Bitteschön,
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Karsten (administrator) on KARSTENS-PC on 18-03-2015 17:13:13
Running from C:\Users\Karsten\Desktop
Loaded Profiles: Karsten (Available profiles: Karsten)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\SAMSUNG\SW Update Service\SWMAgent.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\ArcSoft TV 5.0\TMTV5Monitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1385840 2014-04-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1385840 2014-04-07] (Realtek Semiconductor)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2184520 2009-07-27] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-03-18] (CANON INC.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-09-18] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [78352 2012-05-23] (cyberlink)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-09-18] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5511352 2015-03-17] (Avast Software s.r.o.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2014-06-17] ( (Atheros Communications))
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk
ShortcutTarget: TMMonitor.lnk -> C:\Program Files (x86)\ArcSoft\ArcSoft TV 5.0\TMTV5Monitor.exe (ArcSoft, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (Avast Software s.r.o.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-636140152-1917280589-3368040161-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.searchgol.com/?affID=121845&babsrc=HP_ss&mntrId=04FF52B7C3E7C5B3
HKU\S-1-5-21-636140152-1917280589-3368040161-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com
SearchScopes: HKU\S-1-5-21-636140152-1917280589-3368040161-1001 -> DefaultScope {F8FF68C7-D3D7-411E-8FC4-CE3481DC011A} URL =
SearchScopes: HKU\S-1-5-21-636140152-1917280589-3368040161-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.searchgol.com/?q={searchTerms}&affID=121845&babsrc=SP_ss&mntrId=04FF52B7C3E7C5B3
SearchScopes: HKU\S-1-5-21-636140152-1917280589-3368040161-1001 -> {F8FF68C7-D3D7-411E-8FC4-CE3481DC011A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-12] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-03-12] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-03-12] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Karsten\AppData\Roaming\Mozilla\Firefox\Profiles\jyvqj8sv.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-16] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-16] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2009-09-07] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-17] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-17] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-27] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-636140152-1917280589-3368040161-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll [2013-03-12] (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-636140152-1917280589-3368040161-1001: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll [2012-09-18] (Intel)
FF Plugin HKU\S-1-5-21-636140152-1917280589-3368040161-1001: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll [2012-09-18] (Intel)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml [2013-04-10]
FF Extension: WOT - C:\Users\Karsten\AppData\Roaming\Mozilla\Firefox\Profiles\jyvqj8sv.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-03-12]
FF Extension: NoScript - C:\Users\Karsten\AppData\Roaming\Mozilla\Firefox\Profiles\jyvqj8sv.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-03-12]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [322176 2014-06-17] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-17] (Avast Software s.r.o.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243728 2012-05-23] (CyberLink)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593152 2014-01-29] (Samsung Electronics CO., LTD.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-02-10] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-17] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-17] (Intel Corporation)
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3000664 2015-01-06] (Samsung Electronics CO., LTD.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-06-17] (Atheros) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-03-17] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-03-17] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-03-17] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-03-17] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-03-17] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [441728 2015-03-17] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-03-17] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [268640 2015-03-17] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2014-03-11] (Advanced Micro Devices)
R3 BTATH_HID; C:\Windows\system32\DRIVERS\btath_hid.sys [223432 2014-06-17] (Qualcomm Atheros)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-06-17] (Qualcomm Atheros)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-01-30] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 DVB7700ALL; C:\Windows\System32\Drivers\dvb7700all.sys [711168 2013-07-18] (DiBcom)
S3 MarvinBus; C:\Windows\System32\drivers\MarvinBus64.sys [261120 2005-09-23] (Pinnacle Systems GmbH) [File not signed]
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-17] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-18 17:13 - 2015-03-18 17:13 - 00014169 _____ () C:\Users\Karsten\Desktop\FRST.txt
2015-03-18 17:13 - 2015-03-18 17:13 - 00000000 ____D () C:\FRST
2015-03-18 17:12 - 2015-03-18 17:12 - 02095616 _____ (Farbar) C:\Users\Karsten\Desktop\FRST64.exe
2015-03-18 17:09 - 2015-03-18 17:09 - 00000000 ___RD () C:\Users\Karsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-03-18 10:31 - 2015-03-18 10:31 - 00017133 _____ () C:\Users\Karsten\Downloads\ak 603 Muslime sind die neuen Katholiken.htm
2015-03-17 08:31 - 2015-03-17 20:02 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-03-17 08:31 - 2015-03-17 08:31 - 01047320 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-03-17 08:31 - 2015-03-17 08:31 - 00441728 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-03-17 08:31 - 2015-03-17 08:31 - 00364472 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe
2015-03-17 08:31 - 2015-03-17 08:31 - 00268640 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-03-17 08:31 - 2015-03-17 08:31 - 00136752 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-03-17 08:31 - 2015-03-17 08:31 - 00093528 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-03-17 08:31 - 2015-03-17 08:31 - 00088408 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-03-17 08:31 - 2015-03-17 08:31 - 00065736 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-03-17 08:31 - 2015-03-17 08:31 - 00043112 _____ (Avast Software s.r.o.) C:\WINDOWS\avastSS.scr
2015-03-17 08:31 - 2015-03-17 08:31 - 00029168 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-03-17 08:31 - 2015-03-17 08:31 - 00001938 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-03-17 08:31 - 2015-03-17 08:31 - 00000000 ____D () C:\Users\Karsten\AppData\Roaming\AVAST Software
2015-03-17 08:31 - 2015-03-17 08:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-03-17 08:31 - 2015-03-17 08:31 - 00000000 ____D () C:\Program Files\AVAST Software
2015-03-17 08:22 - 2015-03-17 08:22 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-03-16 19:35 - 2015-03-16 19:39 - 203904064 _____ () C:\Users\Karsten\Downloads\dppw4.1.50-installer.zip
