| spartaner007 | 31.10.2013 10:13 |
Hallo Cosinus,
FRST64 hat funktioniert. Folgende Ergebnisdateien poppten auf:
FRST Logfile:
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-10-2013
Ran by HM (administrator) on PC02 on 31-10-2013 09:52:21
Running from C:\Users\HM\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\AVKClient\AVKWCtlX64.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(G Data Software AG) C:\Program Files (x86)\G Data\AVKClient\AVKCl.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe
(DA eG) C:\DA\PROGRAMM\INSTALL\DvInesASDSvc.Exe
(DA eG) C:\DA\SYSTEM\DA.Framework.RemoteServiceModel.GenericService2010.exe
(DA eG) C:\DA\PROGRAMM\B0001442\PSNTSERV.EXE
(DA eG) C:\DA\PROGRAMM\B0000000\DFUEMNGR\DcManag.exe
(DA eG) C:\DA\PROGRAMM\B0000150\ScServer\DVckService.exe
(Firebird Project) C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe
(SafeNet Inc.) C:\Windows\system32\hasplms.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
() C:\Program Files (x86)\Haufe\iDesk\iDeskService\iDeskService.exe
(Intel Corporation) C:\Windows\system32\IProsetMonitor.exe
(Haufe Mediengruppe) C:\Program Files (x86)\Haufe\iDesk\iDeskService\ideskpython.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(KOBIL Systems GmbH) C:\DA\PROGRAMM\B0000404\msdisrv.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 7\PDFProFiltSrv.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(DA eG) C:\DA\PROGRAMM\B0000398\SiPaHostService.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Firebird Project) C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe
(AMD) C:\Windows\system32\atieclxx.exe
(DA eG) C:\DA\SYSTEM\DA.Framework.RemoteServiceModel.GenericService2010.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(DA eG) C:\DA\PROGRAMM\B0000000\DFUEMNGR\DfueMan.exe
(DA eG) C:\DA\SYSTEM\rzpjwtch.exe
(AGFEO ) C:\Program Files (x86)\AGFEO\Tk-Suite\tools\ctimon.exe
(DA eG) C:\DA\PROGRAMM\Install\DvInesASDMon.Exe
(G Data Software AG) C:\Program Files (x86)\G Data\AVKCl\AVKCl.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Lotus Development Corporation) C:\lotus\organize\easyclip6.exe
(DA eG) C:\DA\PROGRAMM\B0000398\SiPaHost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconCl.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe
(DA eG) C:\DA\SYSTEM\DA.Framework.RemoteServiceModel.GenericService2010.exe
(DA eG) C:\DA\PROGRAMM\D0100000\DA.Framework.RemoteServiceModel.GenericService2010.exe
(DA e.G.) C:\DA\SYSTEM\DvReweDzsMSTR030A.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11660904 2010-11-30] (Realtek Semiconductor)
HKLM\...\Run: [hpsysdrv] - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [403888 2012-08-03] (Acronis)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoWelcomeScreen] 1
HKCU\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKCU\...\Run: [c:_program files (x86)_cor42] - C:\Program Files (x86)\Corel\Corel Graphics 12\Programs\CorUpd.exe [139264 2003-11-18] (Corel Corporation)
HKCU\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [112152 2011-01-17] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-11-09] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [DA Update-Monitor] - C:\DA\PROGRAMM\Install\DvInesASDMon.Exe [288352 2012-12-20] (DA eG)
HKLM-x32\...\Run: [AVK Cl] - C:\Program Files (x86)\G Data\AVKCl\AVKCl.exe [1800696 2012-02-28] (G Data Software AG)
HKLM-x32\...\Run: [CorelDRAW Graphics Suite 11b] - C:\Program Files (x86)\Corel\Corel Graphics 12\Languages\DE\Programs\registration.exe [733184 2003-11-28] (Corel Corporation)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [PDFHook] - C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe [1275168 2010-10-16] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF7 Registry Controller] - C:\Program Files (x86)\Nuance\PDF Professional 7\RegistryController.exe [121120 2010-10-16] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [BrMfcWnd] - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ControlCenter3] - C:\Program Files (x86)\Brother\ControlCenter3\BrCtrCen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6049096 2012-08-23] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] - C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [943856 2012-07-24] (Acronis)
HKLM-x32\...\Run: [SiPaHost] - C:\DA\PROGRAMM\B0000398\SiPaHost.exe [551464 2013-01-18] (DA eG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Startup: C:\Users\HM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Datum Start PC02.lnk
ShortcutTarget: Datum Start PC02.lnk -> P:\BAT\Datum_Start_HO.bat ()
Startup: C:\Users\HM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Lotus Organizer EasyClip.lnk
ShortcutTarget: Lotus Organizer EasyClip.lnk -> C:\lotus\organize\easyclip6.exe (Lotus Development Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2102} URL =
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMDTDF&pc=CMDTDF&src=IE-SearchBox
BHO: DtvIePwdSafeBHO Class - {6EF6B546-25FB-455B-801F-FDB3B3D39F9E} - C:\DA\PROGRAMM\B0000397\DtvIePwdSafe64.dll (DA eG)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
BHO: SCardBHOEvent Class - {AF8CD625-E04A-4A8F-A90A-0C74846C2E30} - C:\DA\SYSTEM\DVCCSASCardBHO64002.dll (DA eG)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Professional 7\bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: DtvIePwdSafeBHO Class - {6EF6B546-25FB-455B-801F-FDB3B3D39F9E} - C:\DA\PROGRAMM\B0000397\DtvIePwdSafe.dll (DA eG)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
BHO-x32: SCardBHOEvent Class - {AF8CD625-E04A-4A8F-A90A-0C74846C2E30} - C:\DA\SYSTEM\DVCCSASCardBHO002.dll (DA eG)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: IEHlprObj Class - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - C:\lotus\organize\iehelper.dll ()
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: ZeonIEEventHelper Class - {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - C:\Program Files (x86)\Nuance\PDF Professional 7\bin\ZeonIEFavCl.dll (Zeon Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - DMS Schnellsuche - {bbfc5b4d-6bcd-4f13-ad6e-f6364f9dc621} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Nuance PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files (x86)\Nuance\PDF Professional 7\bin\ZeonIEFavCl.dll (Zeon Corporation)
Handler: haufereader - No CLSID Value -
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - No File
Handler-x32: haufereader - No CLSID Value -
