Hi,
ich habe die Schritte soweit befolgt.
Hier das Ergebnis:
Gruß
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-02-2015
Ran by Medion (administrator) on MEDION-PC on 01-03-2015 10:43:39
Running from C:\Users\Medion\Desktop
Loaded Profiles: Medion (Available profiles: Medion)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicator.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-03-24] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1918176 2015-02-03] (Bitdefender)
HKLM\...\Run: [system] => wscript.exe //B "C:\Users\Medion\AppData\Local\Temp\system.vbs" <===== ATTENTION
HKU\S-1-5-21-2312758336-3899968739-4184073256-1000\...\Run: [HP Officejet 4620 series (NET)] => C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe [1820520 2011-12-18] (Hewlett-Packard Co.)
HKU\S-1-5-21-2312758336-3899968739-4184073256-1000\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [482392 2015-02-03] (Bitdefender)
HKU\S-1-5-21-2312758336-3899968739-4184073256-1000\...\Run: [Bitdefender-Geldbörse] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [901608 2014-11-13] (Bitdefender)
HKU\S-1-5-21-2312758336-3899968739-4184073256-1000\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe [615256 2014-11-13] (Bitdefender)
HKU\S-1-5-21-2312758336-3899968739-4184073256-1000\...\Run: [system] => wscript.exe //B "C:\Users\Medion\AppData\Local\Temp\system.vbs" <===== ATTENTION
HKU\S-1-5-21-2312758336-3899968739-4184073256-1000\...\MountPoints2: {5f0ccb35-675d-11e3-a737-806e6f6e6963} - F:\setup.exe
HKU\S-1-5-18\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [482392 2015-02-03] (Bitdefender)
HKU\S-1-5-18\...\Run: [Bitdefender-Geldbörse] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [901608 2014-11-13] (Bitdefender)
HKU\S-1-5-18\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe [615256 2014-11-13] (Bitdefender)
Startup: C:\Users\Medion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\system.vbs ()
Startup: C:\Users\Medion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 4620 series (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 4620 series (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 4620 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Medion\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Medion\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Medion\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Medion\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Medion\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Medion\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Medion\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Medion\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2312758336-3899968739-4184073256-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2312758336-3899968739-4184073256-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2312758336-3899968739-4184073256-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Medion\AppData\Roaming\Mozilla\Firefox\Profiles\umv90o7f.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Medion\AppData\Roaming\Mozilla\Firefox\Profiles\umv90o7f.default\user.js
FF Extension: Ghostery - C:\Users\Medion\AppData\Roaming\Mozilla\Firefox\Profiles\umv90o7f.default\Extensions\firefox@ghostery.com.xpi [2014-02-21]
FF Extension: NoScript - C:\Users\Medion\AppData\Roaming\Mozilla\Firefox\Profiles\umv90o7f.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-02-21]
FF Extension: Adblock Plus - C:\Users\Medion\AppData\Roaming\Mozilla\Firefox\Profiles\umv90o7f.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-21]
