| bodo2211 | 08.07.2015 18:34 |
Frst.txt
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-07-2015
Ran by Frank (administrator) on FRANK-PC on 08-07-2015 19:29:20
Running from D:\Weihachtslieder
Loaded Profiles: Frank (Available Profiles: Frank & Karola & Administrator)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Bitdefender) D:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\vsserv.exe
(O&O Software GmbH) D:\Programme\OO Software\Defrag\oodag.exe
(DEVGURU Co., LTD.) D:\Programme\USB Drivers\25_escape\conn\ss_conn_service.exe
(Bitdefender) D:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\updatesrv.exe
(O&O Software GmbH) D:\Programme\OO Software\Defrag\oodtray.exe
(Bitdefender) D:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\bdagent.exe
(Bitdefender) D:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\bdwtxag.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Mozilla Corporation) D:\Programme\Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [OODefragTray] => D:\Programme\OO Software\Defrag\oodtray.exe [4039496 2010-08-31] (O&O Software GmbH)
HKLM\...\Run: [Bdagent] => D:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\bdagent.exe [1691112 2015-04-06] (Bitdefender)
HKU\S-1-5-21-1882155644-948210159-577086912-1001\...\Run: [Bitdefender-Geldbörse-Agent] => D:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2015-02-25] (Bitdefender)
HKU\S-1-5-21-1882155644-948210159-577086912-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-1882155644-948210159-577086912-1001\...\MountPoints2: E - E:\Start.exe "-cautorun.inf"
HKU\S-1-5-21-1882155644-948210159-577086912-1001\...\MountPoints2: {86bdca55-0313-11e3-8d98-001fd02169be} - G:\LGAutoRun.exe
Startup: C:\Users\Karola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2014-03-22]
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> D:\Programme\Open Office\program\quickstart.exe ()
ShellIconOverlayIdentifiers: [Outpost] -> {33C9E362-3EDA-4930-8AFE-5DA39A8BB77A} => No File
ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => D:\Programme\Bitdefender\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => D:\Programme\Bitdefender\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => D:\Programme\Bitdefender\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => D:\Programme\Bitdefender\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
BootExecute: autocheck autochk * autocheck turegoptOODBS
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1882155644-948210159-577086912-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
SearchScopes: HKU\S-1-5-21-1882155644-948210159-577086912-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1882155644-948210159-577086912-1001 -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=ir_14_16_ff&cd=2XzuyEtN2Y1L1QzutDtDtC0F0DtDtBtCyCzy0C0E0A0FzyzytN0D0Tzu0SzztAzytN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StDzy0EyE0F0E0DtDtGzzyC0CzztG0B0FyE0CtGyEyCtCtAtGtDtC0D0BtCzzzz0EyB0C0DtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0A0A0A0F0F0FzytGyCtByEyBtGzyzz0BtDtG0FyCtA0AtGtBzyyD0EtA0D0AyBtByB0CtA2Q&cr=1754254014&ir=
SearchScopes: HKU\S-1-5-21-1882155644-948210159-577086912-1001 -> {A5DC46DB-43C0-48A1-BA07-EDEE8B679B46} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites02_14_19_ch&cd=2XzuyEtN2Y1L1QzutDtDtC0F0DtDtBtCyCzy0C0E0A0FzyzytN0D0Tzu0SzzyCtCtN1L2XzutBtFtBtDtFzytFtBtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyBtAyDyD0D0DtDtCtGtDyDyC0DtG0E0B0DyCtGzztDyCzztGyB0CtBtAyEyByCyBtAzyzz0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0A0A0A0F0F0FzytGyCtByEyBtGzyzz0BtDtG0FyCtA0AtGtBzyyD0EtA0D0AyBtByB0CtA2Q&cr=2103000973&ir=
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - D:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-02-25] (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - D:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-02-25] (Bitdefender)
Toolbar: HKLM-x32 - TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - D:\Programme\Terratec\ThcDeskBand.dll [2008-11-04] (TerraTec Electronic GmbH)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{3235826C-A0DD-46D3-A52D-D8BA95E04AAC}: [DhcpNameServer] 192.168.178.1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe omiga-plus
FireFox:
========
FF ProfilePath: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ps88bncs.default-1434982572870
FF Homepage: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll [2015-07-05] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-07-05] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Extension: WEB.DE MailCheck - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ps88bncs.default-1434982572870\Extensions\toolbar@web.de [2015-06-22]