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.199.10
FireFox:
========
FF ProfilePath: C:\Users\HM\AppData\Roaming\Mozilla\Firefox\Profiles\gv7wjv9w.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @DA.de/DA_BestellManager,version=1.7 - C:\DA\PROGRAMM\A0000015\npdvbm.dll ( DA eG)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 - C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll (Zeon Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: nuance - C:\Users\HM\AppData\Roaming\Mozilla\Firefox\Profiles\gv7wjv9w.default\Extensions\nuance@pdf7
FF Extension: Adblock Plus - C:\Users\HM\AppData\Roaming\Mozilla\Firefox\Profiles\gv7wjv9w.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
Chrome:
=======
CHR Extension: (Website Logon) - C:\Users\HM\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfaldikcoaplhepekpbngkepfcoiihef\1.0_0
CHR HKLM-x32\...\Chrome\Extension: [dfaldikcoaplhepekpbngkepfcoiihef] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx
==================== Services (Whitelisted) =================
R2 AntiVirusKit Cl; C:\Program Files (x86)\G Data\AVKCl\AVKCl.exe [1800696 2012-02-28] (G Data Software AG)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe [1501192 2012-02-29] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\AVKCl\AVKWCtlX64.exe [2192320 2012-02-28] (G Data Software AG)
R2 DA Update-Service; C:\DA\PROGRAMM\INSTALL\DvInesASDSvc.Exe [158304 2012-12-20] (DA eG)
R2 DAPrintService; C:\DA\PROGRAMM\B0001442\PSNTSERV.EXE [87040 2013-04-08] (DA eG)
R2 Dcmanag; C:\DA\PROGRAMM\B0000000\DFUEMNGR\DcManag.exe [177760 2012-06-05] (DA eG)
R2 DVckService; C:\DA\PROGRAMM\B0000150\ScServer\DVckService.exe [2653224 2013-01-28] (DA eG)
R2 FirebirdGuardianDefaultInstance; C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe [116224 2012-05-18] (Firebird Project)
R3 FirebirdServerDefaultInstance; C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe [4035584 2012-05-18] (Firebird Project)
S3 GDBackupSvc; C:\Program Files (x86)\G Data\AVKCl\AVKBackupService.exe [1498616 2012-02-28] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe [459784 2012-02-29] (G Data Software AG)
R2 hasplms; C:\Windows\system32\hasplms.exe [4913608 2011-12-01] (SafeNet Inc.)
R2 HRService; C:\Program Files (x86)\Haufe\iDesk\iDeskService\iDeskService.exe [12800 2013-07-03] ()
R2 KOBIL_MSDI; C:\DA\PROGRAMM\B0000404\msdisrv.exe [192512 2011-03-03] (KOBIL Systems GmbH)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 PDFProFiltSrv; C:\Program Files (x86)\Nuance\PDF Professional 7\PDFProFiltSrv.exe [134944 2010-10-16] (Nuance Communications, Inc.)
R2 Sicherheitspaket-Dienst; C:\DA\PROGRAMM\B0000398\SiPaHostService.exe [196136 2013-01-18] (DA eG)
R2 DA.Framework.RemoteServiceModel.EnablerService; C:\DA\SYSTEM\DA.Framework.RemoteServiceModel.GenericService2010.exe DA.Framework.RemoteServiceModel.EnablerService -SvcRunLevel=9999 -Single [x]
R3 DA.Framework.RemoteServices; C:\DA\SYSTEM\DA.Framework.RemoteServiceModel.GenericService2010.exe DA.Framework.RemoteServices -SvcRunLevel=1000 -Single [x]
==================== Drivers (Whitelisted) ====================
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [50552 2012-12-03] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [111992 2012-12-03] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [65912 2012-12-03] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106648 2012-12-03] (G Data Software)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [321536 2011-09-28] (SafeNet Inc.)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [53112 2012-12-03] (G Data Software AG)
S3 IFCoEMP; C:\Windows\system32\drivers\ifM52x64.sys [339728 2010-08-13] (Intel(R) Corporation)
S3 IFCoEVB; C:\Windows\system32\drivers\ifP52X64.sys [65808 2010-08-13] (Intel(R) Corporation)
S3 KOBCCEX; C:\Windows\System32\drivers\KOBCCEX.sys [25344 2012-01-03] (KOBIL Systems GmbH)
R3 KOBCCID; C:\Windows\System32\drivers\KOBCCID.sys [116864 2012-11-10] (KOBIL Systems GmbH)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-12-09] ()
R2 SC_SERV3D; C:\Windows\system32\drivers\d3_kafm.sys [84728 2012-07-03] (DA eG)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [1093256 2013-03-24] (Acronis)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [166024 2013-03-24] (Acronis)
S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [33048 2006-11-30] (X10 Wireless Technology, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
U0 dmboot;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-31 01:27 - 2013-10-31 01:35 - 00030030 _____ C:\Users\HM\Desktop\Combofix_fuer_Forum.txt
2013-10-31 01:26 - 2013-10-31 01:26 - 00030196 _____ C:\Users\HM\Desktop\Combofix.txt
2013-10-31 01:23 - 2013-10-31 01:23 - 00030196 _____ C:\ComboFix.txt
2013-10-31 01:02 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-10-31 01:02 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-10-31 01:02 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-10-31 01:02 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-10-31 01:02 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-10-31 01:02 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-10-31 01:02 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-10-31 01:02 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-10-31 01:01 - 2013-10-31 01:23 - 00000000 ____D C:\Qoobox
2013-10-31 01:01 - 2013-10-31 01:22 - 00000000 ____D C:\Windows\erdnt
2013-10-31 00:51 - 2013-10-31 00:51 - 05137879 ____R (Swearware) C:\Users\HM\Desktop\ComboFix.exe
2013-10-30 19:09 - 2013-10-30 19:09 - 00000952 _____ C:\Users\HM\Desktop\JRT.txt
2013-10-28 22:09 - 2013-10-28 22:09 - 00000000 ____D C:\Windows\ERUNT
2013-10-28 22:08 - 2013-10-30 19:00 - 01033335 _____ (Thisisu) C:\Users\HM\Desktop\JRT.exe
2013-10-28 21:54 - 2013-10-28 21:54 - 00000999 _____ C:\Users\HM\Desktop\FreeCommander.lnk
2013-10-28 21:54 - 2013-10-28 21:54 - 00000000 ____D C:\Users\HM\AppData\Roaming\FreeCommander
2013-10-28 21:54 - 2013-10-28 21:54 - 00000000 ____D C:\Program Files (x86)\FreeCommander
2013-10-28 21:52 - 2013-10-28 21:52 - 02474433 _____ C:\Users\HM\Downloads\fc_setup_0902b.zip
2013-10-28 21:50 - 2013-10-28 21:50 - 00614816 _____ C:\Users\HM\Downloads\fc_setup_0902b - CHIP-Downloader.exe
2013-10-28 00:37 - 2013-10-30 23:07 - 01956614 _____ (Farbar) C:\Users\HM\Desktop\FRST64.exe
2013-10-28 00:05 - 2013-10-30 22:44 - 00000000 ____D C:\AdwCleaner
2013-10-28 00:01 - 2013-10-28 00:01 - 01060070 _____ C:\Users\HM\Desktop\adwcleaner.exe
