|
Plagegeister aller Art und deren Bekämpfung: Firefox wird teilweise schwarzWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
03.03.2014, 17:47 | #1 |
| Firefox wird teilweise schwarz Guten Tag Ich bin ein normaler PC-Anwender und weiss wie bedienen und installieren, aber nicht wie ich mit folgendem Problem umgehen kann resp. dies zu lösen. Habe im Forum gesucht und leider keine Antwort auf mein Problem gefundenn - falls ich das übersehen hätte dann bitte um direkten Link. Problem: Ich surfe mit Firefox im Internet. Auf diversen Pages wird der Bildschirm schwarz. Dies kann nur streifen sein (2-5cm) wagrecht, als auch mal komplett schwarz sein. Wenn man mit der Maus rumklickt dann werden die einzelnen Objekte aus dem schwarzen Bildschirm wieder angezeigt. Also muss wild umherklicken (und weiss nicht was man anklickt). Man könnte schon fast meinen, dass der PC nicht lädt und es dann eine zeit braucht. Aber das ist sicher nicht der Fall denn die Hardware sowie Internet-Leitung ist ok. Kurze infos zum system (von Systemsteuerung/System): Windows 7 Home Premium Service Pack 1 Intel i7 2600, 3,4Ghz 8GB Ram 64 Bit Internetleitung: 50000/5000 Firefox: 27.0.1 Bit Defender: Total Security 2014 Ich hoffe, dass mir jemand helfen kann. |
03.03.2014, 17:54 | #2 |
/// the machine /// TB-Ausbilder | Firefox wird teilweise schwarz hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
03.03.2014, 22:29 | #3 |
| Firefox wird teilweise schwarz Guten Abend Schrauber.
__________________Erstmals herzlichen Dank dass Du Dich der Sache annimmst. Ich habe den pc 2x neu gestartet und dann mein Problem hier gepostet da es immer noch passierte (bild schwarz). seit dem letzten neustart hatte ich es nicht mehr - was aber nicht heisst dass irgend etwas doch im hintergrund läuft. --> Was mir noch untergegangen ist. ich hatte problem mit dem quicktime, update fehlgeschlagen wegen datei welche nicht abgespeichert werden konnte. ich habe dann quicktime deinstalliert und neu in den windowsordner installiert. das ist gegangen - könnte da was faul sein? hier die gewünschten Texte:FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-03-2014 01 Ran by P.Herzog at 2014-03-03 22:12:45 Running from C:\Users\P.Herzog\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D} AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46} ==================== Installed Programs ====================== 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated) Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated) Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.0.0 - Asmedia Technology) Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.2.2.000 - Asmedia Technology) Asus 802.11n Network Adapter (HKLM-x32\...\InstallShield_{22EA200E-F498-43DF-BCF7-21317D17F786}) (Version: 1.0.0.18 - ASUSTeK) Asus 802.11n Network Adapter (x32 Version: 1.0.0.18 - ASUSTeK) Hidden Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 17.21.0.925 - Bitdefender) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Brother MFL-Pro Suite MFC-9970CDW (HKLM-x32\...\{979742CC-2CBB-49D8-9BEE-C2F7875F5393}) (Version: 1.0.30.0 - Brother Industries, Ltd.) BRPrintAuditor 2.2.2 (HKLM-x32\...\BRPrintAuditor 2.2.2) (Version: - ) Bullzip PDF Printer 7.1.0.1195 (HKLM\...\Bullzip PDF Printer_is1) (Version: - Bullzip) Complément Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Complemento Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ComproView (HKLM-x32\...\{D56B5417-7DA3-49A1-BAD8-F082704437CC}) (Version: 2.0 - ) Contents (x32 Version: 16.0.0.106 - Corel Corporation) Hidden Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation) Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation) Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation) Corel VideoStudio Pro X6 (HKLM-x32\...\_{6688A246-F6E8-48AD-9806-8D5832E9F15D}) (Version: 16.0.0.106 - Corel Corporation) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DefaultTab (HKLM-x32\...\DefaultTab) (Version: 2.3.3.0 - Search Results, LLC) <==== ATTENTION Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{81FB7C60-565A-4869-9D90-3BE1D270E8B7}) (Version: - Microsoft) Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.) EaseUS Partition Master 9.2.2 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS) Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden Hardcopy (HKLM-x32\...\Hardcopy) (Version: 2013.09.26 - Hardcopy für Windows - Ein Tastendruck und Ihr Bildschirm oder Fenster wird ausgedruckt oder abgespeichert.) ICA (x32 Version: 16.0.0.106 - Corel Corporation) Hidden iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation) IPM_VS_Pro (x32 Version: 16.0 - Corel Corporation) Hidden iSpy (HKLM-x32\...\{067B0B45-5718-4AF1-AAAB-A8D0894183A0}) (Version: 5.6.8 - iSpy) iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.) Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Lookeen Version 8.3.1.5156 (HKLM-x32\...\6D7E910F-716D-41E2-98A4-29691C352C1A_is1) (Version: 8.3.1.5156 - Axonic) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Messenger Pratilac (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Motion Detection (HKLM-x32\...\Motion Detection) (Version: 1.4.21.2 - Noël Danjou) Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) Nuance PaperPort 12 (HKLM-x32\...\{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}) (Version: 12.1.0000 - Nuance Communications, Inc.) Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc) PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.) Paragon Backup & Recovery™ 2013 Free (HKLM-x32\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software) Paragon Partition Manager™ 2013 Free (HKLM-x32\...\{47E5588F-C3A0-11DE-9857-005056C00008}) (Version: 90.00.0003 - Paragon Software) PDF24 Creator 6.0.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.190.0 - Tracker Software Products Ltd) QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.) Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.43.321.