Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Virenscanner meldet Probleme (https://www.trojaner-board.de/140772-virenscanner-meldet-probleme.html)

PuruckerPR 31.08.2013 16:32
Virenscanner meldet Probleme
 
Hallo liebes Trojaner-Board,

mein Virenscanner meldet Probleme, kann sie aber nicht alles beseitigen. Der von mir genutzte Virenscanner heißt ESET (gekaufte Vollversion). Ich habe bereits einen Logfile mit Hilfe von FRST erstellt. Würde mich über Hilfe freuen.

Beste Grüße
Franz


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-08-2013 03
Ran by Purucker PR (ATTENTION: The logged in user is not administrator) on 2013-0281 on 31-08-2013 14:43:34
Running from C:\Users\Purucker PR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UL14RIMH
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Expert System S.p.A.) C:\Program Files (x86)\Duden\Duden-Rechtschreibpruefung\DKTray.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\GROOVEMN.EXE
() C:\Program Files (x86)\NETGEAR\WG111v3\WG111v3.exe
() D:\Steuern_2013\mshaktuell.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Bibliographisches Institut GmbH) C:\Program Files (x86)\Duden\Duden-Bibliothek\dudenbib.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Opera Software) C:\Program Files (x86)\Opera\opera.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13263072 2012-12-13] (Realtek Semiconductor)
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [6330568 2013-03-21] (ESET)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Runonce: [Del40844088] - cmd.exe /Q /D /c del "C:\Users\Standard\AppData\Local\Temp\0.del" [x]
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] - rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [1127496 2013-04-04] (Malwarebytes Corporation)
HKCU\...\Run: [Duden Korrektor SysTray] - C:\Program Files (x86)\Duden\Duden-Rechtschreibpruefung\DKTray.exe [357992 2013-01-29] (Expert System S.p.A.)
HKCU\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20097696 2013-06-27] (Google)
HKCU\...\Run: [NokiaSuite.exe] - C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-04-19] (Nokia)
HKCU\...\Run: [OfficeSyncProcess] - C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [911024 2013-03-09] (Microsoft Corporation)
HKCU\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office14\GROOVEMN.EXE [1373888 2013-03-06] (Microsoft Corporation)
MountPoints2: G - G:\AutoRun.exe
MountPoints2: {260f44e7-e21d-11e2-82eb-001b2fbe6dc5} - G:\AutoRun.exe
MountPoints2: {260f4500-e21d-11e2-82eb-001b2fbe6dc5} - G:\AutoRun.exe
MountPoints2: {2e62c4f7-0ede-11e3-8d1d-7054d244d6b6} - G:\AutoRun.exe
MountPoints2: {a8677452-e551-11e2-85a9-7054d244d6b6} - G:\AutoRun.exe
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133408 2012-09-12] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-11-19] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-12-04] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] -  [x]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [38984 2013-05-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840768 2013-05-10] (Adobe Systems Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
AppInit_DLLs-x32: c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll [59720 2013-04-21] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WG111v3 Setup-Assistent.lnk
ShortcutTarget: NETGEAR WG111v3 Setup-Assistent.lnk -> C:\Program Files (x86)\NETGEAR\WG111v3\WG111v3.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> D:\Steuern_2013\mshaktuell.exe ()
Startup: C:\Users\Purucker PR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft SharePoint Workspace.lnk
ShortcutTarget: Microsoft SharePoint Workspace.lnk -> C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Plus-HD-2.3 - {11111111-1111-1111-1111-110311341126} - C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-bho.dll (Plus HD)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Purucker PR\AppData\Roaming\Mozilla\Firefox\Profiles\piloqpc0.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll No File
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll No File
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll No File
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll No File
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll No File
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Media Go Detector) - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Extension: (Google Docs) - C:\Users\PURUCK~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\PURUCK~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\PURUCK~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\PURUCK~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Plus-HD-2.3) - C:\Users\PURUCK~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0
CHR Extension: (Gmail) - C:\Users\PURUCK~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 Canon Driver Information Assist Service; C:\Program Files\Canon\DIAS\CnxDIAS.exe [5873840 2011-03-18] (CANON INC.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1341664 2013-03-21] (ESET)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129824 2012-09-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166688 2012-09-12] (Intel Corporation)
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 SpyHunter 4 Service; C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [1025408 2013-06-27] (Enigma Software Group USA, LLC.)

