tom_sverige | 09.03.2015 20:11 | Hallo,
hier kommt's...
---snip
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-03-2015 03
Ran by win_8 (administrator) on WIN8 on 09-03-2015 19:40:19
Running from C:\Users\win_8\Desktop
Loaded Profiles: win_8 (Available profiles: win_8)
Platform: Windows 8 (X64) OS Language: Svenska (Sverige)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(VMLite, Inc.) C:\Program Files\VMLite\VMLite Workstation\VMLiteService.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.17074_none_6233bc1f5106b696\TiWorker.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13261456 2012-11-29] (Realtek Semiconductor)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2565544 2012-10-31] ()
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)
HKLM\...\Run: [SRS Premium Sound HD] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2172816 2012-10-22] (SRS Labs, Inc.)
HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-12-18] (Intel Corporation)
HKLM-x32\...\Run: [TPUReg] => C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe [7152640 2012-12-05] (Pegatron Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [UVS10 Preload] => C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe [36864 2006-08-10] (Ulead Systems, Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1609830323-765120689-1541722825-1001\...\MountPoints2: {0ac73d10-de8d-11e2-be87-7c05077950e8} - "E:\WD SmartWare.exe" autoplay=true
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1609830323-765120689-1541722825-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-1609830323-765120689-1541722825-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com
SearchScopes: HKU\S-1-5-21-1609830323-765120689-1541722825-1001 -> DefaultScope {C959D6CA-DD06-4623-BC24-B1A330093942} URL =
SearchScopes: HKU\S-1-5-21-1609830323-765120689-1541722825-1001 -> {C959D6CA-DD06-4623-BC24-B1A330093942} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-11-04] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-11-04] (Oracle Corporation)
Handler-x32: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\win_8\AppData\Roaming\Mozilla\Firefox\Profiles\w750w0hr.default
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-21] ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-11-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-11-04] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-21] ()
FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=6.1.0.18 -> C:\Program Files (x86)\BankID\npBispBrowser.dll [2014-11-27] (Finansiell ID-Teknik BID AB)
FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=6.2.5.1 -> C:\Program Files (x86)\BankID\npBispBrowser.dll [2014-11-27] (Finansiell ID-Teknik BID AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-06-07] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-05-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-09-05] (Adobe Systems Inc.)
FF Extension: DownloadHelper - C:\Users\win_8\AppData\Roaming\Mozilla\Firefox\Profiles\w750w0hr.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-06]
FF Extension: 1-Click YouTube Video Downloader - C:\Users\win_8\AppData\Roaming\Mozilla\Firefox\Profiles\w750w0hr.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2015-02-20]
FF Extension: NoScript - C:\Users\win_8\AppData\Roaming\Mozilla\Firefox\Profiles\w750w0hr.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-04-03]
FF Extension: Adblock Plus - C:\Users\win_8\AppData\Roaming\Mozilla\Firefox\Profiles\w750w0hr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-06-24]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-18] (Avira Operations GmbH & Co. KG)
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe [156672 2011-10-13] () [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201872 2012-12-05] (Realtek Semiconductor)
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [72512 2013-12-09] (IObit)
R3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-07-18] (Toshiba Europe GmbH)
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-09-29] (Ulead Systems, Inc.) [File not signed]
R2 VMLiteService; C:\Program Files\VMLite\VMLite Workstation\VMLiteService.exe [426600 2010-08-21] (VMLite, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131608 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-28] (Avira Operations GmbH & Co. KG)
S3 ffusb2audio; C:\Windows\system32\DRIVERS\ffusb2audio.sys [127280 2013-09-25] (Focusrite Audio Engineering Limited.)
S3 MUSONIK_PHASE_X64_USB; C:\Windows\System32\Drivers\msnkphsu.sys [460352 2009-11-13] (Ploytec GmbH)
S3 MUSONIK_PHASE_X64_WDM; C:\Windows\system32\drivers\msnkphsa.sys [49216 2009-11-13] (Ploytec GmbH)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 RTL8192Ce; C:\Windows\system32\DRIVERS\rtwlane.sys [1498256 2012-08-29] (Realtek Semiconductor Corporation )
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1498256 2012-08-29] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31032 2012-11-29] (Synaptics Incorporated)
S3 StkCMini; C:\Windows\System32\Drivers\StkCMini.sys [1816968 2010-04-16] (Syntek)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows (R) Win 7 DDK provider)
R1 VBoxDrv; C:\Windows\System32\drivers\VBoxDrv.sys [204328 2010-08-11] (VMLite, Inc.)