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.) Scansoft PDF Professional (x32 Version: - ) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden Setup (x32 Version: 16.0.0.106 - Corel Corporation) Hidden Share (x32 Version: 16.0.0.106 - Corel Corporation) Hidden Share64 (Version: 16.0.0.106 - Corel Corporation) Hidden Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.) SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.) SmartSound Common Data (x32 Version: 1.1.0 - SmartSound Software Inc.) Hidden SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.6 - SmartSound Software Inc.) SmartSound Quicktracks 5 (x32 Version: 5.1.6 - SmartSound Software Inc.) Hidden TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.26297 - TeamViewer) Trend Micro SafeSync (HKLM\...\HFRS_is1) (Version: 5.1.0.1522 - Trend Micro) Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E21274CE-CA0C-49FA-93F4-DC292A052264}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{B5C70C99-B109-42FD-B219-FF12CA543F19}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{81812245-FC84-426A-BC02-6659C88CC7B2}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft) Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version: - Microsoft) Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}) (Version: - Microsoft) Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation) VideoMate C Series PCI Driver (HKLM-x32\...\{41E340F0-0BD6-4A87-AF29-E9E584471756}) (Version: 1.38.200 - ) VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN) VSClassic (x32 Version: 16.0.0.106 - Corel Corporation) Hidden VSHelp (x32 Version: 16.0.0.106 - Corel Corporation) Hidden VSPro (x32 Version: 16.0.0.106 - Corel Corporation) Hidden Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Foto-galerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX kontrola za daljinske veze (HKLM-x32\...\{8985AE5E-622A-4980-8BF8-0A1830643220}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Pošta (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - ) Windows Media Encoder 9 Series (x32 Version: 9.00.2980 - Microsoft Corporation) Hidden ==================== Restore Points ========================= 25-02-2014 15:06:11 Windows Update 26-02-2014 12:38:28 Windows Update 01-03-2014 11:33:26 Installed QuickTime 7 01-03-2014 11:34:18 Installed QuickTime 7 01-03-2014 11:34:58 Installed QuickTime 7 ==================== Hosts content: ========================== 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {1D9A0796-A60D-4825-A691-912EFE7C5AA2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-21] (Adobe Systems Incorporated) Task: {37E93FB3-2D9E-4A3E-91FD-F73BFEECA659} - System32\Tasks\hcdll2_ex_x64 => C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe [2012-11-08] () Task: {3AB1ABB0-EB08-41B0-981E-9F982390F552} - System32\Tasks\SuperEasyDriverUpdater_UPDATES => C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe Task: {3D82C7D5-6A84-442C-938D-85B60F83E9D2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-16] (Google Inc.) Task: {4CD7B1E5-8180-4152-8C4A-FEB685C5639A} - System32\Tasks\DTReg => C:\Users\P.Herzog\AppData\Roaming\defaulttab\defaulttab\DTReg.exe [2014-02-10] (Search Results, LLC) <==== ATTENTION Task: {627E0237-9A37-4CB7-AFD0-7CBD1902BEC9} - System32\Tasks\hcdll2_ex_Win32 => C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe [2013-07-17] () Task: {97335975-B2AE-49FA-9722-B93F8E20A40B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {9DEB03CC-15ED-46DA-BC5E-A8FF8423B04C} - System32\Tasks\SuperEasyDriverUpdaterRunAtStartup => C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe Task: {B441DE9F-B2A1-4FB8-B042-00310C840946} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1175218377-1228759467-1445993741-1000 Task: {CE9058D9-9085-4713-95A0-64B5CCE60F5C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-16] (Google Inc.) Task: {E94D8AE3-26CF-4FF9-89E0-356D5EF2326A} - \WPD\SqmUpload_S-1-5-21-1175218377-1228759467-1445993741-500 No Task File Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\SuperEasyDriverUpdater_UPDATES.job => C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe ==================== Loaded Modules (whitelisted) ============= 2013-11-15 15:08 - 2013-06-19 11:45 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender\txmlutil.dll 2013-11-15 15:08 - 2013-10-31 16:55 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\accessl.ui 2013-11-15 15:08 - 2011-11-14 19:17 - 00153680 _____ () C:\Program Files\Bitdefender\Bitdefender\bdfwcore.dll 2013-11-15 15:08 - 2013-10-31 16:55 - 00005120 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\IMSecurityAL.ui 2014-02-27 12:46 - 2014-02-27 12:46 - 00770792 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00036_014\ashttpbr.mdl 2014-02-27 12:46 - 2014-02-27 12:46 - 00568400 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00036_014\ashttpdsp.mdl 2014-02-27 12:46 - 2014-02-27 12:46 - 02592904 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00036_014\ashttpph.mdl 2014-02-27 12:46 - 2014-02-27 12:46 - 01315680 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00036_014\ashttprbl.mdl 2013-10-17 17:16 - 2012-12-06 12:52 - 00136704 _____ () C:\Windows\System32\zlhp2600.dll 2013-10-17 17:35 - 2008-11-24 09:19 - 00069632 ____N () C:\Program Files (x86)\Brother\BRPrintAuditor\BRAgtSrv.exe 2013-12-07 23:39 - 2013-12-07 23:39 - 00107520 _____ () C:\Users\P.Herzog\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe 2013-10-17 17:27 - 2010-03-16 00:18 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll 2013-11-15 15:08 - 2013-03-25 15:16 - 01117920 _____ () C:\Program Files\Bitdefender\Bitdefender SafeBox\System.Data.SQLite.dll 2013-10-25 12:16 - 2012-11-08 07:38 - 00044608 _____ () C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe 2013-10-25 12:16 - 2013-09-25 14:15 - 00125944 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_42_x64.dll 2013-10-25 12:16 - 2013-07-17 16:03 - 00037880 _____ () C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe 2011-11-02 22:03 - 2011-03-06 13:07 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2013-10-25 12:16 - 2012-07-05 14:56 - 00052800 _____ () C:\Program Files (x86)\Hardcopy\hardcopy_05.dll 2013-10-25 12:16 - 2013-09-25 14:15 - 00117240 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_42_Win32.dll 2013-11-15 15:08 - 2013-06-19 11:44 - 00204280 _____ () C:\Program Files\Bitdefender\Bitdefender\antispam32\txmlutil.dll 2012-03-12 17:21 - 2012-03-12 17:21 - 00102400 ____N () C:\Program Files (x86)\ASUS\USB-N10 WLAN