FF Extension: BetterPrivacy - C:\Users\Medion\AppData\Roaming\Mozilla\Firefox\Profiles\umv90o7f.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2014-02-21]
FF HKLM\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\ffpwdman
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\ffpwdman [2014-05-10]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-05-10]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [-2312758336-3899968739-4184073256-1000] - C:\Program Files\Bitdefender\Bitdefender\pmbxcr.crx [2015-02-03]
CHR HKLM\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\pmbxcr.crx [2015-02-03]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASLDRService; C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [84536 2009-06-15] (ASUS)
R2 ATKGFNEXSrv; C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896 2009-12-15] (ASUS)
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [69880 2014-11-13] (Bitdefender)
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED)
R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [81704 2013-07-08] (Bitdefender)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [54424 2014-11-13] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1302784 2015-02-03] (Bitdefender)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S2 Update BrowseMark; "C:\Program Files\BrowseMark\updateBrowseMark.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASMMAP; C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys [13880 2009-07-02] (ASUS)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1073160 2015-02-03] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [242504 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [528248 2014-11-13] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [77632 2014-05-28] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [90704 2011-11-14] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [108008 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [66832 2013-11-04] (BitDefender SRL)
R1 bdselfpr; C:\Program Files\Bitdefender\Bitdefender\bdselfpr.sys [135600 2013-07-26] (BitDefender LLC)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [72704 2012-04-17] (BitDefender)
R3 FLxHCIc; C:\Windows\System32\DRIVERS\FLxHCIc.sys [169472 2011-10-03] (Fresco Logic)
R3 FLxHCIh; C:\Windows\System32\DRIVERS\FLxHCIh.sys [49664 2011-10-03] (Fresco Logic)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [165744 2013-08-23] (BitDefender LLC)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [14392 2009-05-13] (ASUS)
R3 NETwNs32; C:\Windows\System32\DRIVERS\NETwNs32.sys [10299904 2012-02-13] (Intel Corporation)
S3 SCR3XX2K; C:\Windows\System32\DRIVERS\SCR3XX2K.sys [59776 2011-09-07] (SCM Microsystems Inc.)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [408280 2015-02-03] (BitDefender S.R.L.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-01 10:43 - 2015-03-01 10:44 - 00013597 _____ () C:\Users\Medion\Desktop\FRST.txt
2015-03-01 10:43 - 2015-03-01 10:43 - 00000000 ____D () C:\FRST
2015-03-01 10:24 - 2015-03-01 10:24 - 01132032 _____ (Farbar) C:\Users\Medion\Desktop\FRST.exe
2015-02-27 19:33 - 2015-02-28 06:42 - 00000000 ____D () C:\Users\Medion\AppData\Roaming\dvdcss
2015-02-27 14:36 - 2015-02-28 11:31 - 00000000 ____D () C:\Users\Medion\Desktop\Neuer Ordner
2015-02-27 07:36 - 2015-02-27 07:36 - 00012664 _____ () C:\Users\Medion\Desktop\86587.odt
2015-02-26 10:36 - 2015-02-26 10:37 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-02-25 20:31 - 2015-02-25 22:23 - 00024103 _____ () C:\Users\Medion\Desktop\Sch.-G. in Köln.odt
2015-02-22 21:47 - 2015-02-22 21:47 - 00013917 _____ () C:\Users\Medion\Desktop\E-mail Verteiler.odt
