Fledermausi | 09.02.2015 19:31 | Code:
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-09 19:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-02-09 18:59 - 2014-07-31 17:29 - 01989785 _____ () C:\Windows\WindowsUpdate.log
2015-02-09 18:42 - 2014-05-22 00:35 - 00001140 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-09 18:36 - 2014-07-31 17:32 - 00723780 _____ () C:\Windows\SysWOW64\rootpa.e2e
2015-02-09 18:35 - 2014-05-22 00:35 - 00001136 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-09 18:34 - 2013-08-22 15:46 - 00019816 _____ () C:\Windows\setupact.log
2015-02-09 18:34 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-09 18:32 - 2014-07-31 17:30 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2015-02-09 18:30 - 2014-07-31 17:46 - 00000000 ____D () C:\Windows\System32\Tasks\TOSHIBA
2015-02-09 18:19 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\registration
2015-02-09 11:20 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-02-08 23:07 - 2014-03-18 10:39 - 00039304 _____ () C:\Windows\PFRO.log
2015-02-08 22:26 - 2014-07-31 17:36 - 00041606 _____ () C:\Windows\DPINST.LOG
2015-02-08 22:05 - 2014-07-31 17:29 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-08 21:03 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-02-07 16:49 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\Offline Web Pages
2015-02-07 16:18 - 2014-05-06 05:41 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2015-02-07 16:18 - 2014-05-06 05:41 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2015-02-07 16:18 - 2014-03-18 10:47 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-07 16:11 - 2014-07-31 18:03 - 00000000 ____D () C:\ProgramData\McAfee
2015-02-07 09:44 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2015-02-07 09:07 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-02-07 09:00 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-02-06 08:31 - 2014-03-18 10:33 - 00000000 ____D () C:\Program Files\Windows Journal
2015-02-06 08:31 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\WinStore
2015-02-06 08:31 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-02-06 08:31 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-02-06 08:31 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-02-06 08:31 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-02-06 08:31 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-02-06 08:31 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\servicing
2015-02-06 08:30 - 2014-05-06 05:40 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2015-02-06 08:30 - 2014-03-18 10:31 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2015-02-06 08:30 - 2014-03-18 10:31 - 00000000 ____D () C:\Windows\SysWOW64\WCN
2015-02-06 08:30 - 2014-03-18 10:31 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2015-02-06 08:30 - 2014-03-18 10:31 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2015-02-06 08:30 - 2014-03-18 10:31 - 00000000 ____D () C:\Windows\system32\winrm
2015-02-06 08:30 - 2014-03-18 10:31 - 00000000 ____D () C:\Windows\system32\WCN
2015-02-06 08:30 - 2014-03-18 10:31 - 00000000 ____D () C:\Windows\system32\slmgr
2015-02-06 08:30 - 2014-03-18 10:31 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2015-02-06 08:30 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2015-02-06 08:30 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2015-02-06 08:30 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\Com
2015-02-06 08:30 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform
2015-02-06 08:30 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\MUI
2015-02-06 08:30 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\migwiz
2015-02-06 08:30 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\Com
2015-02-06 08:30 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-02-06 08:30 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\IME
2015-02-06 08:30 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Help
2015-02-06 08:30 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2015-02-06 08:30 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-02-06 08:30 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2015-02-06 08:30 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\oobe
2015-02-06 08:30 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\Dism
2015-02-06 07:56 - 2013-08-22 16:36 - 00000000 ___SD () C:\Windows\system32\dsc
2015-02-05 06:37 - 2014-05-22 00:35 - 00004112 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-05 06:37 - 2014-05-22 00:35 - 00003876 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-04 08:22 - 2013-08-22 15:44 - 00338048 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-04 00:34 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ToastData
2015-02-04 00:34 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-04 00:34 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-04 00:34 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