Card Utilities\GWLanController.dll 2011-08-01 14:23 - 2011-08-01 14:23 - 00159744 ____N () C:\Program Files (x86)\ASUS\USB-N10 WLAN Card Utilities\IPLeaseExpires.dll 2013-10-04 18:03 - 2012-07-05 09:58 - 01195022 _____ () C:\Program Files\Trend Micro SafeSync\avcodec-54.dll 2013-10-04 18:03 - 2012-07-05 09:58 - 00138766 _____ () C:\Program Files\Trend Micro SafeSync\avutil-51.dll 2013-10-04 18:03 - 2012-07-05 09:58 - 00217614 _____ () C:\Program Files\Trend Micro SafeSync\avformat-54.dll 2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\P.Herzog\AppData\Roaming\Dropbox\bin\libcef.dll 2013-10-17 17:27 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll 2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll 2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll 2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf 2014-02-15 13:46 - 2014-02-15 13:46 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2013-11-15 15:08 - 2013-09-10 18:46 - 00035896 _____ () C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\components\ffpwdman.dll 2014-02-21 07:29 - 2014-02-21 07:29 - 16265096 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll 2013-11-19 17:34 - 2013-03-13 16:43 - 00505488 _____ () C:\Program Files (x86)\Axonic\Lookeen\adxloader.dll 2013-11-19 17:34 - 2013-11-19 17:34 - 00286720 _____ () C:\Users\P.Herzog\AppData\Local\assembly\dl3\ON72247O.77Y\GQEARQL4.OAO\b6f8caf2\00fc9852_0838c701\Interop.Outlook.DLL 2013-02-14 14:46 - 2013-02-14 14:46 - 01044048 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll 2013-11-19 17:34 - 2013-11-19 17:34 - 00034816 _____ () C:\Users\P.Herzog\AppData\Local\assembly\dl3\ON72247O.77Y\GQEARQL4.OAO\58b8343b\00ea9c5b_4756ce01\LSGatewaySupport.DLL ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\Users\P.Herzog\Downloads\FRST64.exe:BDU AlternateDataStreams: C:\Users\P.Herzog\Downloads\QuickTimeInstaller.exe:BDU ==================== Safe Mode (whitelisted) =================== ==================== Disabled items from MSCONFIG ============== ==================== Faulty Device Manager Devices ============= Name: Input Pen Description: Input Pen Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (03/03/2014 06:55:04 PM) (Source: Application Hang) (User: ) Description: Programm OUTLOOK.EXE, Version 14.0.7113.5000 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 42b4 Startzeit: 01cf370659c3be94 Endzeit: 17 Anwendungspfad: C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE Berichts-ID: df44edbd-a2fc-11e3-badd-14dae9e187b4 Error: (03/03/2014 05:27:06 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 27.0.1.5156, Zeitstempel: 0x52fc0faa Name des fehlerhaften Moduls: xul.dll, Version: 27.0.1.5156, Zeitstempel: 0x52fc0f79 Ausnahmecode: 0xc0000005 Fehleroffset: 0x001560c7 ID des fehlerhaften Prozesses: 0x526c Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0 Pfad der fehlerhaften Anwendung: firefox.exe1 Pfad des fehlerhaften Moduls: firefox.exe2 Berichtskennung: firefox.exe3 Error: (03/01/2014 00:34:34 PM) (Source: MsiInstaller) (User: PHerzog-PC) Description: Produkt: QuickTime 7 -- Fehler 1303. Die Rechte von Installer reichen nicht aus, um auf diesen Ordner zuzugreifen: C:\Program Files (x86)\quicktime. Die Installation kann nicht fortgesetzt werden. Melden Sie sich als Administrator an oder wenden Sie sich an den Systemadministrator. Error: (03/01/2014 00:33:45 PM) (Source: MsiInstaller) (User: PHerzog-PC) Description: Produkt: QuickTime 7 -- Fehler 1303. Die Rechte von Installer reichen nicht aus, um auf diesen Ordner zuzugreifen: C:\Program Files (x86)\QuickTime. Die Installation kann nicht fortgesetzt werden. Melden Sie sich als Administrator an oder wenden Sie sich an den Systemadministrator. Error: (03/01/2014 00:33:43 PM) (Source: MsiInstaller) (User: PHerzog-PC) Description: Produkt: QuickTime 7 -- Fehler 1303. Die Rechte von Installer reichen nicht aus, um auf diesen Ordner zuzugreifen: C:\Program Files (x86)\QuickTime. Die Installation kann nicht fortgesetzt werden. Melden Sie sich als Administrator an oder wenden Sie sich an den Systemadministrator. Error: (03/01/2014 00:33:43 PM) (Source: MsiInstaller) (User: PHerzog-PC) Description: Produkt: QuickTime 7 -- Fehler 1303. Die Rechte von Installer reichen nicht aus, um auf diesen Ordner zuzugreifen: C:\Program Files (x86)\QuickTime. Die Installation kann nicht fortgesetzt werden. Melden Sie sich als Administrator an oder wenden Sie sich an den Systemadministrator. Error: (03/01/2014 00:33:42 PM) (Source: MsiInstaller) (User: PHerzog-PC) Description: Produkt: QuickTime 7 -- Fehler 1303. Die Rechte von Installer reichen nicht aus, um auf diesen Ordner zuzugreifen: C:\Program Files (x86)\QuickTime. Die Installation kann nicht fortgesetzt werden. Melden Sie sich als Administrator an oder wenden Sie sich an den Systemadministrator. Error: (03/01/2014 00:17:49 PM) (Source: MsiInstaller) (User: PHerzog-PC) Description: Produkt: QuickTime 7 -- Fehler 1303. Die Rechte von Installer reichen nicht aus, um auf diesen Ordner zuzugreifen: C:\Program Files (x86)\QuickTime. Die Installation kann nicht fortgesetzt werden. Melden Sie sich als Administrator an oder wenden Sie sich an den Systemadministrator. Error: (03/01/2014 00:17:26 PM) (Source: MsiInstaller) (User: PHerzog-PC) Description: Produkt: QuickTime -- Fehler 1303. Die Rechte von Installer reichen nicht aus, um auf diesen Ordner zuzugreifen: C:\Program Files (x86)\QuickTime. Die Installation kann nicht fortgesetzt werden. Melden Sie sich als Administrator an oder wenden Sie sich an den Systemadministrator. Error: (03/01/2014 00:17:26 PM) (Source: MsiInstaller) (User: PHerzog-PC) Description: Produkt: QuickTime -- Fehler 1303. Die Rechte von Installer reichen nicht aus, um auf diesen Ordner zuzugreifen: C:\Program Files (x86)\QuickTime. Die Installation kann nicht fortgesetzt werden. Melden Sie sich als Administrator an oder wenden Sie sich an den Systemadministrator. System errors: ============= Microsoft Office Sessions: ========================= Error: (03/03/2014 06:55:04 PM) (Source: Application Hang)(User: ) Description: OUTLOOK.EXE14.0.7113.500042b401cf370659c3be9417C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXEdf44edbd-a2fc-11e3-badd-14dae9e187b4 Error: (03/03/2014 05:27:06 PM) (Source: Application Error)(User: ) Description: firefox.exe27.0.1.515652fc0faaxul.dll27.0.1.515652fc0f79c0000005001560c7526c01cf3543313f58adC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dlla86d2d55-a2f0-11e3-badd-14dae9e187b4 Error: (03/01/2014 00:34:34 PM) (Source: MsiInstaller)(User: PHerzog-PC) Description: Produkt: QuickTime 7 -- Fehler 1303. Die Rechte von Installer reichen nicht aus, um auf diesen Ordner zuzugreifen: C:\Program Files (x86)\quicktime. Die Installation kann nicht fortgesetzt werden. Melden Sie sich als Administrator an oder wenden Sie sich an den Systemadministrator.