2015-02-21 06:42 - 2015-02-22 20:42 - 00026578 _____ () C:\Users\Medion\Desktop\Brief an Schimmer-Göresz.odt
2015-02-19 00:45 - 2015-02-19 00:45 - 00032280 _____ () C:\Users\Medion\Desktop\Protokoll Lavo Sitzung 22.11.odt
2015-02-16 04:23 - 2015-02-16 04:23 - 00000000 ____D () C:\Users\Medion\Desktop\Papier-Evaluationen incl. TAN
2015-02-15 09:23 - 2015-02-15 09:24 - 51435935 _____ () C:\Users\Medion\Downloads\Morgan Heritage - Tell Me How Come(1).wmv
2015-02-15 08:42 - 2015-02-15 08:43 - 60703339 _____ () C:\Users\Medion\Downloads\Chaka Demus & Pliers - Murder She Wrote.wmv
2015-02-14 22:23 - 2015-02-28 08:55 - 00000000 ____D () C:\Users\Medion\AppData\Roaming\vlc
2015-02-14 22:21 - 2015-02-14 22:21 - 00001028 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-02-14 22:21 - 2015-02-14 22:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-02-14 22:19 - 2015-02-14 22:19 - 00000000 ____D () C:\Program Files\VideoLAN
2015-02-14 22:18 - 2015-02-14 22:18 - 00000000 ____D () C:\Program Files\Startfenster
2015-02-14 22:09 - 2015-02-14 22:10 - 24954112 _____ () C:\Users\Medion\Downloads\vlc-2.1.5-win32.exe
2015-02-14 13:16 - 2015-02-14 13:16 - 00355464 _____ (Dropbox, Inc.) C:\Users\Medion\Downloads\DropboxInstaller.exe
2015-02-14 13:09 - 2015-02-17 15:29 - 00000000 ___RD () C:\Users\Medion\Dropbox
2015-02-14 13:07 - 2015-02-14 13:21 - 00000000 ____D () C:\Users\Medion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-14 13:02 - 2015-02-17 15:33 - 00000000 ____D () C:\Users\Medion\AppData\Roaming\Dropbox
2015-02-14 13:01 - 2015-02-14 13:01 - 00355464 _____ (Dropbox, Inc.) C:\Users\Medion\Downloads\DropboxInstaller(1).exe
2015-02-13 09:29 - 2015-02-13 13:32 - 00022081 _____ () C:\Users\Medion\Desktop\Referath Nero version 2.odt
2015-02-10 22:03 - 2015-02-11 14:36 - 00024421 _____ () C:\Users\Medion\Desktop\Ausschreibungstext SS15 neu.odt
2015-02-10 09:37 - 2015-02-10 13:29 - 00018456 _____ () C:\Users\Medion\Desktop\Hausarbeit Polybios Notizen version 3.odt
2015-02-08 23:06 - 2015-02-08 23:07 - 00000861 _____ () C:\Users\Medion\Downloads\signature.asc
2015-02-06 10:50 - 2015-02-22 21:33 - 00000000 ____D () C:\Users\Medion\Desktop\Vorbereitung Landesvorstandssitzung
2015-02-05 22:47 - 2015-02-07 14:07 - 00029434 _____ () C:\Users\Medion\Desktop\Unbenannt 1.odt
2015-02-05 06:56 - 2015-02-05 06:57 - 28742864 _____ (Mozilla) C:\Users\Medion\Downloads\Thunderbird Setup 31.4.0.exe
2015-02-03 10:28 - 2015-02-04 11:38 - 00014358 _____ () C:\Users\Medion\Desktop\Bibliographie - Ostforschung im Nationalsozialismus.odt
2015-02-01 20:36 - 2015-02-01 20:36 - 00031232 _____ () C:\Users\Medion\Downloads\Jahresbericht 13-14-15(1).xls
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-01 10:28 - 2009-07-14 05:34 - 00021248 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-01 10:28 - 2009-07-14 05:34 - 00021248 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-01 10:15 - 2014-12-26 20:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-01 10:15 - 2013-12-17 21:57 - 01908224 _____ () C:\Windows\WindowsUpdate.log
2015-03-01 09:27 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-01 09:26 - 2013-12-17 23:35 - 00074410 _____ () C:\Windows\setupact.log
2015-03-01 09:25 - 2013-12-17 23:35 - 00038006 _____ () C:\Windows\PFRO.log
2015-02-28 08:55 - 2014-07-24 17:59 - 00000000 ____D () C:\Users\Medion\AppData\Local\PokerStars.EU
2015-02-27 17:11 - 2010-11-20 22:01 - 01472002 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-25 15:09 - 2014-12-15 21:28 - 00000000 ____D () C:\Users\Medion\Desktop\Pia