R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [146216 2010-08-11] (VMLite, Inc.)
R3 VBoxNetFlt; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [165800 2010-08-11] (VMLite, Inc.)
R1 vmlitedrv; C:\Windows\System32\drivers\vmlitedrv.sys [14952 2010-08-03] (VMLite, Inc.)
R3 vmlitestor; C:\Windows\system32\DRIVERS\vmlitestor.sys [177768 2010-08-11] (VMLite, Inc.)
R1 VMLiteUSBMon; C:\Windows\System32\drivers\vmliteusbmon.sys [135272 2010-08-18] (VMLite, Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-09 19:40 - 2015-03-09 19:41 - 00014809 _____ () C:\Users\win_8\Desktop\FRST.txt
2015-03-09 19:40 - 2015-03-09 19:40 - 00000000 ____D () C:\FRST
2015-03-09 19:38 - 2015-03-09 19:38 - 02095104 _____ (Farbar) C:\Users\win_8\Desktop\FRST64.exe
2015-03-08 15:14 - 2015-03-08 15:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-27 21:29 - 2015-02-27 21:29 - 00000000 ____D () C:\Users\win_8\Documents\Mina webbplatser
2015-02-14 09:54 - 2015-02-14 09:56 - 00000000 ____D () C:\Users\win_8\.mediathek3
2015-02-14 09:49 - 2015-02-14 09:51 - 31470563 _____ () C:\Users\win_8\Downloads\MediathekView_8.zip
2015-02-13 19:44 - 2015-02-13 19:44 - 00000000 ____D () C:\Users\win_8\AppData\Local\pirateplay
2015-02-13 19:43 - 2015-02-13 19:43 - 00000000 ____D () C:\Users\win_8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pirateplayer
2015-02-13 19:43 - 2015-02-13 19:43 - 00000000 ____D () C:\Program Files (x86)\Pirateplayer
2015-02-13 19:42 - 2015-02-13 19:43 - 28896608 _____ () C:\Users\win_8\Downloads\ppinstaller_-_v0_5_0.exe
2015-02-10 22:32 - 2015-02-10 22:36 - 17520650 _____ () C:\Users\win_8\Downloads\JayB_VSynth.zip
2015-02-10 22:31 - 2015-02-10 22:32 - 00254541 _____ () C:\Users\win_8\Downloads\JayB_QY100.zip
2015-02-10 22:30 - 2015-02-10 22:30 - 00243017 _____ () C:\Users\win_8\Downloads\JayB_MotifES(1).zip
2015-02-10 22:30 - 2015-02-10 22:30 - 00100324 _____ () C:\Users\win_8\Downloads\JayB_PLG150AN.zip
2015-02-10 22:29 - 2015-02-10 22:29 - 00232611 _____ () C:\Users\win_8\Downloads\JayB_S80.zip
2015-02-10 22:29 - 2015-02-10 22:29 - 00024114 _____ () C:\Users\win_8\Downloads\JayB_AN1x.zip
2015-02-10 22:21 - 2015-02-10 22:21 - 00000000 ____D () C:\Users\win_8\Downloads\JayB_Effects
2015-02-10 22:20 - 2015-02-10 22:20 - 00243017 _____ () C:\Users\win_8\Downloads\JayB_MotifES.zip
2015-02-10 21:40 - 2015-02-10 21:54 - 65956150 _____ () C:\Users\win_8\Downloads\JayB_Effects.zip
2015-02-08 15:06 - 2013-10-01 09:41 - 00000000 ____D () C:\UBIOS
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-09 19:00 - 2012-07-26 09:12 - 00000000 ____D () C:\windows\system32\sru
2015-03-09 18:42 - 2015-02-05 18:03 - 01073229 _____ () C:\windows\WindowsUpdate.log
2015-03-09 17:12 - 2012-07-26 08:59 - 00000000 ____D () C:\windows\CbsTemp
2015-03-08 23:45 - 2014-03-03 18:07 - 00168111 _____ () C:\MyXML.xml
2015-03-08 23:44 - 2013-07-15 09:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-08 23:44 - 2012-07-26 08:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-03-08 22:04 - 2013-06-24 19:53 - 00000000 ____D () C:\Users\win_8\AppData\Roaming\Skype
2015-03-08 20:18 - 2014-03-09 19:17 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-08 20:18 - 2013-06-24 19:53 - 00000000 ____D () C:\ProgramData\Skype
2015-03-08 19:15 - 2013-07-01 08:32 - 00000000 ___RD () C:\download
