Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Emsisoft kann Datei weder löschen noch in quarantäne setzen.

Emsisoft kann Datei weder löschen noch in quarantäne setzen.


Log-Analyse und Auswertung: Emsisoft kann Datei weder löschen noch in quarantäne setzen.

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 05.01.2014, 20:10   #1
timster
 
Emsisoft kann Datei weder löschen noch in quarantäne setzen. - Standard

Emsisoft kann Datei weder löschen noch in quarantäne setzen.


Hallo,

ich hoffe hier habe ich nun alles richtig gemacht.

Das Problem:
Der Pc öffnete seltsame Pop Ups und wurde langsamer.
Daher habe ich mit Emsisoft und Antivir einen Scan durchgeführt und auch einiges gefunden.
Das meiste ließ sich entfernen, jedoch gibts es bei einer Datei immer Probleme, ich kann sie nicht löschen oder in quarantäne setzen.

Hier die benötigten Logs:

(Gmer hat nicht funktioniert, bzw ich habe es nicht laufen lassen, da diese Fehlermeldung kam: C:\windows\system32\config\systemer Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. )

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-01-2014
Ran by Anwender (administrator) on ANWENDERPC on 05-01-2014 19:50:29
Running from C:\Users\Anwender\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Telefónica) C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Zhorn Software) C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\stickies.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
(Google) C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\Photoshop.exe
(Adobe Systems Incorporated ) C:\Program Files (x86)\Common Files\Adobe\dynamiclink\CS6\dynamiclinkmanager.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191824 2012-08-10] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] - C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764544 2012-09-14] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-09-14] (Atheros Communications)
HKLM\...\Run: [Ocs_SM] - C:\Users\Anwender\AppData\Roaming\OCS\SM\SearchAnonymizer.exe
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrobat_sl.exe [41336 2013-09-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe [840568 2013-09-03] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [emsisoft anti-malware] - C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe [4329408 2013-12-04] (Emsisoft GmbH)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)
MountPoints2: F - "F:\AutoRun.exe" 
MountPoints2: {07dd5104-5ebf-11e3-bede-001e101f8da1} - "F:\AutoRun.exe" 
MountPoints2: {be3b95f0-4e94-11e3-bed5-50b7c3621954} - "F:\AutoRun.exe" 
MountPoints2: {be3b9630-4e94-11e3-bed5-50b7c3621954} - "F:\AutoRun.exe" 
MountPoints2: {cf11b934-29a5-11e2-be84-806e6f6e6963} - "D:\autorun.exe" 
Startup: C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\stickies.exe (Zhorn Software)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com
SearchScopes: HKLM - DefaultScope {4C6B4EEC-05FF-4DA8-9174-CB11AA2F4B6C} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM - {4C6B4EEC-05FF-4DA8-9174-CB11AA2F4B6C} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - {4C6B4EEC-05FF-4DA8-9174-CB11AA2F4B6C} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKCU - {102A0DF5-266A-4314-895F-C278DD310434} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=6b263835-67e9-4004-9694-a1390b4dd9f4&pid=ccleanerde&mode=bounce&k=0
SearchScopes: HKCU - {210A58C8-EDE3-469F-BC89-F959C4104C6F} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=6b263835-67e9-4004-9694-a1390b4dd9f4&pid=ccleanerde&mode=bounce&k=0
SearchScopes: HKCU - {47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF} URL = hxxp://www.basicserve.com/?prt=bscsrvgup1&sp=&keywords={searchTerms}
SearchScopes: HKCU - {47C34D58-06F2-453C-BB0B-BF2D28823565} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=6b263835-67e9-4004-9694-a1390b4dd9f4&pid=ccleanerde&mode=bounce&k=0
SearchScopes: HKCU - {4C6B4EEC-05FF-4DA8-9174-CB11AA2F4B6C} URL = 
SearchScopes: HKCU - {B6604649-ADAA-49D7-B8AD-D6BD2A8711A7} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=6b263835-67e9-4004-9694-a1390b4dd9f4&pid=ccleanerde&mode=bounce&k=0
SearchScopes: HKCU - {BE23E48B-8380-4556-91DD-D7468529AD4F} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=6b263835-67e9-4004-9694-a1390b4dd9f4&pid=ccleanerde&mode=bounce&k=0
SearchScopes: HKCU - {C927E1FE-D09D-4DF5-B1DB-D1A04F523E86} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=6b263835-67e9-4004-9694-a1390b4dd9f4&pid=ccleanerde&mode=bounce&k=0
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll No File
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Anwender\AppData\Roaming\Mozilla\Firefox\Profiles\dej038ht.default-1387923768465
FF Homepage: hxxp://www.google.de/
FF Keyword.URL: hxxp://www.basicserve.com/?prt=bscsrvgup1&sp=google&keywords=
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Anwender\AppData\Roaming\Mozilla\Firefox\Profiles\dej038ht.default-1387923768465\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: BasicServe - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{740B3FD5-4483-469D-BE7F-8555B153BD04}
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF HKLM-x32\...\Firefox\Extensions: [{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}] - C:\Program Files (x86)\RelevantKnowledge\firefox