==================== Drivers (Whitelisted) ====================

R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [213416 2013-02-14] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [150616 2013-01-10] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [139768 2013-01-10] (ESET)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2012-06-22] ()
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [113792 2009-06-22] (Huawei Technologies Co., Ltd.)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28216 2012-11-19] (Intel Corporation)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-27 12:18 - 2013-08-27 12:18 - 00001165 _____ C:\Users\Purucker PR\Desktop\Mozilla Firefox.lnk
2013-08-27 12:18 - 2013-08-27 12:18 - 00001055 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-08-27 12:18 - 2013-08-27 12:18 - 00000000 ____D C:\Users\Purucker PR\AppData\Roaming\Mozilla
2013-08-27 12:18 - 2013-08-27 12:18 - 00000000 ____D C:\Users\PURUCK~1\AppData\Local\Mozilla
2013-08-27 12:18 - 2013-08-27 12:18 - 00000000 ____D C:\ProgramData\Mozilla
2013-08-27 12:18 - 2013-08-27 12:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-27 12:17 - 2013-08-27 12:17 - 00001427 _____ C:\Users\Purucker PR\Desktop\Internet Explorer.lnk
2013-08-24 14:29 - 2013-08-24 14:29 - 00000000 ____D C:\Users\Purucker PR\Documents\EÜR & Kasse
2013-08-24 14:23 - 2013-08-24 14:23 - 00000721 _____ C:\Users\Public\Desktop\WISO EÜR & Kasse 2013.lnk
2013-08-24 14:01 - 2013-08-24 14:01 - 00000000 ____D C:\Users\Purucker PR\Documents\Steuer-Sparbuch
2013-08-20 17:36 - 2013-08-26 09:24 - 00000000 ____D C:\Users\Purucker PR\Documents\Mein Steuer-Sparbuch Heute
2013-08-20 17:36 - 2013-08-24 14:23 - 00000000 ____D C:\Users\PURUCK~1\AppData\Local\Buhl
2013-08-15 20:02 - 2013-08-24 14:29 - 00000714 _____ C:\Windows\wiso.ini
2013-08-15 20:02 - 2013-08-15 20:02 - 00000629 _____ C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2013.lnk
2013-08-15 19:56 - 2013-08-24 14:25 - 00000000 ____D C:\ProgramData\Buhl Data Service GmbH
2013-08-15 19:37 - 2013-08-15 19:37 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2013-08-15 19:37 - 2013-08-15 19:37 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2013-08-15 03:05 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-15 03:05 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-15 03:05 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-15 03:05 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-15 03:05 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-15 03:05 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-15 03:05 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-15 03:05 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-15 03:05 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-15 03:05 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-15 03:05 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-15 03:05 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-15 03:05 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-15 03:05 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-15 03:05 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-15 03:05 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-15 03:05 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-15 03:05 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-15 03:05 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-15 03:05 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-15 03:05 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-15 03:05 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-15 03:05 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-15 03:05 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-15 03:05 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-15 03:05 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-15 03:05 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-15 03:05 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-15 03:05 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-15 03:05 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-15 03:05 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-14 12:47 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-14 12:47 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-14 12:47 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 12:47 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-14 12:47 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 12:47 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 12:47 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-14 12:47 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 12:47 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 12:47 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 12:47 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 12:47 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-14 12:47 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-14 12:47 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-14 12:47 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-14 12:47 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-14 12:47 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-14 12:47 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-14 12:47 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-14 12:47 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-14 12:47 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-14 12:47 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-14 12:47 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-14 12:47 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-14 12:47 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-14 12:47 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-14 12:46 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-02 13:46 - 2013-08-02 13:46 - 00000544 _____ C:\Users\Purucker PR\Desktop\HTML Editor.lnk
2013-08-02 13:46 - 2013-08-02 13:46 - 00000000 ____D C:\Users\Purucker PR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Phase 5 HTML-Editor
2013-08-02 13:04 - 2013-08-02 13:04 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-08-02 13:04 - 2013-08-02 13:04 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-08-02 13:04 - 2013-08-02 13:04 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-08-02 13:04 - 2013-08-02 13:04 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-08-02 13:04 - 2013-08-02 13:04 - 00000000 ____D C:\Program Files\Java
2013-08-02 13:03 - 2013-08-02 13:03 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-08-02 13:03 - 2013-08-02 13:03 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-08-02 13:03 - 2013-08-02 13:03 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-08-02 13:03 - 2013-08-02 13:03 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-08-02 12:33 - 2013-08-02 13:04 - 01093032 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-08-02 12:33 - 2013-08-02 13:04 - 00972712 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-08-02 10:06 - 2013-08-02 10:06 - 00029983 _____ C:\Users\Purucker PR\Desktop\FRST.txt
2013-08-02 10:06 - 2013-08-02 10:06 - 00017484 _____ C:\Users\Purucker PR\Desktop\Addition.txt
2013-08-02 10:06 - 2013-08-02 10:06 - 00000000 ____D C:\FRST
2013-08-02 10:05 - 2013-08-02 10:05 - 01781485 _____ (Farbar) C:\Users\Purucker PR\Desktop\FRST64.exe