2015-03-02 18:32 - 2012-08-02 01:02 - 00712522 _____ () C:\windows\system32\perfh01D.dat
2015-03-02 18:32 - 2012-08-02 01:02 - 00148908 _____ () C:\windows\system32\perfc01D.dat
2015-03-02 18:32 - 2012-08-02 00:55 - 00440762 _____ () C:\windows\system32\perfh014.dat
2015-03-02 18:32 - 2012-08-02 00:55 - 00076914 _____ () C:\windows\system32\perfc014.dat
2015-03-02 18:32 - 2012-08-02 00:48 - 00426314 _____ () C:\windows\system32\perfh00B.dat
2015-03-02 18:32 - 2012-08-02 00:48 - 00081450 _____ () C:\windows\system32\perfc00B.dat
2015-03-02 18:32 - 2012-08-02 00:41 - 00455676 _____ () C:\windows\system32\perfh006.dat
2015-03-02 18:32 - 2012-08-02 00:41 - 00079422 _____ () C:\windows\system32\perfc006.dat
2015-03-02 18:32 - 2012-07-26 08:28 - 03259898 _____ () C:\windows\system32\PerfStringBackup.INI
2015-02-27 20:12 - 2013-09-10 17:06 - 00000000 ____D () C:\audio
2015-02-21 14:12 - 2013-06-24 18:32 - 00000000 ____D () C:\Users\win_8\AppData\Local\Adobe
2015-02-15 00:50 - 2014-08-25 17:22 - 00000000 ____D () C:\Users\win_8\Desktop\video
2015-02-14 13:38 - 2014-08-25 16:56 - 00000000 ____D () C:\video
2015-02-14 12:44 - 2013-06-26 18:28 - 00000000 ____D () C:\Users\win_8\AppData\Roaming\vlc
2015-02-14 11:29 - 2013-09-07 22:54 - 00000000 ____D () C:\fuji_3d
2015-02-14 09:54 - 2013-06-24 17:23 - 00000000 ____D () C:\Users\win_8
2015-02-11 23:18 - 2013-08-11 15:16 - 00000000 ____D () C:\1000d
2015-02-08 15:07 - 2014-04-23 20:28 - 00000023 _____ () C:\model.bat
==================== Files in the root of some directories =======
2013-06-26 18:27 - 2013-06-26 18:27 - 0000027 _____ () C:\Program Files\plugins.dat
Some content of TEMP:
====================
C:\Users\ADMINI~1\AppData\Local\Temp\PresentationCore.dll
C:\Users\ADMINI~1\AppData\Local\Temp\PresentationFramework.dll
C:\Users\ADMINI~1\AppData\Local\Temp\ReachFramework.dll
C:\Users\ADMINI~1\AppData\Local\Temp\UIAutomationProvider.dll
C:\Users\ADMINI~1\AppData\Local\Temp\UIAutomationTypes.dll
C:\Users\ADMINI~1\AppData\Local\Temp\WindowsBase.dll
C:\Users\ADMINI~1\AppData\Local\Temp\WindowsFormsIntegration.dll
C:\Users\win_8\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-08 15:54
==================== End Of Log ============================ --- --- ---
---snip
und hier addition
---snip Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-03-2015 03
Ran by win_8 at 2015-03-09 19:41:26
Running from C:\Users\win_8\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.04) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.04 - Adobe Systems Incorporated)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
BankID säkerhetsprogram (HKLM-x32\...\{4B2557F9-8C03-4BE7-9984-4DE525076580}) (Version: 6.2.5.1 - Finansiell ID-Teknik BID AB)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.13.0.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.03 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Compatibility Pack för Office 2007-systemet (HKLM-x32\...\{90120000-0020-041D-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
DVBT Driver (x32 Version: 1.1.3.1 - ) Hidden
Empress of the Deep - The Darkest Secret (x32 Version: 2.2.0.98 - WildTangent) Hidden
ffdshow v1.3.4515 [2013-06-12] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4515.0 - )
Focusrite USB 2.0 Audio Driver 2.5.1 (HKLM\...\Focusrite USB 2.0 Audio Driver_is1) (Version: 2.5.1 - Focusrite Audio Engineering Limited.)