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (03/01/2014 00:33:45 PM) (Source: MsiInstaller)(User: PHerzog-PC) Description: Produkt: QuickTime 7 -- Fehler 1303. Die Rechte von Installer reichen nicht aus, um auf diesen Ordner zuzugreifen: C:\Program Files (x86)\QuickTime. Die Installation kann nicht fortgesetzt werden. Melden Sie sich als Administrator an oder wenden Sie sich an den Systemadministrator.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (03/01/2014 00:33:43 PM) (Source: MsiInstaller)(User: PHerzog-PC) Description: Produkt: QuickTime 7 -- Fehler 1303. Die Rechte von Installer reichen nicht aus, um auf diesen Ordner zuzugreifen: C:\Program Files (x86)\QuickTime. Die Installation kann nicht fortgesetzt werden. Melden Sie sich als Administrator an oder wenden Sie sich an den Systemadministrator.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (03/01/2014 00:33:43 PM) (Source: MsiInstaller)(User: PHerzog-PC) Description: Produkt: QuickTime 7 -- Fehler 1303. Die Rechte von Installer reichen nicht aus, um auf diesen Ordner zuzugreifen: C:\Program Files (x86)\QuickTime. Die Installation kann nicht fortgesetzt werden. Melden Sie sich als Administrator an oder wenden Sie sich an den Systemadministrator.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (03/01/2014 00:33:42 PM) (Source: MsiInstaller)(User: PHerzog-PC) Description: Produkt: QuickTime 7 -- Fehler 1303. Die Rechte von Installer reichen nicht aus, um auf diesen Ordner zuzugreifen: C:\Program Files (x86)\QuickTime. Die Installation kann nicht fortgesetzt werden. Melden Sie sich als Administrator an oder wenden Sie sich an den Systemadministrator.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (03/01/2014 00:17:49 PM) (Source: MsiInstaller)(User: PHerzog-PC) Description: Produkt: QuickTime 7 -- Fehler 1303. Die Rechte von Installer reichen nicht aus, um auf diesen Ordner zuzugreifen: C:\Program Files (x86)\QuickTime. Die Installation kann nicht fortgesetzt werden. Melden Sie sich als Administrator an oder wenden Sie sich an den Systemadministrator.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (03/01/2014 00:17:26 PM) (Source: MsiInstaller)(User: PHerzog-PC) Description: Produkt: QuickTime -- Fehler 1303. Die Rechte von Installer reichen nicht aus, um auf diesen Ordner zuzugreifen: C:\Program Files (x86)\QuickTime. Die Installation kann nicht fortgesetzt werden. Melden Sie sich als Administrator an oder wenden Sie sich an den Systemadministrator.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (03/01/2014 00:17:26 PM) (Source: MsiInstaller)(User: PHerzog-PC) Description: Produkt: QuickTime -- Fehler 1303. Die Rechte von Installer reichen nicht aus, um auf diesen Ordner zuzugreifen: C:\Program Files (x86)\QuickTime. Die Installation kann nicht fortgesetzt werden. Melden Sie sich als Administrator an oder wenden Sie sich an den Systemadministrator.(NULL)(NULL)(NULL)(NULL)(NULL) ==================== Memory info =========================== Percentage of memory in use: 63% Total physical RAM: 7897.14 MB Available physical RAM: 2913.18 MB Total Pagefile: 15792.45 MB Available Pagefile: 9787.21 MB Total Virtual: 8192 MB Available Virtual: 8191.8 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:465.76 GB) (Free:229.11 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (Clickfree_System) (CDROM) (Total:0.17 GB) (Free:0 GB) CDFS Drive f: () (Fixed) (Total:465.76 GB) (Free:325.22 GB) NTFS Drive j: (Neue Partition) (Fixed) (Total:1863.01 GB) (Free:1247.84 GB) NTFS Drive k: (Seagate Expansion Drive) (Fixed) (Total:2794.51 GB) (Free:2705.65 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: EB75B5A0) Partition: GPT Partition Type. ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 2031F3A6) Partition 1: (Not Active) - (Size=-198626508800) - (Type=07 NTFS) Attempted reading MBR returned 0 bytes. Could not read MBR for disk 3. ======================================================== Disk: 4 (Size: 466 GB) (Disk ID: 0127898F) Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS) ==================== End Of Log ============================ FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-03-2014 01 Ran by P.Herzog (administrator) on PHERZOG-PC on 03-03-2014 22:12:21 Running from C:\Users\P.Herzog\Downloads Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forums ==================== Processes (Whitelisted) ================= (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe () C:\Program Files (x86)\Brother\BRPrintAuditor\BRAgtSrv.exe (brother Industries Ltd) C:\Program Files (x86)\Brother\BRPrintAuditor\brausc3a.exe () C:\Users\P.Herzog\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe (Protexis Inc.) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Bitdefender) C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe () C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe () C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe (CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe (ASUSTeK COMPUTER INC.) C:\Program Files (x86)\ASUS\USB-N10 WLAN Card Utilities\Wireless.exe (Trend Micro Inc.) C:\Program Files\Trend Micro SafeSync\HrfsClient.exe (Dropbox, Inc.) C:\Users\P.Herzog\AppData\Roaming\Dropbox\bin\Dropbox.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe (Trend Micro Inc.) C:\Program Files\Trend Micro SafeSync\hrfscore.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files (x86)\Windows Live\Companion\companionuser.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE (Microsoft Corporation) C:\Windows\splwow64.