey\Plugins\out_MMDS.dll
2014-05-17 13:57 - 2014-03-31 19:12 - 00379392 _____ () C:\Program Files (x86)\MediaMonkey\Plugins\out_WASAPI.dll
2014-05-17 13:57 - 2012-11-09 20:18 - 00013824 _____ () C:\Program Files (x86)\MediaMonkey\Plugins\out_wave.dll
2014-05-17 13:57 - 2014-03-31 19:12 - 00103936 _____ () C:\Program Files (x86)\MediaMonkey\Equalize.dll
2014-05-17 13:57 - 2014-03-31 19:12 - 01043968 _____ () C:\Program Files (x86)\MediaMonkey\Plugins\d_iPhone.dll
2014-05-17 13:57 - 2014-03-31 19:07 - 01234432 _____ () C:\Program Files (x86)\MediaMonkey\iPhoneCalc.dll
2014-05-17 13:57 - 2014-03-31 19:12 - 00900608 _____ () C:\Program Files (x86)\MediaMonkey\Plugins\d_iPod.dll
2014-05-17 13:57 - 2014-03-31 19:12 - 00400384 _____ () C:\Program Files (x86)\MediaMonkey\Plugins\d_iRiverH.dll
2014-05-17 13:57 - 2014-03-31 19:12 - 00301056 _____ () C:\Program Files (x86)\MediaMonkey\Plugins\d_USBMass1.dll
2014-05-17 13:57 - 2014-03-31 19:12 - 00421888 _____ () C:\Program Files (x86)\MediaMonkey\Plugins\d_WMDM.dll
2014-05-17 13:57 - 2014-03-31 19:12 - 00132608 _____ () C:\Program Files (x86)\MediaMonkey\WMAuth.dll
2014-05-17 13:57 - 2014-03-31 19:12 - 00116736 _____ () C:\Program Files (x86)\MediaMonkey\hpCDBurn.dll
2011-08-15 12:12 - 2011-08-15 12:12 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll
2012-06-14 03:57 - 2012-06-14 03:57 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll
2011-08-15 12:12 - 2011-08-15 12:12 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll
2011-08-15 12:15 - 2011-08-15 12:15 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll
2011-08-17 08:41 - 2011-08-17 08:41 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll
2011-08-17 08:48 - 2011-08-17 08:48 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll
2011-08-17 08:48 - 2011-08-17 08:48 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll
2011-08-15 11:23 - 2011-08-15 11:23 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll
2012-06-14 03:56 - 2012-06-14 03:56 - 00481792 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll
2012-06-14 04:06 - 2012-06-14 04:06 - 00500064 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll
2012-06-14 03:55 - 2012-06-14 03:55 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll
2011-07-19 08:05 - 2011-07-19 08:05 - 14978048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll
2011-08-15 12:17 - 2011-08-15 12:17 - 09224704 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll
2011-07-19 08:04 - 2011-07-19 08:04 - 00317952 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll
2014-02-20 21:40 - 2014-02-20 02:02 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\chrome_elf.dll
2014-02-20 21:40 - 2014-02-20 02:02 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\libglesv2.dll
2014-02-20 21:40 - 2014-02-20 02:02 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\libegl.dll
2014-02-20 21:40 - 2014-02-20 02:03 - 04060488 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\pdf.dll
2014-02-20 21:41 - 2014-02-20 02:03 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll
2014-02-20 21:40 - 2014-02-20 02:02 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ffmpegsumo.dll
2014-02-20 21:41 - 2014-02-20 02:03 - 13632840 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData:NT2
AlternateDataStreams: C:\Users\All Users:NT2
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:NT2
AlternateDataStreams: C:\ProgramData\Application Data:NT2
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2
AlternateDataStreams: C:\Users\Tom\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\Tom\Anwendungsdaten:NT2
AlternateDataStreams: C:\Users\Tom\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Tom\AppData\Roaming:NT
AlternateDataStreams: C:\Users\Tom\AppData\Roaming:NT2
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: NIS => 2
MSCONFIG\Services: NOBU => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Facebook Update => "C:\Users\Tom\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: VDownloader => C:\Program Files\VDownloader\VDownloader.exe /silent
HKLM\...\StartupApproved\StartupFolder: => "OpenDNSCrypt.lnk"
HKLM\...\StartupApproved\Run: => "BtTray"
HKLM\...\StartupApproved\Run: => "RtHDVCpl"
HKLM\...\StartupApproved\Run: => "VDownloader"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Norton Online Backup"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "ApnUpdater"