Fre(a)koscope (HKLM-x32\...\Fre(a)koscope_is1) (Version: 0.8 beta - Mdsp @ Smartelectronix)
Intel AppUp(R) center (HKLM-x32\...\Intel AppUp(R) center 41663) (Version: 3.8.0.41663.61 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2875 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java SE Development Kit 7 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Microsoft Office 2000 Premium (HKLM-x32\...\{0000041D-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0409-0000-0000000FF1CE}) (Version: 12.0.6219.1000 - Microsoft Corporation)
Microsoft RichCopy 4.0 (HKLM-x32\...\{86F4F32B-77C7-4951-B33C-05D41A8190C1}) (Version: 4.0.211 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Mozilla Firefox 36.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 de)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MPC-HC 1.7.5 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.5 - MPC-HC Team)
NetBeans IDE 7.4 (HKLM\...\nbi-nb-base-7.4.0.0.201310111528) (Version: 7.4 - NetBeans.org)
Passbild-Generator v3.6b (HKLM-x32\...\Passbild-Generator_is1) (Version: - Passbild-Generator)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
PHASE X64 USB (HKLM\...\USB_AUDIO_DEusb-audio.dePhaseX64USB) (Version: - )
Pirateplayer (HKLM-x32\...\Pirateplayer) (Version: - )
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Premium Sound HD (HKLM\...\{000A208E-1050-4181-AC37-E13DA9254B73}) (Version: 1.12.6000 - DTS, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6794 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0020 - REALTEK Semiconductor Corp.)
SeaTools for Windows (HKLM-x32\...\SeaTools for Windows) (Version: - Seagate Technology)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 1.4.0.0 - IObit)
Steinberg Cubase 5 (HKLM-x32\...\{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}) (Version: 5.1.0 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 1.0.0.1 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg HALionOne (HKLM-x32\...\{E70E7159-93B1-470D-9FBD-D8E9EF34B538}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Additional Content Set 01 (HKLM-x32\...\{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}) (Version: 1.0.0.001 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Expression Set (HKLM-x32\...\{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}) (Version: 1.0.1.0 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Drum Set (HKLM-x32\...\{AC997F93-0757-4ED4-A701-F40C2D654D09}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Set (HKLM-x32\...\{F057965A-D974-4C64-ADB1-4381CD4B8956}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Pro Set (HKLM-x32\...\{D82CDA0D-C182-42C8-8FF2-5649C98D6003}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Drum Set (HKLM-x32\...\{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Set (HKLM-x32\...\{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 1.0.0.005 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 1.0.0.006 - Steinberg Media Technologies GmbH)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.4.0 - Synaptics Incorporated)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.00.08.6402 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.0.6415 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6626.6410 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}) (Version: 2.00.973 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.8.17.640104 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.1.54043006 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.2.00 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM\...\{B8C8422F-01F1-4791-B084-047AAFF9BFCC}) (Version: 2.4.4 - TOSHIBA)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0015 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0002.32002 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.6.0 - Toshiba Europe GmbH)
