| nexxus88 | 06.12.2013 17:33 |
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-12-2013
Ran by etem (administrator) on ETEM-PC on 06-12-2013 17:28:04
Running from C:\Users\etem\Downloads
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\etem\AppData\Roaming\Spotify\spotify.exe
(Spotify Ltd) C:\Users\etem\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Users\etem\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\etem\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\etem\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\etem\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\etem\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\etem\Downloads\FRST (1).exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [6111232 2008-04-17] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416 2007-10-26] (Synaptics, Inc.)
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] - RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-14] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2014\avgui.exe [4956176 2013-11-07] (AVG Technologies CZ, s.r.o.)
HKCU\...\Run: [Spotify] - C:\Users\etem\AppData\Roaming\Spotify\spotify.exe [5955072 2013-11-14] (Spotify Ltd)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\etem\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-11-14] (Spotify Ltd)
HKCU\...\Run: [EA Core] - C:\Program Files\Electronic Arts\EADM\Core.exe [3342336 2009-09-03] (Electronic Arts)
HKCU\...\Policies\Explorer: [DisallowRun] 1
MountPoints2: {c595c175-ccef-11e2-8400-0013776fdcd4} - F:\setup.exe
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
Startup: C:\Users\etem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA9D15BE8B0BECE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\etem\AppData\Roaming\Mozilla\Firefox\Profiles\maap1x5d.default
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\etem\AppData\Roaming\Mozilla\Firefox\Profiles\maap1x5d.default\searchplugins\nation-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\nation-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\etem\AppData\Roaming\Mozilla\Firefox\Profiles\maap1x5d.default\Extensions\{25764c05-66ac-4894-a6c5-8b71691904b9}.xpi
FF Extension: prefs - C:\Users\etem\AppData\Roaming\Mozilla\Firefox\Profiles\maap1x5d.default\Extensions\{30172ca0-b0d1-400e-8e64-4ca5f03a5dbc}.xpi
FF Extension: Adblock Plus - C:\Users\etem\AppData\Roaming\Mozilla\Firefox\Profiles\maap1x5d.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
Chrome:
=======
CHR Extension: (Google Drive) - C:\Users\etem\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\etem\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\etem\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Wallet) - C:\Users\etem\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\etem\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376 2013-11-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-14] (Avira Operations GmbH & Co. KG)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3478544 2013-11-11] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
==================== Drivers (Whitelisted) ====================
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [120600 2013-11-05] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [209176 2013-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147768 2013-10-24] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22840 2013-09-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [176952 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [222520 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [102712 2013-10-01] (AVG Technologies CZ, s.r.o.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-03] (Avira Operations GmbH & Co. KG)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27448 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [193848 2013-08-01] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-10-24] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137208 2013-11-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-07] (Avira Operations GmbH & Co. KG)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 VMC302; System32\Drivers\VMC302.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-06 17:28 - 2013-12-06 17:28 - 00011139 _____ C:\Users\etem\Downloads\FRST.txt
2013-12-06 17:27 - 2013-12-06 17:27 - 01058547 _____ (Farbar) C:\Users\etem\Downloads\FRST (1).exe
2013-12-06 17:27 - 2013-12-06 17:27 - 00000000 ____D C:\FRST