2015-02-04 00:34 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\setup
2015-02-04 00:33 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-04 00:33 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-04 00:33 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod
2015-02-04 00:33 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
2015-02-04 00:33 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2015-02-04 00:32 - 2014-07-31 17:54 - 00000000 ____D () C:\ProgramData\WildTangent
2015-02-04 00:32 - 2014-07-31 17:54 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2015-02-04 00:30 - 2014-05-22 00:35 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-03 23:58 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates
2015-02-02 14:45 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\MediaViewer
2015-02-02 14:45 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\FileManager
2015-02-02 14:45 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Camera
2015-02-02 14:44 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-01 14:50 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\restore
2015-01-31 17:31 - 2014-07-31 17:30 - 00000000 ____D () C:\ProgramData\AMD
2015-01-31 17:31 - 2014-05-22 00:34 - 00000000 ____D () C:\ProgramData\TOSHIBA
2015-01-31 17:26 - 2014-03-18 10:31 - 00000000 ____D () C:\Windows\SysWOW64\sysprep
2015-01-20 17:41 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\ELAMBKUP
==================== Files in the root of some directories =======
2015-02-07 16:47 - 2015-02-07 16:47 - 1441015 _____ () C:\ProgramData\1423322013.bdinstall.bin
2014-07-31 17:34 - 2014-07-31 17:34 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-05-22 08:30
==================== End Of Log ============================ Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-02-2015
Ran by Fledermaus at 2015-02-09 19:19:53
Running from C:\Users\Fledermaus\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Amazon 1Button App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.4 - Amazon)
AMD Catalyst Install Manager (HKLM\...\{99213849-249E-7726-EBA7-ADFCA48E2246}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Bitdefender Internet Security 2015 (HKLM\...\Bitdefender) (Version: 18.20.0.1429 - Bitdefender)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3920.05 - CyberLink Corp.)
Desktopicon amazon.de (HKLM\...\DesktopIconAmazon) (Version: 1.0.1 - )
DTS Sound (HKLM-x32\...\{9B17BBEC-CF31-4C23-949E-E65A14365CE1}) (Version: 1.01.6100 - DTS, Inc.)
ETDWare PS/2_SMBus-X64 11.8.20.3_WHQL (HKLM\...\Elantech) (Version: 11.8.20.3 - ELAN Microelectronic Corp.)
Free Driver Scout (HKLM-x32\...\{50a7e828-15d3-40e6-a37d-22d5c5357878}) (Version: 1.0.0.0 - Covus Freemium)
Free Driver Scout (Version: 1.0.0.0 - Covus Freemium) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
PSP Application (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7195 - Realtek Semiconductor Corp.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB)
TOSHIBA Desktop Assist (HKLM\...\{C4CDCEF0-0A7A-4425-887C-33E39533D758}) (Version: 1.03.02.6402 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{484A4296-6F3D-4182-8CFA-D664F7DA34AA}) (Version: 1.1.17.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{94D2A899-0C34-4420-880E-AE337E635AB0}) (Version: 2.5.0.6404 - Toshiba Corporation)
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.51.81.2C - TOSHIBA CORPORATION)
TOSHIBA Function Key (HKLM\...\{1844CFE2-EBA3-490A-8A5E-9BFC646342FD}) (Version: 1.1.5.6402 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.19 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{59358FD4-252B-4B38-AB81-955C491A494F}) (Version: 2.0.0.15C - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 3.01.02.6400 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.2.00.56006005 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{BFE4C813-4DD4-4B1C-97F4-76A459055C8D}) (Version: 2.6.13 - Toshiba Corporation)
TOSHIBA Start Screen Option (HKLM\...\{06B71035-F19F-4F76-9875-FFCCD4FC3F83}) (Version: 1.00.01.6402 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0033 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{4D57ED72-6B01-40BD-9CA9-012B8FC09CEB}) (Version: 2.0.1.32003 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.5.1 - Toshiba Europe GmbH)
Utility Common Driver (x32 Version: 1.0.53.3 - Compal) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
01-02-2015 14:50:40 McAfee Vulnerability Scanner
04-02-2015 00:29:04 Removed Google Drive
05-02-2015 23:32:06 Sprachpaketdeinstallation
07-02-2015 08:56:44 McAfee Vulnerability Scanner
08-02-2015 22:04:22 Free Driver Scout
08-02-2015 22:25:00 DriverUtilities
09-02-2015 11:02:27 Wiederherstellungsvorgang
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0038EC9A-952C-4C0E-8E27-EC34728FCD24} - System32\Tasks\TOSHIBA\TSVU => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [2013-07-24] (TOSHIBA)
Task: {08988DD0-2746-41FE-8496-789A58E09976} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-22] (Google Inc.)