2015-03-16 09:24 - 2015-01-23 08:17 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-03-16 09:24 - 2015-01-23 06:02 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2015-03-16 09:23 - 2015-02-07 00:09 - 00396419 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-03-16 09:23 - 2015-02-04 00:58 - 00264000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-03-16 09:23 - 2015-02-04 00:58 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-03-16 09:23 - 2015-02-04 00:58 - 00044024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-03-16 09:23 - 2015-02-03 00:53 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-03-16 09:23 - 2015-02-03 00:53 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-03-16 09:23 - 2015-01-27 04:44 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-03-16 09:23 - 2015-01-24 02:51 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-03-16 09:23 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-03-16 09:23 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2015-03-16 09:23 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-03-16 09:23 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-03-16 09:22 - 2014-12-09 04:45 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-03-16 09:22 - 2014-12-09 02:56 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-03-16 09:21 - 2015-03-06 03:53 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-03-16 09:21 - 2015-03-06 03:33 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-03-16 09:21 - 2015-02-26 00:26 - 04178944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-03-16 09:21 - 2015-02-21 02:16 - 25021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-03-16 09:21 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-03-16 09:21 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-03-16 09:21 - 2015-02-21 01:27 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-03-16 09:21 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-03-16 09:21 - 2015-02-21 00:58 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-03-16 09:21 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-03-16 09:21 - 2015-02-20 04:03 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-03-16 09:21 - 2015-02-20 03:58 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-03-16 09:21 - 2015-02-20 03:49 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-03-16 09:21 - 2015-02-20 03:48 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-03-16 09:21 - 2015-02-20 03:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-03-16 09:21 - 2015-02-20 03:35 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-03-16 09:21 - 2015-02-20 03:34 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-03-16 09:21 - 2015-02-20 03:32 - 06035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-03-16 09:21 - 2015-02-20 03:20 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-03-16 09:21 - 2015-02-20 03:15 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-03-16 09:21 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-03-16 09:21 - 2015-02-20 03:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-03-16 09:21 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-03-16 09:21 - 2015-02-20 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-03-16 09:21 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-03-16 09:21 - 2015-02-20 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-03-16 09:21 - 2015-02-20 02:56 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-03-16 09:21 - 2015-02-20 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-03-16 09:21 - 2015-02-20 02:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-03-16 09:21 - 2015-02-20 02:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-03-16 09:21 - 2015-02-20 02:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-03-16 09:21 - 2015-02-20 02:43 - 14398976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-03-16 09:21 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-03-16 09:21 - 2015-02-20 02:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-03-16 09:21 - 2015-02-20 02:29 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-03-16 09:21 - 2015-02-20 02:28 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-03-16 09:21 - 2015-02-20 02:26 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-03-16 09:21 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-03-16 09:21 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-03-16 09:21 - 2015-02-20 02:16 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-03-16 09:21 - 2015-02-20 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-03-16 09:21 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-03-16 09:21 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-03-16 09:21 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-03-16 09:21 - 2015-02-12 18:40 - 22291584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-03-16 09:21 - 2015-02-12 18:34 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-03-16 09:21 - 2015-02-06 02:28 - 02257408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-03-16 09:21 - 2015-02-06 02:08 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-03-16 09:21 - 2015-02-05 21:24 - 01113920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-03-16 09:21 - 2015-02-03 01:03 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2015-03-16 09:21 - 2015-02-03 01:02 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2015-03-16 09:21 - 2015-01-31 00:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-03-16 09:21 - 2015-01-31 00:29 - 02484224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-03-16 09:21 - 2015-01-31 00:20 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2015-03-16 09:21 - 2015-01-30 04:01 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthA2DP.sys
2015-03-16 09:21 - 2015-01-30 04:01 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2015-03-16 09:21 - 2015-01-30 04:00 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2015-03-16 09:21 - 2015-01-30 03:03 - 01488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2015-03-16 09:21 - 2015-01-30 03:03 - 01464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2015-03-16 09:21 - 2015-01-30 03:02 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2015-03-16 09:21 - 2015-01-30 02:44 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll
2015-03-16 09:21 - 2015-01-30 02:42 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll
2015-03-16 09:21 - 2015-01-30 02:40 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2015-03-16 09:21 - 2015-01-30 02:37 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2015-03-16 09:21 - 2015-01-30 02:29 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2015-03-16 09:21 - 2015-01-30 02:24 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2015-03-16 09:21 - 2015-01-30 02:24 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2015-03-16 09:21 - 2015-01-30 02:16 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2015-03-16 09:21 - 2015-01-30 02:08 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2015-03-16 09:21 - 2015-01-30 02:06 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2015-03-16 09:21 - 2015-01-29 19:45 - 01763352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-03-16 09:21 - 2015-01-29 19:34 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-03-16 09:21 - 2015-01-29 02:58 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll
2015-03-16 09:21 - 2015-01-29 02:29 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll
2015-03-16 09:21 - 2015-01-29 02:11 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-16 09:21 - 2015-01-29 02:04 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-03-16 09:21 - 2015-01-29 02:04 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2015-03-16 09:21 - 2015-01-29 02:00 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-16 09:21 - 2015-01-29 01:59 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-03-16 09:21 - 2015-01-29 01:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-03-16 09:21 - 2015-01-29 01:50 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-03-16 09:21 - 2015-01-29 01:49 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-03-16 09:21 - 2015-01-28 16:41 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-03-16 09:21 - 2015-01-28 16:41 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-03-16 09:21 - 2015-01-28 16:41 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-03-16 09:21 - 2015-01-28 03:24 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2015-03-16 09:21 - 2015-01-28 02:47 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2015-03-16 09:21 - 2015-01-27 05:22 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-03-16 09:21 - 2015-01-27 03:11 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-03-16 09:21 - 2015-01-19 19:42 - 01487976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-03-16 09:21 - 2015-01-15 23:43 - 00563504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-03-16 09:21 - 2015-01-15 23:43 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-03-16 09:21 - 2015-01-14 05:22 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-03-16 09:21 - 2015-01-14 04:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-03-16 09:21 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-03-16 09:21 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-03-16 09:21 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-03-16 09:21 - 2015-01-12 02:23 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-03-16 09:21 - 2014-12-19 09:57 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-03-16 09:21 - 2014-12-19 09:25 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-03-16 09:21 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-03-16 09:21 - 2014-12-13 22:28 - 00513488 _____ () C:\WINDOWS\SysWOW64\locale.nls