2013-12-04 13:36 - 2013-12-04 13:36 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-03 15:13 - 2013-12-03 15:13 - 00055176 _____ C:\Users\etem\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-03 13:41 - 2013-12-03 13:41 - 00255168 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-02 21:11 - 2013-12-02 21:11 - 00000206 _____ C:\Users\etem\Documents\cc_20131202_211136.reg
2013-12-02 21:10 - 2013-12-02 21:11 - 00000846 _____ C:\Users\etem\Documents\cc_20131202_211049.reg
2013-12-01 15:40 - 2013-12-01 15:40 - 01092187 _____ (Farbar) C:\Users\etem\Downloads\FRST.exe
2013-11-27 17:31 - 2013-11-28 20:42 - 00000000 ____D C:\Users\etem\Desktop\Bewerbung Daimler
2013-11-26 14:12 - 2013-11-26 14:12 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
2013-11-26 14:12 - 2013-11-26 14:12 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
2013-11-15 19:59 - 2013-10-13 11:42 - 12344832 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-15 19:59 - 2013-10-13 11:08 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-15 19:59 - 2013-10-13 10:48 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-15 19:59 - 2013-10-13 10:37 - 01104896 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-15 19:59 - 2013-10-13 10:35 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-15 19:59 - 2013-10-13 10:35 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-15 19:59 - 2013-10-13 10:33 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-15 19:59 - 2013-10-13 10:32 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-15 19:59 - 2013-10-13 10:30 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-15 19:59 - 2013-10-13 10:30 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-15 19:59 - 2013-10-13 10:29 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-15 19:59 - 2013-10-13 10:27 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-15 19:59 - 2013-10-13 10:27 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-15 19:59 - 2013-10-13 10:26 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-15 19:59 - 2013-10-13 10:25 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-15 19:59 - 2013-10-13 10:20 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-14 14:04 - 2013-10-11 03:08 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-14 14:04 - 2013-10-11 03:07 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-14 14:04 - 2013-10-11 01:39 - 00218228 _____ C:\Windows\system32\WFP.TMF
2013-11-14 14:04 - 2013-10-03 13:45 - 00993792 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-14 14:04 - 2013-10-03 13:45 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-11 18:21 - 2013-11-24 20:46 - 00001287 _____ C:\Users\etem\Downloads\No Subject.eml
==================== One Month Modified Files and Folders =======
2013-12-06 17:28 - 2013-12-06 17:28 - 00011139 _____ C:\Users\etem\Downloads\FRST.txt
2013-12-06 17:27 - 2013-12-06 17:27 - 01058547 _____ (Farbar) C:\Users\etem\Downloads\FRST (1).exe
2013-12-06 17:27 - 2013-12-06 17:27 - 00000000 ____D C:\FRST
2013-12-06 17:25 - 2013-11-05 22:36 - 00027744 _____ C:\ProgramData\nvModes.001
2013-12-06 17:25 - 2013-07-07 13:49 - 00000000 ____D C:\Users\etem\AppData\Roaming\Spotify
2013-12-06 17:25 - 2008-01-21 02:35 - 01998178 _____ C:\Windows\WindowsUpdate.log
2013-12-06 17:24 - 2006-11-02 13:47 - 00003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-06 17:24 - 2006-11-02 13:47 - 00003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-06 13:37 - 2013-10-25 20:20 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-06 13:37 - 2013-10-25 20:20 - 00001090 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-06 13:27 - 2013-10-25 20:21 - 00001963 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-06 13:18 - 2013-10-24 16:09 - 00000000 ____D C:\ProgramData\MFAData
2013-12-04 13:36 - 2013-12-04 13:36 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-04 13:35 - 2013-06-04 10:40 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-03 15:16 - 2008-01-21 08:16 - 01445310 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-03 15:13 - 2013-12-03 15:13 - 00055176 _____ C:\Users\etem\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-03 13:48 - 2013-06-04 12:36 - 00090400 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-03 13:42 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-03 13:41 - 2013-12-03 13:41 - 00255168 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-02 21:12 - 2006-11-02 14:01 - 00032572 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-02 21:11 - 2013-12-02 21:11 - 00000206 _____ C:\Users\etem\Documents\cc_20131202_211136.reg