Task: {0D28F29F-B64E-426F-B27B-8901E7F332DA} - System32\Tasks\TOSHIBA\TosWaitSrv => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2013-08-13] (TOSHIBA Corporation)
Task: {23D49C8C-78F4-4412-B996-41F886A146A9} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-09-24] (TOSHIBA Corporation)
Task: {2F3AD9E3-05F1-4C47-BBD7-5ABFCB94A336} - System32\Tasks\TOSHIBA\TecoResident => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [2014-04-17] (TOSHIBA Corporation)
Task: {3FC24770-02C6-40EB-94A0-EA8EABBE1393} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2013-12-24] (Toshiba Europe GmbH)
Task: {6340D6C8-9D68-4019-AC4B-A9EDE34C8425} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-22] (Google Inc.)
Task: {8B4AFE5C-E72D-452C-9448-E25543818ADA} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-02-24] (Realtek Semiconductor)
Task: {9FB0D606-8FB2-4895-A11B-C7F49269D173} - System32\Tasks\FreeDriverScout => C:\Program Files\Covus Freemium\Free Driver Scout\1Click.exe [2014-08-07] ()
Task: {B0FF8A26-F38C-442C-AB17-67679A39DB23} - System32\Tasks\Software Updater => C:\Program Files\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe [2014-08-07] () <==== ATTENTION
Task: {D3EADCB0-12DA-4796-A46F-2772C38D73F6} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-12-31] (Microsoft Corporation)
Task: {EE07B92B-263A-474F-A3D9-E6D46EF1E16F} - System32\Tasks\TOSHIBA\StartCCC => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-04-23] (Advanced Micro Devices, Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2015-02-07 16:44 - 2014-08-27 16:31 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
2015-02-07 16:43 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll
2015-02-07 16:44 - 2015-01-20 17:34 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui
2015-02-07 16:44 - 2012-10-29 14:22 - 00152816 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdfwcore.dll
2015-02-07 16:51 - 2015-02-07 16:51 - 00784712 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00050_002\ashttpbr.mdl
2015-02-07 16:51 - 2015-02-07 16:51 - 00573544 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00050_002\ashttpdsp.mdl
2015-02-07 16:51 - 2015-02-07 16:51 - 02657264 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00050_002\ashttpph.mdl
2015-02-07 16:51 - 2015-02-07 16:51 - 01331648 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00050_002\ashttprbl.mdl
2014-04-23 06:48 - 2014-04-23 06:48 - 00140288 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2014-03-03 21:30 - 2014-03-03 21:30 - 00021840 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2012-07-19 02:38 - 2012-07-19 02:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2014-04-23 06:48 - 2014-04-23 06:48 - 00016896 _____ () C:\Program Files\ATI Technologies\ATI.ACE\a4\AS4.NativeProxy.dll
2015-02-06 07:43 - 2015-02-04 10:02 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libglesv2.dll
2015-02-06 07:43 - 2015-02-04 10:02 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libegl.dll
2015-02-06 07:43 - 2015-02-04 10:02 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Fledermaus\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Fledermaus\Downloads\FRST64.exe:BDU
AlternateDataStreams: C:\Users\Fledermaus\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe:BDU
AlternateDataStreams: C:\Users\Fledermaus\Downloads\setup.exe:BDU
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Registry Areas =====================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3278013879-2725221081-1099153109-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Fledermaus\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-3278013879-2725221081-1099153109-500 - Administrator - Disabled)
Fledermaus (S-1-5-21-3278013879-2725221081-1099153109-1001 - Administrator - Enabled) => C:\Users\Fledermaus
Gast (S-1-5-21-3278013879-2725221081-1099153109-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3278013879-2725221081-1099153109-1003 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/09/2015 06:35:49 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Unbekannter Fehler bei der Systemwiederherstellung: (Wiederherstellungsvorgang). Zusätzliche Informationen: 0x80070005.