==================== One Month Modified Files and Folders =======

2013-08-31 14:39 - 2009-07-14 06:51 - 00070318 _____ C:\Windows\setupact.log
2013-08-31 14:36 - 2013-06-25 22:28 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce71e27f960dae.job
2013-08-31 14:28 - 2013-04-10 15:43 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-31 13:53 - 2013-04-10 15:29 - 00000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2013-08-31 13:16 - 2013-07-02 19:16 - 00001204 _____ C:\Windows\Tasks\Plus-HD-2.3-codedownloader.job
2013-08-31 13:16 - 2013-07-02 19:16 - 00001200 _____ C:\Windows\Tasks\Plus-HD-2.3-updater.job
2013-08-31 04:59 - 2013-05-31 13:35 - 02038508 _____ C:\Windows\WindowsUpdate.log
2013-08-31 02:00 - 2013-06-25 22:48 - 00000000 ____D C:\Users\PURUCK~1\AppData\Local\Adobe
2013-08-30 22:36 - 2013-07-15 22:31 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce819a3b979188.job
2013-08-30 14:17 - 2009-07-14 06:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-30 14:17 - 2009-07-14 06:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-30 14:15 - 2010-11-21 08:50 - 00654966 _____ C:\Windows\system32\perfh007.dat
2013-08-30 14:15 - 2010-11-21 08:50 - 00130336 _____ C:\Windows\system32\perfc007.dat
2013-08-30 14:15 - 2009-07-14 07:13 - 01501928 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-30 14:10 - 2013-04-10 15:29 - 00000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2013-08-30 14:10 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-30 14:04 - 2013-06-25 18:42 - 00000000 ____D C:\Users\Purucker PR
2013-08-30 14:00 - 2013-07-01 09:52 - 00000000 ____D C:\Users\Purucker PR\AppData\Roaming\XnView
2013-08-28 07:41 - 2013-06-25 22:26 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-27 12:18 - 2013-08-27 12:18 - 00001165 _____ C:\Users\Purucker PR\Desktop\Mozilla Firefox.lnk
2013-08-27 12:18 - 2013-08-27 12:18 - 00001055 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-08-27 12:18 - 2013-08-27 12:18 - 00000000 ____D C:\Users\Purucker PR\AppData\Roaming\Mozilla
2013-08-27 12:18 - 2013-08-27 12:18 - 00000000 ____D C:\Users\PURUCK~1\AppData\Local\Mozilla
2013-08-27 12:18 - 2013-08-27 12:18 - 00000000 ____D C:\ProgramData\Mozilla
2013-08-27 12:18 - 2013-08-27 12:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-27 12:18 - 2013-07-02 19:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-27 12:17 - 2013-08-27 12:17 - 00001427 _____ C:\Users\Purucker PR\Desktop\Internet Explorer.lnk
2013-08-26 09:24 - 2013-08-20 17:36 - 00000000 ____D C:\Users\Purucker PR\Documents\Mein Steuer-Sparbuch Heute
2013-08-24 14:29 - 2013-08-24 14:29 - 00000000 ____D C:\Users\Purucker PR\Documents\EÜR & Kasse
2013-08-24 14:29 - 2013-08-15 20:02 - 00000714 _____ C:\Windows\wiso.ini
2013-08-24 14:28 - 2013-04-10 15:43 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-24 14:28 - 2013-04-10 15:43 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-24 14:25 - 2013-08-15 19:56 - 00000000 ____D C:\ProgramData\Buhl Data Service GmbH
2013-08-24 14:23 - 2013-08-24 14:23 - 00000721 _____ C:\Users\Public\Desktop\WISO EÜR & Kasse 2013.lnk
2013-08-24 14:23 - 2013-08-20 17:36 - 00000000 ____D C:\Users\PURUCK~1\AppData\Local\Buhl
2013-08-24 14:21 - 2013-04-10 15:26 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-08-24 14:01 - 2013-08-24 14:01 - 00000000 ____D C:\Users\Purucker PR\Documents\Steuer-Sparbuch
2013-08-15 20:02 - 2013-08-15 20:02 - 00000629 _____ C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2013.lnk
2013-08-15 19:37 - 2013-08-15 19:37 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2013-08-15 19:37 - 2013-08-15 19:37 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2013-08-15 04:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-15 03:03 - 2013-07-15 11:52 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 03:00 - 2013-04-11 08:32 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-11 19:00 - 2013-05-31 13:35 - 00000000 ____D C:\Users\Standard
2013-08-09 20:17 - 2013-06-25 22:43 - 00000000 ____D C:\ProgramData\Duden
2013-08-02 13:46 - 2013-08-02 13:46 - 00000544 _____ C:\Users\Purucker PR\Desktop\HTML Editor.lnk
2013-08-02 13:46 - 2013-08-02 13:46 - 00000000 ____D C:\Users\Purucker PR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Phase 5 HTML-Editor
2013-08-02 13:04 - 2013-08-02 13:04 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-08-02 13:04 - 2013-08-02 13:04 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-08-02 13:04 - 2013-08-02 13:04 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-08-02 13:04 - 2013-08-02 13:04 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-08-02 13:04 - 2013-08-02 13:04 - 00000000 ____D C:\Program Files\Java
2013-08-02 13:04 - 2013-08-02 12:33 - 01093032 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-08-02 13:04 - 2013-08-02 12:33 - 00972712 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-08-02 13:03 - 2013-08-02 13:03 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-08-02 13:03 - 2013-08-02 13:03 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-08-02 13:03 - 2013-08-02 13:03 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-08-02 13:03 - 2013-08-02 13:03 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-08-02 13:03 - 2013-04-10 15:42 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-08-02 13:03 - 2013-04-10 15:42 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-08-02 10:06 - 2013-08-02 10:06 - 00029983 _____ C:\Users\Purucker PR\Desktop\FRST.txt
2013-08-02 10:06 - 2013-08-02 10:06 - 00017484 _____ C:\Users\Purucker PR\Desktop\Addition.txt
2013-08-02 10:06 - 2013-08-02 10:06 - 00000000 ____D C:\FRST
2013-08-02 10:05 - 2013-08-02 10:05 - 01781485 _____ (Farbar) C:\Users\Purucker PR\Desktop\FRST64.exe