Ulead VideoStudio SE DVD (HKLM-x32\...\{8F8D9297-FDD2-405A-97E7-E52C7B2F97B3}) (Version: 10.0 - Ulead Systems)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
USB2.0 Grabber (HKLM-x32\...\{45518B6D-9DDF-4144-83E4-A56762524F35}) (Version: 7.12.000.002 - Youyan)
USB2.0 Grabber (HKLM-x32\...\USB2.0 Grabber) (Version: - )
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
Visual Analyser 2011 (HKLM-x32\...\{BE2F9F39-9512-4DFD-A412-0355A2FE66D3}) (Version: 14.0.0.19 - Alfredo Accattatis)
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
VMLite Workstation (HKLM\...\{197F2BEF-2705-406E-8CEB-8E404FFFE414}) (Version: 3.2.6 - VMLite)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.9.7 - WildTangent) Hidden
Windows-drivrutinspaket - Focusrite USB 2.0 Audio Driver (09/25/2013 2.5.128.1) (HKLM\...\CF1FC201D237269A9CD51A3A6B14ADBF67175C32) (Version: 09/25/2013 2.5.128.1 - Focusrite)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
22-02-2015 16:16:45 Schemalagd kontrollpunkt
25-02-2015 21:08:35 Windows Update
28-02-2015 22:16:07 Windows Update
08-03-2015 16:24:01 Schemalagd kontrollpunkt
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {00D33521-7874-4CD6-8BB2-863C2C00EA3B} - System32\Tasks\StartMenuAutoupdate => C:\Program Files (x86)\IObit\Start Menu 8\AutoUpdate.exe [2015-01-22] (IObit)
Task: {09928DDE-9D84-4891-93C7-0676062C66CC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {13F34040-20F2-4AA3-B808-7F7EED36A5F4} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2013-07-18] (Toshiba Europe GmbH)
Task: {6EAB019B-FFF9-4F3B-9061-53FC2DC5D1C4} - System32\Tasks\{128FE2DB-52E4-4D16-BA42-5F04D72A0C62} => Firefox.exe hxxp://ui.skype.com/ui/0/6.11.0.102/de/abandoninstall?page=tsProgressBar
Task: {74118A71-CC1D-4C3B-888A-52D20702266F} - System32\Tasks\Microsoft\Windows\Setup\Windows Upgrade Notification Task => C:\windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {7E2AB53E-B992-4373-8C7E-4662A968BEE1} - System32\Tasks\{E064D739-1F93-4F82-983F-2AF2EA6353CE} => Firefox.exe hxxp://ui.skype.com/ui/0/6.11.0.102/de/abandoninstall?page=tsBing
Task: {EB5ED57C-B450-4E90-B0C5-A5FDC3306643} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-11-29] (Synaptics Incorporated)
Task: {EF1EAFEE-95F9-4987-ABA9-2460BF88F59B} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2012-07-27] (TOSHIBA Corporation)
Task: {F59F3CDE-905A-4317-8C70-BAC604AAF49C} - System32\Tasks\{7BE2C727-B857-4282-A9DE-8763EC92488D} => Firefox.exe hxxp://ui.skype.com/ui/0/6.11.0.102/de/abandoninstall?page=tsProgressBar
==================== Loaded Modules (whitelisted) ==============
2011-10-13 13:38 - 2011-10-13 13:38 - 00156672 _____ () C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
2010-08-11 13:18 - 2010-08-11 13:18 - 00202344 _____ () C:\Program Files\VMLite\VMLite Workstation\VBoxDDU.dll
2010-08-11 13:18 - 2010-08-11 13:18 - 02725480 _____ () C:\Program Files\VMLite\VMLite Workstation\VBoxRT.dll
2009-03-26 21:03 - 2009-03-26 21:03 - 01289728 _____ () C:\Program Files\VMLite\VMLite Workstation\LIBEAY32.dll