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (FastestChrome - Browse Faster) - C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\5.7.1_0

==================== Services (Whitelisted) =================

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4161512 2013-12-04] (Emsisoft GmbH)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-09] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1011768 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [216192 2012-09-14] (Qualcomm Atheros Commnucations)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-09-05] (Samsung Electronics CO., LTD.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151744 2013-12-24] (IObit)
R2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [201080 2011-06-14] (Telefónica)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-09-14] (Atheros)

==================== Drivers (Whitelisted) ====================

R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [70960 2013-08-24] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [35496 2012-07-09] (Advanced Micro Devices, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [84720 2013-12-09] (Avira Operations GmbH & Co. KG)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-09-14] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 ewusbnet; C:\Windows\system32\DRIVERS\ewusbnet.sys [256000 2010-08-31] (Huawei Technologies Co., Ltd.)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-05 19:50 - 2014-01-05 19:50 - 00019503 _____ C:\Users\Anwender\Desktop\FRST.txt
2014-01-05 19:49 - 2014-01-05 19:49 - 01931368 _____ (Farbar) C:\Users\Anwender\Desktop\FRST64.exe
2014-01-05 19:48 - 2014-01-05 19:48 - 00000478 _____ C:\Users\Anwender\Desktop\defogger_disable.log
2014-01-05 19:47 - 2014-01-05 19:47 - 00050477 _____ C:\Users\Anwender\Desktop\Defogger.exe
2014-01-05 15:55 - 2014-01-05 15:55 - 00134492 _____ C:\Users\Anwender\Desktop\OTL.Txt
2014-01-05 15:55 - 2014-01-05 15:55 - 00080430 _____ C:\Users\Anwender\Desktop\Extras.Txt
2014-01-05 15:40 - 2014-01-05 15:40 - 00602112 _____ (OldTimer Tools) C:\Users\Anwender\Desktop\OTL.exe
2014-01-05 15:35 - 2014-01-05 15:35 - 00001050 _____ C:\Users\Anwender\Desktop\a2scan_140105-014240.txt
2014-01-04 21:40 - 2014-01-04 21:40 - 00000000 ___RD C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-01-02 20:40 - 2014-01-02 20:40 - 00000000 ____D C:\FRST
2014-01-02 20:35 - 2014-01-02 20:35 - 00000000 _____ C:\Users\Anwender\defogger_reenable
2014-01-02 16:08 - 2014-01-02 16:08 - 00001117 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2014-01-02 16:07 - 2014-01-05 18:55 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2014-01-02 16:07 - 2014-01-02 16:07 - 00000000 ____D C:\Users\Anwender\Documents\Anti-Malware
2014-01-02 11:24 - 2014-01-02 11:24 - 00000000 ____D C:\Users\Anwender\AppData\Roaming\Avira
2014-01-02 11:22 - 2014-01-02 11:22 - 00002086 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2014-01-02 11:22 - 2014-01-02 11:22 - 00000000 ____D C:\Program Files (x86)\Avira
2014-01-02 11:22 - 2013-12-09 11:37 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2014-01-02 11:22 - 2013-12-09 11:37 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2014-01-02 11:22 - 2013-12-09 11:37 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2014-01-02 11:22 - 2013-12-09 11:37 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avkmgr.sys
2014-01-01 20:16 - 2014-01-04 19:54 - 00000000 ____D C:\Program Files (x86)\BasicServe
2014-01-01 20:16 - 2014-01-01 20:16 - 00000000 _____ C:\ProgramData\2927243121363c3a3930_c
2014-01-01 20:16 - 2013-11-13 21:51 - 00970520 _____ (TMRG,  Inc.) C:\windows\system32\rlls64.dll
2014-01-01 20:16 - 2013-11-13 21:51 - 00660248 _____ (TMRG,  Inc.) C:\windows\SysWOW64\rlls.dll
2013-12-24 23:05 - 2013-12-24 23:05 - 00000000 ____D C:\windows\ERUNT
2013-12-24 22:56 - 2013-12-24 22:59 - 00000000 ____D C:\AdwCleaner
2013-12-24 17:31 - 2013-12-24 17:31 - 00000000 ____D C:\Users\Anwender\AppData\Roaming\Malwarebytes