Files to move or delete:
====================
C:\Users\Purucker PR\setup.exe
C:\Users\PURUCK~1\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\PURUCK~1\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\PURUCK~1\AppData\Local\Temp\ResetDevice.exe
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI98562\kernel32.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI98562\mfc90.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI98562\mfc90u.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI98562\mfcm90.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI98562\mfcm90u.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI98562\psapi.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI98562\python27.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI98562\pythoncom27.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI98562\PyWinTypes27.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI98562\shell32.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI98562\wxbase294u_net_vc90.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI98562\wxbase294u_vc90.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI98562\wxmsw294u_adv_vc90.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI98562\wxmsw294u_core_vc90.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI98562\wxmsw294u_html_vc90.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI98562\wxmsw294u_webview_vc90.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI46642\kernel32.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI46642\mfc90.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI46642\mfc90u.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI46642\mfcm90.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI46642\mfcm90u.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI46642\psapi.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI46642\python27.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI46642\pythoncom27.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI46642\PyWinTypes27.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI46642\shell32.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI46642\wxbase294u_net_vc90.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI46642\wxbase294u_vc90.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI46642\wxmsw294u_adv_vc90.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI46642\wxmsw294u_core_vc90.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI46642\wxmsw294u_html_vc90.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI46642\wxmsw294u_webview_vc90.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI325762\kernel32.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI325762\mfc90.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI325762\mfc90u.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI325762\mfcm90.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI325762\mfcm90u.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI325762\msvcp100.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI325762\msvcr100.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI325762\psapi.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI325762\python27.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI325762\pythoncom27.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI325762\PyWinTypes27.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI325762\shell32.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI325762\wxbase294u_net_vc90.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI325762\wxbase294u_vc90.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI325762\wxmsw294u_adv_vc90.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI325762\wxmsw294u_core_vc90.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI325762\wxmsw294u_html_vc90.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI325762\wxmsw294u_webview_vc90.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI31322\kernel32.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI31322\mfc90.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI31322\mfc90u.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI31322\mfcm90.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI31322\mfcm90u.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI31322\msvcp100.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI31322\msvcr100.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI31322\psapi.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI31322\python27.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI31322\pythoncom27.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI31322\PyWinTypes27.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI31322\shell32.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI31322\wxbase294u_net_vc90.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI31322\wxbase294u_vc90.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI31322\wxmsw294u_adv_vc90.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI31322\wxmsw294u_core_vc90.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI31322\wxmsw294u_html_vc90.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI31322\wxmsw294u_webview_vc90.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI26722\shell32.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI26722\wxbase294u_net_vc90.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI26722\wxbase294u_vc90.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI26722\wxmsw294u_adv_vc90.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI26722\wxmsw294u_core_vc90.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI26722\wxmsw294u_html_vc90.dll
C:\Users\PURUCK~1\AppData\Local\Temp\_MEI26722\wxmsw294u_webview_vc90.dll
C:\Users\PURUCK~1\AppData\Local\Temp\tmpkt5kbg\googledrivesync.exe
C:\Users\PURUCK~1\AppData\Local\Temp\tmp4244\silverlight.exe
C:\Users\PURUCK~1\AppData\Local\Temp\is357113909\OpenItSetup.exe
C:\Users\PURUCK~1\AppData\Local\Temp\is357113909\QtraxInstaller.exe
C:\Users\PURUCK~1\AppData\Local\Temp\CProgram Files (x86)Opera\D3DCompiler_43.dll
C:\Users\PURUCK~1\AppData\Local\Temp\CProgram Files (x86)Opera\Opera-12.16-1860.i386.autoupdate.exe
C:\Users\PURUCK~1\AppData\Local\Temp\CProgram Files (x86)Opera\opera.dll
C:\Users\PURUCK~1\AppData\Local\Temp\CProgram Files (x86)Opera\opera.exe
C:\Users\PURUCK~1\AppData\Local\Temp\CProgram Files (x86)Opera\OperaUpgrader.exe
C:\Users\PURUCK~1\AppData\Local\Temp\CProgram Files (x86)Opera\updatechecker\opera_autoupdate.exe
C:\Users\PURUCK~1\AppData\Local\Temp\CProgram Files (x86)Opera\mapi\OperaMAPI.dll
C:\Users\PURUCK~1\AppData\Local\Temp\CProgram Files (x86)Opera\gstreamer\gstreamer.dll
C:\Users\PURUCK~1\AppData\Local\Temp\CProgram Files (x86)Opera\gstreamer\plugins\gstaudioconvert.dll
C:\Users\PURUCK~1\AppData\Local\Temp\CProgram Files (x86)Opera\gstreamer\plugins\gstaudioresample.dll
C:\Users\PURUCK~1\AppData\Local\Temp\CProgram Files (x86)Opera\gstreamer\plugins\gstautodetect.dll
C:\Users\PURUCK~1\AppData\Local\Temp\CProgram Files (x86)Opera\gstreamer\plugins\gstcoreplugins.dll
C:\Users\PURUCK~1\AppData\Local\Temp\CProgram Files (x86)Opera\gstreamer\plugins\gstdecodebin2.dll
C:\Users\PURUCK~1\AppData\Local\Temp\CProgram Files (x86)Opera\gstreamer\plugins\gstdirectsound.dll
C:\Users\PURUCK~1\AppData\Local\Temp\CProgram Files (x86)Opera\gstreamer\plugins\gstffmpegcolorspace.dll
C:\Users\PURUCK~1\AppData\Local\Temp\CProgram Files (x86)Opera\gstreamer\plugins\gstoggdec.dll
C:\Users\PURUCK~1\AppData\Local\Temp\CProgram Files (x86)Opera\gstreamer\plugins\gstwaveform.dll
C:\Users\PURUCK~1\AppData\Local\Temp\CProgram Files (x86)Opera\gstreamer\plugins\gstwavparse.dll
C:\Users\PURUCK~1\AppData\Local\Temp\CProgram Files (x86)Opera\gstreamer\plugins\gstwebmdec.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================
--- --- ---