2013-12-02 21:11 - 2013-12-02 21:10 - 00000846 _____ C:\Users\etem\Documents\cc_20131202_211049.reg
2013-12-02 17:28 - 2013-07-07 13:50 - 00000000 ____D C:\Users\etem\AppData\Local\Spotify
2013-12-01 15:40 - 2013-12-01 15:40 - 01092187 _____ (Farbar) C:\Users\etem\Downloads\FRST.exe
2013-12-01 14:15 - 2013-06-07 19:31 - 00000000 ____D C:\Users\etem\Desktop\schule
2013-11-28 20:42 - 2013-11-27 17:31 - 00000000 ____D C:\Users\etem\Desktop\Bewerbung Daimler
2013-11-28 18:01 - 2013-06-11 13:10 - 00000000 ____D C:\Users\etem\AppData\Roaming\Skype
2013-11-27 17:36 - 2013-09-30 21:28 - 00000000 ____D C:\Users\etem\Desktop\Bewerbung
2013-11-27 13:51 - 2013-06-04 10:44 - 00000000 ____D C:\Users\etem\AppData\Roaming\vlc
2013-11-26 17:09 - 2013-10-02 13:23 - 00017408 _____ C:\Users\etem\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-11-26 14:12 - 2013-11-26 14:12 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
2013-11-26 14:12 - 2013-11-26 14:12 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
2013-11-26 14:12 - 2013-10-24 16:27 - 00000858 _____ C:\Users\Public\Desktop\AVG 2014.lnk
2013-11-24 20:46 - 2013-11-11 18:21 - 00001287 _____ C:\Users\etem\Downloads\No Subject.eml
2013-11-19 17:36 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\rescache
2013-11-15 20:37 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\de-DE
2013-11-15 19:58 - 2013-08-29 18:39 - 00000000 ____D C:\Windows\system32\MRT
2013-11-15 19:54 - 2006-11-02 11:24 - 80340640 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-11-14 13:58 - 2013-06-04 12:36 - 00137208 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-11-06 15:46 - 2013-11-05 22:36 - 00027744 _____ C:\ProgramData\nvModes.dat
Some content of TEMP:
====================
C:\Users\etem\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-03 13:48
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- ---
FRST Additions Logfile: Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 06-12-2013
Ran by etem at 2013-12-06 17:29:01
Running from C:\Users\etem\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
==================== Installed Programs ======================
7-Zip 9.20
Adobe Flash Player 11 Plugin (Version: 11.7.700.202)
Adobe Flash Player ActiveX (Version: 9.0.124.0)
Adobe Reader X (10.1.4) - Deutsch (Version: 10.1.4)
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
Atheros WLAN Client (Version: 14.00.0000)
AVG 2014 (Version: 14.0.3658)
AVG 2014 (Version: 14.0.4259)
AVG 2014 (Version: 2014.0.4259)
Avira Free Antivirus (Version: 14.0.1.759)
Bonjour (Version: 3.0.0.10)
CCleaner (Version: 4.06)
EA Download Manager (Version: 5.1.0.4)
FormatFactory 3.2.0.1 (Version: 3.2.0.1)
FUSSBALL MANAGER 10
Google Chrome (Version: 31.0.1650.63)
Google Update Helper (Version: 1.3.22.3)
ImgBurn (Version: 2.5.7.0)
Intel® Matrix Storage Manager
iTunes (Version: 11.0.4.4)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 25.0.1 (x86 de) (Version: 25.0.1)
Mozilla Maintenance Service (Version: 25.0.1)
Nur Entfernen der CopyTrans Suite möglich (HKCU Version: 2.37)
NVIDIA Drivers
NVIDIA HD-Audiotreiber 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.109.718)
OpenOffice.org 3.4.1 (Version: 3.41.9593)
Realtek High Definition Audio Driver (Version: 6.0.1.5605)
Skype™ 6.5 (Version: 6.5.158)
Spotify (HKCU Version: 0.9.6.72.ge389c074)
streamWriter
Synaptics Pointing Device Driver (Version: 10.1.2.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)
Visual Studio 2012 x86 Redistributables (Version: 14.0.0.1)
VLC media player 2.0.6 (Version: 2.0.6)
==================== Restore Points =========================
04-11-2013 18:23:10 Geplanter Prüfpunkt
05-11-2013 21:20:16 DirectX wurde installiert
15-11-2013 18:51:33 Windows Update
30-11-2013 14:01:23 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\System32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {7804B1C6-18D4-4753-96E4-30B2270B4F35} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-10-25] (Google Inc.)
Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => C:\Windows\System32\pla.dll [2008-01-21] (Microsoft Corporation)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\System32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {FA4D656C-C999-470C-96C9-2EB9B9641AF5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-10-25] (Google Inc.)