2015-02-24 14:52 - 2014-10-25 10:27 - 00000000 ____D () C:\Users\Medion\Desktop\Sonstiges
2015-02-14 13:09 - 2013-12-17 22:02 - 00000000 ____D () C:\Users\Medion
2015-02-14 08:26 - 2009-07-14 05:53 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-08 23:20 - 2014-12-09 23:11 - 00013476 _____ () C:\Users\Medion\Desktop\Abzuarbeiten.odt
2015-02-05 22:01 - 2014-02-27 12:16 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-02-05 22:01 - 2014-02-27 12:16 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-02-04 14:46 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-03 21:12 - 2014-11-13 20:37 - 00408280 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2015-02-03 21:12 - 2014-05-10 18:02 - 01073160 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
==================== Files in the root of some directories =======
2014-05-10 18:37 - 2014-05-10 18:37 - 0669996 _____ () C:\ProgramData\1399740874.bdinstall.bin
2014-05-10 17:28 - 2014-05-10 17:28 - 0000057 _____ () C:\ProgramData\Ament.ini
Some content of TEMP:
====================
C:\Users\Medion\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\Medion\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpegey7l.dll
C:\Users\Medion\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Medion\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-17 17:29
==================== End Of Log ============================
--- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 29-02-2015
Ran by Medion at 2015-03-01 10:46:20
Running from C:\Users\Medion\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
ATK Package (HKLM\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0010 - ASUS)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 17.27.0.1146 - Bitdefender)
CCleaner (HKLM\...\CCleaner) (Version: 4.02 - Piriform)
Dropbox (HKU\S-1-5-21-2312758336-3899968739-4184073256-1000\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
Firebird SQL Server - MAGIX Edition (HKLM\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Fresco Logic USB3.0 Host Controller (HKLM\...\{CED739E0-FCE3-46A9-9F0E-C641D8A842C0}) (Version: 3.5.2.0 - Fresco Logic Inc.)
HP Officejet 4620 series - Grundlegende Software für das Gerät (HKLM\...\{794EB9A9-BB26-4FA5-AC2C-E3AE166C7427}) (Version: 26.0.784.0 - Hewlett-Packard Co.)
HP Officejet 4620 series Hilfe (HKLM\...\{72EDA2AC-2908-4BB3-97E5-4F9DDEBF9731}) (Version: 6.0.0 - Hewlett Packard)
HP Update (HKLM\...\{85DF2EED-08BC-46FB-90DA-28B0D0A8E8A8}) (Version: 5.003.000.004 - Hewlett-Packard)
I.R.I.S. OCR (HKLM\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.14.10.2230 - Intel Corporation)
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
JetBoost (HKLM\...\JetBoost_is1) (Version: 2.0.0 - BlueSprig)
MAGIX Content und Soundpools (HKLM\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Goya burnR (MSI) (HKLM\...\MAGIX_{B03055E4-8381-4834-8CD6-602141C8D702}) (Version: 4.3.2.0 - MAGIX AG)
MAGIX Goya burnR (MSI) (Version: 4.3.2.0 - MAGIX AG) Hidden
MAGIX Music Maker 2014 (HKLM\...\MX.{CC87429C-BC87-4D90-9D5F-C6D9721A6663}) (Version: 20.0.2.35 - MAGIX AG)
MAGIX Music Maker 2014 (Version: 20.0.2.35 - MAGIX AG) Hidden
MAGIX Music Maker 2014 Trial Soundpools (Version: 1.0.0.0 - MAGIX AG) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Miro (HKLM\...\Miro) (Version: 6.0 - Participatory Culture Foundation)
Mozilla Firefox 36.0 (x86 de) (HKLM\...\Mozilla Firefox 36.0 (x86 de)) (Version: 36.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
OpenOffice 4.0.1 (HKLM\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Origin (HKLM\...\Origin) (Version: 9.4.12.2807 - Electronic Arts, Inc.)