schrauber 31.08.2013 16:34
Hi,

was für Probleme? Logs bitte in Codetags posten. Log vom Antivirenprogramm und Additional.txt von FRST fehlen noch.

PuruckerPR 31.08.2013 16:37
Ich habe es nicht verstanden, was jetzt der genaue Fehler war, den mir ESET da angezeigt hat. Das Programm verwirrt mich ein wenig. Ich lasse eben den Virenscanner noch einmal durchlaufen.

Hier haben wir den Additional noch:

FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-08-2013
Ran by Purucker PR at 2013-08-31 17:47:31
Running from C:\Users\Purucker PR\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

 
Adobe Acrobat X Pro - English, Français, Deutsch (x32 Version: 10.1.7)
Adobe AIR (x32 Version: 3.7.0.2090)
Adobe Creative Suite 6 Design Standard (x32 Version: 6)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Help Manager (x32 Version: 4.0.244)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
Adobe® Content Viewer (x32 Version: 3.2.0)
AMD Accelerated Video Transcoding (Version: 12.5.100.21219)
AMD APP SDK Runtime (Version: 10.0.1084.4)
AMD Catalyst Install Manager (Version: 8.0.903.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.71219.1540)
Apple Application Support (x32 Version: 2.3.4)
Apple Software Update (x32 Version: 2.1.3.127)
BrowserDefender (x32)
Canon MF8000C Series (Version: 3.9.0.0)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center (x32 Version: 2012.1219.1521.27485)
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1219.1521.27485)
Catalyst Control Center InstallProxy (x32 Version: 2012.1219.1521.27485)
Catalyst Control Center Localization All (x32 Version: 2012.1219.1521.27485)
CCC Help Chinese Standard (x32 Version: 2012.1219.1520.27485)
CCC Help Chinese Traditional (x32 Version: 2012.1219.1520.27485)
CCC Help Czech (x32 Version: 2012.1219.1520.27485)
CCC Help Danish (x32 Version: 2012.1219.1520.27485)
CCC Help Dutch (x32 Version: 2012.1219.1520.27485)
CCC Help English (x32 Version: 2012.1219.1520.27485)
CCC Help Finnish (x32 Version: 2012.1219.1520.27485)
CCC Help French (x32 Version: 2012.1219.1520.27485)
CCC Help German (x32 Version: 2012.1219.1520.27485)
CCC Help Greek (x32 Version: 2012.1219.1520.27485)
CCC Help Hungarian (x32 Version: 2012.1219.1520.27485)
CCC Help Italian (x32 Version: 2012.1219.1520.27485)
CCC Help Japanese (x32 Version: 2012.1219.1520.27485)
CCC Help Korean (x32 Version: 2012.1219.1520.27485)
CCC Help Norwegian (x32 Version: 2012.1219.1520.27485)
CCC Help Polish (x32 Version: 2012.1219.1520.27485)
CCC Help Portuguese (x32 Version: 2012.1219.1520.27485)
CCC Help Russian (x32 Version: 2012.1219.1520.27485)
CCC Help Spanish (x32 Version: 2012.1219.1520.27485)
CCC Help Swedish (x32 Version: 2012.1219.1520.27485)
CCC Help Thai (x32 Version: 2012.1219.1520.27485)
CCC Help Turkish (x32 Version: 2012.1219.1520.27485)
ccc-utility64 (Version: 2012.1219.1521.27485)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
Deutsche Post E-Porto (Version: 2.3.0)
dows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0)
Duden Patch 3261 (x32 Version: 9.0.0)
Duden-Rechtschreibprüfung PLUS (x32 Version: 9.0.0)
ESET NOD32 Antivirus (Version: 6.0.316.1)
Google Drive (x32 Version: 1.11.4865.2530)
Google Update Helper (x32 Version: 1.3.21.153)
HERMA Label Designer plus 1.1 (x32 Version: 1.00.0000)