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe (Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe (Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Axonic) C:\Program Files (x86)\Axonic\Lookeen\LookeenFileParser.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor) HKLM\...\Run: [Bdagent] - C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1737920 2014-02-03] (Bitdefender) HKLM-x32\...\Run: [EaseUS EPM tray] - C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe [2081792 2013-03-29] (CHENGDU YIWO Tech Development Co., Ltd) HKLM-x32\...\Run: [IndexSearch] - C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-08] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PaperPort PTD] - C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-08] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PPort12reminder] - C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe [328992 2010-02-09] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PDFHook] - C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PDF5 Registry Controller] - C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.) HKLM-x32\...\Run: [ControlCenter4] - C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2011-04-20] (Brother Industries, Ltd.) HKLM-x32\...\Run: [BrStsMon00] - C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2629632 2011-10-07] (Brother Industries, Ltd.) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.) HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [185896 2013-10-28] (Geek Software GmbH) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] - C:\windows\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Agent] - C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [567888 2014-02-10] (Bitdefender) HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse] - C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1001536 2014-02-10] (Bitdefender) HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] - C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614232 2014-02-10] (Bitdefender) HKU\S-1-5-21-1175218377-1228759467-1445993741-1000\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation) HKU\S-1-5-21-1175218377-1228759467-1445993741-1000\...\Run: [Bitdefender-Geldbörse-Agent] - C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [567888 2014-02-10] (Bitdefender) HKU\S-1-5-21-1175218377-1228759467-1445993741-1000\...\Run: [Bitdefender-Geldbörse] - C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1001536 2014-02-10] (Bitdefender) HKU\S-1-5-21-1175218377-1228759467-1445993741-1000\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] - C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614232 2014-02-10] (Bitdefender) HKU\S-1-5-21-1175218377-1228759467-1445993741-1000\...\MountPoints2: {56911e00-3a5c-11e3-bf2d-14dae9e187b4} - D:\FIBPGuard.exe HKU\S-1-5-21-1175218377-1228759467-1445993741-1000\...\MountPoints2: {6f937231-40e1-11e3-b232-14dae9e187b4} - M:\Startme.exe Startup: C:\Users\P.Herzog\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\P.Herzog\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\P.Herzog\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK ShortcutTarget: Hardcopy.LNK -> C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Schweiz : Hotmail, Outlook, Skype download, Unterhaltung, Nachrichten, Sport, Lifestyle, Auto und mehr bei MSN CH HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5AD60A0B03C1CE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-CH BHO: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll (Bitdefender) BHO-x32: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: DefaultTab Browser Helper - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\P.Herzog\AppData\Roaming\defaulttab\defaulttab\DefaultTabBHO.dll (Search Results LLC.) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.100.70 FireFox: ======== FF ProfilePath: C:\Users\P.Herzog\AppData\Roaming\Mozilla\Firefox\Profiles\8ggabd5d.default FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml FF Homepage: google.ch FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll () FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.) FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.) FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF SearchPlugin: C:\Users\P.Herzog\AppData\Roaming\Mozilla\Firefox\Profiles\8ggabd5d.default\searchplugins\11-suche.xml FF SearchPlugin: C:\Users\P.Herzog\AppData\Roaming\Mozilla\Firefox\Profiles\8ggabd5d.default\searchplugins\englische-ergebnisse.xml FF SearchPlugin: C:\Users\P.Herzog\AppData\Roaming\Mozilla\Firefox\Profiles\8ggabd5d.default\searchplugins\gmx-suche.xml FF SearchPlugin: C:\Users\P.Herzog\AppData\Roaming\Mozilla\Firefox\Profiles\8ggabd5d.default\searchplugins\lastminute.xml FF SearchPlugin: C:\Users\P.Herzog\AppData\Roaming\Mozilla\Firefox\Profiles\8ggabd5d.default\searchplugins\webde-suche.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Default Tab - C:\Users\P.Herzog\AppData\Roaming\Mozilla\Firefox\Profiles\8ggabd5d.default\Extensions\addon@defaulttab.com.xpi [2013-12-07] FF Extension: WEB.DE MailCheck - C:\Users\P.Herzog\AppData\Roaming\Mozilla\Firefox\Profiles\8ggabd5d.default\Extensions\toolbar@web.de.xpi [2013-12-16] FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2013-11-15] FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\ FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\ [] FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2013-11-15] ==================== Services (Whitelisted) ================= S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [77632 2013-11-27] (Bitdefender) S2 BrAuSvc; C:\Program Files (x86)\Brother\BRPrintAuditor\Brsvau3a.exe [57344 2004-01-13] (brother Industries Ltd) R2 BRPA_Agent; C:\Program Files (x86)\Brother\BRPrintAuditor\BRAgtSrv.exe [69632 2008-11-24] () R2 DefaultTabUpdate; C:\Users\P.Herzog\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe [107520 2013-12-07] () R3 OnlineStorageService; C:\Program Files\Trend Micro SafeSync\hrfscore.exe [7974688 2013-12-20] (Trend Micro Inc.) R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-08] (Nuance Communications, Inc.) R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender) R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2013-10-07] (Bitdefender) R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1507248 