FF Extension: Adblock Plus - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ps88bncs.default-1434982572870\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-06-22]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - D:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - D:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\bdtbext [2014-10-28]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - D:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - D:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2014-10-28]
FF HKLM-x32\...\Firefox\Extensions: [fftoolbar2014@etech.com] - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\tyoivdgn.default\extensions\fftoolbar2014@etech.com
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - D:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\bdtbext
StartMenuInternet: FIREFOX.EXE - D:\Programme\Firefox\firefox.exe
Chrome:
=======
CHR Profile: C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-01]
CHR Extension: (Google Drive) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-01]
CHR Extension: (YouTube) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-01]
CHR Extension: (Adblock Plus) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-01]
CHR Extension: (Google Search) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-01]
CHR Extension: (Save to Google Drive) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2014-05-01]
CHR Extension: (Tabs to the front!) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjaooagfdhdhmbfchnkhggjmacjlacla [2014-05-01]
CHR Extension: (WEB.DE MailCheck) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaogepninmlbinccpbiakcgiolijlllo [2014-05-02]
CHR Extension: (Downloads) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi [2014-05-04]
CHR Extension: (Google Wallet) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-01]
CHR Extension: (Gmail) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-01]
CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - https://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BdDesktopParental; D:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2015-01-25] (Bitdefender)
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15125280 2013-11-14] (NVIDIA Corporation)
R2 OODefragAgent; D:\Programme\OO Software\Defrag\oodag.exe [3060040 2010-08-31] (O&O Software GmbH)
S4 SafeBox; D:\Programme\Bitdefender\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
R2 ss_conn_service; D:\Programme\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
R2 UPDATESRV; D:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-11-24] (Bitdefender)
R2 VSSERV; D:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\vsserv.exe [1547936 2015-04-06] (Bitdefender)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AF15BDA; C:\Windows\System32\DRIVERS\AF15BDA.sys [370528 2013-02-14] (AfaTech )
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [30720 2014-10-10] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [37376 2014-10-10] (LG Electronics Inc.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1306464 2015-02-25] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [262544 2015-02-25] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [677104 2015-02-25] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2015-02-25] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107080 2012-10-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2015-02-25] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender)
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2015-03-31] (Sony Mobile Communications)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160544 2015-04-06] (BitDefender LLC)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-11-14] (NVIDIA Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2013-05-20] () [File not signed]
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-11-24] (BitDefender S.R.L.)
S3 andnetadb; System32\Drivers\lgandnetadb.sys [X]
S3 andnetndis; system32\DRIVERS\lgandnetndis64.sys [X]
U1 bdselfpr; \??\D:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\bdselfpr.sys
S3 CrystalSysInfo; \??\D:\Programme\MediaCoder\SysInfoX64.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-08 19:29 - 2015-07-08 19:29 - 00000000 ____D C:\FRST
2015-07-08 18:55 - 2015-07-08 18:55 - 00000056 _____ C:\Windows\setupact.log
2015-07-08 18:55 - 2015-07-08 18:55 - 00000000 _____ C:\Windows\setuperr.log
2015-07-01 21:20 - 2015-07-07 18:17 - 00000153 _____ C:\Users\Frank\Desktop\Motorradsachen.txt
2015-06-27 19:16 - 2015-06-27 19:18 - 00000000 ____D C:\ProgramData\EasyMP3Downloader