2013-10-27 09:04 - 2013-10-27 12:12 - 00116440 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2013-10-27 08:59 - 2013-10-27 11:45 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-10-27 08:42 - 2013-10-27 13:00 - 00000000 ____D C:\Users\HM\Desktop\mbar
2013-10-27 08:39 - 2013-10-27 08:40 - 12576792 _____ (Malwarebytes Corp.) C:\Users\HM\Desktop\mbar-1.07.0.1007.exe
2013-10-27 08:30 - 2013-10-27 08:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-26 13:57 - 2013-10-26 13:57 - 00000000 ____D C:\FRST
2013-10-25 23:15 - 2013-10-25 23:15 - 00001115 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-10-25 23:15 - 2013-10-25 23:15 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-25 23:15 - 2013-04-04 13:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-10-25 23:08 - 2013-10-25 23:09 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\HM\Desktop\mbam-setup-1.75.0.1300.exe
2013-10-25 13:30 - 2013-10-25 13:30 - 00000000 ____D C:\Users\HM\AppData\Roaming\HSC-Software
2013-10-24 07:42 - 2013-10-24 07:42 - 00000000 ___RD C:\Users\HM\AppData\Roaming\Brother
2013-10-23 06:47 - 2013-10-23 06:47 - 00000000 ____D C:\ProgramData\Oracle
2013-10-22 21:22 - 2013-10-22 21:22 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-22 21:22 - 2013-10-22 21:22 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-22 21:22 - 2013-10-22 21:22 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-22 21:22 - 2013-10-22 21:22 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-19 20:20 - 2013-10-19 20:20 - 00002311 _____ C:\Users\Public\Desktop\Haufe Steuer Office aufrufen.lnk
2013-10-11 14:57 - 2013-09-23 00:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-11 14:57 - 2013-09-23 00:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-11 14:57 - 2013-09-23 00:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-11 14:57 - 2013-09-23 00:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-11 14:57 - 2013-09-23 00:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-11 14:57 - 2013-09-23 00:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-11 14:57 - 2013-09-23 00:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-11 14:57 - 2013-09-23 00:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-11 14:57 - 2013-09-23 00:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-11 14:57 - 2013-09-23 00:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-11 14:57 - 2013-09-23 00:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-11 14:57 - 2013-09-23 00:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-11 14:57 - 2013-09-23 00:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-11 14:57 - 2013-09-22 23:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-11 14:57 - 2013-09-22 23:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-11 14:57 - 2013-09-22 23:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-11 14:57 - 2013-09-22 23:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-11 14:57 - 2013-09-22 23:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-11 14:57 - 2013-09-22 23:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-11 14:57 - 2013-09-22 23:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-11 14:57 - 2013-09-22 23:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-11 14:57 - 2013-09-22 23:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-11 14:57 - 2013-09-22 23:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-11 14:57 - 2013-09-22 23:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-11 14:57 - 2013-09-22 23:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-11 14:57 - 2013-09-22 23:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-11 14:57 - 2013-09-22 23:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-11 14:57 - 2013-09-21 04:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-11 14:57 - 2013-09-21 04:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-11 14:57 - 2013-09-21 03:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-11 14:57 - 2013-09-21 03:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-11 08:16 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-11 08:16 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-11 08:16 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-11 08:16 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-11 08:16 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-11 08:16 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-11 08:16 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-11 08:16 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-11 08:16 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-11 08:16 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-11 08:16 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-11 08:16 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-11 08:11 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-11 08:11 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-11 08:11 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-11 08:11 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-11 08:10 - 2013-09-14 02:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-11 08:10 - 2013-09-08 03:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-11 08:10 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-11 08:10 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-10-11 08:10 - 2013-08-29 03:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-11 08:10 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-11 08:10 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-11 08:10 - 2013-08-29 03:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-11 08:10 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-11 08:10 - 2013-08-29 02:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-11 08:10 - 2013-08-29 02:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-11 08:10 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-11 08:10 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-10-11 08:10 - 2013-08-29 02:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-11 08:10 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-10-11 08:10 - 2013-08-29 01:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-11 08:10 - 2013-08-29 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-11 08:10 - 2013-08-29 01:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-11 08:10 - 2013-08-29 01:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-11 08:10 - 2013-08-28 02:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-11 08:10 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-11 08:10 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-11 08:10 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-11 08:10 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-11 08:10 - 2013-07-04 11:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-11 08:09 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-11 08:09 - 2013-08-01 13:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-11 08:09 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-11 08:09 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