HKLM\...\StartupApproved\Run32: => "ETDCtrl"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKCU\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKCU\...\StartupApproved\StartupFolder: => "Adobe Gamma.lnk"
HKCU\...\StartupApproved\Run: => "Steam"
HKCU\...\StartupApproved\Run: => "Pokki"
HKCU\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKCU\...\StartupApproved\Run: => "rfxsrvtray"
HKCU\...\StartupApproved\Run: => "Spotify"
========================= Accounts: ==========================
Administrator (S-1-5-21-3774421412-1007907057-219690849-500 - Administrator - Disabled)
Gast (S-1-5-21-3774421412-1007907057-219690849-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3774421412-1007907057-219690849-1008 - Limited - Enabled)
Tom (S-1-5-21-3774421412-1007907057-219690849-1002 - Administrator - Enabled) => C:\Users\Tom
UpdatusUser (S-1-5-21-3774421412-1007907057-219690849-1006 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Faulty Device Manager Devices =============
Name: Bluetooth Audio Device
Description: Bluetooth Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_A2DP
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Virtual Bluetooth Support (Include Audio)
Description: Virtual Bluetooth Support (Include Audio)
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: AthBTPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Bluetooth LWFLT Device
Description: Bluetooth LWFLT Device
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_LWFLT
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: =========================
Application errors:
==================
Error: (11/01/2014 07:40:23 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (10/31/2014 11:08:27 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17031 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1ab4
Startzeit: 01cff4f1e2ade2a0
Endzeit: 4294967295
Anwendungspfad: C:\WINDOWS\syswow64\wwahost.exe
Berichts-ID: d7b44192-60e5-11e4-bf11-20689d4ee508
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (10/30/2014 10:44:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm soffice.bin, Version 4.0.2.2 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 15bc
Startzeit: 01cff4566db78302
Endzeit: 4294967295
Anwendungspfad: C:\Program Files (x86)\LibreOffice 4.0\program\soffice.bin
Berichts-ID: fc902197-607d-11e4-bf11-20689d4ee508
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (10/30/2014 10:44:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Spotify.exe, Version 0.9.11.27 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 9f0
Startzeit: 01cff4421ab4a2e4
Endzeit: 4294967295
Anwendungspfad: C:\Users\Tom\AppData\Roaming\Spotify\Spotify.exe
Berichts-ID: f4f813f7-607d-11e4-bf11-20689d4ee508
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (10/30/2014 09:46:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: EasySettingsCmdServer.exe, Version: 0.0.0.0, Zeitstempel: 0x50376629
Name des fehlerhaften Moduls: EasySettingsBase.dll, Version: 0.0.0.0, Zeitstempel: 0x5037661d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001f7b
ID des fehlerhaften Prozesses: 0xa1c
Startzeit der fehlerhaften Anwendung: 0xEasySettingsCmdServer.exe0
Pfad der fehlerhaften Anwendung: EasySettingsCmdServer.exe1
Pfad des fehlerhaften Moduls: EasySettingsCmdServer.exe2
Berichtskennung: EasySettingsCmdServer.exe3
Vollständiger Name des fehlerhaften Pakets: EasySettingsCmdServer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: EasySettingsCmdServer.exe5
Error: (10/30/2014 05:35:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20605 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: e48
Startzeit: 01cff45e750758ca
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe
Berichts-ID: af5628b1-6052-11e4-bf11-20689d4ee508
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (10/30/2014 05:35:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17031 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 17d0
Startzeit: 01cff45ebb2f1947
Endzeit: 4294967295
Anwendungspfad: C:\WINDOWS\syswow64\wwahost.exe
Berichts-ID: b1357d10-6052-11e4-bf11-20689d4ee508
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (10/30/2014 02:56:14 PM) (Source: Chrome) (EventID: 1) (User: NT-AUTORITÄT)
Description: Chrome has encountered a fatal error.