2015-03-16 09:21 - 2014-12-13 22:28 - 00513488 _____ () C:\WINDOWS\system32\locale.nls
2015-03-16 09:21 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-03-16 09:21 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-03-16 09:21 - 2014-12-11 06:36 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2015-03-16 09:21 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-03-16 09:21 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-03-16 09:21 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-03-16 09:21 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-03-16 09:21 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-03-16 09:21 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-03-16 09:21 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-03-16 09:21 - 2014-10-29 03:02 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-03-16 09:21 - 2014-10-29 03:02 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-03-16 09:21 - 2014-10-29 02:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-03-16 09:21 - 2014-10-29 02:15 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-03-16 09:21 - 2014-10-29 02:15 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-03-16 09:21 - 2014-10-29 02:14 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-03-16 09:21 - 2014-10-29 02:13 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-03-16 09:21 - 2014-10-29 02:13 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-03-16 09:21 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-03-16 09:21 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-03-16 09:20 - 2014-11-10 00:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-03-16 09:20 - 2014-11-10 00:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-03-16 09:20 - 2014-11-10 00:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-03-16 09:20 - 2014-11-10 00:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-03-16 09:17 - 2015-01-28 02:31 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2015-03-16 09:17 - 2015-01-28 02:11 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2015-03-16 09:17 - 2015-01-21 06:54 - 01384712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-03-16 09:17 - 2015-01-21 06:15 - 01123848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-03-16 09:17 - 2014-07-24 04:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-03-16 09:17 - 2014-07-24 04:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-03-16 09:16 - 2015-02-08 00:57 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-03-16 09:16 - 2015-02-08 00:49 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-03-16 09:16 - 2015-01-28 00:47 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-03-16 09:16 - 2015-01-28 00:41 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-03-16 09:16 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-03-16 09:16 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-03-16 09:16 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-03-16 09:16 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-03-16 09:16 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-03-16 09:16 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-03-16 09:16 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-03-16 09:16 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-03-16 09:16 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-03-15 16:15 - 2015-03-15 16:16 - 00002970 _____ () C:\WINDOWS\System32\Tasks\SamsungLinkPC
2015-03-15 16:15 - 2015-03-15 16:15 - 00002129 _____ () C:\Users\Public\Desktop\TotalMedia Record.lnk
2015-03-15 16:15 - 2015-03-15 16:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TotalMedia Record
2015-03-15 16:01 - 2013-08-28 00:44 - 00085828 ____N () C:\WINDOWS\system32\athwbx.cat
2015-03-15 16:01 - 2013-08-15 20:13 - 03859968 ____N (Qualcomm Atheros Communications, Inc.) C:\WINDOWS\system32\athwbx.sys
2015-03-15 16:01 - 2013-08-15 20:13 - 03859968 _____ (Qualcomm Atheros Communications, Inc.) C:\WINDOWS\system32\Drivers\athwbx.sys
2015-03-15 16:01 - 2013-07-26 15:07 - 00827096 _____ (Realtek ) C:\WINDOWS\system32\Drivers\Rt630x64.sys
2015-03-15 16:01 - 2013-07-26 15:07 - 00074456 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2015-03-15 16:00 - 2015-03-15 16:00 - 00000000 ____D () C:\WINDOWS\RSTLog
2015-03-15 15:59 - 2015-03-15 15:59 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-03-15 15:58 - 2015-03-15 15:58 - 00002090 _____ () C:\Users\Public\Desktop\TotalMedia Theatre.lnk
2015-03-15 15:58 - 2015-03-15 15:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TotalMedia Theatre
2015-03-15 15:58 - 2012-04-10 11:04 - 00078200 _____ (ArcSoft, Inc. ) C:\WINDOWS\system32\MMCEDT5.exe
2015-03-15 15:53 - 2015-03-15 15:53 - 00003434 _____ () C:\WINDOWS\System32\Tasks\Settings
2015-03-15 15:53 - 2015-03-15 15:53 - 00002044 _____ () C:\Users\Public\Desktop\Settings.lnk
2015-03-15 15:53 - 2015-03-15 15:53 - 00000000 ____D () C:\Users\Karsten\AppData\Roaming\Atheros
2015-03-15 15:53 - 2015-03-15 15:53 - 00000000 ____D () C:\ProgramData\Atheros
2015-03-15 15:30 - 2015-03-15 15:30 - 00003272 _____ () C:\WINDOWS\System32\Tasks\DolbySelectorTask
2015-03-15 15:30 - 2015-03-15 15:30 - 00000000 ____D () C:\Program Files\Dolby Digital Plus
2015-03-15 15:30 - 2014-04-08 18:57 - 03917272 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2015-03-15 15:30 - 2014-04-08 14:27 - 00948440 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2015-03-15 15:30 - 2014-04-07 18:32 - 00973751 _____ () C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2015-03-15 15:30 - 2014-04-07 18:20 - 58101760 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2015-03-15 15:30 - 2014-04-07 10:35 - 02832088 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2015-03-15 15:30 - 2014-04-07 10:35 - 02798296 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2015-03-15 15:30 - 2014-03-28 18:03 - 00628952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2015-03-15 15:30 - 2014-03-19 19:19 - 14844504 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2015-03-15 15:30 - 2014-03-19 19:19 - 02101848 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2015-03-15 15:30 - 2014-03-19 19:19 - 02041432 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2015-03-15 15:30 - 2014-03-19 19:19 - 01049688 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2015-03-15 15:30 - 2014-03-06 16:35 - 01959128 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2015-03-15 15:30 - 2014-03-03 20:21 - 01019608 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2015-03-15 15:30 - 2014-02-18 17:04 - 02770976 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2015-03-15 15:30 - 2014-02-06 11:28 - 05804772 _____ () C:\WINDOWS\system32\Drivers\rtvienna.dat
2015-03-15 15:30 - 2014-01-28 11:48 - 01286872 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2015-03-15 15:30 - 2013-10-16 03:43 - 00209096 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2015-03-15 15:30 - 2013-10-11 12:47 - 00113576 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2015-03-15 15:30 - 2013-10-11 11:31 - 00947760 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2015-03-15 15:30 - 2013-09-10 04:02 - 06217904 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2015-03-15 15:30 - 2013-09-10 04:02 - 00313520 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2015-03-15 15:30 - 2013-09-10 04:01 - 01938608 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2015-03-15 15:30 - 2013-09-10 04:01 - 00260272 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2015-03-15 15:30 - 2013-08-14 15:36 - 00662784 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2015-03-15 15:30 - 2013-08-14 15:35 - 00663296 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2015-03-15 15:20 - 2015-03-15 15:21 - 00000000 ____D () C:\Program Files\Common Files\QCA_Bluetooth
2015-03-15 15:20 - 2015-03-15 15:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program
2015-03-15 15:20 - 2015-03-15 15:20 - 00000000 ____D () C:\ProgramData\{311B5C7D-9853-428B-932D-68E04EBDAE47}
2015-03-15 15:20 - 2015-03-15 15:20 - 00000000 ____D () C:\Program Files (x86)\Bluetooth Suite