2013-12-24 17:31 - 2013-12-24 17:31 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-24 17:24 - 2014-01-04 19:56 - 00000000 ____D C:\ProgramData\ProductData
2013-12-24 17:24 - 2013-12-24 17:24 - 00000000 ____D C:\Users\Anwender\AppData\Roaming\IObit
2013-12-24 17:24 - 2013-12-24 17:24 - 00000000 ____D C:\ProgramData\IObit
2013-12-24 17:24 - 2013-12-24 17:24 - 00000000 ____D C:\Program Files (x86)\IObit
2013-12-24 16:01 - 2013-12-24 17:25 - 00000000 ____D C:\Program Files (x86)\WebexpEnhancedV1
2013-12-21 23:20 - 2013-12-21 23:20 - 00002038 _____ C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
2013-12-21 21:32 - 2013-12-21 21:32 - 00000000 ____D C:\Users\Anwender\Documents\theHunter
2013-12-21 11:33 - 2013-12-21 11:33 - 00000000 ____D C:\Users\Anwender\Documents\Bluetooth Folder
2013-12-20 23:25 - 2013-12-20 23:26 - 00000000 ____D C:\Users\Anwender\Documents\Tamron
2013-12-19 22:16 - 2013-12-19 22:16 - 00000000 ____D C:\Users\Anwender\AppData\Roaming\EPSON
2013-12-19 20:45 - 2013-12-19 20:45 - 00000000 _____ C:\Users\Anwender\Sti_Trace.log
2013-12-19 20:44 - 2007-06-22 00:10 - 00501912 _____ (SEIKO EPSON CORPORATION) C:\windows\SysWOW64\PICSDK2.dll
2013-12-19 20:44 - 2007-06-22 00:10 - 00000097 _____ C:\windows\SysWOW64\PICSDK.ini
2013-12-19 20:44 - 2006-10-31 00:10 - 00120992 _____ (SEIKO EPSON CORPORATION) C:\windows\SysWOW64\EpPicPrt.dll
2013-12-19 20:44 - 2006-10-31 00:10 - 00071840 _____ (SEIKO EPSON CORPORATION) C:\windows\SysWOW64\EPPicMgr.dll
2013-12-19 20:44 - 2006-10-20 00:10 - 00108704 _____ (SEIKO EPSON CORPORATION) C:\windows\SysWOW64\PICEntry.dll
2013-12-19 20:44 - 2006-10-20 00:10 - 00080024 _____ (SEIKO EPSON CORPORATION) C:\windows\SysWOW64\PICSDK.dll
2013-12-19 20:44 - 2005-06-01 00:20 - 00111932 _____ C:\windows\SysWOW64\EPPICPrinterDB.dat
2013-12-19 20:44 - 2004-03-03 06:10 - 00031053 _____ C:\windows\SysWOW64\EPPICPattern131.dat
2013-12-19 20:44 - 2004-03-03 06:10 - 00027417 _____ C:\windows\SysWOW64\EPPICPattern121.dat
2013-12-19 20:44 - 2004-03-03 06:10 - 00026154 _____ C:\windows\SysWOW64\EPPICPattern1.dat
2013-12-19 20:44 - 2004-03-03 06:10 - 00024903 _____ C:\windows\SysWOW64\EPPICPattern3.dat
2013-12-19 20:44 - 2004-03-03 06:10 - 00021390 _____ C:\windows\SysWOW64\EPPICPattern5.dat
2013-12-19 20:44 - 2004-03-03 06:10 - 00020148 _____ C:\windows\SysWOW64\EPPICPattern2.dat
2013-12-19 20:44 - 2004-03-03 06:10 - 00013732 _____ C:\windows\SysWOW64\EPPICLocal_EN.cfg
2013-12-19 20:44 - 2004-03-03 06:10 - 00011811 _____ C:\windows\SysWOW64\EPPICPattern4.dat
2013-12-19 20:44 - 2004-03-03 06:10 - 00006442 _____ C:\windows\SysWOW64\EPPICLocal_IT.cfg
2013-12-19 20:44 - 2004-03-03 06:10 - 00006347 _____ C:\windows\SysWOW64\EPPICLocal_PT.cfg
2013-12-19 20:44 - 2004-03-03 06:10 - 00006347 _____ C:\windows\SysWOW64\EPPICLocal_BP.cfg
2013-12-19 20:44 - 2004-03-03 06:10 - 00006335 _____ C:\windows\SysWOW64\EPPICLocal_GE.cfg
2013-12-19 20:44 - 2004-03-03 06:10 - 00006195 _____ C:\windows\SysWOW64\EPPICLocal_FR.cfg
2013-12-19 20:44 - 2004-03-03 06:10 - 00006195 _____ C:\windows\SysWOW64\EPPICLocal_CF.cfg
2013-12-19 20:44 - 2004-03-03 06:10 - 00006122 _____ C:\windows\SysWOW64\EPPICLocal_DU.cfg
2013-12-19 20:44 - 2004-03-03 06:10 - 00006103 _____ C:\windows\SysWOW64\EPPICLocal_ES.cfg
2013-12-19 20:44 - 2004-03-03 06:10 - 00005817 _____ C:\windows\SysWOW64\EPPICLocal_KO.cfg
2013-12-19 20:44 - 2004-03-03 06:10 - 00005436 _____ C:\windows\SysWOW64\EPPICLocal_SC.cfg
2013-12-19 20:44 - 2004-03-03 06:10 - 00004943 _____ C:\windows\SysWOW64\EPPICPattern6.dat
2013-12-19 20:44 - 2004-03-03 06:10 - 00002889 _____ C:\windows\SysWOW64\EPPICLocal_RU.cfg
2013-12-19 20:44 - 2004-03-03 06:10 - 00002426 _____ C:\windows\SysWOW64\EPPICLocal_TC.cfg
2013-12-19 20:44 - 2004-03-03 06:10 - 00001146 _____ C:\windows\SysWOW64\EPPICPresetData_DU.dat
2013-12-19 20:44 - 2004-03-03 06:10 - 00001139 _____ C:\windows\SysWOW64\EPPICPresetData_PT.dat
2013-12-19 20:44 - 2004-03-03 06:10 - 00001139 _____ C:\windows\SysWOW64\EPPICPresetData_BP.dat