PokerStars.eu (HKLM\...\PokerStars.eu) (Version: - PokerStars.eu)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
RUBICon (HKLM\...\{438134D3-0BD4-4C52-8575-5B2B63AD01C2}) (Version: 2.0.25 - RUB)
Skype™ 6.20 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Startfenster (HKLM\...\Startfenster) (Version: - Startfenster)
Synei Service Manager (HKLM\...\{62189B95-A1FC-4191-8A77-AAF4526EE5DB}_is1) (Version: 1.12 - Synei)
Text-To-Speech-Runtime (HKLM\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
The Sims 2: Ultimate Collection (HKLM\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
Tweaking.com - Windows Repair (All in One) (HKLM\...\Tweaking.com - Windows Repair (All in One)) (Version: 1.9.18 - Tweaking.com)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows-Treiberpaket - Intel (NETwNs32) net (01/05/2012 15.0.1.1) (HKLM\...\200B3838ACBE13335E424AA2BE3F182FDC7E26C7) (Version: 01/05/2012 15.0.1.1 - Intel)
WinRAR 5.10 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2312758336-3899968739-4184073256-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Medion\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2312758336-3899968739-4184073256-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Medion\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2312758336-3899968739-4184073256-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Medion\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2312758336-3899968739-4184073256-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Medion\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2312758336-3899968739-4184073256-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Medion\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2312758336-3899968739-4184073256-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Medion\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2312758336-3899968739-4184073256-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Medion\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2312758336-3899968739-4184073256-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Medion\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2312758336-3899968739-4184073256-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Medion\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2312758336-3899968739-4184073256-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Medion\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
11-08-2014 20:03:36 Geplanter Prüfpunkt
19-11-2014 00:31:08 Geplanter Prüfpunkt
16-01-2015 19:13:34 Installiert Knights Of Honor
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2013-12-18 14:36 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {06EBF393-B530-4668-ABDD-7D2A4A12845B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {1155E447-7055-46C4-9FFC-941C5761DB9E} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2312758336-3899968739-4184073256-1000
Task: {610A4D25-F098-4AFF-852C-DA183D5F1222} - System32\Tasks\JetBoost_AutoUpdate => C:\Program Files\BlueSprig\JetBoost\AutoUpdate.exe [2012-11-27] (BlueSprig)
Task: {787449D8-8BD6-4BB9-995D-F5FE58C974D4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-05-24] (Piriform Ltd)
Task: {CB473D83-349B-4768-92F9-BA6DE8EB3CCD} - System32\Tasks\ATKOSD2 => C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {CECDAB23-D72E-4B60-BB9D-DAADE26C7D07} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {DF587B82-4D0F-41AE-BC32-2427542293CF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) ==============
2014-05-10 18:03 - 2014-11-13 20:36 - 00204280 _____ () C:\Program Files\Bitdefender\Bitdefender\txmlutil.dll
2014-11-13 20:37 - 2014-11-13 20:37 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\accessl.ui
2014-05-10 18:03 - 2011-11-14 18:17 - 00132176 _____ () C:\Program Files\Bitdefender\Bitdefender\bdfwcore.dll
2014-11-13 20:36 - 2014-11-13 20:36 - 00005120 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\IMSecurityAL.ui
2015-02-06 19:07 - 2015-02-06 19:07 - 00678616 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00042_008\ashttpbr.mdl
2015-02-06 19:07 - 2015-02-06 19:07 - 00493216 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00042_008\ashttpdsp.mdl
2015-02-06 19:07 - 2015-02-06 19:07 - 02187048 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00042_008\ashttpph.mdl
2015-02-06 19:07 - 2015-02-06 19:07 - 01135424 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00042_008\ashttprbl.mdl