2015-03-15 15:15 - 2015-03-15 16:15 - 00000000 ____D () C:\Program Files (x86)\ArcSoft
2015-03-15 15:15 - 2015-03-15 15:15 - 00002038 _____ () C:\Users\Public\Desktop\ArcSoft TV 5.0.lnk
2015-03-15 15:15 - 2015-03-15 15:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft TV 5.0
2015-03-15 15:15 - 2014-03-11 23:20 - 00222720 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AtihdWB6.sys
2015-03-15 15:15 - 2014-03-11 23:19 - 00142848 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\amdacpksl.sys
2015-03-15 15:15 - 2014-03-11 23:18 - 00110080 _____ (Advanced Micro Devices) C:\WINDOWS\system32\DelayAPO.dll
2015-03-15 15:09 - 2015-03-15 15:09 - 00003126 _____ () C:\WINDOWS\System32\Tasks\advRecovery
2015-03-15 15:09 - 2015-03-15 15:09 - 00001597 _____ () C:\Users\Public\Desktop\Recovery.lnk
2015-03-15 00:24 - 2015-03-15 00:24 - 00001034 _____ () C:\Users\Public\Desktop\PDF-Viewer.lnk
2015-03-15 00:24 - 2015-03-15 00:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer
2015-03-15 00:24 - 2015-03-15 00:24 - 00000000 ____D () C:\Program Files\Tracker Software
2015-03-15 00:17 - 2015-03-15 00:17 - 00000000 ____D () C:\ProgramData\ATI
2015-03-15 00:15 - 2015-03-15 00:15 - 00001450 _____ () C:\Users\Karsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-15 00:15 - 2015-03-15 00:15 - 00000020 ___SH () C:\Users\Karsten\ntuser.ini
2015-03-15 00:12 - 2015-03-18 16:29 - 02013534 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-15 00:12 - 2015-03-15 00:12 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2015-03-15 00:12 - 2015-03-15 00:12 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2015-03-15 00:12 - 2015-03-15 00:12 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2015-03-15 00:12 - 2015-03-15 00:12 - 00000000 _SHDL () C:\Users\Default\Startmenü
2015-03-15 00:12 - 2015-03-15 00:12 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2015-03-15 00:12 - 2015-03-15 00:12 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2015-03-15 00:12 - 2015-03-15 00:12 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2015-03-15 00:12 - 2015-03-15 00:12 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2015-03-15 00:12 - 2015-03-15 00:12 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2015-03-15 00:12 - 2015-03-15 00:12 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2015-03-15 00:12 - 2015-03-15 00:12 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-03-15 00:12 - 2015-03-15 00:12 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2015-03-15 00:12 - 2015-03-15 00:12 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2015-03-15 00:12 - 2015-03-15 00:12 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2015-03-15 00:12 - 2015-03-15 00:12 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2015-03-15 00:12 - 2015-03-15 00:12 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2015-03-15 00:12 - 2015-03-15 00:12 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-03-15 00:12 - 2015-03-15 00:12 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2015-03-15 00:12 - 2015-03-15 00:12 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-03-15 00:12 - 2015-03-15 00:12 - 00000000 _SHDL () C:\Programme
2015-03-15 00:12 - 2015-03-15 00:12 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2015-03-15 00:12 - 2015-03-15 00:12 - 00000000 _SHDL () C:\ProgramData\Startmenü
2015-03-15 00:12 - 2015-03-15 00:12 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-03-15 00:12 - 2015-03-15 00:12 - 00000000 _SHDL () C:\ProgramData\Dokumente
2015-03-15 00:12 - 2015-03-15 00:12 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2015-03-15 00:12 - 2015-03-15 00:12 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2015-03-15 00:12 - 2015-03-15 00:12 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2015-03-15 00:11 - 2015-03-15 00:11 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2015-03-15 00:07 - 2015-03-15 00:07 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-03-15 00:06 - 2015-03-15 00:06 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2015-03-15 00:05 - 2015-03-15 00:15 - 00000000 ____D () C:\Users\Karsten
2015-03-15 00:05 - 2015-03-15 00:11 - 00020958 _____ () C:\WINDOWS\diagwrn.xml
2015-03-15 00:05 - 2015-03-15 00:11 - 00020958 _____ () C:\WINDOWS\diagerr.xml
2015-03-15 00:05 - 2015-03-15 00:05 - 00000000 _SHDL () C:\Users\Karsten\Vorlagen
2015-03-15 00:05 - 2015-03-15 00:05 - 00000000 _SHDL () C:\Users\Karsten\Startmenü
2015-03-15 00:05 - 2015-03-15 00:05 - 00000000 _SHDL () C:\Users\Karsten\Netzwerkumgebung
2015-03-15 00:05 - 2015-03-15 00:05 - 00000000 _SHDL () C:\Users\Karsten\Lokale Einstellungen
2015-03-15 00:05 - 2015-03-15 00:05 - 00000000 _SHDL () C:\Users\Karsten\Eigene Dateien
2015-03-15 00:05 - 2015-03-15 00:05 - 00000000 _SHDL () C:\Users\Karsten\Druckumgebung
2015-03-15 00:05 - 2015-03-15 00:05 - 00000000 _SHDL () C:\Users\Karsten\Documents\Eigene Musik
2015-03-15 00:05 - 2015-03-15 00:05 - 00000000 _SHDL () C:\Users\Karsten\Documents\Eigene Bilder
2015-03-15 00:05 - 2015-03-15 00:05 - 00000000 _SHDL () C:\Users\Karsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-03-15 00:05 - 2015-03-15 00:05 - 00000000 _SHDL () C:\Users\Karsten\AppData\Local\Verlauf
2015-03-15 00:05 - 2015-03-15 00:05 - 00000000 _SHDL () C:\Users\Karsten\AppData\Local\Anwendungsdaten
2015-03-15 00:05 - 2015-03-15 00:05 - 00000000 _SHDL () C:\Users\Karsten\Anwendungsdaten
2015-03-15 00:05 - 2015-03-15 00:05 - 00000000 ___RD () C:\Users\Karsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-15 00:05 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\Karsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-15 00:05 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\Karsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-15 00:05 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\Karsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-03-15 00:05 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\Karsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-03-15 00:05 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\Karsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-15 00:03 - 2015-03-15 00:03 - 00000000 ____D () C:\ProgramData\HP
2015-03-15 00:03 - 2015-03-15 00:03 - 00000000 ____D () C:\AMD
2015-03-15 00:02 - 2015-03-15 15:30 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2015-03-15 00:02 - 2015-03-15 00:02 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-03-15 00:02 - 2015-03-15 00:02 - 00000000 ____D () C:\Program Files\Realtek
2015-03-15 00:02 - 2015-03-15 00:02 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2015-03-15 00:02 - 2015-03-15 00:02 - 00000000 ____D () C:\Program Files\AMD
2015-03-15 00:02 - 2015-03-15 00:02 - 00000000 _____ () C:\WINDOWS\ativpsrm.bin
2015-03-15 00:01 - 2015-03-15 00:15 - 00000000 ___DC () C:\WINDOWS\Panther
2015-03-15 00:01 - 2015-03-15 00:01 - 00000000 __SHD () C:\Recovery
2015-03-15 00:00 - 2015-03-15 00:00 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2015-03-14 23:58 - 2015-03-14 23:58 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2015-03-14 23:58 - 2015-03-14 23:58 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-03-14 23:58 - 2015-03-14 23:58 - 00000000 ____D () C:\Program Files\MSBuild
2015-03-14 23:58 - 2015-03-14 23:58 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-03-14 23:58 - 2015-03-14 23:58 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-03-14 23:58 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-03-14 23:58 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-03-14 23:58 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-03-14 23:58 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-03-14 19:51 - 2015-03-17 08:19 - 00000000 ____D () C:\Users\Karsten\AppData\Roaming\vlc
2015-03-14 19:51 - 2015-03-15 00:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-03-14 19:51 - 2015-03-14 19:51 - 00001066 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-03-14 19:51 - 2015-03-14 19:51 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2015-03-14 10:25 - 2015-03-14 10:25 - 00000000 ____D () C:\Users\Karsten\Documents\Benutzerdefinierte Office-Vorlagen
2015-03-13 12:47 - 2015-03-13 12:47 - 00000000 ____D () C:\Users\Karsten\AppData\Local\Microsoft Help
2015-03-13 09:06 - 2015-03-15 00:11 - 00008161 _____ () C:\WINDOWS\comsetup.log
2015-03-13 00:01 - 2015-03-13 00:02 - 00000000 ____D () C:\Users\Karsten\Desktop\Tor Browser