2013-12-19 20:44 - 2004-03-03 06:10 - 00001136 _____ C:\windows\SysWOW64\EPPICPresetData_ES.dat
2013-12-19 20:44 - 2004-03-03 06:10 - 00001129 _____ C:\windows\SysWOW64\EPPICPresetData_FR.dat
2013-12-19 20:44 - 2004-03-03 06:10 - 00001129 _____ C:\windows\SysWOW64\EPPICPresetData_CF.dat
2013-12-19 20:44 - 2004-03-03 06:10 - 00001120 _____ C:\windows\SysWOW64\EPPICPresetData_IT.dat
2013-12-19 20:44 - 2004-03-03 06:10 - 00001107 _____ C:\windows\SysWOW64\EPPICPresetData_GE.dat
2013-12-19 20:44 - 2004-03-03 06:10 - 00001104 _____ C:\windows\SysWOW64\EPPICPresetData_EN.dat
2013-12-19 20:43 - 2013-12-19 20:43 - 00000000 ____D C:\Users\Anwender\AppData\Roaming\InstallShield
2013-12-19 20:43 - 2013-12-19 20:43 - 00000000 ____D C:\ProgramData\EPSON
2013-12-19 20:40 - 2013-12-22 21:49 - 00000000 ____D C:\Program Files (x86)\epson
2013-12-14 11:25 - 2013-12-14 11:25 - 00001793 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-12-14 11:23 - 2013-12-14 11:25 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-14 11:23 - 2013-12-14 11:25 - 00000000 ____D C:\Program Files\iTunes
2013-12-14 11:23 - 2013-12-14 11:25 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-12-14 11:23 - 2013-12-14 11:23 - 00000000 ____D C:\Program Files\iPod
2013-12-14 09:31 - 2013-12-14 09:31 - 05050552 _____ C:\windows\system32\FNTCACHE.DAT
2013-12-12 16:04 - 2013-12-12 16:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-12 01:27 - 2013-12-04 01:53 - 00694240 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-12-12 01:27 - 2013-12-04 01:53 - 00078304 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-11 12:01 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-12-11 12:01 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-12-11 12:01 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-12-11 12:01 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-12-11 12:01 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-12-11 12:01 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-12-11 12:01 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-12-11 12:01 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-12-11 12:01 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-12-11 12:01 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-12-11 12:00 - 2013-10-25 07:19 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2013-12-11 12:00 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-12-11 12:00 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-12-11 12:00 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-12-11 12:00 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-12-11 12:00 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-12-11 12:00 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-12-11 12:00 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-12-11 12:00 - 2013-10-19 06:45 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\imagehlp.dll
2013-12-11 12:00 - 2013-10-19 05:04 - 00059392 _____ (Microsoft Corporation) C:\windows\SysWOW64\imagehlp.dll
2013-12-11 12:00 - 2013-10-09 02:33 - 00059416 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2013-12-11 12:00 - 2013-10-08 23:30 - 00628736 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2013-12-11 12:00 - 2013-10-08 23:30 - 00126976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2013-12-11 12:00 - 2013-10-08 23:30 - 00084992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2013-12-11 12:00 - 2013-10-08 23:30 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2013-12-11 12:00 - 2013-10-08 23:28 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2013-12-11 12:00 - 2013-10-08 23:27 - 03279872 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2013-12-11 12:00 - 2013-10-08 23:27 - 01622016 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2013-12-11 12:00 - 2013-10-08 23:27 - 00773120 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2013-12-11 12:00 - 2013-10-08 23:27 - 00252928 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2013-12-11 12:00 - 2013-10-08 23:27 - 00175104 _____ (Microsoft Corporation) C:\windows\system32\storewuauth.dll