2014-05-10 18:02 - 2014-11-13 20:35 - 00095088 _____ () C:\Program Files\Bitdefender\Bitdefender\bdmetrics.dll
2014-05-10 18:03 - 2013-03-25 14:16 - 00919136 _____ () C:\Program Files\Bitdefender\Bitdefender SafeBox\System.Data.SQLite.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Medion\Desktop\FRST.exe:BDU
AlternateDataStreams: C:\Users\Medion\Downloads\dcrypt_v1-0-802-118_setup.exe:BDU
AlternateDataStreams: C:\Users\Medion\Downloads\DropboxInstaller(1).exe:BDU
AlternateDataStreams: C:\Users\Medion\Downloads\DropboxInstaller.exe:BDU
AlternateDataStreams: C:\Users\Medion\Downloads\OriginThinSetup_9.4.12.exe:BDU
AlternateDataStreams: C:\Users\Medion\Downloads\SkypeSetup.exe:BDU
AlternateDataStreams: C:\Users\Medion\Downloads\Thunderbird Setup 31.4.0.exe:BDU
AlternateDataStreams: C:\Users\Medion\Downloads\vlc-2.1.5-win32.exe:BDU
AlternateDataStreams: C:\Users\Medion\Downloads\wrar510d.exe:BDU
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2312758336-3899968739-4184073256-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Medion\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: ATKMEDIA => C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
MSCONFIG\startupreg: ATKOSD2 => C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
MSCONFIG\startupreg: HControlUser => C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
==================== Accounts: =============================
Administrator (S-1-5-21-2312758336-3899968739-4184073256-500 - Administrator - Disabled)
Gast (S-1-5-21-2312758336-3899968739-4184073256-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2312758336-3899968739-4184073256-1002 - Limited - Enabled)
Medion (S-1-5-21-2312758336-3899968739-4184073256-1000 - Administrator - Enabled) => C:\Users\Medion
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/22/2015 11:28:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Miro.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 50a0
Startzeit: 01d04eeed9afda02
Endzeit: 30
Anwendungspfad: C:\Program Files\Participatory Culture Foundation\Miro\Miro.exe
Berichts-ID: 27c13d04-bae2-11e4-967c-dca97128584c
Error: (02/16/2015 09:32:07 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 35.0.1.5500 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 10b4
Startzeit: 01d04954b7e40bed
Endzeit: 15520
Anwendungspfad: C:\Program Files\Mozilla Firefox\firefox.exe
Berichts-ID: 1eba3dec-b5b6-11e4-baab-dca97128584c
Error: (02/16/2015 09:32:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 35.0.1.5500, Zeitstempel: 0x54c1f9f3
Name des fehlerhaften Moduls: mozalloc.dll, Version: 35.0.1.5500, Zeitstempel: 0x54c1f224
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x6530
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (02/14/2015 03:45:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AcroRd32.exe, Version: 11.0.10.32, Zeitstempel: 0x547e9779
Name des fehlerhaften Moduls: AcroRd32.dll, Version: 11.0.10.32, Zeitstempel: 0x547e9765
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00224836
ID des fehlerhaften Prozesses: 0x31b4
Startzeit der fehlerhaften Anwendung: 0xAcroRd32.exe0
Pfad der fehlerhaften Anwendung: AcroRd32.exe1
Pfad des fehlerhaften Moduls: AcroRd32.exe2
Berichtskennung: AcroRd32.exe3
Error: (02/09/2015 02:27:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm soffice.bin, Version 4.0.9714.500 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: c9c
Startzeit: 01d04447e454cd4f
Endzeit: 0
Anwendungspfad: C:\Program Files\OpenOffice 4\program\soffice.bin
Berichts-ID: 445f261a-b05f-11e4-bab4-dca97128584c
Error: (01/16/2015 07:13:32 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {ef42e66a-9361-4805-bfd7-e3795ef5bee9}
Error: (01/08/2015 00:47:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AutoUpdate.exe, Version: 1.1.10.171, Zeitstempel: 0x50adcd93
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0x00000000
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x8f0
Startzeit der fehlerhaften Anwendung: 0xAutoUpdate.exe0
Pfad der fehlerhaften Anwendung: AutoUpdate.exe1
Pfad des fehlerhaften Moduls: AutoUpdate.exe2
Berichtskennung: AutoUpdate.exe3
Error: (12/15/2014 09:23:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 34.0.0.5442, Zeitstempel: 0x54754d35
Name des fehlerhaften Moduls: mozalloc.dll, Version: 34.0.0.5442, Zeitstempel: 0x54754649
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0xd80