2015-03-12 13:20 - 2015-03-12 13:20 - 00002221 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-03-12 13:20 - 2015-03-12 13:20 - 00002221 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-03-12 13:20 - 2015-03-12 13:20 - 00000000 ___RD () C:\Users\Karsten\OneDrive
2015-03-12 13:20 - 2015-03-12 13:20 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2015-03-12 13:20 - 2015-03-12 13:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft OneDrive
2015-03-12 13:00 - 2015-03-15 00:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-03-12 12:57 - 2015-03-12 12:57 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-03-12 12:42 - 2015-03-15 13:12 - 00000000 ____D () C:\WINDOWS\system32\AutoUpdateLicense
2015-03-12 12:38 - 2015-01-29 09:30 - 00011056 ____N () C:\WINDOWS\system32\AutoconfigV2.cab
2015-03-12 11:28 - 2015-03-12 11:29 - 00000000 ____D () C:\Users\Karsten\AppData\Roaming\Q-Dir
2015-03-12 11:12 - 2015-03-14 23:01 - 01389215 _____ () C:\WINDOWS\WindowsUpdate (1).log
2015-03-12 10:59 - 2015-03-15 00:08 - 00000000 ____D () C:\Users\Karsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-03-12 10:59 - 2015-03-12 10:59 - 00002776 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-03-12 10:59 - 2015-03-12 10:59 - 00000822 _____ () C:\Users\Karsten\Desktop\CCleaner.lnk
2015-03-12 10:59 - 2015-03-12 10:59 - 00000000 ____D () C:\Program Files\CCleaner
2015-03-12 10:34 - 2015-03-12 10:34 - 00001264 _____ () C:\Users\Karsten\Desktop\Revo Uninstaller.lnk
2015-03-12 10:34 - 2015-03-12 10:34 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-03-12 10:26 - 2015-03-12 10:26 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-12 10:26 - 2015-03-12 10:26 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-03-12 10:26 - 2015-03-12 10:26 - 00000000 ____D () C:\Users\Karsten\AppData\Roaming\Mozilla
2015-03-12 10:26 - 2015-03-12 10:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-12 09:53 - 2015-03-15 00:07 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-03-12 09:22 - 2015-03-12 09:23 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-03-12 08:46 - 2015-02-04 10:52 - 00894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-03-12 08:46 - 2015-02-04 10:52 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-03-12 08:43 - 2013-05-04 05:51 - 00014848 ____N (Microsoft) C:\WINDOWS\system32\rars.rs
2015-03-12 08:43 - 2013-05-04 05:10 - 00014848 ____N (Microsoft) C:\WINDOWS\SysWOW64\rars.rs
2015-03-12 08:32 - 2015-03-03 14:17 - 00295552 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-03-12 00:15 - 2015-03-12 00:15 - 00000000 ____D () C:\Users\Karsten\AppData\Roaming\OpenOffice.org
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-18 17:12 - 2012-11-19 06:57 - 00000000 ____D () C:\ProgramData\WinClon
2015-03-18 17:07 - 2013-08-22 15:46 - 00293914 _____ () C:\WINDOWS\setupact.log
2015-03-18 17:07 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-18 16:03 - 2013-03-31 16:51 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-03-18 16:01 - 2014-11-21 04:35 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-18 16:01 - 2014-11-21 03:45 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat
2015-03-18 16:01 - 2014-11-21 03:45 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat
2015-03-18 16:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-03-18 11:51 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-03-18 10:13 - 2013-03-30 13:49 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-636140152-1917280589-3368040161-1001
2015-03-17 10:26 - 2014-11-20 19:24 - 00006514 _____ () C:\WINDOWS\PFRO.log
2015-03-17 09:51 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-03-17 09:34 - 2013-03-30 13:42 - 00000000 ____D () C:\Users\Karsten\AppData\Local\Packages
2015-03-17 08:48 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-03-17 08:07 - 2013-08-22 15:44 - 00548784 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-03-17 01:18 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-03-17 01:18 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-17 01:18 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-17 01:18 - 2013-08-22 16:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-17 01:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2015-03-17 01:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2015-03-17 01:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2015-03-17 01:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-03-17 01:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-17 01:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-16 07:56 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-03-16 00:10 - 2013-03-31 16:51 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-03-16 00:10 - 2013-03-30 23:27 - 00000000 ____D () C:\Users\Karsten\AppData\Local\Adobe
2015-03-15 16:32 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-03-15 16:16 - 2012-11-19 06:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-03-15 16:16 - 2012-11-19 06:32 - 00000000 ____D () C:\Program Files (x86)\Samsung
2015-03-15 16:15 - 2012-11-19 06:31 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-15 16:13 - 2012-11-19 06:48 - 00000000 ____D () C:\Program Files\Intel
2015-03-15 16:12 - 2012-11-19 06:47 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-03-15 16:02 - 2012-11-19 06:31 - 00000189 _____ () C:\Setup.log
2015-03-15 16:01 - 2012-11-19 06:51 - 00000000 ____D () C:\Program Files\YUAN
2015-03-15 16:01 - 2012-11-19 06:32 - 00000000 ____D () C:\Program Files (x86)\Qualcomm Atheros
2015-03-15 16:01 - 2012-11-19 06:31 - 00000000 ____D () C:\Program Files (x86)\Realtek
2015-03-15 16:00 - 2012-11-19 06:48 - 00003936 _____ () C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d
2015-03-15 16:00 - 2012-11-19 06:48 - 00003690 _____ () C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon
2015-03-15 16:00 - 2012-11-19 06:48 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-03-15 16:00 - 2012-11-19 06:48 - 00000000 ____D () C:\ProgramData\Intel
2015-03-15 15:30 - 2012-11-19 06:48 - 00003217 _____ () C:\RHDSetup.log
2015-03-15 15:30 - 2012-11-19 06:48 - 00000000 ___HD () C:\Program Files (x86)\Temp
2015-03-15 15:21 - 2013-08-22 15:46 - 00000692 _____ () C:\WINDOWS\setuperr.log
2015-03-15 15:10 - 2013-03-30 14:09 - 00002004 _____ () C:\Users\Public\Desktop\Help Desk.lnk
2015-03-15 15:09 - 2012-11-19 06:32 - 00000000 ____D () C:\Program Files\Samsung
2015-03-15 15:06 - 2013-03-30 14:03 - 00002054 _____ () C:\Users\Public\Desktop\Support Center.lnk
2015-03-15 14:56 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2015-03-15 14:56 - 2012-11-19 06:56 - 00000000 ____D () C:\ProgramData\SAMSUNG
2015-03-15 00:15 - 2013-03-30 13:43 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2015-03-15 00:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Registration
2015-03-15 00:12 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2015-03-15 00:12 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default
2015-03-15 00:12 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-03-15 00:09 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media
2015-03-15 00:09 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Public\Libraries
2015-03-15 00:08 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-03-15 00:08 - 2013-04-18 08:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Q-Dir
2015-03-15 00:08 - 2013-04-10 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CD-LabelPrint
2015-03-15 00:08 - 2013-04-10 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon iP4700 series Benutzerregistrierung
2015-03-15 00:08 - 2013-04-10 19:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon iP4700 series Manual
2015-03-15 00:08 - 2013-04-02 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel AppUp(R) center
2015-03-15 00:08 - 2013-03-31 15:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon PhotoRecord
2015-03-15 00:08 - 2013-03-31 00:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon iP4700 series
2015-03-15 00:08 - 2012-11-20 00:11 - 00000000 ____D () C:\WINDOWS\en-GB
2015-03-15 00:08 - 2012-11-19 07:03 - 00000000 ____D () C:\WINDOWS\it
2015-03-15 00:08 - 2012-11-19 07:03 - 00000000 ____D () C:\WINDOWS\fr
2015-03-15 00:08 - 2012-11-19 07:03 - 00000000 ____D () C:\WINDOWS\de
2015-03-15 00:08 - 2012-11-19 07:01 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 10
2015-03-15 00:08 - 2012-11-19 07:00 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go 8