Image Resizer for Windows (64 bit) (Version: 3.0.4802.35565)
Image Resizer for Windows (x32 Version: 3.0.4802.35565)
Intel(R) Manageability Engine Firmware Recovery Agent (x32 Version: 1.0.0.36354)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1281)
Intel(R) Network Connections 18.1.59.0 (Version: 18.1.59.0)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2932)
Intel(R) Rapid Storage Technology (x32 Version: 11.7.0.1013)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.7.248)
Intel® Trusted Connect Service Client (Version: 1.24.738.1)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Java 7 Update 25 (x32 Version: 7.0.250)
Media Go (x32 Version: 1.7.254)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1)
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Mobile Partner (x32 Version: 11.302.09.01.528)
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 23.0.1)
MSVC80_x64_v2 (Version: 1.0.3.0)
MSVC80_x86_v2 (x32 Version: 1.0.3.0)
MSVC90_x64 (Version: 1.0.1.2)
MSVC90_x86 (x32 Version: 1.0.1.2)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
NETGEAR WG111v3 wireless USB 2.0 adapter (x32 Version: 1.01.10)
Nokia Connectivity Cable Driver (x32 Version: 7.1.172.0)
Nokia Suite (x32 Version: 3.8.30.0)
Opera 12.16 (x32 Version: 12.16.1860)
PC Connectivity Solution (x32 Version: 12.0.109.0)
PDF Settings CS6 (x32 Version: 11.0)
Phase 5 HTML-Editor (x32 Version: 5.6.2.3)
PlayStation(R)Network Downloader (x32 Version: 2.05.00710)
PlayStation(R)Store (x32 Version: 4.1.8.11883)
Plus-HD-2.3 (x32 Version: 1.27.153.5)
QuickTime (x32 Version: 7.74.80.86)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6804)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition
Shared Add-in Extensibility Update for Microsoft .NET Framework 2.0 (KB908002) (x32 Version: 1.0.0)
Shared Add-in Support Update for Microsoft .NET Framework 2.0 (KB908002) (x32 Version: 1.0.0)
Sony PC Companion 2.10.165 (x32 Version: 2.10.165)
SpyHunter (Version: 4.14.5.4268)
UltraISO Premium V9.53 (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition
Update for Zip Opener (HKCU)
VC_CRT_x64 (Version: 1.02.0000)
VirtualCloneDrive (x32)
WISO EÜR & Kasse 2013 (x32 Version: 20.01.8152)
WISO Steuer-Sparbuch 2013 (x32 Version: 20.00.8137)
XnView 2.03 (x32 Version: 2.03)

==================== Restore Points  =========================

Could not list Restore Points.


==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce819a3b979188.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce71e27f960dae.job => ?
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => ?
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => ?
Task: C:\Windows\Tasks\Plus-HD-2.3-chromeinstaller.job => ?
Task: C:\Windows\Tasks\Plus-HD-2.3-codedownloader.job => ?
Task: C:\Windows\Tasks\Plus-HD-2.3-enabler.job => ?
Task: C:\Windows\Tasks\Plus-HD-2.3-updater.job => ?

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/31/2013 05:26:03 PM) (Source: MsiInstaller) (User: 2013-0281)
Description: Produkt: EtikettenAssistent 4.2 -- Fehler 1706. Ein Installationspaket des Produkts EtikettenAssistent 4.2 konnte nicht gefunden werden. Wiederholen Sie die Installation unter Verwendung einer gültigen Kopie des Installationspakets "HermaAssistent40.msi".