2015-06-27 19:16 - 2015-06-27 19:16 - 00000000 ____D C:\Users\Frank\AppData\Roaming\EasyMP3Downloader
2015-06-27 16:01 - 2015-06-27 16:01 - 00000000 ____D C:\Users\Frank\Downloads\Anleitung_mit_Bildern
2015-06-27 15:51 - 2015-06-27 15:51 - 01018166 _____ C:\Users\Frank\Downloads\meta.txt
2015-06-22 18:30 - 2015-06-22 18:30 - 02870984 _____ (ESET) C:\Users\Frank\Downloads\esetsmartinstaller_deu.exe
2015-06-22 18:30 - 2015-06-22 18:30 - 00000000 ____D C:\Program Files (x86)\ESET
2015-06-22 16:30 - 2015-06-22 16:30 - 00390776 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\TrufosAlt.sys
2015-06-22 16:29 - 2015-06-22 16:30 - 18638048 _____ (Bitdefender LLC) C:\Users\Frank\Downloads\BitdefenderRemovalPoweliks_v3.exe
2015-06-22 16:16 - 2015-06-22 16:16 - 00000000 ____D C:\Users\Frank\Desktop\Alte Firefox-Daten
2015-06-17 21:19 - 2015-06-17 21:19 - 00013407 _____ C:\Users\Frank\Desktop\Motorradkleidung.odt
2015-06-13 14:52 - 2015-06-13 14:52 - 00012538 _____ C:\Users\Frank\Desktop\Anschreiben Vermieter.odt
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-08 19:21 - 2015-04-07 15:41 - 00373355 _____ C:\Windows\WindowsUpdate.log
2015-07-08 19:13 - 2014-02-24 20:11 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-08 19:02 - 2009-07-14 06:45 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-08 19:02 - 2009-07-14 06:45 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-08 19:00 - 2014-02-24 20:11 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-08 18:59 - 2009-07-14 19:58 - 00696620 _____ C:\Windows\system32\perfh007.dat
2015-07-08 18:59 - 2009-07-14 19:58 - 00147916 _____ C:\Windows\system32\perfc007.dat
2015-07-08 18:59 - 2009-07-14 07:13 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-08 18:55 - 2013-11-20 16:12 - 00836109 _____ C:\Windows\system32\oodbs.lor
2015-07-08 18:55 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-07 17:53 - 2014-03-19 10:18 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-05 20:45 - 2014-10-16 18:47 - 00000000 ____D C:\Users\Frank\AppData\Local\Adobe
2015-07-05 20:45 - 2014-03-19 10:18 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-05 20:45 - 2013-03-08 14:17 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-05 20:45 - 2013-03-08 14:17 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-01 21:09 - 2015-05-31 12:57 - 00001009 _____ C:\Users\Frank\Desktop\Media Player Classic - HC.lnk
2015-07-01 21:09 - 2013-03-09 14:36 - 00000866 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-07-01 18:08 - 2013-03-08 17:06 - 00001313 _____ C:\Users\Frank\AppData\Roaming\burnaware.ini
2015-07-01 18:03 - 2013-03-08 17:03 - 00000695 _____ C:\Users\Public\Desktop\BurnAware Free.lnk
2015-07-01 18:03 - 2013-03-08 17:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnAware Free
2015-06-23 18:10 - 2013-12-28 22:22 - 00037151 _____ C:\Windows\Q-Dir.ini
2015-06-22 19:38 - 2013-06-01 13:12 - 00000000 ____D C:\ProgramData\SearchNewTab
2015-06-19 18:12 - 2013-03-09 14:36 - 00000000 ____D C:\Program Files\CCleaner
2015-06-18 17:15 - 2013-08-09 12:26 - 00000000 ____D C:\Users\Karola\Downloads\Bitdefender Safepay
2015-06-10 18:04 - 2015-03-31 16:59 - 00000000 ____D C:\Users\Frank\AppData\Local\CrashDumps
==================== Files in the root of some directories =======
2015-01-25 18:12 - 2015-02-10 19:39 - 0000365 _____ () C:\Users\Frank\AppData\Roaming\ACQUPTNI
2013-03-08 17:06 - 2015-07-01 18:08 - 0001313 _____ () C:\Users\Frank\AppData\Roaming\burnaware.ini
2015-01-25 18:12 - 2015-02-10 19:44 - 0001171 _____ () C:\Users\Frank\AppData\Roaming\VXXIJS
2015-02-10 18:53 - 2015-02-10 18:53 - 0354952 _____ (AnySend.com) C:\Users\Frank\AppData\Local\nsc3BA7.tmp
2014-10-28 17:41 - 2014-10-28 17:41 - 0977390 _____ () C:\ProgramData\1414509160.bdinstall.bin
2014-11-27 11:00 - 2014-11-27 11:00 - 0447520 _____ () C:\ProgramData\1417078353.bdinstall.bin
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-26 18:12
==================== End of log ============================
--- --- ---
Addition.txtFRST Additions Logfile:
[CODE]Additional
FRST Logfile: Code:
scan result of Farbar Recovery Scan Tool (x64) Version:05-07-2015
Ran by Frank at 2015-07-08 19:29:57
Running from D:\Weihachtslieder
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1882155644-948210159-577086912-500 - Administrator - Enabled) => C:\Users\Administrator
Frank (S-1-5-21-1882155644-948210159-577086912-1001 - Administrator - Enabled) => C:\Users\Frank
Gast (S-1-5-21-1882155644-948210159-577086912-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1882155644-948210159-577086912-1002 - Limited - Enabled)
Karola (S-1-5-21-1882155644-948210159-577086912-1003 - Limited - Enabled) => C:\Users\Karola