2015-03-15 00:07 - 2014-11-21 11:51 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-03-15 00:07 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2015-03-15 00:07 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2015-03-15 00:07 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\system32\WCN
2015-03-15 00:07 - 2013-08-22 16:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2015-03-15 00:07 - 2013-08-22 16:37 - 00005217 _____ () C:\WINDOWS\DtcInstall.log
2015-03-15 00:07 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2015-03-15 00:07 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2015-03-15 00:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2015-03-15 00:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2015-03-15 00:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2015-03-15 00:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2015-03-15 00:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2015-03-15 00:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2015-03-15 00:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\IME
2015-03-15 00:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help
2015-03-15 00:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-03-15 00:07 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-03-15 00:07 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-03-15 00:07 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2015-03-15 00:07 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2015-03-15 00:07 - 2013-04-10 19:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2015-03-15 00:07 - 2013-04-03 09:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon
2015-03-15 00:07 - 2013-03-31 00:17 - 00000000 ___HD () C:\WINDOWS\system32\CanonIJ Uninstaller Information
2015-03-15 00:07 - 2012-08-05 22:11 - 00000000 ____D () C:\ProgramData\PRICache
2015-03-15 00:07 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated
2015-03-15 00:06 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2015-03-15 00:00 - 2013-08-22 16:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2015-03-14 23:58 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2015-03-14 16:01 - 2013-03-30 13:44 - 00000000 ____D () C:\Users\Karsten\Documents\Bluetooth Folder
2015-03-13 18:16 - 2013-03-31 22:23 - 00000000 ____D () C:\Program Files (x86)\Pinnacle
2015-03-13 01:06 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2015-03-12 13:20 - 2012-11-19 07:03 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-03-12 11:13 - 2013-04-11 16:59 - 00044544 ___SH () C:\Users\Karsten\Desktop\Thumbs.db
2015-03-12 11:12 - 2012-11-19 06:55 - 00000000 ____D () C:\ProgramData\Norton
2015-03-12 11:00 - 2013-03-31 13:25 - 00000000 ____D () C:\Users\Karsten\AppData\Local\CrashDumps
2015-03-12 10:54 - 2012-11-19 07:01 - 00000000 ____D () C:\ProgramData\PopCap Games
2015-03-12 10:52 - 2013-03-31 22:23 - 00000000 ____D () C:\ProgramData\Pinnacle
2015-03-12 10:46 - 2012-11-19 07:01 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-03-12 10:26 - 2013-04-14 21:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-12 08:23 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2015-03-12 01:33 - 2013-04-10 19:12 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2015-03-12 00:28 - 2013-04-14 22:54 - 00000000 ____D () C:\Users\Karsten\AppData\Roaming\Skype
2015-03-12 00:28 - 2013-04-14 22:54 - 00000000 ____D () C:\ProgramData\Skype
2015-03-12 00:27 - 2012-11-19 07:01 - 00000000 ____D () C:\ProgramData\Adobe
2015-03-04 22:24 - 2014-11-21 12:01 - 00792032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-03-04 22:24 - 2014-11-21 12:01 - 00178144 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-26 21:14 - 2013-03-31 12:12 - 122905848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories =======
2013-03-31 22:34 - 2013-04-15 23:25 - 0000582 _____ () C:\Users\Karsten\AppData\Roaming\KARSTENS-PC.MTBF.txt
2013-03-31 22:34 - 2013-04-15 23:26 - 0000902 _____ () C:\Users\Karsten\AppData\Roaming\__AvidCloudManager.log
2013-03-31 22:34 - 2013-04-15 23:22 - 0000676 _____ () C:\Users\Karsten\AppData\Roaming\__AvidCloudManagerPrevious.log
2013-03-31 22:48 - 2013-04-16 21:41 - 0004608 _____ () C:\Users\Karsten\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-04-05 22:26 - 2013-04-05 23:03 - 0007604 _____ () C:\Users\Karsten\AppData\Local\Resmon.ResmonCfg
2012-11-19 06:49 - 2012-11-19 06:49 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2012-11-19 07:01 - 2013-02-21 16:59 - 2063240 _____ (Samsung Electronics) C:\ProgramData\MakeMarkerFile.exe
2012-11-19 07:01 - 2013-01-12 23:51 - 0003004 _____ () C:\ProgramData\MakeMarkerFile.xml
Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-15 00:02
==================== End Of Log ============================ --- --- ---
--- --- ---
ADDITION Logfile: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Karsten at 2015-03-18 17:13:41
Running from C:\Users\Karsten\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
AllSharePlayLink (HKLM-x32\...\{CE1836A8-3F2B-49BD-8395-93DD414068D2}) (Version: 1.0.0 - Samsung Electronics Co., Ltd.)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{69669AD0-5A23-38B5-D98A-0DF4BD9AF5B4}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
ArcSoft TV 5.0 (HKLM-x32\...\InstallShield_{0668E92A-CBC3-455E-9099-93D99EC00285}) (Version: 5.0.5.219 - ArcSoft, Inc.)
ArcSoft TV 5.0 (x32 Version: 5.0.7.1 - ArcSoft) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2214 - AVAST Software)
AVerMedia A328 Mini-Card Hybrid TV Tuner 2.2.64.80 (HKLM-x32\...\AVerMedia A328 Mini-Card Hybrid TV Tuner) (Version: 2.2.64.80 - AVerMedia TECHNOLOGIES, Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Canon iP4700 series Benutzerregistrierung (HKLM-x32\...\Canon iP4700 series Benutzerregistrierung) (Version: - )
Canon iP4700 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4700_series) (Version: - )
Canon PhotoRecord (HKLM-x32\...\PhotoRecord) (Version: - )
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version: - )
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1912 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4421.52 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
GestureControl (HKLM-x32\...\{00F2E61A-3A04-4B8C-A828-8E2596F7EFF5}) (Version: 3.0.9 - Extreme Reality Ltd.)
Help Desk (HKLM\...\{AEC9D273-E162-4614-83F1-722B8C74B185}) (Version: 1.0.96 - Samsung Electronics CO., LTD.)
Intel AppUp(R) center (HKLM-x32\...\Intel AppUp(SM) center 33070) (Version: 41450 - Intel)
Intel(R) C++ Redistributables on IA-32 (HKLM-x32\...\{ECEA43C7-A861-498F-9B3E-5480C6C03E7F}) (Version: 12.1.122 - Intel Corporation)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
MC582ML (HKLM\...\{48FC7E7B-E36A-4DE5-86E0-8C71542679E8}) (Version: 6.111.24 - YUAN)
MC770A_MC770AQ_MC570QA (HKLM\...\{D3E38069-940E-44FC-942E-32430BD8208F}) (Version: 2.33.56 - YUAN)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4701.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-636140152-1917280589-3368040161-1001\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 36.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 de)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.1 - Mozilla)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.312.1 - Tracker Software Products Ltd)
Q-Dir (HKLM-x32\...\Q-Dir) (Version: - )
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.326 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Quick Starter (HKLM\...\{EC36E2BC-86F7-44C9-84B2-93930F0FBDBF}) (Version: 1.0.0 - Samsung Electronics CO., LTD.)
Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7218 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.12.18 - Samsung Electronics CO., LTD.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
S Agent (Version: 1.1.51 - Samsung Electronics CO., LTD.) Hidden
Samsung Link (HKLM-x32\...\{82EC241F-DFCA-4166-A8C3-EA5D2B9A41C4}) (Version: 1.8.0.39 - Samsung Electronics CO., LTD.)
Settings (HKLM-x32\...\{8CB5C357-12E5-41B1-A024-D57D4E6F32D9}) (Version: 2.0.1 - Samsung Electronics CO., LTD.)
Support Center (HKLM\...\{711DE117-767F-48A8-9864-66C525B9539F}) (Version: 2.1.1223 - Samsung Electronics CO., LTD.)
Support Center FAQ (x32 Version: 1.0.17 - Samsung Electronics CO., LTD.) Hidden
SW Update (HKLM-x32\...\{1687FC01-135F-4ADE-B828-B461CC74BD8A}) (Version: 2.2.4 - Samsung Electronics CO., LTD.)
TotalMedia Record (HKLM-x32\...\InstallShield_{FE00D6E8-ACC6-442B-88F3-378BE36F4833}) (Version: 2.5.6.52 - ArcSoft, Inc.)