Error: (08/31/2013 05:18:44 PM) (Source: MsiInstaller) (User: 2013-0281)
Description: Produkt: EtikettenAssistent 4.2 -- Fehler 1706. Ein Installationspaket des Produkts EtikettenAssistent 4.2 konnte nicht gefunden werden. Wiederholen Sie die Installation unter Verwendung einer gültigen Kopie des Installationspakets "HermaAssistent40.msi".

Error: (08/31/2013 05:18:27 PM) (Source: MsiInstaller) (User: 2013-0281)
Description: Produkt: EtikettenAssistent 4.2 -- Fehler 1706. Ein Installationspaket des Produkts EtikettenAssistent 4.2 konnte nicht gefunden werden. Wiederholen Sie die Installation unter Verwendung einer gültigen Kopie des Installationspakets "HermaAssistent40.msi".

Error: (08/31/2013 05:12:37 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: WINWORD.EXE, Version: 14.0.7015.1000, Zeitstempel: 0x51cca7cb
Name des fehlerhaften Moduls: wwlib.dll, Version: 14.0.7015.1000, Zeitstempel: 0x51cca7f2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000c1fc64
ID des fehlerhaften Prozesses: 0x3ec
Startzeit der fehlerhaften Anwendung: 0xWINWORD.EXE0
Pfad der fehlerhaften Anwendung: WINWORD.EXE1
Pfad des fehlerhaften Moduls: WINWORD.EXE2
Berichtskennung: WINWORD.EXE3

Error: (08/31/2013 05:12:00 PM) (Source: MsiInstaller) (User: 2013-0281)
Description: Produkt: EtikettenAssistent 4.2 -- Fehler 1706. Ein Installationspaket des Produkts EtikettenAssistent 4.2 konnte nicht gefunden werden. Wiederholen Sie die Installation unter Verwendung einer gültigen Kopie des Installationspakets "HermaAssistent40.msi".

Error: (08/31/2013 05:11:41 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/31/2013 05:08:29 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: WINWORD.EXE, Version: 14.0.7015.1000, Zeitstempel: 0x51cca7cb
Name des fehlerhaften Moduls: wwlib.dll, Version: 14.0.7015.1000, Zeitstempel: 0x51cca7f2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000c1fc64
ID des fehlerhaften Prozesses: 0x96b4
Startzeit der fehlerhaften Anwendung: 0xWINWORD.EXE0
Pfad der fehlerhaften Anwendung: WINWORD.EXE1
Pfad des fehlerhaften Moduls: WINWORD.EXE2
Berichtskennung: WINWORD.EXE3

Error: (08/31/2013 05:07:23 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: WINWORD.EXE, Version: 14.0.7015.1000, Zeitstempel: 0x51cca7cb
Name des fehlerhaften Moduls: wwlib.dll, Version: 14.0.7015.1000, Zeitstempel: 0x51cca7f2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000c1fc64
ID des fehlerhaften Prozesses: 0x97b8
Startzeit der fehlerhaften Anwendung: 0xWINWORD.EXE0
Pfad der fehlerhaften Anwendung: WINWORD.EXE1
Pfad des fehlerhaften Moduls: WINWORD.EXE2
Berichtskennung: WINWORD.EXE3

Error: (08/31/2013 05:07:00 PM) (Source: MsiInstaller) (User: 2013-0281)
Description: Produkt: EtikettenAssistent 4.2 -- Fehler 1706. Ein Installationspaket des Produkts EtikettenAssistent 4.2 konnte nicht gefunden werden. Wiederholen Sie die Installation unter Verwendung einer gültigen Kopie des Installationspakets "HermaAssistent40.msi".

Error: (08/31/2013 05:06:14 PM) (Source: MsiInstaller) (User: 2013-0281)
Description: Produkt: EtikettenAssistent 4.2 -- Fehler 1706. Ein Installationspaket des Produkts EtikettenAssistent 4.2 konnte nicht gefunden werden. Wiederholen Sie die Installation unter Verwendung einer gültigen Kopie des Installationspakets "HermaAssistent40.msi".


System errors:
=============
Error: (08/15/2013 03:21:08 AM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (08/03/2013 03:39:38 PM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk1\DR1.

Error: (08/01/2013 07:03:24 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (08/01/2013 07:03:23 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (08/01/2013 07:03:23 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (08/01/2013 07:03:22 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (08/01/2013 07:03:22 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (07/29/2013 11:27:26 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (07/29/2013 11:27:26 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht.