==================== One Month Modified Files and Folders =======
2013-10-31 09:50 - 2012-08-29 23:45 - 00000000 ____D C:\Users\HM\Documents\PhraseExpress
2013-10-31 09:39 - 2012-01-03 09:47 - 00000128 _____ C:\Windows\system32\config\netlogon.ftl
2013-10-31 09:26 - 2013-07-22 10:17 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-31 09:15 - 2011-12-30 13:49 - 02034540 _____ C:\Windows\WindowsUpdate.log
2013-10-31 09:02 - 2012-09-24 11:29 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-31 09:02 - 2012-09-24 11:29 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-31 08:52 - 2012-01-03 13:48 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{FB1CB16D-856A-4416-BAEA-DCBC5078BC20}
2013-10-31 08:35 - 2011-12-09 00:00 - 00696620 _____ C:\Windows\system32\perfh007.dat
2013-10-31 08:35 - 2011-12-09 00:00 - 00147916 _____ C:\Windows\system32\perfc007.dat
2013-10-31 08:35 - 2009-07-14 06:13 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-31 08:00 - 2009-07-14 05:45 - 00027568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-31 08:00 - 2009-07-14 05:45 - 00027568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-31 07:53 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-31 07:53 - 2009-07-14 05:51 - 00084255 _____ C:\Windows\setupact.log
2013-10-31 01:36 - 2010-11-21 04:47 - 00386302 _____ C:\Windows\PFRO.log
2013-10-31 01:35 - 2013-10-31 01:27 - 00030030 _____ C:\Users\HM\Desktop\Combofix_fuer_Forum.txt
2013-10-31 01:26 - 2013-10-31 01:26 - 00030196 _____ C:\Users\HM\Desktop\Combofix.txt
2013-10-31 01:23 - 2013-10-31 01:23 - 00030196 _____ C:\ComboFix.txt
2013-10-31 01:23 - 2013-10-31 01:01 - 00000000 ____D C:\Qoobox
2013-10-31 01:22 - 2013-10-31 01:01 - 00000000 ____D C:\Windows\erdnt
2013-10-31 01:21 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2013-10-31 00:51 - 2013-10-31 00:51 - 05137879 ____R (Swearware) C:\Users\HM\Desktop\ComboFix.exe
2013-10-30 23:07 - 2013-10-28 00:37 - 01956614 _____ (Farbar) C:\Users\HM\Desktop\FRST64.exe
2013-10-30 22:44 - 2013-10-28 00:05 - 00000000 ____D C:\AdwCleaner
2013-10-30 19:09 - 2013-10-30 19:09 - 00000952 _____ C:\Users\HM\Desktop\JRT.txt
2013-10-30 19:00 - 2013-10-28 22:08 - 01033335 _____ (Thisisu) C:\Users\HM\Desktop\JRT.exe
2013-10-30 09:12 - 2013-03-28 17:26 - 00000000 ____D C:\Users\Public\Documents\VOKS
2013-10-30 08:51 - 2013-03-28 17:39 - 00000000 ____D C:\Users\HM\AppData\Local\VOKS
2013-10-30 07:57 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-10-30 07:57 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-10-29 16:45 - 2012-01-07 23:10 - 00000000 ____D C:\Test
2013-10-29 12:11 - 2012-01-09 17:12 - 00000000 ____D C:\Users\HM\AppData\Roaming\Nuance
2013-10-29 11:55 - 2012-01-03 11:49 - 00000166 _____ C:\Windows\SysWOW64\DOErrors.log
2013-10-28 22:09 - 2013-10-28 22:09 - 00000000 ____D C:\Windows\ERUNT
2013-10-28 21:54 - 2013-10-28 21:54 - 00000999 _____ C:\Users\HM\Desktop\FreeCommander.lnk
2013-10-28 21:54 - 2013-10-28 21:54 - 00000000 ____D C:\Users\HM\AppData\Roaming\FreeCommander
2013-10-28 21:54 - 2013-10-28 21:54 - 00000000 ____D C:\Program Files (x86)\FreeCommander
2013-10-28 21:52 - 2013-10-28 21:52 - 02474433 _____ C:\Users\HM\Downloads\fc_setup_0902b.zip
2013-10-28 21:50 - 2013-10-28 21:50 - 00614816 _____ C:\Users\HM\Downloads\fc_setup_0902b - CHIP-Downloader.exe
2013-10-28 00:26 - 2012-11-22 11:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-28 00:01 - 2013-10-28 00:01 - 01060070 _____ C:\Users\HM\Desktop\adwcleaner.exe
2013-10-27 13:12 - 2012-01-07 17:39 - 00000000 ____D C:\Users\HM\AppData\Local\Mozilla
2013-10-27 13:00 - 2013-10-27 08:42 - 00000000 ____D C:\Users\HM\Desktop\mbar
2013-10-27 12:12 - 2013-10-27 09:04 - 00116440 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2013-10-27 11:45 - 2013-10-27 08:59 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-10-27 08:40 - 2013-10-27 08:39 - 12576792 _____ (Malwarebytes Corp.) C:\Users\HM\Desktop\mbar-1.07.0.1007.exe
2013-10-27 08:30 - 2013-10-27 08:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-26 13:57 - 2013-10-26 13:57 - 00000000 ____D C:\FRST
2013-10-25 23:15 - 2013-10-25 23:15 - 00001115 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-10-25 23:15 - 2013-10-25 23:15 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-25 23:09 - 2013-10-25 23:08 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\HM\Desktop\mbam-setup-1.75.0.1300.exe
2013-10-25 18:31 - 2012-01-04 23:38 - 00000000 ___RD C:\Users\HM\Desktop\Büroprogramme
2013-10-25 17:58 - 2013-05-17 09:42 - 00000000 ____D C:\ProgramData\HSC-Software
2013-10-25 13:30 - 2013-10-25 13:30 - 00000000 ____D C:\Users\HM\AppData\Roaming\HSC-Software
2013-10-24 15:54 - 2013-03-28 17:31 - 00000000 ____D C:\Program Files (x86)\VOKS
2013-10-24 12:05 - 2013-03-11 15:31 - 00000000 ____D C:\Users\HM\AppData\Local\.elfohilfe
2013-10-24 07:42 - 2013-10-24 07:42 - 00000000 ___RD C:\Users\HM\AppData\Roaming\Brother
2013-10-23 06:57 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-23 06:47 - 2013-10-23 06:47 - 00000000 ____D C:\ProgramData\Oracle
2013-10-22 21:22 - 2013-10-22 21:22 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-22 21:22 - 2013-10-22 21:22 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-22 21:22 - 2013-10-22 21:22 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-22 21:22 - 2013-10-22 21:22 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-22 21:22 - 2013-04-23 16:52 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-21 13:11 - 2012-03-05 08:25 - 00000000 ____D C:\dot_dateien
2013-10-19 20:21 - 2013-08-11 08:49 - 00000000 ____D C:\ProgramData\Package Cache
2013-10-19 20:20 - 2013-10-19 20:20 - 00002311 _____ C:\Users\Public\Desktop\Haufe Steuer Office aufrufen.lnk