TotalMedia Record (x32 Version: 2.5.6.52 - ArcSoft, Inc.) Hidden
TotalMedia Theatre (HKLM-x32\...\InstallShield_{9A2CE5D4-0A1E-42EB-9CE0-ABD5DD79E94E}) (Version: 5.3.29.235 - ArcSoft)
TotalMedia Theatre (x32 Version: 5.3.29.235 - ArcSoft) Hidden
User Guide (HKLM-x32\...\{F7DAA6A1-E7F1-4062-B47C-7B994B8A132D}) (Version: 1.5.00 - Samsung Electronics CO., LTD.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-636140152-1917280589-3368040161-1001_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AC}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
CustomCLSID: HKU\S-1-5-21-636140152-1917280589-3368040161-1001_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AD}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
CustomCLSID: HKU\S-1-5-21-636140152-1917280589-3368040161-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Karsten\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-636140152-1917280589-3368040161-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Karsten\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-636140152-1917280589-3368040161-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Karsten\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-636140152-1917280589-3368040161-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Karsten\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-636140152-1917280589-3368040161-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Karsten\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
17-03-2015 08:30:56 avast! antivirus system restore point
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {242AEFE3-5E8A-403A-B6A9-6999BEC2887C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {2E7907E6-4CE0-4241-AF60-7F2910A97E93} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: {50B5FAC2-9CEB-4AE2-AD50-2A59081E8DBC} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2013-10-03] (Dolby Laboratories Inc.)
Task: {6CE3312C-1A97-4383-A5D2-0F3C2E426566} - System32\Tasks\{7BE2CAFF-DEA8-4CA8-A763-64616D569B9A} => pcalua.exe -a C:\windows\IsUn0407.exe -c -f"C:\Program Files (x86)\Canon\ScanGear Toolbox 2.6\Uninst.isu" -c"C:\Program Files (x86)\Canon\ScanGear Toolbox 2.6\uninst.dll"
Task: {70FBF1C0-2EEB-469C-BD72-F19EDEDCDC34} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {8F52B922-758D-4581-8230-FF293AF8D4FA} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-03-12] (Microsoft Corporation)
Task: {92CAC19B-8F91-47E8-BC37-FB6B37FF28A7} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2014-10-29] (Samsung Electronics CO., LTD.)
Task: {9C75600C-0A3B-4074-8B3B-DAA94C6F157A} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-16] (Adobe Systems Incorporated)
Task: {A654E673-4C47-47AF-843F-A868DE248E60} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {AA1412CB-40CD-41DF-AC73-F2ED3F815CA5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2015-02-26] (Microsoft Corporation)
Task: {AD6DB1C3-3CA3-4A0C-ADA8-73857B6A80AE} - System32\Tasks\{0D583174-949D-49B2-8602-2DBE304FA323} => pcalua.exe -a C:\PROGRA~3\TARMAI~1\{889DF~1\Setup.exe -c /remove /q0
Task: {C6E2DDD4-4E7D-4E00-9A55-4FE939CB8D2D} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2014-11-21] (Microsoft Corporation)
Task: {CA91B0F3-4C8F-4050-A393-63765554C4C1} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-03-17] (Avast Software s.r.o.)
Task: {D5DAA9BB-12FB-4C1E-9115-E31DB807C24C} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {DA00BAC2-7613-43F8-A0FC-982FBB6CCA8A} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2014-11-12] (SEC)
Task: {DAD158EE-938A-4820-AE6F-7213BA55C416} - System32\Tasks\SamsungLinkPC => C:\Program Files (x86)\Samsung\HomeSync Lite\RefreshToken.exe
Task: {DDD27600-ADD3-46F2-BA72-F04460E24E1E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: {E64061CE-01AF-4F9A-89D1-E5D863702043} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2014-01-29] (Samsung Electronics CO., LTD.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) ==============
2015-03-12 12:57 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-04-10 19:12 - 2009-02-10 17:01 - 00116104 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2014-01-29 13:20 - 2014-01-29 13:20 - 00084800 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
2013-10-03 19:41 - 2013-10-03 19:41 - 00052096 _____ () C:\Program Files\Dolby Digital Plus\Dolby.DDP.Controls_Desktop.dll
2014-06-17 08:32 - 2014-06-17 08:32 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-06-17 08:29 - 2014-06-17 08:29 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2014-06-17 08:35 - 2014-06-17 08:35 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2014-10-29 17:19 - 2014-10-29 17:19 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll
2015-03-17 08:31 - 2015-03-17 08:31 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-03-17 08:31 - 2015-03-17 08:31 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-03-18 09:43 - 2015-03-18 09:43 - 02922496 _____ () C:\Program Files\AVAST Software\Avast\defs\15031800\algo.dll
2015-03-15 15:59 - 2013-09-17 03:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00027968 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 01141056 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00109888 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00025920 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00109888 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00059712 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00102720 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2007-04-19 09:33 - 2007-04-19 09:33 - 00035584 _____ () C:\Program Files (x86)\ArcSoft\ArcSoft TV 5.0\uPiApi.dll
2012-06-04 15:50 - 2012-06-04 15:50 - 00016384 _____ () C:\Program Files (x86)\ArcSoft\ArcSoft TV 5.0\uTVMUIEngine.dll
2012-11-19 06:55 - 2012-09-18 20:04 - 00016896 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
2012-11-19 06:55 - 2012-09-18 20:04 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
2012-11-19 06:55 - 2012-09-18 20:04 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
2012-11-19 06:55 - 2012-09-18 20:04 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
2012-11-19 06:55 - 2012-09-18 20:04 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
2012-11-19 06:55 - 2012-09-18 20:04 - 00020480 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
2012-11-19 06:55 - 2012-09-18 20:04 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
2012-11-19 06:55 - 2012-09-18 20:04 - 00446976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll
2012-11-19 06:55 - 2012-09-18 20:04 - 00064512 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll
2012-11-19 07:00 - 2012-06-08 04:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 03:34 - 2012-06-08 03:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-03-17 08:31 - 2015-03-17 08:31 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-03-17 08:31 - 2015-03-17 08:31 - 01359872 _____ () C:\Program Files\AVAST Software\Avast\libglesv2.dll
2015-03-17 08:31 - 2015-03-17 08:31 - 00212992 _____ () C:\Program Files\AVAST Software\Avast\libegl.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-636140152-1917280589-3368040161-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme2\img12.jpg
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-636140152-1917280589-3368040161-500 - Administrator - Disabled)
Gast (S-1-5-21-636140152-1917280589-3368040161-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-636140152-1917280589-3368040161-1008 - Limited - Enabled)
Karsten (S-1-5-21-636140152-1917280589-3368040161-1001 - Administrator - Enabled) => C:\Users\Karsten
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/17/2015 10:26:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Ath_CoexAgent.exe, Version: 8.0.0.270, Zeitstempel: 0x50af28a7
Name des fehlerhaften Moduls: Ath_CoexAgent.exe, Version: 8.0.0.270, Zeitstempel: 0x50af28a7
Ausnahmecode: 0x40000015
Fehleroffset: 0x0002956d
ID des fehlerhaften Prozesses: 0x814
Startzeit der fehlerhaften Anwendung: 0xAth_CoexAgent.exe0
Pfad der fehlerhaften Anwendung: Ath_CoexAgent.exe1
Pfad des fehlerhaften Moduls: Ath_CoexAgent.exe2
Berichtskennung: Ath_CoexAgent.exe3
Vollständiger Name des fehlerhaften Pakets: Ath_CoexAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Ath_CoexAgent.exe5
Error: (03/17/2015 08:30:58 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary szmantze.
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (03/17/2015 08:07:26 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "ProtectionManagement" wurde versucht, die Abfrage "select * from MSFT_MpEvent" zu registrieren, deren Zielklasse "MSFT_MpEvent" im Namespace "//./root/microsoft/protectionManagement" nicht vorhanden ist. Die Abfrage wird ignoriert.
Error: (03/17/2015 08:07:26 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "" wurde versucht, die Abfrage "select * from MSFT_MpEvent" zu registrieren, deren Zielklasse "MSFT_MpEvent" im Namespace "//./root/microsoft/protectionManagement" nicht vorhanden ist. Die Abfrage wird ignoriert.