2013-12-11 12:00 - 2013-10-08 23:27 - 00142848 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2013-12-11 12:00 - 2013-10-08 23:27 - 00099328 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2013-12-11 12:00 - 2013-10-05 07:10 - 00285016 _____ (Microsoft Corporation) C:\windows\system32\Drivers\spaceport.sys
2013-12-11 12:00 - 2013-10-03 23:09 - 00385528 _____ C:\windows\system32\ApnDatabase.xml
2013-12-11 12:00 - 2013-10-02 03:50 - 00447320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBHUB3.SYS
2013-12-11 12:00 - 2013-09-28 06:48 - 00778752 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2013-12-11 12:00 - 2013-09-28 04:58 - 00551424 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2013-12-11 12:00 - 2013-09-19 08:32 - 01455448 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2013-12-11 12:00 - 2013-08-30 06:19 - 00626688 _____ (Microsoft Corporation) C:\windows\system32\resutils.dll
2013-12-11 12:00 - 2013-08-30 06:18 - 00374784 _____ (Microsoft Corporation) C:\windows\system32\clusapi.dll
2013-12-11 12:00 - 2013-08-30 00:48 - 00488960 _____ (Microsoft Corporation) C:\windows\SysWOW64\resutils.dll
2013-12-11 12:00 - 2013-08-30 00:47 - 00302080 _____ (Microsoft Corporation) C:\windows\SysWOW64\clusapi.dll
2013-12-11 11:59 - 2013-11-23 07:43 - 00420864 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2013-12-11 11:59 - 2013-11-23 06:05 - 00368640 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
2013-12-11 11:59 - 2013-11-07 00:18 - 04036608 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2013-12-11 11:59 - 2013-11-01 06:38 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\msieftp.dll
2013-12-11 11:59 - 2013-11-01 04:49 - 00273408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msieftp.dll
2013-12-11 11:59 - 2013-10-10 10:32 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\cscript.exe
2013-12-11 11:59 - 2013-10-10 10:30 - 00162304 _____ (Microsoft Corporation) C:\windows\SysWOW64\scrobj.dll
2013-12-11 11:59 - 2013-10-10 10:30 - 00156160 _____ (Microsoft Corporation) C:\windows\SysWOW64\scrrun.dll
2013-12-11 11:59 - 2013-10-10 10:24 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\wshom.ocx
2013-12-11 11:59 - 2013-10-10 10:23 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\cscript.exe
2013-12-11 11:59 - 2013-10-10 10:22 - 00222720 _____ (Microsoft Corporation) C:\windows\system32\scrobj.dll
2013-12-11 11:59 - 2013-10-10 10:22 - 00194048 _____ (Microsoft Corporation) C:\windows\system32\scrrun.dll
2013-12-11 11:59 - 2013-09-28 04:35 - 00288768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\portcls.sys
2013-12-10 12:23 - 2013-12-10 12:23 - 00002228 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-08 12:38 - 2013-12-08 12:38 - 00000000 ____D C:\Program Files (x86)\AviSynth 2.5
2013-12-08 12:38 - 2009-09-27 09:39 - 00369152 ___SH (The Public) C:\windows\SysWOW64\avisynth.dll
2013-12-08 12:38 - 2005-07-14 12:31 - 00032256 ___SH C:\windows\SysWOW64\AVSredirect.dll
2013-12-08 12:38 - 2004-02-22 10:11 - 00719872 ___SH (Abysmal Software) C:\windows\SysWOW64\devil.dll
2013-12-08 12:38 - 2004-01-25 00:00 - 00070656 ___SH (www.helixcommunity.org) C:\windows\SysWOW64\yv12vfw.dll
2013-12-08 12:38 - 2004-01-25 00:00 - 00070656 ___SH (www.helixcommunity.org) C:\windows\SysWOW64\i420vfw.dll
2013-12-08 12:34 - 2013-12-08 13:48 - 00000000 ____D C:\Program Files (x86)\eRightSoft
2013-12-08 12:34 - 2004-10-10 09:50 - 00278528 _____ (Real Networks, Inc) C:\windows\SysWOW64\pncrt.dll
2013-12-08 12:34 - 2004-07-02 16:33 - 00327749 _____ (RealNetworks, Inc.) C:\windows\SysWOW64\drvc.dll
2013-12-08 08:47 - 2013-12-08 08:56 - 00000000 ____D C:\Users\Anwender\AppData\Roaming\GF-Player
2013-12-07 19:29 - 2013-12-07 22:33 - 00000000 ____D C:\Users\Anwender\AppData\Roaming\dvdcss
2013-12-06 22:32 - 2013-12-06 22:32 - 00001531 _____ C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\stickies.lnk