2013-10-19 20:08 - 2013-02-22 13:24 - 00002875 _____ C:\Users\Public\Desktop\Haufe Formular-Manager.lnk
2013-10-19 15:21 - 2012-01-04 11:00 - 00005823 _____ C:\Users\HM\AppData\Local\EmptySettings.xml
2013-10-18 09:06 - 2012-09-24 11:30 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-10-16 12:53 - 2012-03-08 07:53 - 00003210 _____ C:\Windows\System32\Tasks\HPCeeScheduleForPC02$
2013-10-16 12:53 - 2012-03-08 07:53 - 00000334 _____ C:\Windows\Tasks\HPCeeScheduleForPC02$.job
2013-10-14 12:53 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-10-14 06:57 - 2009-07-14 05:45 - 00438632 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-14 06:53 - 2011-12-09 00:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-11 14:59 - 2012-03-04 18:23 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-11 14:56 - 2013-03-13 17:29 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-11 14:55 - 2011-02-11 21:29 - 01589442 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-11 14:53 - 2013-08-16 12:40 - 00000000 ____D C:\Windows\system32\MRT
2013-10-11 14:51 - 2012-01-02 15:42 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-09 09:31 - 2013-07-22 10:17 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-09 09:30 - 2013-09-12 07:27 - 17813896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-10-09 09:30 - 2013-07-22 10:17 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-09 09:30 - 2013-07-22 10:17 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-08 07:57 - 2012-09-24 11:29 - 00004108 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-08 07:57 - 2012-09-24 11:29 - 00003856 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-21 13:29
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- ---
--- --- ---
--- --- ---
--- --- ---
Gruß Maddin
Hallo Cosinus,
Folgende Ergebnisdatei poppte auch auf:
* Addition.txt Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-10-2013
Ran by HM at 2013-10-31 09:52:49
Running from C:\Users\HM\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: G Data AntiVirus (Disabled - Up to date) {39B780B4-63C2-05B0-3B40-8F7A21E4F496}
AS: G Data AntiVirus (Disabled - Up to date) {82D66150-45F8-0A3E-01F0-B4085A63BE2B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
7-Zip 9.20 (x32)
ADAC Gebrauchtwagen 2010-2011 (x32)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader XI (11.0.02) - Deutsch (x32 Version: 11.0.02)
AGFEO TK-Suite CL (x32 Version: 4.3.19)
AMD APP SDK Runtime (Version: 10.0.831.4)
AMD Catalyst Install Manager (Version: 3.0.855.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.61109.2218)
Ashampoo Snap 3.50 (x32 Version: 3.5.0)
AuthenTec TrueAPI (Version: 1.3.0.150)
B1315AppGuid (x32 Version: 1.0.0)
Bing Bar (x32 Version: 7.0.610.0)
Brother MFL-Pro Suite MFC-8860DN (x32 Version: 1.0.0.0)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center (x32 Version: 2011.1109.2212.39826)
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.1109.2212.39826)
Catalyst Control Center InstallProxy (x32 Version: 2011.1109.2212.39826)
CCC Help English (x32 Version: 2011.1109.2211.39826)
ccc-utility64 (Version: 2011.1109.2212.39826)
CDBurnerXP (x32 Version: 4.4.1.3243)
Collega Kanzlei (x32 Version: 2.0)
COLLEGA Kanzlei (x32 Version: 2.41.0.12)
Corel WinDVD (x32 Version: 10.0.5.835)
CorelDRAW Graphics Suite 12 (x32 Version: 12.0.0.458)
Crystal Reports Runtime XI (x32 Version: 1.0.9)
DA Infragistics Runtime V.3.2 (x32 Version: 3.2.0)
DA Installation V.3.1 (x32)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
DFL2010 ConfigDB (x32 Version: 4.18.4066.0)
DFL2010 Microkernel (x32 Version: 4.18.4066.0)
Dialogseminar online V.3.02 (x32 Version: 10.2.8.2136)
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904)
ElsterFormular (x32 Version: 14.1.11318)
ESET Online Scanner v3 (x32)
Firebird 2.1.5.18496 (x64) (Version: 2.1.5.18496)
FreeCommander 2009.02b (x32 Version: 2009.02)
Google Chrome (x32 Version: 30.0.1599.101)
Google Update Helper (x32 Version: 1.3.21.165)
Hauf Formular-Manager (x32 Version: 13.09.01.0001)
Hauf iDesk-Browser (x32 Version: 13.07.23.0001)
Hauf iDesk-Service (x32 Version: 13.08.29.0033)
Hauf Personal Office Standard (x32 Version: 18.06.00.0000)
Hauf Personal Office Standard (x32 Version: 18.6.0.0)
Hauf Steuer Office (x32 Version: 17.05.00.0000)
Hauf Steuer Office (x32 Version: 17.5.0.0)
Hewlett-Packard ACLM.NET v1.1.2.0 (x32 Version: 1.00.0000)
HP Auto (Version: 1.0.12494.3472)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7)
HP Odometer (x32 Version: 2.10.0000)
HP Setup (x32 Version: 8.5.4526.3645)
HP SimplePass PE 2011 (x32 Version: 5.3.0.282)
HP Support Assistant (x32 Version: 6.1.12.1)
HP Support Information (x32 Version: 11.00.0001)
HP Vision Hardware Diagnostics (Version: 2.12.1.0)
Intel(R) Control Center (x32 Version: 1.2.1.1007)
Intel(R) Identity Protection Technology 1.1.2.0 (x32 Version: 1.1.2.0)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144)
Intel(R) Network Connections 15.7.176.0 (Version: 15.7.176.0)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2253)
Java 7 Update 17 (64-bit) (Version: 7.0.170)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
Java(TM) 6 Update 37 (x32 Version: 6.0.370)
klickTel OEM Frühjahr 2010 (x32 Version: 1.00.0000)
kobdfu x64x86 driver installation (x32 Version: 1.00.0000)
KOBIL CCID driver x64x86 (x32 Version: 1.012.01041)
Lotus Organizer 6.0 (x32)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft .NET Framework 4 CL Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 CL Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Office 2010 Language Pack Service Pack 1 (SP1) (x32)
Microsoft Office 2010 Primary Interop Assemblies (x32 Version: 14.0.4763.1024)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Language Pack 2010 - German/Deutsch (x32 Version: 14.0.6029.1000)
Microsoft Office O MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office SharePoint Designer MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office X MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft SharePoint Designer 2010 Service Pack 1 (SP1) (x32)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005-Abwärtskompatibilität (Version: 8.05.2004)
Microsoft SQL Server Native CL (Version: 9.00.5000.00)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft XML Parser (x32 Version: 8.70.1104.04)
Mozilla Firefox 24.0 (x86 de) (x32 Version: 24.0)
Mozilla Maintenance Service (x32 Version: 24.0)