Error: (03/16/2015 11:14:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: EasySettingsCmdServer.exe, Version: 0.0.0.0, Zeitstempel: 0x52e75292
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.30319.460, Zeitstempel: 0x4db13576
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008cb95
ID des fehlerhaften Prozesses: 0xfc0
Startzeit der fehlerhaften Anwendung: 0xEasySettingsCmdServer.exe0
Pfad der fehlerhaften Anwendung: EasySettingsCmdServer.exe1
Pfad des fehlerhaften Moduls: EasySettingsCmdServer.exe2
Berichtskennung: EasySettingsCmdServer.exe3
Vollständiger Name des fehlerhaften Pakets: EasySettingsCmdServer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: EasySettingsCmdServer.exe5
Error: (03/15/2015 04:00:40 PM) (Source: MsiInstaller) (EventID: 11406) (User: Karstens-PC)
Description: Product: Intel(R) Rapid Storage Technology -- Error 1406. Could not write value Shortcut to key \Software\Intel\RST. System error . Verify that you have sufficient access to that key, or contact your support personnel.
Error: (03/15/2015 03:59:43 PM) (Source: LMS) (EventID: 2) (User: Karstens-PC)
Description: Der Dienstprozess konnte keine Verbindung mit dem Dienstcontroller herstellen.
Error: (03/15/2015 03:55:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Ath_CoexAgent.exe, Version: 8.0.0.270, Zeitstempel: 0x50af28a7
Name des fehlerhaften Moduls: Ath_CoexAgent.exe, Version: 8.0.0.270, Zeitstempel: 0x50af28a7
Ausnahmecode: 0x40000015
Fehleroffset: 0x0002956d
ID des fehlerhaften Prozesses: 0x790
Startzeit der fehlerhaften Anwendung: 0xAth_CoexAgent.exe0
Pfad der fehlerhaften Anwendung: Ath_CoexAgent.exe1
Pfad des fehlerhaften Moduls: Ath_CoexAgent.exe2
Berichtskennung: Ath_CoexAgent.exe3
Vollständiger Name des fehlerhaften Pakets: Ath_CoexAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Ath_CoexAgent.exe5
Error: (03/15/2015 03:09:05 PM) (Source: MsiInstaller) (EventID: 1013) (User: Karstens-PC)
Description: Product: S Agent -- Unable to install because a newer version of this product is already installed.
Error: (03/15/2015 00:17:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MsiExec.exe, Version: 5.0.9600.17415, Zeitstempel: 0x54504875
Name des fehlerhaften Moduls: MSIC4BA.tmp, Version: 2.0.0.9, Zeitstempel: 0x4d4b089c
Ausnahmecode: 0xc000000d
Fehleroffset: 0x00019d88
ID des fehlerhaften Prozesses: 0x13b8
Startzeit der fehlerhaften Anwendung: 0xMsiExec.exe0
Pfad der fehlerhaften Anwendung: MsiExec.exe1
Pfad des fehlerhaften Moduls: MsiExec.exe2
Berichtskennung: MsiExec.exe3
Vollständiger Name des fehlerhaften Pakets: MsiExec.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MsiExec.exe5
System errors:
=============
Error: (03/18/2015 05:07:13 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.
Error: (03/18/2015 03:57:31 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.
Error: (03/18/2015 03:28:20 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.
Error: (03/18/2015 02:51:37 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.
Error: (03/18/2015 01:58:15 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.
Error: (03/18/2015 10:14:33 AM) (Source: DCOM) (EventID: 10010) (User: Karstens-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (03/18/2015 10:14:03 AM) (Source: DCOM) (EventID: 10010) (User: Karstens-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (03/18/2015 09:42:10 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.
Error: (03/17/2015 08:01:18 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.
Error: (03/17/2015 05:39:12 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.
Microsoft Office Sessions:
=========================
Error: (03/17/2015 10:26:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Ath_CoexAgent.exe8.0.0.27050af28a7Ath_CoexAgent.exe8.0.0.27050af28a7400000150002956d81401d06094679501dfC:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exeC:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exea5655171-cc87-11e4-bec3-50b7c3e7c5b4
Error: (03/17/2015 08:30:58 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary szmantze.
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (03/17/2015 08:07:26 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: ProtectionManagementselect * from MSFT_MpEventMSFT_MpEvent//./root/microsoft/protectionManagement
Error: (03/17/2015 08:07:26 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: select * from MSFT_MpEventMSFT_MpEvent//./root/microsoft/protectionManagement
Error: (03/16/2015 11:14:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: EasySettingsCmdServer.exe0.0.0.052e75292MSVCR100.dll10.0.30319.4604db13576400000150008cb95fc001d05fd200ddcaedC:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exeC:\Program Files (x86)\Samsung\Settings\CmdServer\MSVCR100.dll40d6d574-cbc5-11e4-beb8-50b7c3e7c5b4
Error: (03/15/2015 04:00:40 PM) (Source: MsiInstaller) (EventID: 11406) (User: Karstens-PC)
Description: Product: Intel(R) Rapid Storage Technology -- Error 1406. Could not write value Shortcut to key \Software\Intel\RST. System error . Verify that you have sufficient access to that key, or contact your support personnel.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (03/15/2015 03:59:43 PM) (Source: LMS) (EventID: 2) (User: Karstens-PC)
Description: Der Dienstprozess konnte keine Verbindung mit dem Dienstcontroller herstellen.
Error: (03/15/2015 03:55:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Ath_CoexAgent.exe8.0.0.27050af28a7Ath_CoexAgent.exe8.0.0.27050af28a7400000150002956d79001d05f3004588dcbC:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exeC:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe421a8f1b-cb23-11e4-beb1-50b7c38f816b
Error: (03/15/2015 03:09:05 PM) (Source: MsiInstaller) (EventID: 1013) (User: Karstens-PC)
Description: Product: S Agent -- Unable to install because a newer version of this product is already installed.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (03/15/2015 00:17:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: MsiExec.exe5.0.9600.1741554504875MSIC4BA.tmp2.0.0.94d4b089cc000000d00019d8813b801d05eacf925be9cC:\Windows\syswow64\MsiExec.exeC:\WINDOWS\Installer\MSIC4BA.tmp37104868-caa0-11e4-824f-50b7c3e7c5b4
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-3770T CPU @ 2.50GHz
Percentage of memory in use: 15%
Total physical RAM: 8150.19 MB
Available physical RAM: 6896.41 MB
Total Pagefile: 8150.2 MB
Available Pagefile: 6774.72 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:57.28 GB) (Free:32.46 GB) NTFS
Drive d: () (Fixed) (Total:908.38 GB) (Free:523.88 GB) NTFS
Drive e: (My Book) (Fixed) (Total:2793.49 GB) (Free:2173.46 GB) NTFS
Drive h: (INTENSO USB) (Removable) (Total:3.73 GB) (Free:3.72 GB) FAT32
Drive k: (CANON_DC) (Removable) (Total:11.31 GB) (Free:11.31 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 59.6 GB) (Disk ID: 2999ECAB)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 177B94F4)
Partition: GPT Partition Type.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 5.
========================================================
Disk: 6 (MBR Code: Windows XP) (Size: 3.7 GB) (Disk ID: 1C541534)
Partition 1: (Active) - (Size=3.7 GB) - (Type=0B)
========================================================
Disk: 7 (Size: 11.3 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================ |