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (12/15/2014 09:23:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 34.0.0.5442 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 169c
Startzeit: 01d018959097b745
Endzeit: 510
Anwendungspfad: C:\Program Files\Mozilla Firefox\firefox.exe
Berichts-ID:
Error: (12/14/2014 05:42:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Sims2EP9.exe, Version 1.17.0.66 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 4db0
Startzeit: 01d017b174f4680b
Endzeit: 0
Anwendungspfad: C:\Program Files\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
Berichts-ID:
System errors:
=============
Error: (03/01/2015 10:15:41 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (03/01/2015 09:28:19 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (03/01/2015 09:28:15 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)
Error: (03/01/2015 09:27:42 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (03/01/2015 09:27:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update BrowseMark" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (03/01/2015 02:33:07 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (02/28/2015 11:20:03 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (02/28/2015 11:05:07 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (02/28/2015 11:05:05 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)
Error: (02/28/2015 11:04:32 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Microsoft Office Sessions:
=========================
Error: (02/22/2015 11:28:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Miro.exe0.0.0.050a001d04eeed9afda0230C:\Program Files\Participatory Culture Foundation\Miro\Miro.exe27c13d04-bae2-11e4-967c-dca97128584c
Error: (02/16/2015 09:32:07 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe35.0.1.550010b401d04954b7e40bed15520C:\Program Files\Mozilla Firefox\firefox.exe1eba3dec-b5b6-11e4-baab-dca97128584c
Error: (02/16/2015 09:32:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe35.0.1.550054c1f9f3mozalloc.dll35.0.1.550054c1f2248000000300001425653001d049b2fccae56dC:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\Mozilla Firefox\mozalloc.dll49dd9ccd-b5b6-11e4-baab-dca97128584c
Error: (02/14/2015 03:45:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: AcroRd32.exe11.0.10.32547e9779AcroRd32.dll11.0.10.32547e9765c00000050022483631b401d04864b3420bc3C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exeC:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.dll10ea825c-b458-11e4-bafa-dca97128584c
Error: (02/09/2015 02:27:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: soffice.bin4.0.9714.500c9c01d04447e454cd4f0C:\Program Files\OpenOffice 4\program\soffice.bin445f261a-b05f-11e4-bab4-dca97128584c
Error: (01/16/2015 07:13:32 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {ef42e66a-9361-4805-bfd7-e3795ef5bee9}
Error: (01/08/2015 00:47:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: AutoUpdate.exe1.1.10.17150adcd93unknown0.0.0.00000000000000000000000008f001d02ad4071019f0C:\Program Files\BlueSprig\JetBoost\AutoUpdate.exeunknown931736c5-96c7-11e4-bb48-dca97128584c
Error: (12/15/2014 09:23:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe34.0.0.544254754d35mozalloc.dll34.0.0.5442547546498000000300001425d8001d01899c654f483C:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\Mozilla Firefox\mozalloc.dll3b13ed6f-8498-11e4-bb66-dca97128584c
Error: (12/15/2014 09:23:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe34.0.0.5442169c01d018959097b745510C:\Program Files\Mozilla Firefox\firefox.exe
Error: (12/14/2014 05:42:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Sims2EP9.exe1.17.0.664db001d017b174f4680b0C:\Program Files\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
==================== Memory info ===========================
Processor: Intel(R) Atom(TM) CPU N570 @ 1.66GHz
Percentage of memory in use: 93%
Total physical RAM: 1014.18 MB
Available physical RAM: 70.86 MB
Total Pagefile: 5038.18 MB
Available Pagefile: 3628.36 MB
Total Virtual: 2047.88 MB
Available Virtual: 1870.73 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.87 GB) (Free:58.05 GB) NTFS
Drive e: (Volume) (Fixed) (Total:120.92 GB) (Free:118.83 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: CA17AF2B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=120.9 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
WARNUNG an die MITLESER: 