2012-10-26 00:24 - 2012-10-24 06:44 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-10-31 15:15 - 2012-10-31 15:15 - 02565544 _____ () C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
2012-07-18 18:38 - 2012-07-18 18:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2012-07-18 18:38 - 2012-07-18 18:38 - 00049064 _____ () C:\Program Files\TOSHIBA\Hotkey\Hotkey\FnZ.dll
2013-06-26 17:52 - 2013-12-09 16:10 - 00348992 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madExcept_.bpl
2013-06-26 17:52 - 2013-12-09 16:10 - 00183616 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madBasic_.bpl
2013-06-26 17:52 - 2013-12-09 16:10 - 00051008 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madDisAsm_.bpl
2014-03-03 18:07 - 2013-12-09 16:10 - 00089920 _____ () C:\Program Files (x86)\IObit\Start Menu 8\NTFSScan.dll
2013-10-18 17:29 - 2013-12-09 16:10 - 00039744 _____ () C:\Program Files (x86)\IObit\Start Menu 8\pri.dll
2013-10-18 17:29 - 2013-12-09 16:11 - 00041280 _____ () C:\Program Files (x86)\IObit\Start Menu 8\winkey.dll
2013-05-03 22:20 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1609830323-765120689-1541722825-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\StartupFolder: => "Microsoft Office.lnk"
HKLM\...\StartupApproved\Run: => "TecoResident"
HKLM\...\StartupApproved\Run32: => "Intel AppUp(R) center"
HKLM\...\StartupApproved\Run32: => "TCrdMain"
HKLM\...\StartupApproved\Run32: => "TODDMain"
HKLM\...\StartupApproved\Run32: => "TosWaitSrv"
==================== Accounts: =============================
Administratör (S-1-5-21-1609830323-765120689-1541722825-500 - Administrator - Disabled)
Gäst (S-1-5-21-1609830323-765120689-1541722825-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1609830323-765120689-1541722825-1003 - Limited - Enabled)
win_8 (S-1-5-21-1609830323-765120689-1541722825-1001 - Administrator - Enabled) => C:\Users\win_8
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/09/2015 05:48:55 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (03/08/2015 10:14:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programmet firefox.exe, version 36.0.1.5542, avslutades eftersom det slutade samverka med Windows. Ytterligare information kan finnas i problemhistoriken på kontrollpanelen för Åtgärdscentret och lösningar.
Process-ID: d7c
Starttid: 01d059acc958762b
Avslutningstid: 4294967295
Programsökväg: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Rapport-ID: 15fb7580-c5d8-11e4-803b-7c05077950e8
Fullständigt namn på felaktigt paket:
Program-ID relativt till felaktigt paket:
Error: (03/08/2015 10:14:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Felet uppstod i programmet med namn: plugin-container.exe, version 36.0.1.5542, tidsstämpel 0x54f851c0
, felet uppstod i modulen med namn: mozalloc.dll, version 36.0.1.5542, tidsstämpel 0x54f8437e
Undantagskod: 0x80000003
Felförskjutning: 0x00001e02
Process-ID: 0x122c
Programmets starttid: 0xplugin-container.exe0
Sökväg till program: plugin-container.exe1
Sökväg till modul: plugin-container.exe2
Rapport-ID: plugin-container.exe3
Fullständigt namn på felaktigt paket: plugin-container.exe4
Program-ID relativt till felaktigt paket: plugin-container.exe5
Error: (03/03/2015 06:04:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programmet firefox.exe, version 36.0.0.5531, avslutades eftersom det slutade samverka med Windows. Ytterligare information kan finnas i problemhistoriken på kontrollpanelen för Åtgärdscentret och lösningar.