2014-02-03] (Bitdefender) ==================== Drivers (Whitelisted) ==================== R0 asahci64; C:\Windows\System32\drivers\asahci64.sys [36448 2011-03-23] (Asmedia Technology) R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [893440 2014-02-03] (BitDefender) R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender) R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [635392 2014-02-03] (BitDefender) R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-02-22] (BitDefender LLC) R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC) S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL) S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-27] (BitDefender SRL) R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender) S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] () S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] () S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] () S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () R3 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC) R3 PcaSp60; C:\Windows\SysWOW64\DRIVERS\PcaSp60.sys [45704 2011-01-10] (Printing Communications Assoc., Inc. (PCAUSA)) S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19936 2010-04-09] () S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2010-04-09] () R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-08-07] (BitDefender S.R.L.) S3 U2800Vid64; C:\Windows\System32\DRIVERS\U2800Vid64.sys [409088 2009-08-19] (Compro Technology, Inc.) R1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [90960 2013-03-15] (Windows (R) 2000 DDK provider) R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [633680 2013-03-15] (Paragon) R1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [390352 2013-03-15] (Paragon) S2 BrPar; \SystemRoot\System32\drivers\BrPar.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-03-03 22:12 - 2014-03-03 22:12 - 02156544 _____ (Farbar) C:\Users\P.Herzog\Downloads\FRST64.exe 2014-03-03 22:12 - 2014-03-03 22:12 - 00021095 _____ () C:\Users\P.Herzog\Downloads\FRST.txt 2014-03-03 22:12 - 2014-03-03 22:12 - 00000000 ____D () C:\FRST 2014-03-01 12:35 - 2014-03-01 12:35 - 00000000 ____D () C:\Windows\QuickTime 2014-03-01 12:33 - 2014-03-01 12:33 - 41945432 _____ (Apple Inc.) C:\Users\P.Herzog\Downloads\QuickTimeInstaller.exe 2014-03-01 11:38 - 2014-03-01 11:38 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-03-01 11:38 - 2014-03-01 11:38 - 00000000 ____D () C:\Program Files\iTunes 2014-03-01 11:38 - 2014-03-01 11:38 - 00000000 ____D () C:\Program Files\iPod 2014-03-01 11:38 - 2014-03-01 11:38 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-02-26 12:26 - 2014-01-09 03:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2014-02-26 12:26 - 2014-01-03 23:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-02-23 20:48 - 2014-02-24 00:51 - 00000000 ____D () C:\Users\P.Herzog\.thinupload 2014-02-22 16:35 - 2014-03-03 15:35 - 00000000 ____D () C:\Users\P.Herzog\Desktop\Neuer Ordner (3) 2014-02-15 13:46 - 2014-02-15 13:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-02-12 10:26 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-02-12 10:26 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-02-12 10:25 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-02-12 10:25 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-02-12 10:25 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-02-12 10:25 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-02-12 10:25 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-02-12 10:25 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-02-12 10:25 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-02-12 10:25 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-02-12 10:25 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-02-12 10:25 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-02-12 10:25 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-02-12 10:25 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-02-12 10:25 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-02-12 10:25 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-02-12 10:25 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-02-12 10:25 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-02-12 10:25 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-02-12 10:25 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-02-12 10:25 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-02-12 10:25 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-02-12 10:25 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-02-12 10:25 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-02-12 10:25 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-02-12 10:25 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-02-12 10:25 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-02-12 10:25 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-02-12 10:25 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-02-12 10:25 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-02-12 10:25 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-02-12 10:25 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-02-12 10:25 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-02-12 10:25 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-02-12 10:25 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-02-12 10:25 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-02-12 10:25 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-02-12 10:25 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-02-12 10:25 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-02-12 10:25 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-02-12 10:25 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-02-12 05:19 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls 2014-02-12 05:19 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls 2014-02-12 05:19 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-02-12 05:19 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-02-12 05:19 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-02-12 05:19 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-02-12 05:19 