Task: {FFA5F414-6E58-4320-BF59-BDBC35AFA863} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-09-19] (Piriform Ltd)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-04-21 20:44 - 2013-04-21 20:44 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 01242952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-07-07 13:50 - 2013-11-14 13:56 - 36967424 _____ () C:\Users\etem\AppData\Roaming\Spotify\Data\libcef.dll
2012-08-10 15:51 - 2012-08-10 15:51 - 00985088 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll
2012-08-10 15:50 - 2012-08-10 15:50 - 00170496 _____ () C:\Program Files\OpenOffice.org 3\program\libxslt.dll
2012-08-10 14:13 - 2012-08-10 14:13 - 00043008 _____ () C:\Program Files\OpenOffice.org 3\Basis\program\python-core-2.6.1\lib\_socket.pyd
2013-06-08 12:48 - 2013-06-08 12:48 - 16033160 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll
2013-12-06 13:26 - 2013-12-04 03:48 - 04055504 _____ () C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll
2013-12-06 13:26 - 2013-12-04 03:48 - 00399312 _____ () C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
2013-12-06 13:25 - 2013-12-04 03:47 - 01619408 _____ () C:\Program Files\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
2013-12-06 13:27 - 2013-12-04 03:48 - 13586896 _____ () C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\etem\Desktop\Youtube-Version.mp4:TOC.WMV
AlternateDataStreams: C:\Users\etem\Downloads\No Subject.eml:OECustomProperty
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/06/2013 05:24:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12837681
Error: (12/06/2013 05:24:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12837681
Error: (12/06/2013 05:24:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (12/06/2013 05:24:57 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12835841
Error: (12/06/2013 05:24:57 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12835841
Error: (12/06/2013 05:24:57 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (12/06/2013 01:51:15 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14103
Error: (12/06/2013 01:51:15 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14103
Error: (12/06/2013 01:51:15 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (12/06/2013 01:51:13 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12512
System errors:
=============
Error: (12/03/2013 01:43:05 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058
Error: (12/02/2013 08:20:08 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058
Error: (11/29/2013 01:46:35 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058
Error: (11/28/2013 08:08:44 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058
Error: (11/27/2013 01:30:36 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058
Error: (11/26/2013 08:42:38 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058
Error: (11/26/2013 05:18:22 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058
Error: (11/26/2013 05:15:41 PM) (Source: Service Control Manager) (User: )
Description: 30000avgwd
Error: (11/26/2013 05:15:11 PM) (Source: Service Control Manager) (User: )
Description: 30000avgwd
Error: (11/26/2013 05:11:41 PM) (Source: Service Control Manager) (User: )
Description: 30000avgwd
Microsoft Office Sessions:
=========================
Error: (12/06/2013 05:24:58 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12837681
Error: (12/06/2013 05:24:58 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12837681
Error: (12/06/2013 05:24:58 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (12/06/2013 05:24:57 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12835841
Error: (12/06/2013 05:24:57 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12835841
Error: (12/06/2013 05:24:57 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (12/06/2013 01:51:15 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14103
Error: (12/06/2013 01:51:15 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14103
Error: (12/06/2013 01:51:15 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (12/06/2013 01:51:13 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12512
CodeIntegrity Errors:
===================================
Date: 2013-12-06 17:28:29.205
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-06 17:28:29.064
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-06 17:28:28.893
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-06 17:28:28.721
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-06 17:28:28.393
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\avgidsdriverx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-06 17:28:28.237
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\avgidsdriverx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-06 17:28:28.066
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\avgidsdriverx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-06 17:28:27.863
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\avgidsdriverx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-11-26 14:11:56.646
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SETB1BF.tmp" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-11-26 14:11:56.459
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SETB1BF.tmp" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 57%
Total physical RAM: 3065.88 MB
Available physical RAM: 1295.38 MB
Total Pagefile: 6348.15 MB
Available Pagefile: 4635.16 MB
Total Virtual: 2047.88 MB
Available Virtual: 1902.93 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.88 GB) (Free:39 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Daten) (Fixed) (Total:111 GB) (Free:98.16 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 233 GB) (Disk ID: B6394A61)
Partition 1: (Not Active) - (Size=10 GB) - (Type=27)
Partition 2: (Active) - (Size=112 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=111 GB) - (Type=07 NTFS)
==================== End Of Log ============================
--- --- ---
hoffe kannst etwas mitanfangen und hoffe ist alles dabei. Wenn nicht dann nochmal fragen werde es da versuchen nachzutragen.
Und was soll ich jetzt machen ? |
FRST 32-Bit | FRST 64-Bit