Error: (07/29/2013 11:27:26 AM) (Source: DCOM) (User: )
Description: 1053WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}


Microsoft Office Sessions:
=========================
Error: (08/31/2013 05:26:03 PM) (Source: MsiInstaller)(User: 2013-0281)
Description: Produkt: EtikettenAssistent 4.2 -- Fehler 1706. Ein Installationspaket des Produkts EtikettenAssistent 4.2 konnte nicht gefunden werden. Wiederholen Sie die Installation unter Verwendung einer gültigen Kopie des Installationspakets "HermaAssistent40.msi".(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (08/31/2013 05:18:44 PM) (Source: MsiInstaller)(User: 2013-0281)
Description: Produkt: EtikettenAssistent 4.2 -- Fehler 1706. Ein Installationspaket des Produkts EtikettenAssistent 4.2 konnte nicht gefunden werden. Wiederholen Sie die Installation unter Verwendung einer gültigen Kopie des Installationspakets "HermaAssistent40.msi".(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (08/31/2013 05:18:27 PM) (Source: MsiInstaller)(User: 2013-0281)
Description: Produkt: EtikettenAssistent 4.2 -- Fehler 1706. Ein Installationspaket des Produkts EtikettenAssistent 4.2 konnte nicht gefunden werden. Wiederholen Sie die Installation unter Verwendung einer gültigen Kopie des Installationspakets "HermaAssistent40.msi".(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (08/31/2013 05:12:37 PM) (Source: Application Error)(User: )
Description: WINWORD.EXE14.0.7015.100051cca7cbwwlib.dll14.0.7015.100051cca7f2c00000050000000000c1fc643ec01cea65c83c611e1C:\Program Files\Microsoft Office\Office14\WINWORD.EXEC:\Program Files\Microsoft Office\Office14\wwlib.dllc50c3458-124f-11e3-9486-7054d244d6b6

Error: (08/31/2013 05:12:00 PM) (Source: MsiInstaller)(User: 2013-0281)
Description: Produkt: EtikettenAssistent 4.2 -- Fehler 1706. Ein Installationspaket des Produkts EtikettenAssistent 4.2 konnte nicht gefunden werden. Wiederholen Sie die Installation unter Verwendung einer gültigen Kopie des Installationspakets "HermaAssistent40.msi".(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (08/31/2013 05:11:41 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/31/2013 05:08:29 PM) (Source: Application Error)(User: )
Description: WINWORD.EXE14.0.7015.100051cca7cbwwlib.dll14.0.7015.100051cca7f2c00000050000000000c1fc6496b401cea65bf1cf45daC:\Program Files\Microsoft Office\Office14\WINWORD.EXEC:\Program Files\Microsoft Office\Office14\wwlib.dll3135f2ec-124f-11e3-8a44-7054d244d6b6

Error: (08/31/2013 05:07:23 PM) (Source: Application Error)(User: )
Description: WINWORD.EXE14.0.7015.100051cca7cbwwlib.dll14.0.7015.100051cca7f2c00000050000000000c1fc6497b801cea65bc9f9d9e9C:\Program Files\Microsoft Office\Office14\WINWORD.EXEC:\Program Files\Microsoft Office\Office14\wwlib.dll096716c4-124f-11e3-8a44-7054d244d6b6

Error: (08/31/2013 05:07:00 PM) (Source: MsiInstaller)(User: 2013-0281)
Description: Produkt: EtikettenAssistent 4.2 -- Fehler 1706. Ein Installationspaket des Produkts EtikettenAssistent 4.2 konnte nicht gefunden werden. Wiederholen Sie die Installation unter Verwendung einer gültigen Kopie des Installationspakets "HermaAssistent40.msi".(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (08/31/2013 05:06:14 PM) (Source: MsiInstaller)(User: 2013-0281)
Description: Produkt: EtikettenAssistent 4.2 -- Fehler 1706. Ein Installationspaket des Produkts EtikettenAssistent 4.2 konnte nicht gefunden werden. Wiederholen Sie die Installation unter Verwendung einer gültigen Kopie des Installationspakets "HermaAssistent40.msi".(NULL)(NULL)(NULL)(NULL)(NULL)


==================== Memory info ===========================

Percentage of memory in use: 34%
Total physical RAM: 8140.66 MB
Available physical RAM: 5366.8 MB
Total Pagefile: 16279.5 MB
Available Pagefile: 13212.46 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:195.31 GB) (Free:128.36 GB) NTFS (Disk=0 Partition=1) ==>[System with boot components (obtained from reading drive)]
Drive d: (Daten) (Fixed) (Total:736.2 GB) (Free:726.03 GB) NTFS (Disk=0 Partition=2)
Drive f: () (Removable) (Total:7.39 GB) (Free:6.47 GB) FAT32 (Disk=1 Partition=1)

==================== MBR & Partition Table ==================

========================================================
Disk: 1 (Size: 7 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=7 GB) - (Type=0B)

==================== End Of Log ============================
--- --- ---

schrauber 31.08.2013 20:30
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.


Alle Zeitangaben in WEZ +1. Es ist jetzt 23:57 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131