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll 2014-02-12 05:19 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll 2014-02-12 05:19 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll 2014-02-12 05:19 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll 2014-02-12 05:19 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll 2014-02-12 05:19 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe 2014-02-12 05:19 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe 2014-02-12 05:19 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe 2014-02-12 05:19 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe 2014-02-12 05:19 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll 2014-02-12 05:19 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll 2014-02-12 05:19 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll 2014-02-12 05:19 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll 2014-02-12 05:19 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll 2014-02-12 05:19 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe 2014-02-12 05:19 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe 2014-02-12 05:19 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe 2014-02-12 05:19 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe 2014-02-12 05:18 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2014-02-12 05:18 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-02-12 05:18 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2014-02-12 05:18 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2014-02-09 17:18 - 2014-03-01 22:34 - 00000000 ____D () C:\Users\P.Herzog\Desktop\Neuer Ordner (2) 2014-02-05 17:12 - 2014-02-05 17:13 - 00000000 ____D () C:\Users\P.Herzog\Desktop\Neuer Ordner 2014-02-03 12:31 - 2014-02-03 12:31 - 00893440 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys 2014-02-01 14:30 - 2014-02-01 14:30 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe ==================== One Month Modified Files and Folders ======= 2014-03-03 22:12 - 2014-03-03 22:12 - 02156544 _____ (Farbar) C:\Users\P.Herzog\Downloads\FRST64.exe 2014-03-03 22:12 - 2014-03-03 22:12 - 00021095 _____ () C:\Users\P.Herzog\Downloads\FRST.txt 2014-03-03 22:12 - 2014-03-03 22:12 - 00000000 ____D () C:\FRST 2014-03-03 21:29 - 2013-10-08 22:03 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-03-03 21:21 - 2014-01-16 23:04 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-03-03 20:59 - 2013-12-07 23:39 - 00000306 __RSH () C:\Users\P.Herzog\ntuser.pol 2014-03-03 20:59 - 2013-08-03 22:56 - 00000000 ____D () C:\Users\P.Herzog 2014-03-03 19:21 - 2014-01-16 23:04 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-03-03 18:57 - 2013-08-03 22:55 - 01751264 _____ () C:\Windows\WindowsUpdate.log 2014-03-03 18:21 - 2013-11-08 17:54 - 00000000 ____D () C:\Users\P.Herzog\AppData\Roaming\Dropbox 2014-03-03 17:48 - 2009-07-14 05:45 - 00020512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-03-03 17:48 - 2009-07-14 05:45 - 00020512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-03-03 16:54 - 2011-04-11 13:28 - 00702602 _____ () C:\Windows\system32\perfh007.dat 2014-03-03 16:54 - 2011-04-11 13:28 - 00150242 _____ () C:\Windows\system32\perfc007.dat 2014-03-03 16:54 - 2009-07-14 06:13 - 01627884 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-03-03 15:35 - 2014-02-22 16:35 - 00000000 ____D () C:\Users\P.Herzog\Desktop\Neuer Ordner (3) 2014-03-02 17:39 - 2013-10-17 17:20 - 00002246 ____H () C:\Users\P.Herzog\Documents\Default.rdp 2014-03-01 22:34 - 2014-02-09 17:18 - 00000000 ____D () C:\Users\P.Herzog\Desktop\Neuer Ordner (2) 2014-03-01 22:33 - 2013-10-17 17:28 - 00000336 _____ () C:\Windows\BRCALIB.INI 2014-03-01 12:35 - 2014-03-01 12:35 - 00000000 ____D () C:\Windows\QuickTime 2014-03-01 12:33 - 2014-03-01 12:33 - 41945432 _____ (Apple Inc.) C:\Users\P.Herzog\Downloads\QuickTimeInstaller.exe 2014-03-01 11:38 - 2014-03-01 11:38 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-03-01 11:38 - 2014-03-01 11:38 - 00000000 ____D () C:\Program Files\iTunes 2014-03-01 11:38 - 2014-03-01 11:38 - 00000000 ____D () C:\Program Files\iPod 2014-03-01 11:38 - 2014-03-01 11:38 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-03-01 11:33 - 2013-11-06 10:44 - 00000000 ____D () C:\Program Files (x86)\QuickTime 2014-02-27 00:48 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2014-02-26 23:34 - 2013-12-11 14:39 - 00000078 _____ () C:\Windows\CVUI1.INI 2014-02-26 23:34 - 2013-11-08 17:56 - 00000000 ___RD () C:\Dropbox 2014-02-26 23:34 - 2013-10-04 18:03 - 00000000 ___RD () C:\Users\P.Herzog\SafeSync 2014-02-26 23:34 - 2013-10-04 17:40 - 00000000 ____D () C:\ProgramData\boost_interprocess 2014-02-26 23:31 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-02-26 23:31 - 2009-07-14 05:51 - 00062586 _____ () C:\Windows\setupact.log 2014-02-26 23:01 - 2013-10-08 22:01 - 00000332 _____ () C:\Windows\Tasks\SuperEasyDriverUpdater_UPDATES.job 2014-02-24 18:11 - 2013-10-21 15:48 - 00000000 ____D () C:\Users\P.Herzog\AppData\Local\Windows Live 2014-02-24 01:12 - 2013-10-04 17:32 - 00000000 ____D () C:\SafeSyncTeam 2014-02-24 01:05 - 2014-01-17 19:44 - 00000000 ____D () C:\Users\P.Herzog\AppData\Roaming\Skype 2014-02-21 07:29 - 2013-10-08 22:03 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-02-21 07:29 - 2013-10-08 22:03 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-02-21 07:29 - 2013-10-08 22:03 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-02-18 17:53 - 2013-11-19 17:34 - 00000000 ____D () C:\Users\P.Herzog\AppData\Local\Lookeen 2014-02-17 17:57 - 2013-10-04 17:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-02-15 19:16 - 2014-01-16 23:04 - 00004110 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-02-15 19:16 - 2014-01-16 23:04 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-02-15 13:46 - 2014-02-15 13:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-02-12 23:25 - 2013-11-20 15:09 - 00000000 ____D () C:\Windows\System32\Tasks\Games 2014-02-12 10:51 - 2010-11-21 04:47 - 00209690 _____ () C:\Windows\PFRO.log 2014-02-12 10:30 - 2013-10-08 22:26 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-02-12 10:29 - 2013-10-04 15:35 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-02-12 