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Advanced Renamer (HKLM-x32\...\Advanced Renamer_is1) (Version: 3.54 - Hulubulu Software)
AllDup 3.4.24 (HKLM-x32\...\AllDup_is1) (Version: 3.4.24 - Michael Thummerer Software Design)
Ant Renamer (HKLM-x32\...\Ant Renamer 2_is1) (Version: 2.10.0 - Ant Software)
Assassin's Creed III (HKLM-x32\...\Assassin's Creed III_is1) (Version: - )
Audio 180% (HKLM-x32\...\Audio 180%) (Version: - Franzis Verlag Gmbh)
Bitdefender Total Security 2015 (HKLM\...\Bitdefender) (Version: 18.17.0.1227 - Bitdefender)
BurnAware Free 8.2 (HKLM-x32\...\BurnAware Free_is1) (Version: - Burnaware)
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
Cinergy T Stick Driver Installation (64 Bit) (HKLM-x32\...\{1F64A9D9-1014-4703-9AB3-D40186EC1FD9}) (Version: 8.08.18.01 - TERRATEC Electronic GmbH)
ClipGrab 3.4.11 (HKLM-x32\...\{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1) (Version: - Philipp Schmieder Medien)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Everything 1.2.1.371 (HKLM-x32\...\Everything) (Version: - )
Freemake Video Converter Version 4.1.2 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.2 - Ellora Assets Corporation)
furnplan GWINNER (HKLM-x32\...\furnplan GWINNER) (Version: 2014.3.0 - D+H Software GmbH)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.23.20150119 - LG Electronics)
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4e2a-80D2-1D0FF6ACBFBA}) (Version: 3.13.2.0 - LG Electronics)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
MP3-DJ 11.7.0 (HKLM-x32\...\MP3-DJ_is1) (Version: - Torsten Hoffmann)
Mp3tag v2.55 (HKLM-x32\...\Mp3tag) (Version: v2.55 - Florian Heidenreich)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 331.82 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.82 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.7.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.7.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.82 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.9 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.9 - NVIDIA Corporation)
O&O Defrag Professional (HKLM\...\{DF54E1D5-B4A3-4F94-B018-75529AB97682}) (Version: 14.0.167 - O&O Software GmbH)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Q-Dir (HKLM-x32\...\Q-Dir) (Version: - )
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Recuva (HKLM\...\Recuva) (Version: 1.49 - Piriform)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
SHIELD Streaming (Version: 1.6.53 - NVIDIA Corporation) Hidden
StreamTransport version: 1.1.1.1 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version: - )
TERRATEC CINERGY T USB XE (64 Bit) (HKLM-x32\...\{D1B0534F-A031-4325-809A-CE8D54081561}) (Version: 6.11.23.01 - TERRATEC)
TERRATEC CINERGY T USB XE MKII (64 Bit) (HKLM-x32\...\{15B644D2-BB50-45AE-95E6-7717B15181E7}) (Version: 6.09.28.05 - TERRATEC)
TerraTec Home Cinema (HKLM-x32\...\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}) (Version: 5.118.0 - )
TimeComX Basic (64-Bit) (HKLM-x32\...\TimeComX Basic 64-Bit) (Version: 1.3.2.7 - Bitdreamers)
VLC media player 2.1.0-pre1 (HKLM\...\VLC media player) (Version: 2.1.0-pre1 - VideoLAN)
Windows-Treiberpaket - TERRATEC (AF05BDA) Media (05/07/2009 6.11.23.1) (HKLM\...\B2859FF1982D9A64F88CE2910EBF2F978172ED5A) (Version: 05/07/2009 6.11.23.1 - TERRATEC )
Windows-Treiberpaket - TERRATEC (AF15BDA) Media (09/17/2009 6.9.28.5) (HKLM\...\430A686A491BA2CF5123106A821772D4CFD2F3DE) (Version: 09/17/2009 6.9.28.5 - TERRATEC )
Windows-Treiberpaket - TerraTec (AF9035BDA) Media (05/18/2009 8.08.18.01) (HKLM\...\097FFCDCC4FD60E5718889F1A1C7F15458FD6845) (Version: 05/18/2009 8.08.18.01 - TerraTec )
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WISO Steuer-Sparbuch 2013 (HKLM-x32\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.00.8137 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2014 (HKLM-x32\...\{932AC37A-E3EB-4E54-BF89-D6656BFD43E2}) (Version: 21.01.8499 - Buhl Data Service GmbH)
X Codec Pack (HKLM\...\X Codec Pack) (Version: 2.7.2 - X Codec Pack team)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
13-06-2015 16:09:42 Geplanter Prüfpunkt
27-06-2015 10:30:36 Geplanter Prüfpunkt
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2011-10-14 16:53 - 2015-01-04 16:16 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 secure.tune-up.com
0.0.0.0 stats.hamrick.com static.hamrick.com VueScan Scanner Software for Windows, Mac OS X and Linux
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0E0C0BA4-C091-4633-86F6-231E155D1C3E} - System32\Tasks\zufap3002 => C:\PROGRA~3\TabNav\zufap3002.exe
Task: {16F82F1B-1CF0-43BC-9463-43664BE6D7AF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-24] (Google Inc.)