Process-ID: f28
Starttid: 01d0550e22159c0a
Avslutningstid: 4294967295
Programsökväg: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Rapport-ID: 6bd7ca1f-c1c7-11e4-8039-7c05077950e8
Fullständigt namn på felaktigt paket:
Program-ID relativt till felaktigt paket:
Error: (03/03/2015 06:04:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Felet uppstod i programmet med namn: plugin-container.exe, version 36.0.0.5531, tidsstämpel 0x54eb029a
, felet uppstod i modulen med namn: mozalloc.dll, version 36.0.0.5531, tidsstämpel 0x54eaf3b7
Undantagskod: 0x80000003
Felförskjutning: 0x00001e02
Process-ID: 0x380
Programmets starttid: 0xplugin-container.exe0
Sökväg till program: plugin-container.exe1
Sökväg till modul: plugin-container.exe2
Rapport-ID: plugin-container.exe3
Fullständigt namn på felaktigt paket: plugin-container.exe4
Program-ID relativt till felaktigt paket: plugin-container.exe5
Error: (03/02/2015 06:29:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Felet uppstod i programmet med namn: TCrdMain_Win8.exe, version 2.0.7.64, tidsstämpel 0x5091827a
, felet uppstod i modulen med namn: SynCOM.dll_unloaded, version 0.0.0.0, tidsstämpel 0x50b86421
Undantagskod: 0xc0000005
Felförskjutning: 0x000000001001f368
Process-ID: 0xcf0
Programmets starttid: 0xTCrdMain_Win8.exe0
Sökväg till program: TCrdMain_Win8.exe1
Sökväg till modul: TCrdMain_Win8.exe2
Rapport-ID: TCrdMain_Win8.exe3
Fullständigt namn på felaktigt paket: TCrdMain_Win8.exe4
Program-ID relativt till felaktigt paket: TCrdMain_Win8.exe5
Error: (03/01/2015 07:46:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programmet firefox.exe, version 36.0.0.5531, avslutades eftersom det slutade samverka med Windows. Ytterligare information kan finnas i problemhistoriken på kontrollpanelen för Åtgärdscentret och lösningar.
Process-ID: 1c44
Starttid: 01d05430892f0135
Avslutningstid: 4294967295
Programsökväg: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Rapport-ID: 55b755a3-c043-11e4-8037-7c05077950e8
Fullständigt namn på felaktigt paket:
Program-ID relativt till felaktigt paket:
Error: (03/01/2015 07:46:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Felet uppstod i programmet med namn: plugin-container.exe, version 36.0.0.5531, tidsstämpel 0x54eb029a
, felet uppstod i modulen med namn: mozalloc.dll, version 36.0.0.5531, tidsstämpel 0x54eaf3b7
Undantagskod: 0x80000003
Felförskjutning: 0x00001e02
Process-ID: 0x2848
Programmets starttid: 0xplugin-container.exe0
Sökväg till program: plugin-container.exe1
Sökväg till modul: plugin-container.exe2
Rapport-ID: plugin-container.exe3
Fullständigt namn på felaktigt paket: plugin-container.exe4
Program-ID relativt till felaktigt paket: plugin-container.exe5
Error: (03/01/2015 04:00:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Felet uppstod i programmet med namn: plugin-container.exe, version 36.0.0.5531, tidsstämpel 0x54eb029a
, felet uppstod i modulen med namn: mozalloc.dll, version 36.0.0.5531, tidsstämpel 0x54eaf3b7
Undantagskod: 0x80000003
Felförskjutning: 0x00001e02
Process-ID: 0x180c
Programmets starttid: 0xplugin-container.exe0
Sökväg till program: plugin-container.exe1
Sökväg till modul: plugin-container.exe2
Rapport-ID: plugin-container.exe3
Fullständigt namn på felaktigt paket: plugin-container.exe4
Program-ID relativt till felaktigt paket: plugin-container.exe5
Error: (03/01/2015 03:44:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Felet uppstod i programmet med namn: TCrdMain_Win8.exe, version 2.0.7.64, tidsstämpel 0x5091827a
, felet uppstod i modulen med namn: SynCOM.dll_unloaded, version 0.0.0.0, tidsstämpel 0x50b86421
Undantagskod: 0xc0000005
Felförskjutning: 0x000000001001f368
Process-ID: 0x2a74
Programmets starttid: 0xTCrdMain_Win8.exe0
Sökväg till program: TCrdMain_Win8.exe1
Sökväg till modul: TCrdMain_Win8.exe2
Rapport-ID: TCrdMain_Win8.exe3
Fullständigt namn på felaktigt paket: TCrdMain_Win8.exe4
Program-ID relativt till felaktigt paket: TCrdMain_Win8.exe5
System errors:
=============
Error: (03/08/2015 11:41:35 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Tjänsten Windows Update stängdes inte på rätt sätt efter att ha mottagit en systemstängningsvarning.