Error: (02/09/2015 05:08:31 PM) (Source: ATIeRecord) (EventID: 16388) (User: )
Description: ATI EEU Client event error
Error: (02/09/2015 05:08:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TosSmartView.exe, Version: 1.1.0.5, Zeitstempel: 0x528afa85
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eebf2e
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000000606c
ID des fehlerhaften Prozesses: 0x858
Startzeit der fehlerhaften Anwendung: 0xTosSmartView.exe0
Pfad der fehlerhaften Anwendung: TosSmartView.exe1
Pfad des fehlerhaften Moduls: TosSmartView.exe2
Berichtskennung: TosSmartView.exe3
Vollständiger Name des fehlerhaften Pakets: TosSmartView.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: TosSmartView.exe5
Error: (02/09/2015 05:08:25 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: TosSmartView.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Exception
Stapel:
bei Toshiba.BIOS.BIOSHandler.GetDigitalDisplayPortInfo()
bei Toshiba.Display.Control.ItemConversion.Convert(Toshiba.Display.GPUType, Toshiba.Display.DataType.DisplayItem ByRef)
bei Toshiba.Display.Control.AMD.DisplayDeviceAMD.CallGetAllDisplayPaths(Toshiba.Display.DataType.DisplayItem ByRef)
bei Toshiba.Display.Control.AMD.DisplayDeviceAMD.CallGetCurrentDisplay(Toshiba.Display.DataType.DisplayItem ByRef, Toshiba.Display.DisplayProcFlag ByRef)
bei Toshiba.Display.Control.DisplayDeviceBase.ChainSetTransaction(Toshiba.Display.TransactionMode)
bei Toshiba.Display.Control.DisplayDeviceBase.ChainSetTransaction(Toshiba.Display.TransactionMode)
bei Toshiba.Display.DisplayManager.SetTransaction(Toshiba.Display.TransactionMode)
bei Toshiba.Display.ConfigurationNotify.DisplayTools.IsNewConnectorAvailable()
bei Toshiba.Display.ConfigurationNotify.Model.ConfigurationNotifyModel.Initalize(System.String[])
bei TosSmartView.App.ShowNotificaton(System.String, System.String[], System.Globalization.CultureInfo)
bei TosSmartView.App.OnStartup(System.Windows.StartupEventArgs)
bei System.Windows.Application.<.ctor>b__1(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.DispatcherOperation.InvokeImpl()
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Windows.Threading.DispatcherOperation.Invoke()
bei System.Windows.Threading.Dispatcher.ProcessQueue()
bei System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
bei MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Application.RunInternal(System.Windows.Window)
bei System.Windows.Application.Run()
bei TosSmartView.App.Main()
Error: (02/09/2015 05:08:24 PM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed
Error: (02/09/2015 11:26:28 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: Unbekannter Fehler bei der Systemwiederherstellung: (DriverUtilities). Zusätzliche Informationen: 0x80070005.
Error: (02/09/2015 11:23:16 AM) (Source: ATIeRecord) (EventID: 16388) (User: )
Description: ATI EEU Client event error
Error: (02/09/2015 11:23:10 AM) (Source: ATIeRecord) (EventID: 16392) (User: )
Description: ATI EEU error accessing memory mapped file
Error: (02/09/2015 11:23:10 AM) (Source: ATIeRecord) (EventID: 16386) (User: )
Description: ATI EEU Client has failed to start
Error: (02/09/2015 11:23:10 AM) (Source: ATIeRecord) (EventID: 16388) (User: )
Description: ATI EEU Client event error
System errors:
=============
Error: (02/09/2015 06:34:20 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Bitdefender Virus Shield" wurde nicht richtig gestartet.
Error: (02/09/2015 05:11:00 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000007e (0xffffffffc0000005, 0xfffff801cb8de1db, 0xffffd0002033e128, 0xffffd0002033d930)C:\Windows\MEMORY.DMP020915-21375-01
Error: (02/09/2015 05:10:59 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 09.02.2015 um 16:55:07 unerwartet heruntergefahren.
Error: (02/09/2015 04:55:07 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000007e (0xffffffffc0000005, 0xfffff8019ef7e12b, 0xffffd0014153f128, 0xffffd0014153e930)C:\Windows\MEMORY.DMP020915-24468-01
Error: (02/09/2015 04:55:07 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 09.02.2015 um 16:48:15 unerwartet heruntergefahren.
Error: (02/09/2015 04:48:08 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Bitdefender Virus Shield" wurde nicht richtig gestartet.