Task: {3A353E24-2699-4669-829F-EE87832638DA} - System32\Tasks\{D866192E-6495-44B7-9154-81B18460775D} => pcalua.exe -a C:\Users\Frank\AppData\Roaming\omiga-plus\UninstallManager.exe -c -ptid=obw <==== ATTENTION
Task: {49A94A2D-A401-4C20-B8F6-B43BB3374F88} - System32\Tasks\{2B233675-7C35-4AE9-8042-8ABBD955FFB3} => pcalua.exe -a "G:\Programme\Datenrettung O_O_MediaRecovery_v4\O_O_MediaRecovery_v4\Portable O&O MediaRecovery v4\Portable O&O MediaRecovery.exe" -d "G:\Programme\Datenrettung O_O_MediaRecovery_v4\O_O_MediaRecovery_v4\Portable O&O MediaRecovery v4"
Task: {6BE7BD76-C01F-4DC4-AF1A-A3FC61413574} - System32\Tasks\YourFile DownloaderUpdate => C:\Program Files (x86)\YourFileDownloader Updater\YourFileUpdater.exe <==== ATTENTION
Task: {6CA359E0-48DE-46DA-A682-4265531DECBC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)
Task: {946B5285-E903-4409-A852-F6FD54CA45C4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-24] (Google Inc.)
Task: {E7C0F727-5B8A-45A2-881A-710BB355CA50} - System32\Tasks\{6FA060D8-1FE6-416F-8D37-7F3372A575C9} => pcalua.exe -a D:\Weihachtslieder\B2CAppSetup.exe -d D:\Weihachtslieder
Task: {F8407572-F64E-4EF0-95C1-3DD6D89269BA} - System32\Tasks\{B7DA32C6-8198-49AF-9E44-07791CFF5D84} => pcalua.exe -a C:\Users\Frank\Downloads\SAMSUNG_Android_USB_Composite_Device_Driver_5.28.2.1\20432031_3a09fd011e0662e5bb9e781445a5c11e5f436ac6\Setup.exe -d C:\Users\Frank\Downloads\SAMSUNG_Android_USB_Composite_Device_Driver_5.28.2.1\20432031_3a09fd011e0662e5bb9e781445a5c11e5f436ac6
Task: {F8CE2732-FB55-47D4-97A4-5DE5C21E5C46} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-05] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2014-10-28 17:39 - 2014-08-27 17:31 - 00265080 _____ () D:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\txmlutil.dll
2014-10-28 17:39 - 2013-09-03 15:29 - 00101328 _____ () D:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\bdmetrics.dll
2014-10-28 17:39 - 2014-10-15 13:08 - 00003072 _____ () D:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\UI\accessl.ui
2014-10-28 17:39 - 2012-10-29 15:22 - 00152816 _____ () D:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\bdfwcore.dll
2015-05-06 15:13 - 2015-05-06 15:13 - 00790368 _____ () D:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\otengines_00350_005\ashttpbr.mdl
2015-05-06 15:13 - 2015-05-06 15:13 - 00711064 _____ () D:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\otengines_00350_005\ashttpdsp.mdl
2015-05-06 15:13 - 2015-05-06 15:13 - 02683520 _____ () D:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\otengines_00350_005\ashttpph.mdl
2015-05-06 15:13 - 2015-05-06 15:13 - 01326504 _____ () D:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\otengines_00350_005\ashttprbl.mdl
2014-01-27 20:41 - 2011-04-11 07:26 - 00034304 _____ () C:\Windows\System32\spe__l.dll
2015-05-04 21:25 - 2015-05-04 21:25 - 00055576 _____ () C:\Program Files\CCleaner\branding.dll
2015-05-08 20:50 - 2015-05-08 20:50 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows\nvcuvid.dll:BDU
AlternateDataStreams: C:\Users\Frank\Downloads\ChromeSetup.exe:BDU
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1882155644-948210159-577086912-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: SafeBox => 2
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: V-bates Updater => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO.lnk => C:\Windows\pss\PHOTOfunSTUDIO.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WISO Mein Steuer-Sparbuch heute.lnk => C:\Windows\pss\WISO Mein Steuer-Sparbuch heute.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Frank^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: APSDaemon =>
MSCONFIG\startupreg: Bitdefender-Geldbörse-Agent => "D:\Programme\Bitdefender\Bitdefender\Bitdefender 2015\bdwtxag.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Everything => "D:\Programme\Dateisuche\Everything\Everything.exe" -startup
MSCONFIG\startupreg: IminentMessenger =>
MSCONFIG\startupreg: NextLive => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Frank\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