Mozilla Thunderbird 17.0.8 (x86 de) (x32 Version: 17.0.8)
MSI to redistribute MS VS2005 CRT libraries (x32 Version: 8.0.50727.42)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
Nuance PDF Converter Professional 7 (Version: 7.00.6403)
NWB steuerXpert (x32 Version: 7.3.0)
Opera 12.16 (x32 Version: 12.16.1860)
PhraseExpress v9.0.167 (x32 Version: 9.0.167)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6257)
Recovery Manager (x32 Version: 5.5.0.4222)
Scansoft PDF Professional (x32)
SCR3xxx Smart Card Reader (x32 Version: 8.41)
SPR532 SmartCard Reader V1.87 (x32 Version: 1.87)
SQLXML4 (Version: 9.00.5000.00)
Sun ODF Plugin for Microsoft Office 3.2 (x32 Version: 3.2.9483)
True Image 2013 (x32 Version: 16.0.5551)
True Image 2013 Media Add-on (x32 Version: 16.0.5023)
True Image 2013 Plus Pack (x32 Version: 16.0.5551)
Update for Microsoft .NET Framework 4 CL Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 CL Profile (KB2473228) (x32 Version: 1)
Update for Microsoft .NET Framework 4 CL Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 CL Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 CL Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2494150) (x32)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)
Update for Microsoft SharePoint Designer 2010 (KB2553459) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition (x32)
Update System (x32)
VIP Access SDK (1.0.1.4) (x32 Version: 1.0.1.4)
voks - St Edition (x32 Version: 24.001)
VR-NetWorld (x32)
WebUpdate - Einkommensteuer (x32 Version: 13.013)
WebUpdate - ELSTER (x32 Version: 5.010)
WebUpdate - Stammdaten (x32 Version: 4.016)
WebUpdate-Steuererklärungen (x32 Version: 91.40.12)
Windows Media Encoder 9 Series (x32 Version: 9.00.2980)
Windows Media Encoder 9 Series (x32)
==================== Restore Points =========================
==================== Hosts content: ==========================
2009-07-14 03:34 - 2013-10-31 01:21 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {06D5DDB7-BD43-489E-A1B3-42E00672BA2E} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation)
Task: {0DBB0773-9214-4B13-BCDE-3016AC98D485} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe [2011-09-10] (Hewlett-Packard Company)
Task: {0DE3C3F8-4155-4244-AB39-80CF6EC89B32} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {11CC6100-32D4-4072-BDA2-3AD804FF8D7D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-24] (Google Inc.)
Task: {15D1D05B-40B7-4154-9BAA-895CB5EDBD8E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09] (Adobe Systems Incorporated)
Task: {46B9128E-8EF5-4D59-B9D0-94C6308540BE} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {483BCAEF-8A78-415E-8D24-62B9C3F1ADFE} - System32\Tasks\{A2BCF922-74F8-4BDA-A879-64B2EE7C1ADD} => C:\Program Files (x86)\Microsoft Office\Office\WINWORD.EXE
Task: {4B701442-9B29-42D0-95DE-934F19F421CE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2011-06-14] (Hewlett-Packard)
Task: {514B7DCF-9FDA-429B-A57B-929E7F256F4E} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-01-25] ()
Task: {62FDCA39-E871-4D9F-A5D0-306F156CDDCD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPTuneUp.exe [2011-03-23] (Hewlett-Packard Company)
Task: {73EFD712-8788-4E62-BAAA-53CFB9E7E6AE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-24] (Google Inc.)
Task: {AE2218C5-293C-4750-9C54-0CFE21EBEE03} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-10] (Hewlett-Packard Company)
Task: {E1E4CF67-F4F1-4FBC-B5FC-5E6AA119E737} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-18] (Adobe Systems Incorporated)
Task: {E5BCB62C-EB4E-4F2E-97A9-D77E54766D5D} - System32\Tasks\HPCeeScheduleForPC02$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {FF1EE46A-163A-4A00-B6BB-B0CCECE66D7C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-10] (Hewlett-Packard Company)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForPC02$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Loaded Modules (whitelisted) =============
2011-03-17 00:07 - 2011-03-17 00:07 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2009-09-22 15:06 - 2009-09-22 15:06 - 00106496 ____N () C:\DA\PROGRAMM\B0000391\DOKSCH~2.DLL
2011-11-09 22:10 - 2011-11-09 22:10 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-07-03 19:02 - 2013-07-03 19:02 - 00082432 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\pywintypes24.dll
2013-07-03 19:00 - 2013-07-03 19:00 - 00052224 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\DLLs\zlib.pyd
2013-07-03 19:02 - 2013-07-03 19:02 - 00029696 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\Lib\site-packages\win32\win32process.pyd
2013-07-03 19:02 - 2013-07-03 19:02 - 00016896 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\Lib\site-packages\win32\win32event.pyd
2013-07-03 19:00 - 2013-07-03 19:00 - 00037888 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\DLLs\_socket.pyd
2013-07-03 19:00 - 2013-07-03 19:00 - 00475136 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\DLLs\_ssl.pyd
2013-07-03 19:02 - 2013-07-03 19:02 - 00064512 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\Lib\site-packages\win32\win32api.pyd
2013-07-03 19:02 - 2013-07-03 19:02 - 00017920 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\Lib\site-packages\win32\win32evtlog.pyd
2013-07-03 19:02 - 2013-07-03 19:02 - 00027648 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\Lib\site-packages\win32\servicemanager.pyd
2013-07-03 19:02 - 2013-07-03 19:02 - 00071680 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\Lib\site-packages\win32\win32file.pyd
2013-07-03 19:02 - 2013-07-03 19:02 - 00018944 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\Lib\site-packages\win32\win32pipe.pyd
2013-07-03 19:02 - 2013-07-03 19:02 - 00086528 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\Lib\site-packages\win32\win32security.pyd
2013-07-03 19:02 - 2013-07-03 19:02 - 00036864 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\Lib\site-packages\win32\win32service.pyd
2013-08-29 12:30 - 2013-08-29 12:30 - 00017920 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\Zope\lib\python\persistent.cPersistence.pyd
2013-08-29 12:30 - 2013-08-29 12:30 - 00011264 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\Zope\lib\python\persistent.TimeStamp.pyd
2013-08-29 12:30 - 2013-08-29 12:30 - 00017920 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\Zope\lib\python\persistent.cPickleCache.pyd