==================== One Month Modified Files and Folders =======

2014-01-05 19:51 - 2014-01-05 19:50 - 00019503 _____ C:\Users\Anwender\Desktop\FRST.txt
2014-01-05 19:51 - 2013-01-19 21:15 - 00001136 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-05 19:51 - 2013-01-19 21:15 - 00001132 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-05 19:49 - 2014-01-05 19:49 - 01931368 _____ (Farbar) C:\Users\Anwender\Desktop\FRST64.exe
2014-01-05 19:48 - 2014-01-05 19:48 - 00000478 _____ C:\Users\Anwender\Desktop\defogger_disable.log
2014-01-05 19:47 - 2014-01-05 19:47 - 00050477 _____ C:\Users\Anwender\Desktop\Defogger.exe
2014-01-05 19:43 - 2012-09-18 12:15 - 00000360 _____ C:\windows\Tasks\Xerox PhotoCafe Communicator.job
2014-01-05 19:15 - 2013-01-19 20:10 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2014-01-05 19:08 - 2013-01-20 17:09 - 01314347 _____ C:\windows\WindowsUpdate.log
2014-01-05 19:02 - 2012-07-26 09:12 - 00000000 ____D C:\windows\system32\sru
2014-01-05 18:55 - 2014-01-02 16:07 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2014-01-05 15:55 - 2014-01-05 15:55 - 00134492 _____ C:\Users\Anwender\Desktop\OTL.Txt
2014-01-05 15:55 - 2014-01-05 15:55 - 00080430 _____ C:\Users\Anwender\Desktop\Extras.Txt
2014-01-05 15:40 - 2014-01-05 15:40 - 00602112 _____ (OldTimer Tools) C:\Users\Anwender\Desktop\OTL.exe
2014-01-05 15:35 - 2014-01-05 15:35 - 00001050 _____ C:\Users\Anwender\Desktop\a2scan_140105-014240.txt
2014-01-05 10:50 - 2012-09-18 11:55 - 00000870 _____ C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2014-01-04 21:43 - 2013-10-21 11:35 - 00000000 ____D C:\Program Files (x86)\theHunter
2014-01-04 21:43 - 2012-09-18 12:06 - 00000000 ____D C:\ProgramData\WinClon
2014-01-04 21:42 - 2012-12-27 10:08 - 00000000 ____D C:\Users\Anwender\AppData\Local\CrashDumps
2014-01-04 21:40 - 2014-01-04 21:40 - 00000000 ___RD C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-01-04 21:39 - 2012-09-18 11:55 - 00000868 _____ C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2014-01-04 21:38 - 2012-07-26 08:22 - 00000006 ____H C:\windows\Tasks\SA.DAT
2014-01-04 19:56 - 2013-12-24 17:24 - 00000000 ____D C:\ProgramData\ProductData
2014-01-04 19:56 - 2013-05-27 00:06 - 00000000 ____D C:\Users\Anwender\AppData\Roaming\stickies
2014-01-04 19:54 - 2014-01-01 20:16 - 00000000 ____D C:\Program Files (x86)\BasicServe
2014-01-04 19:54 - 2013-01-29 20:51 - 00164740 _____ C:\windows\PFRO.log
2014-01-04 19:54 - 2012-07-26 06:26 - 00262144 ___SH C:\windows\system32\config\BBI
2014-01-04 19:52 - 2012-12-27 10:06 - 00000000 ____D C:\Users\Anwender
2014-01-02 20:40 - 2014-01-02 20:40 - 00000000 ____D C:\FRST
2014-01-02 20:35 - 2014-01-02 20:35 - 00000000 _____ C:\Users\Anwender\defogger_reenable
2014-01-02 16:08 - 2014-01-02 16:08 - 00001117 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2014-01-02 16:07 - 2014-01-02 16:07 - 00000000 ____D C:\Users\Anwender\Documents\Anti-Malware
2014-01-02 11:24 - 2014-01-02 11:24 - 00000000 ____D C:\Users\Anwender\AppData\Roaming\Avira
2014-01-02 11:22 - 2014-01-02 11:22 - 00002086 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2014-01-02 11:22 - 2014-01-02 11:22 - 00000000 ____D C:\Program Files (x86)\Avira
2014-01-02 11:22 - 2013-01-19 20:51 - 00000000 ____D C:\ProgramData\Avira
2014-01-01 23:39 - 2013-10-18 00:10 - 00000039 _____ C:\Users\Anwender\AppData\Roaming\TheHunterSettings_live.cfg
2014-01-01 20:16 - 2014-01-01 20:16 - 00000000 _____ C:\ProgramData\2927243121363c3a3930_c
2014-01-01 20:15 - 2013-01-19 21:15 - 00000000 ____D C:\Users\Anwender\AppData\Local\Google
2013-12-30 17:45 - 2013-01-24 21:39 - 00000000 ____D C:\Users\Anwender\AppData\Roaming\vlc
2013-12-26 22:43 - 2012-07-26 09:12 - 00000000 ____D C:\windows\system32\NDF
2013-12-25 14:34 - 2012-07-26 09:12 - 00000000 ____D C:\windows\AUInstallAgent
2013-12-24 23:05 - 2013-12-24 23:05 - 00000000 ____D C:\windows\ERUNT
2013-12-24 22:59 - 2013-12-24 22:56 - 00000000 ____D C:\AdwCleaner
2013-12-24 22:39 - 2012-09-19 02:58 - 00754172 _____ C:\windows\system32\perfh007.dat
2013-12-24 22:39 - 2012-09-19 02:58 - 00156362 _____ C:\windows\system32\perfc007.dat
2013-12-24 22:39 - 2012-07-26 08:28 - 01748838 _____ C:\windows\system32\PerfStringBackup.INI
2013-12-24 17:31 - 2013-12-24 17:31 - 00000000 ____D C:\Users\Anwender\AppData\Roaming\Malwarebytes