Error: (03/08/2015 03:30:17 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Den senaste avstängningen av datorn vid 14:43:31 den 08.03.2015 skedde oväntat.
Error: (03/08/2015 02:43:31 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Den senaste avstängningen av datorn vid 18:14:50 den 03.03.2015 skedde oväntat.
Error: (03/02/2015 06:12:35 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Den senaste avstängningen av datorn vid 17:53:51 den 02.03.2015 skedde oväntat.
Error: (02/22/2015 03:15:43 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Den senaste avstängningen av datorn vid 21:21:44 den 21.02.2015 skedde oväntat.
Error: (02/19/2015 00:52:34 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Den senaste avstängningen av datorn vid 12:20:01 den 19.02.2015 skedde oväntat.
Error: (02/10/2015 06:28:20 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Den senaste avstängningen av datorn vid 20:46:38 den 08.02.2015 skedde oväntat.
Error: (02/07/2015 11:53:42 AM) (Source: DCOM) (EventID: 10010) (User: win8)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
Error: (02/03/2015 07:37:21 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Den senaste avstängningen av datorn vid 22:12:50 den 02.02.2015 skedde oväntat.
Error: (02/02/2015 07:21:19 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Den senaste avstängningen av datorn vid 19:04:13 den 01.02.2015 skedde oväntat.
Microsoft Office Sessions:
=========================
Error: (03/09/2015 05:48:55 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (03/08/2015 10:14:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe36.0.1.5542d7c01d059acc958762b4294967295C:\Program Files (x86)\Mozilla Firefox\firefox.exe15fb7580-c5d8-11e4-803b-7c05077950e8
Error: (03/08/2015 10:14:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe36.0.1.554254f851c0mozalloc.dll36.0.1.554254f8437e8000000300001e02122c01d059acdee8f26bC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll16fa4c51-c5d8-11e4-803b-7c05077950e8
Error: (03/03/2015 06:04:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe36.0.0.5531f2801d0550e22159c0a4294967295C:\Program Files (x86)\Mozilla Firefox\firefox.exe6bd7ca1f-c1c7-11e4-8039-7c05077950e8
Error: (03/03/2015 06:04:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe36.0.0.553154eb029amozalloc.dll36.0.0.553154eaf3b78000000300001e0238001d0550e27b09621C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll6c5c7a0e-c1c7-11e4-8039-7c05077950e8
Error: (03/02/2015 06:29:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TCrdMain_Win8.exe2.0.7.645091827aSynCOM.dll_unloaded0.0.0.050b86421c0000005000000001001f368cf001d0550c55bb4964C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exeSynCOM.dllafad17f9-c101-11e4-8039-7c05077950e8
Error: (03/01/2015 07:46:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe36.0.0.55311c4401d05430892f01354294967295C:\Program Files (x86)\Mozilla Firefox\firefox.exe55b755a3-c043-11e4-8037-7c05077950e8
Error: (03/01/2015 07:46:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe36.0.0.553154eb029amozalloc.dll36.0.0.553154eaf3b78000000300001e02284801d054468a7ceebcC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll56aba36c-c043-11e4-8037-7c05077950e8
Error: (03/01/2015 04:00:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe36.0.0.553154eb029amozalloc.dll36.0.0.553154eaf3b78000000300001e02180c01d0542faa06b65fC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllb4455f20-c023-11e4-8037-7c05077950e8
Error: (03/01/2015 03:44:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TCrdMain_Win8.exe2.0.7.645091827aSynCOM.dll_unloaded0.0.0.050b86421c0000005000000001001f3682a7401d0542c19571e0dC:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exeSynCOM.dll7cc58333-c021-11e4-8037-7c05077950e8
==================== Memory info ===========================
Processor: Intel(R) Celeron(R) CPU 1000M @ 1.80GHz
Percentage of memory in use: 48%
Total physical RAM: 3979.21 MB
Available physical RAM: 2038.67 MB
Total Pagefile: 8587.21 MB
Available Pagefile: 3107.13 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB
==================== Drives ================================
Drive c: (TI31061100A) (Fixed) (Total:286.29 GB) (Free:97.81 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================ |