2013-08-29 12:30 - 2013-08-29 12:30 - 00023040 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\Zope\lib\python\Acquisition._Acquisition.pyd
2013-08-29 12:30 - 2013-08-29 12:30 - 00017408 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\Zope\lib\python\ExtensionClass._ExtensionClass.pyd
2013-08-29 12:30 - 2013-08-29 12:30 - 00007680 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\Zope\lib\python\ComputedAttribute._ComputedAttribute.pyd
2013-08-29 12:30 - 2013-08-29 12:30 - 00024064 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\Zope\lib\python\AccessControl.cAccessControl.pyd
2013-08-29 12:30 - 2013-08-29 12:30 - 00010240 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\Zope\lib\python\Record._Record.pyd
2013-08-29 12:30 - 2013-08-29 12:30 - 00017408 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\Zope\lib\python\DocumentTemplate.cDocumentTemplate.pyd
2013-07-03 19:00 - 2013-07-03 19:00 - 00124416 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\DLLs\pyexpat.pyd
2013-08-29 12:30 - 2013-08-29 12:30 - 00049664 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\Zope\lib\python\BTrees._OOBTree.pyd
2013-08-29 12:30 - 2013-08-29 12:30 - 00051712 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\Zope\lib\python\BTrees._OIBTree.pyd
2013-08-29 12:30 - 2013-08-29 12:30 - 00053248 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\Zope\lib\python\BTrees._IOBTree.pyd
2013-08-29 12:30 - 2013-08-29 12:30 - 00053760 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\Zope\lib\python\BTrees._IIBTree.pyd
2013-08-29 12:30 - 2013-08-29 12:30 - 00008192 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\Zope\lib\python\Persistence._Persistence.pyd
2013-08-29 12:30 - 2013-08-29 12:30 - 00006656 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\Zope\lib\python\MethodObject._MethodObject.pyd
2013-08-29 12:30 - 2013-08-29 12:30 - 00008192 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\Zope\lib\python\Missing._Missing.pyd
2013-08-29 12:30 - 2013-08-29 12:30 - 00008704 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\Zope\lib\python\MultiMapping._MultiMapping.pyd
2013-07-03 19:00 - 2013-07-03 19:00 - 00010240 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\DLLs\select.pyd
2013-08-29 12:30 - 2013-08-29 12:30 - 00006656 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\Zope\lib\python\ZODB.winlock.pyd
2013-08-29 12:30 - 2013-08-29 12:30 - 00006144 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\Zope\lib\python\Products.ZCTextIndex.stopper.pyd
2013-08-29 12:30 - 2013-08-29 12:30 - 00007168 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\Zope\lib\python\Products.ZCTextIndex.okascore.pyd
2013-08-29 12:30 - 2013-08-29 12:30 - 00378368 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\Zope\lib\python\_jpype.pyd
2013-08-29 12:30 - 2013-08-29 12:30 - 00009728 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\Zope\lib\python\TextIndexNG2\normalizer.pyd
2013-08-29 12:30 - 2013-08-29 12:30 - 00010240 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\Zope\lib\python\TextIndexNG2\indexsupport.pyd
2013-08-29 12:16 - 2013-08-29 12:16 - 00607232 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\OSR32V10.dll
2013-08-29 12:30 - 2013-08-29 12:30 - 00052224 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\Zope\lib\python\BTrees._fsBTree.pyd
2013-08-29 12:30 - 2013-08-29 12:30 - 00259072 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\Zope\lib\python\M2Crypto.__m2crypto.pyd
2013-07-03 18:57 - 2013-07-03 18:57 - 00148480 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\Zope\lib\python\SSLEAY32.dll
2013-07-03 18:57 - 2013-07-03 18:57 - 00825344 _____ () C:\Program Files (x86)\Hauf\iDesk\iDeskService\Zope\lib\python\LIBEAY32.dll
2012-08-23 00:42 - 2012-08-23 00:42 - 00435584 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2011-07-01 17:53 - 2011-07-01 17:53 - 01294336 _____ () C:\Program Files (x86)\AGFEO\Tk-Suite\tools\QtScript4.dll
2011-07-01 16:50 - 2011-07-01 16:50 - 02249216 _____ () C:\Program Files (x86)\AGFEO\Tk-Suite\tools\QtCore4.dll
2011-07-01 19:35 - 2011-07-01 19:35 - 10856960 _____ () C:\Program Files (x86)\AGFEO\Tk-Suite\tools\QtWebKit4.dll
2011-07-01 17:26 - 2011-07-01 17:26 - 00266752 _____ () C:\Program Files (x86)\AGFEO\Tk-Suite\tools\phonon4.dll
2011-07-01 17:17 - 2011-07-01 17:17 - 08036864 _____ () C:\Program Files (x86)\AGFEO\Tk-Suite\tools\QtGui4.dll
2011-07-01 16:53 - 2011-07-01 16:53 - 00973312 _____ () C:\Program Files (x86)\AGFEO\Tk-Suite\tools\QtNetwork4.dll
2011-07-01 16:53 - 2011-07-01 16:53 - 00186880 _____ () C:\Program Files (x86)\AGFEO\Tk-Suite\tools\QtSql4.dll
2011-07-01 19:41 - 2011-07-01 19:41 - 00026112 _____ () C:\Program Files (x86)\AGFEO\Tk-Suite\tools\imageformats\qgif4.dll
2011-07-01 19:41 - 2011-07-01 19:41 - 00196096 _____ () C:\Program Files (x86)\AGFEO\Tk-Suite\tools\imageformats\qjpeg4.dll
2011-07-01 19:40 - 2011-07-01 19:40 - 00470016 _____ () C:\Program Files (x86)\AGFEO\Tk-Suite\tools\sqldrivers\qsqlite4.dll
2012-08-26 14:41 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2011-03-17 00:11 - 2011-03-17 00:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2012-08-23 03:35 - 2012-08-23 03:35 - 13873200 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll
2012-08-23 03:31 - 2012-08-23 03:31 - 01590656 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\icudt38.dll
2012-07-24 14:48 - 2012-07-24 14:48 - 00012160 _____ () C:\Program Files (x86)\Common Files\Acronis\TibMounter\icudt38.dll
2013-01-24 12:23 - 2013-01-24 12:23 - 00100904 ____N () C:\DA\SYSTEM\DVCCSASCMTF001.dll
2012-08-23 01:12 - 2012-08-23 01:12 - 00019840 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:0574215C
AlternateDataStreams: C:\ProgramData\Temp:D95ACC7D
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/31/2013 09:50:49 AM) (Source: DFÜ-Manager) (User: )
Description: Das DFÜ-System ist inkonsistent.
Error: (10/31/2013 01:44:25 AM) (Source: DFÜ-Manager) (User: )
Description: Das DFÜ-System ist inkonsistent.
Error: (10/31/2013 01:36:07 AM) (Source: DFÜ-Manager) (User: )
Description: Das DFÜ-System ist inkonsistent.
Error: (10/31/2013 01:14:08 AM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Volume bzw. Datenträger ist nicht richtig angeschlossen oder wurde nicht gefunden.
Fehlerkontext: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy1 - 000000000000017C,0x0053c198,00000000001DB7E0,0,00000000000FEEE0,4096,[0]).