10:29 - 2013-10-04 15:35 - 00000000 ____D () C:\Windows\system32\MRT 2014-02-12 10:27 - 2013-11-06 11:37 - 01601228 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2014-02-12 10:26 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini 2014-02-10 20:59 - 2014-01-12 23:40 - 00003802 _____ () C:\Windows\System32\Tasks\DTReg 2014-02-06 13:16 - 2014-02-12 10:25 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-02-06 12:30 - 2014-02-12 10:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-02-06 12:30 - 2014-02-12 10:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-02-06 12:12 - 2014-02-12 10:25 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-02-06 12:07 - 2014-02-12 10:25 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-02-06 12:06 - 2014-02-12 10:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-02-06 11:57 - 2014-02-12 10:25 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-02-06 11:56 - 2014-02-12 10:25 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-02-06 11:52 - 2014-02-12 10:25 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-02-06 11:49 - 2014-02-12 10:25 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-02-06 11:48 - 2014-02-12 10:25 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-02-06 11:48 - 2014-02-12 10:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-02-06 11:38 - 2014-02-12 10:25 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-02-06 11:32 - 2014-02-12 10:25 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-02-06 11:20 - 2014-02-12 10:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-02-06 11:17 - 2014-02-12 10:25 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-02-06 11:11 - 2014-02-12 10:25 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-02-06 11:01 - 2014-02-12 10:25 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-02-06 11:00 - 2014-02-12 10:25 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-02-06 10:57 - 2014-02-12 10:25 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-02-06 10:57 - 2014-02-12 10:25 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-02-06 10:52 - 2014-02-12 10:25 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-02-06 10:52 - 2014-02-12 10:25 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-02-06 10:50 - 2014-02-12 10:25 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-02-06 10:49 - 2014-02-12 10:25 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-02-06 10:47 - 2014-02-12 10:25 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-02-06 10:46 - 2014-02-12 10:25 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-02-06 10:25 - 2014-02-12 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-02-06 10:25 - 2014-02-12 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-02-06 10:24 - 2014-02-12 10:25 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-02-06 10:22 - 2014-02-12 10:25 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-02-06 10:13 - 2014-02-12 10:25 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-02-06 10:09 - 2014-02-12 10:25 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-02-06 10:03 - 2014-02-12 10:25 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-02-06 09:55 - 2014-02-12 10:25 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-02-06 09:41 - 2014-02-12 10:25 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-02-06 09:40 - 2014-02-12 10:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-02-06 09:36 - 2014-02-12 10:25 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-02-06 09:34 - 2014-02-12 10:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-02-05 17:13 - 2014-02-05 17:12 - 00000000 ____D () C:\Users\P.Herzog\Desktop\Neuer Ordner 2014-02-03 12:31 - 2014-02-03 12:31 - 00893440 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys 2014-02-03 12:31 - 2013-11-15 15:08 - 00635392 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys 2014-02-01 14:31 - 2013-11-12 23:02 - 00000000 ____D () C:\ProgramData\Oracle 2014-02-01 14:30 - 2014-02-01 14:30 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-02-01 14:30 - 2013-11-12 23:02 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-02-01 14:30 - 2013-11-12 23:02 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-02-01 14:30 - 2013-11-12 23:02 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll Some content of TEMP: ==================== C:\Users\P.Herzog\AppData\Local\Temp\AuConv.dll C:\Users\P.Herzog\AppData\Local\Temp\AuConvEx.dll C:\Users\P.Herzog\AppData\Local\Temp\Boot.dll C:\Users\P.Herzog\AppData\Local\Temp\BootDriver.dll C:\Users\P.Herzog\AppData\Local\Temp\Burn.dll C:\Users\P.Herzog\AppData\Local\Temp\DataMana.dll C:\Users\P.Herzog\AppData\Local\Temp\DefaultTabSetup2.exe C:\Users\P.Herzog\AppData\Local\Temp\DevCtrl.dll C:\Users\P.Herzog\AppData\Local\Temp\FatLib.dll C:\Users\P.Herzog\AppData\Local\Temp\GetDriverInfo.dll C:\Users\P.Herzog\AppData\Local\Temp\grubinst.exe C:\Users\P.Herzog\AppData\Local\Temp\IntResource.dll C:\Users\P.Herzog\AppData\Local\Temp\ISOExport.exe C:\Users\P.Herzog\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe C:\Users\P.Herzog\AppData\Local\Temp\MSVCP60.DLL C:\Users\P.Herzog\AppData\Local\Temp\RecLib.dll C:\Users\P.Herzog\AppData\Local\Temp\syslinux.exe C:\Users\P.Herzog\AppData\Local\Temp\temp.exe C:\Users\P.Herzog\AppData\Local\Temp\Trend_Micro_SafeSync_5.1.0.1522.exe C:\Users\P.Herzog\AppData\Local\Temp\UserRes.dll C:\Users\P.Herzog\AppData\Local\Temp\UserResEx.dll ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-02-28 00:34 ==================== End Of Log ============================ |
04.03.2014, 18:07 | #4 |
/// the machine /// TB-Ausbilder | Firefox wird teilweise schwarz Da is schon noch einiges an Adware Schrott drauf. Bitte mal in die Additional.txt schauen. Jede software, hinter der <=== ATTENTION steht, deinstallieren. Downloade Dir bitte Malwarebytes Anti-Malware
Downloade Dir bitte AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Themen zu Firefox wird teilweise schwarz |
antwort, bildschirm, brauch, defender, diverse, einzelne, firefox, firefox schwarz, folge, forum, gesuch, gesucht, guten, hardware, home, infos, installieren, interne, komplett, lädt, maus, problem, schwarz, security, system, umgehen |