ver=33.0.1750.117;lang=;id=;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\1792eacb-dfab-49f5-afbe-b113eaffa9de.dmp
Error: (10/29/2014 11:10:02 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20605 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 970
Startzeit: 01cff35fc979d72f
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe
Berichts-ID: bd8f5eb4-5f53-11e4-bf11-20689d4ee508
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (10/29/2014 10:55:07 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17031 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1afc
Startzeit: 01cff35db0fd0dd8
Endzeit: 4294967295
Anwendungspfad: C:\WINDOWS\syswow64\wwahost.exe
Berichts-ID: a6acd1a5-5f51-11e4-bf11-20689d4ee508
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
System errors:
=============
Error: (10/30/2014 09:44:42 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.2.101
registriert werden. Der Computer mit IP-Adresse 192.168.2.137 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (10/29/2014 09:08:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (10/29/2014 09:08:50 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1326
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (10/29/2014 09:02:54 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Radio.fx erreicht.
Error: (10/29/2014 08:59:02 AM) (Source: DCOM) (EventID: 10010) (User: DEANTOP)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (10/29/2014 08:59:02 AM) (Source: DCOM) (EventID: 10010) (User: DEANTOP)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (10/29/2014 08:58:57 AM) (Source: DCOM) (EventID: 10010) (User: DEANTOP)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (10/29/2014 08:58:57 AM) (Source: DCOM) (EventID: 10010) (User: DEANTOP)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (10/29/2014 08:58:51 AM) (Source: DCOM) (EventID: 10010) (User: DEANTOP)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (10/29/2014 08:58:51 AM) (Source: DCOM) (EventID: 10010) (User: DEANTOP)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Microsoft Office Sessions:
=========================
Error: (11/01/2014 07:40:23 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (10/31/2014 11:08:27 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.170311ab401cff4f1e2ade2a04294967295C:\WINDOWS\syswow64\wwahost.exed7b44192-60e5-11e4-bf11-20689d4ee508Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5cApp
Error: (10/30/2014 10:44:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: soffice.bin4.0.2.215bc01cff4566db783024294967295C:\Program Files (x86)\LibreOffice 4.0\program\soffice.binfc902197-607d-11e4-bf11-20689d4ee508
Error: (10/30/2014 10:44:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Spotify.exe0.9.11.279f001cff4421ab4a2e44294967295C:\Users\Tom\AppData\Roaming\Spotify\Spotify.exef4f813f7-607d-11e4-bf11-20689d4ee508
Error: (10/30/2014 09:46:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: EasySettingsCmdServer.exe0.0.0.050376629EasySettingsBase.dll0.0.0.05037661dc000000500001f7ba1c01cff34fb4cb5488C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exeC:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dlldb07d9a7-6075-11e4-bf11-20689d4ee508
Error: (10/30/2014 05:35:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20605e4801cff45e750758ca4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exeaf5628b1-6052-11e4-bf11-20689d4ee508microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
Error: (10/30/2014 05:35:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.1703117d001cff45ebb2f19474294967295C:\WINDOWS\syswow64\wwahost.exeb1357d10-6052-11e4-bf11-20689d4ee508Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5cApp
Error: (10/30/2014 02:56:14 PM) (Source: Chrome) (EventID: 1) (User: NT-AUTORITÄT)
Description: Chrome has encountered a fatal error.
ver=33.0.1750.117;lang=;id=;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\1792eacb-dfab-49f5-afbe-b113eaffa9de.dmp
Error: (10/29/2014 11:10:02 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.2060597001cff35fc979d72f4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exebd8f5eb4-5f53-11e4-bf11-20689d4ee508microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
Error: (10/29/2014 10:55:07 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.170311afc01cff35db0fd0dd84294967295C:\WINDOWS\syswow64\wwahost.exea6acd1a5-5f51-11e4-bf11-20689d4ee508Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5cApp
CodeIntegrity Errors:
===================================
Date: 2013-01-24 06:13:36.021
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dbghelp.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-01-24 06:13:34.927
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dbghelp.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-01-24 06:13:33.724
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dbgeng.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 53%
Total physical RAM: 3797.53 MB
Available physical RAM: 1754.1 MB
Total Pagefile: 5589.54 MB
Available Pagefile: 2290.11 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:439.22 GB) (Free:213.79 GB) NTFS
==================== MBR & Partition Table ==================
==================== End Of Log ============================ |