Vorgang:
PostFinalCommitSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (10/31/2013 01:01:23 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FRST64.exe, Version: 3.3.8.1, Zeitstempel: 0x4f25bafd
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000ca89
ID des fehlerhaften Prozesses: 0x1134
Startzeit der fehlerhaften Anwendung: 0xFRST64.exe0
Pfad der fehlerhaften Anwendung: FRST64.exe1
Pfad des fehlerhaften Moduls: FRST64.exe2
Berichtskennung: FRST64.exe3
Error: (10/31/2013 01:00:31 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FRST64.exe, Version: 3.3.8.1, Zeitstempel: 0x4f25bafd
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000ca89
ID des fehlerhaften Prozesses: 0x1568
Startzeit der fehlerhaften Anwendung: 0xFRST64.exe0
Pfad der fehlerhaften Anwendung: FRST64.exe1
Pfad des fehlerhaften Moduls: FRST64.exe2
Berichtskennung: FRST64.exe3
Error: (10/30/2013 11:41:00 PM) (Source: DFÜ-Manager) (User: )
Description: Das DFÜ-System ist inkonsistent.
Error: (10/30/2013 11:19:31 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FRST64.exe, Version: 3.3.8.1, Zeitstempel: 0x4f25bafd
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000ca89
ID des fehlerhaften Prozesses: 0x1bf8
Startzeit der fehlerhaften Anwendung: 0xFRST64.exe0
Pfad der fehlerhaften Anwendung: FRST64.exe1
Pfad des fehlerhaften Moduls: FRST64.exe2
Berichtskennung: FRST64.exe3
Error: (10/30/2013 11:12:25 PM) (Source: DFÜ-Manager) (User: )
Description: Das DFÜ-System ist inkonsistent.
Error: (10/30/2013 11:10:08 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FRST64.exe, Version: 3.3.8.1, Zeitstempel: 0x4f25bafd
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000ca89
ID des fehlerhaften Prozesses: 0x1ae0
Startzeit der fehlerhaften Anwendung: 0xFRST64.exe0
Pfad der fehlerhaften Anwendung: FRST64.exe1
Pfad des fehlerhaften Moduls: FRST64.exe2
Berichtskennung: FRST64.exe3
System errors:
=============
Error: (10/31/2013 08:33:53 AM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (10/31/2013 08:33:52 AM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (10/31/2013 08:33:52 AM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (10/31/2013 01:21:48 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (10/31/2013 01:21:18 AM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\ComboFix\catchme.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (10/31/2013 01:18:26 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (10/31/2013 01:14:45 AM) (Source: Service Control Manager) (User: )
Description: Dienst "Hauf iDesk-Service in C:\Program Files (x86)\Hauf\iDesk\iDeskService\Zope" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/31/2013 01:14:08 AM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden aufgrund eines E/A-Fehlers auf Volume "C:" abgebrochen.
Error: (10/30/2013 07:57:27 PM) (Source: Ntfs) (User: )
Description: Auf dem Volume "OS" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Error: (10/30/2013 07:57:27 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden aufgrund eines E/A-Fehlers auf Volume "C:" abgebrochen.
Microsoft Office Sessions:
=========================
Error: (10/31/2013 09:50:49 AM) (Source: DFÜ-Manager)(User: )
Description:
Error: (10/31/2013 01:44:25 AM) (Source: DFÜ-Manager)(User: )
Description:
Error: (10/31/2013 01:36:07 AM) (Source: DFÜ-Manager)(User: )
Description:
Error: (10/31/2013 01:14:08 AM) (Source: VSS)(User: )
Description: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy1 - 000000000000017C,0x0053c198,00000000001DB7E0,0,00000000000FEEE0,4096,[0])
Vorgang:
PostFinalCommitSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (10/31/2013 01:01:23 AM) (Source: Application Error)(User: )
Description: FRST64.exe3.3.8.14f25bafdntdll.dll6.1.7601.18247521eaf24c0000005000000000000ca89113401ced5cc4afe4853C:\Users\HM\Desktop\FRST64.exeC:\Windows\SYSTEM32\ntdll.dll93d0e51c-41bf-11e3-a831-2c4138aaef24
Error: (10/31/2013 01:00:31 AM) (Source: Application Error)(User: )
Description: FRST64.exe3.3.8.14f25bafdntdll.dll6.1.7601.18247521eaf24c0000005000000000000ca89156801ced5cc0fb06bb9C:\Users\HM\Desktop\FRST64.exeC:\Windows\SYSTEM32\ntdll.dll750a773d-41bf-11e3-a831-2c4138aaef24
Error: (10/30/2013 11:41:00 PM) (Source: DFÜ-Manager)(User: )
Description:
Error: (10/30/2013 11:19:31 PM) (Source: Application Error)(User: )
Description: FRST64.exe3.3.8.14f25bafdntdll.dll6.1.7601.18247521eaf24c0000005000000000000ca891bf801ced5bdfca58e8eC:\Users\HM\Desktop\FRST64.exeC:\Windows\SYSTEM32\ntdll.dll5897fc2d-41b1-11e3-8f6a-2c4138aaef24
Error: (10/30/2013 11:12:25 PM) (Source: DFÜ-Manager)(User: )
Description:
Error: (10/30/2013 11:10:08 PM) (Source: Application Error)(User: )
Description: FRST64.exe3.3.8.14f25bafdntdll.dll6.1.7601.18247521eaf24c0000005000000000000ca891ae001ced5bcbe289924C:\Users\HM\Desktop\FRST64.exeC:\Windows\SYSTEM32\ntdll.dll0952aeb8-41b0-11e3-a4ea-2c4138aaef24
CodeIntegrity Errors:
===================================
Date: 2013-10-31 01:21:18.631
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-31 01:21:18.600
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 42%
Total physical RAM: 4054.03 MB
Available physical RAM: 2339.91 MB
Total Pagefile: 8106.24 MB
Available Pagefile: 5759.37 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:458.5 GB) (Free:385.63 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:7.17 GB) (Free:0.92 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive k: (Daten) (Network) (Total:55.85 GB) (Free:7.76 GB) NTFS
Drive l: (Daten) (Network) (Total:55.85 GB) (Free:7.76 GB) NTFS
Drive p: (Daten) (Network) (Total:55.85 GB) (Free:7.76 GB) NTFS
Drive q: (Daten) (Network) (Total:55.85 GB) (Free:7.76 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: B089906B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=458 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=7 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Gruß Maddin |