Error: (02/09/2015 04:48:15 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 09.02.2015 um 16:37:10 unerwartet heruntergefahren.
Error: (02/09/2015 11:21:30 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Bitdefender Virus Shield" wurde nicht richtig gestartet.
Error: (02/08/2015 09:31:06 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000007e (0xffffffffc0000005, 0xfffff8002832212b, 0xffffd00188f5f128, 0xffffd00188f5e930)C:\Windows\MEMORY.DMP020815-34062-01
Error: (02/08/2015 09:31:04 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 08.02.2015 um 21:15:05 unerwartet heruntergefahren.
Microsoft Office Sessions:
=========================
Error: (02/09/2015 06:35:49 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Wiederherstellungsvorgang0x80070005
Error: (02/09/2015 05:08:31 PM) (Source: ATIeRecord) (EventID: 16388) (User: )
Description:
Error: (02/09/2015 05:08:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TosSmartView.exe1.1.0.5528afa85KERNELBASE.dll6.3.9600.1727853eebf2ee0434352000000000000606c85801d04482861d4f64c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartView.exeC:\Windows\system32\KERNELBASE.dlle048a3ec-b075-11e4-8272-4cbb5809290d
Error: (02/09/2015 05:08:25 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: TosSmartView.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Exception
Stapel:
bei Toshiba.BIOS.BIOSHandler.GetDigitalDisplayPortInfo()
bei Toshiba.Display.Control.ItemConversion.Convert(Toshiba.Display.GPUType, Toshiba.Display.DataType.DisplayItem ByRef)
bei Toshiba.Display.Control.AMD.DisplayDeviceAMD.CallGetAllDisplayPaths(Toshiba.Display.DataType.DisplayItem ByRef)
bei Toshiba.Display.Control.AMD.DisplayDeviceAMD.CallGetCurrentDisplay(Toshiba.Display.DataType.DisplayItem ByRef, Toshiba.Display.DisplayProcFlag ByRef)
bei Toshiba.Display.Control.DisplayDeviceBase.ChainSetTransaction(Toshiba.Display.TransactionMode)
bei Toshiba.Display.Control.DisplayDeviceBase.ChainSetTransaction(Toshiba.Display.TransactionMode)
bei Toshiba.Display.DisplayManager.SetTransaction(Toshiba.Display.TransactionMode)
bei Toshiba.Display.ConfigurationNotify.DisplayTools.IsNewConnectorAvailable()
bei Toshiba.Display.ConfigurationNotify.Model.ConfigurationNotifyModel.Initalize(System.String[])
bei TosSmartView.App.ShowNotificaton(System.String, System.String[], System.Globalization.CultureInfo)
bei TosSmartView.App.OnStartup(System.Windows.StartupEventArgs)
bei System.Windows.Application.<.ctor>b__1(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.DispatcherOperation.InvokeImpl()
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Windows.Threading.DispatcherOperation.Invoke()
bei System.Windows.Threading.Dispatcher.ProcessQueue()
bei System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
bei MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Application.RunInternal(System.Windows.Window)
bei System.Windows.Application.Run()
bei TosSmartView.App.Main()
Error: (02/09/2015 05:08:24 PM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description:
Error: (02/09/2015 11:26:28 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: DriverUtilities0x80070005
Error: (02/09/2015 11:23:16 AM) (Source: ATIeRecord) (EventID: 16388) (User: )
Description:
Error: (02/09/2015 11:23:10 AM) (Source: ATIeRecord) (EventID: 16392) (User: )
Description:
Error: (02/09/2015 11:23:10 AM) (Source: ATIeRecord) (EventID: 16386) (User: )
Description:
Error: (02/09/2015 11:23:10 AM) (Source: ATIeRecord) (EventID: 16388) (User: )
Description:
==================== Memory info ===========================
Processor: AMD A4-6210 APU with AMD Radeon R3 Graphics
Percentage of memory in use: 44%
Total physical RAM: 7102.88 MB
Available physical RAM: 3925.59 MB
Total Pagefile: 14270.88 MB
Available Pagefile: 10282.39 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: (TI31338600B) (Fixed) (Total:454.28 GB) (Free:407.93 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================ |