2013-12-24 17:31 - 2013-12-24 17:31 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-24 17:25 - 2013-12-24 16:01 - 00000000 ____D C:\Program Files (x86)\WebexpEnhancedV1
2013-12-24 17:24 - 2013-12-24 17:24 - 00000000 ____D C:\Users\Anwender\AppData\Roaming\IObit
2013-12-24 17:24 - 2013-12-24 17:24 - 00000000 ____D C:\ProgramData\IObit
2013-12-24 17:24 - 2013-12-24 17:24 - 00000000 ____D C:\Program Files (x86)\IObit
2013-12-23 00:24 - 2012-12-27 10:13 - 00003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2678595623-4148133582-4009595467-1001
2013-12-22 21:49 - 2013-12-19 20:40 - 00000000 ____D C:\Program Files (x86)\epson
2013-12-21 23:20 - 2013-12-21 23:20 - 00002038 _____ C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
2013-12-21 21:32 - 2013-12-21 21:32 - 00000000 ____D C:\Users\Anwender\Documents\theHunter
2013-12-21 11:33 - 2013-12-21 11:33 - 00000000 ____D C:\Users\Anwender\Documents\Bluetooth Folder
2013-12-20 23:26 - 2013-12-20 23:25 - 00000000 ____D C:\Users\Anwender\Documents\Tamron
2013-12-20 23:21 - 2013-06-18 23:36 - 00000000 ____D C:\Users\Anwender\Documents\Evertech 5.0 Backup
2013-12-20 19:42 - 2013-12-01 22:07 - 00000000 ____D C:\Users\Anwender\Documents\Höhlen
2013-12-19 23:21 - 2013-08-24 21:59 - 00312320 ___SH C:\Users\Anwender\Documents\Thumbs.db
2013-12-19 22:16 - 2013-12-19 22:16 - 00000000 ____D C:\Users\Anwender\AppData\Roaming\EPSON
2013-12-19 20:45 - 2013-12-19 20:45 - 00000000 _____ C:\Users\Anwender\Sti_Trace.log
2013-12-19 20:43 - 2013-12-19 20:43 - 00000000 ____D C:\Users\Anwender\AppData\Roaming\InstallShield
2013-12-19 20:43 - 2013-12-19 20:43 - 00000000 ____D C:\ProgramData\EPSON
2013-12-14 11:25 - 2013-12-14 11:25 - 00001793 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-12-14 11:25 - 2013-12-14 11:23 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-14 11:25 - 2013-12-14 11:23 - 00000000 ____D C:\Program Files\iTunes
2013-12-14 11:25 - 2013-12-14 11:23 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-12-14 11:23 - 2013-12-14 11:23 - 00000000 ____D C:\Program Files\iPod
2013-12-14 10:00 - 2013-07-30 11:12 - 00000000 ____D C:\windows\system32\MRT
2013-12-14 09:57 - 2013-01-19 20:11 - 90708896 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-12-14 09:31 - 2013-12-14 09:31 - 05050552 _____ C:\windows\system32\FNTCACHE.DAT
2013-12-14 09:31 - 2013-01-23 01:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-12 16:04 - 2013-12-12 16:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-12 09:58 - 2012-07-26 09:12 - 00000000 ____D C:\windows\rescache
2013-12-12 01:24 - 2012-07-26 09:12 - 00000000 ____D C:\windows\system32\SecureBootUpdates
2013-12-11 12:07 - 2013-10-12 00:53 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-11 12:05 - 2012-07-26 06:38 - 00000000 ____D C:\windows\system32\oobe
2013-12-10 19:38 - 2013-01-19 20:10 - 00003772 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2013-12-10 12:23 - 2013-12-10 12:23 - 00002228 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-10 12:23 - 2013-01-19 21:15 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-10 10:12 - 2013-01-20 20:55 - 00004040 _____ C:\windows\setupact.log
2013-12-09 11:37 - 2014-01-02 11:22 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2013-12-09 11:37 - 2014-01-02 11:22 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2013-12-09 11:37 - 2014-01-02 11:22 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2013-12-09 11:37 - 2014-01-02 11:22 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avkmgr.sys
2013-12-08 13:48 - 2013-12-08 12:34 - 00000000 ____D C:\Program Files (x86)\eRightSoft
2013-12-08 13:46 - 2013-01-23 16:50 - 00000000 ____D C:\Users\Public\CyberLink
2013-12-08 13:45 - 2012-09-18 12:11 - 00000000 ____D C:\ProgramData\CyberLink
2013-12-08 12:38 - 2013-12-08 12:38 - 00000000 ____D C:\Program Files (x86)\AviSynth 2.5
2013-12-08 08:56 - 2013-12-08 08:47 - 00000000 ____D C:\Users\Anwender\AppData\Roaming\GF-Player
2013-12-07 22:33 - 2013-12-07 19:29 - 00000000 ____D C:\Users\Anwender\AppData\Roaming\dvdcss
2013-12-06 22:33 - 2013-05-27 00:06 - 00000000 ____D C:\Program Files (x86)\Stickies
2013-12-06 22:32 - 2013-12-06 22:32 - 00001531 _____ C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\stickies.lnk

Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe


Some content of TEMP:
====================
C:\Users\Anwender\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-29 11:14

==================== End Of Log ============================
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 19:48 on 05/01/2014 (Anwender)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

 

Themen zu Emsisoft kann Datei weder löschen noch in quarantäne setzen.
adblock, adobe, adware.relevant.bh, adware.relevant.ca, adware.relevant.cc, application.win32.installad, avira, bonjour, defender, emsisoft, entfernen, filesubmit.a, firefox, flash player, gen:variant.adware.barys.5042, homepage, java.exploit.cve-2013-2423.a, mozilla, plug-in, pop ups, problem, realtek, registry, relevantknowledge, software, svchost.exe, windows, wlan


« "iexplore.exe" verursacht Traffic + GuraqVM,NecursX und Dropper gefunden | Windows 7 findet "einige" Viren »


Ähnliche Themen: Emsisoft kann Datei weder löschen noch in quarantäne setzen.


  1. Ashampoo findet gefährliche Viren und Trojaner, kann diese weder löschen noch in Quarantäne schieben
    Log-Analyse und Auswertung - 16.10.2015 (1)
  2. reimage erscheint nicht bei den uninstallern und lässt sich weder entfernen noch löschen
    Plagegeister aller Art und deren Bekämpfung - 09.08.2015 (2)
  3. Virus - Weder Bios noch Hochfahren funktionieren, kann Pc nicht wiederherstellen Part 2
    Plagegeister aller Art und deren Bekämpfung - 02.07.2015 (5)
  4. Virus - Weder Bios noch Hochfahren funktionieren, kann Pc nicht wiederherstellen
    Plagegeister aller Art und deren Bekämpfung - 10.06.2015 (3)
  5. Kann weder Firewall noch Virenscanner installieren
    Plagegeister aller Art und deren Bekämpfung - 25.05.2015 (9)
  6. Als Trojaner identifizierte Datei aus Quarantäne gelöscht. Ist noch etwas auf meinem System?
    Log-Analyse und Auswertung - 17.03.2015 (3)
  7. kann antimalware weder installieren noch starten
    Log-Analyse und Auswertung - 03.09.2014 (29)
  8. Emsisoft fund Application.Win32.InstallAd (A) und lässt sich nicht quarantäne schieben oder löschen
    Plagegeister aller Art und deren Bekämpfung - 12.01.2014 (21)
  9. avi Datei kann weder gelöscht noch umbenannt werden
    Alles rund um Windows - 12.10.2013 (4)
  10. Kann ich Quarantäne-Dateien im Malware ohne weiteres löschen??
    Plagegeister aller Art und deren Bekämpfung - 28.02.2013 (1)
  11. Avira findet TR/ATRAPS.gen kann die Datei aber nicht löschen. Wie bekomme ich die Datei vom System?
    Plagegeister aller Art und deren Bekämpfung - 25.06.2012 (1)
  12. Kann weder Win7,Antivir noch Blizzard Software updaten!
    Antiviren-, Firewall- und andere Schutzprogramme - 29.04.2010 (6)
  13. kann weder SuperANTISPYWARE noch Malwarebytes updaten
    Antiviren-, Firewall- und andere Schutzprogramme - 03.04.2010 (37)
  14. Problem mit TR/Crypt.XPACK.Gen - lässt sich weder löschen noch sonstiges
    Log-Analyse und Auswertung - 01.04.2008 (6)
  15. Trojaner läßt sich weder finden, noch vom Anti-Virenprogramm löschen
    Plagegeister aller Art und deren Bekämpfung - 14.02.2008 (2)
  16. Kann Datei nicht löschen
    Plagegeister aller Art und deren Bekämpfung - 17.01.2007 (5)
  17. Kann .dll Datei nicht löschen
    Plagegeister aller Art und deren Bekämpfung - 13.02.2006 (6)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Emsisoft kann Datei weder löschen noch in quarantäne setzen. - Hallo, ich hoffe hier habe ich nun alles richtig gemacht. Das Problem: Der Pc öffnete seltsame Pop Ups und wurde langsamer. Daher habe ich mit Emsisoft und Antivir einen Scan - Emsisoft kann Datei weder löschen noch in quarantäne setzen....
Archiv
Du betrachtest: Emsisoft kann Datei weder löschen noch in quarantäne setzen. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131