MSCONFIG\startupreg: Nvtmru => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/08/2015 07:00:27 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (07/02/2015 04:59:12 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (06/27/2015 10:33:02 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (06/26/2015 06:13:44 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (06/26/2015 06:13:40 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (06/25/2015 05:18:15 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (06/24/2015 03:41:51 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (06/24/2015 03:41:51 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.
Kontext: Windows Anwendung
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (06/24/2015 03:41:51 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (06/24/2015 03:41:51 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Element nicht gefunden. (HRESULT : 0x80070490) (0x80070490)
System errors:
=============
Error: (07/08/2015 07:00:18 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147023143.
Error: (07/07/2015 04:12:47 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error: (07/07/2015 04:12:46 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error: (07/07/2015 04:12:45 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error: (07/07/2015 04:12:45 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error: (07/07/2015 04:12:43 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147023143.
Error: (07/06/2015 04:15:17 PM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )
Description: Der Speicher wurde beim letzten Leistungsübergang des Systems von der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte Firmware verfügbar ist.
Error: (07/06/2015 03:57:29 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147023143.
Error: (07/05/2015 08:43:22 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147023143.
Error: (07/02/2015 09:56:42 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147023143.
Microsoft Office:
=========================
Error: (07/08/2015 07:00:27 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestD:\Programme\LG PC Suite\LGPCSuite.exe
Error: (07/02/2015 04:59:12 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestD:\Programme\LG PC Suite\LGPCSuite.exe
Error: (06/27/2015 10:33:02 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Frank\Downloads\esetsmartinstaller_deu.exe
Error: (06/26/2015 06:13:44 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestd:\programme\lg pc suite\LGPCSuite.exe
Error: (06/26/2015 06:13:40 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
Error: (06/25/2015 05:18:15 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Frank\Downloads\esetsmartinstaller_deu.exe
Error: (06/24/2015 03:41:51 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description:
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (06/24/2015 03:41:51 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontext: Windows Anwendung
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (06/24/2015 03:41:51 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (06/24/2015 03:41:51 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Element nicht gefunden. (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer
CodeIntegrity Errors:
===================================
Date: 2013-03-09 13:24:33.234
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Programme\Bitdefender\Bitdefender 2013\active virus control\avc3_000_001\avcuf64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-03-09 13:01:55.501
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Programme\Bitdefender\Bitdefender 2013\active virus control\avc3_000_001\avcuf64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Quad CPU Q9550 @ 2.83GHz
Percentage of memory in use: 44%
Total physical RAM: 4094.49 MB
Available physical RAM: 2263.51 MB
Total Virtual: 8187.16 MB
Available Virtual: 5967.11 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:127.99 GB) (Free:95.49 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:239.89 GB) (Free:174.2 GB) NTFS
Drive f: () (Fixed) (Total:97.88 GB) (Free:19.9 GB) NTFS
Drive g: (TOSHIBA EXT) (Fixed) (Total:931.41 GB) (Free:673.48 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 00000001)
Partition 1: (Active) - (Size=128 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=239.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=97.9 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 1A44C7A2)
Partition 1: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
==================== End of log ============================
--- --- ---
--- --- --- |
FRST 32-Bit | FRST 64-Bit