Trojaner-Board - Malware lässt sich nicht löschen

FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-11-2013

Ran by Ulla at 2013-11-10 16:07:39

Running from C:\Users\Ulla\Downloads

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 

==================== Installed Programs ======================
 

ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212)

Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)

Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)

Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05)

avast! Free Antivirus (x32 Version: 9.0.2006)

CCleaner (Version: 4.07)

Epson Easy Photo Print 2 (x32 Version: 2.2.3.0)

Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (x32 Version: 1.00.0000)

Epson Event Manager (x32 Version: 2.40.0001)

EPSON Scan (x32)

EPSON SX525WD Series Handbuch (x32)

EPSON SX525WD Series Netzwerk-Handbuch (x32)

EPSON SX525WD Series Printer Uninstall

EpsonNet Print (x32 Version: 2.6.0)

EpsonNet Setup 3.3 (x32 Version: 3.3a)

Extended Update (HKCU)

GeForce Experience NvStream Client Components (Version: 1.6.28)

glindorus 1.0.0 (Version: 1.0.0)

Google Chrome (x32 Version: 30.0.1599.101)

Google Update Helper (x32 Version: 1.3.21.165)

Java 7 Update 45 (64-bit) (Version: 7.0.450)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)

Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)

Microsoft .NET Framework 4 Extended (Version: 4.0.30319)

Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)

Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.4518.1014)

Microsoft Office Home and Student 2007 (x32 Version: 12.0.4518.1014)

Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014)

Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.4518.1014)

Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.4518.1014)

Microsoft Office Proof (English) 2007 (x32 Version: 12.0.4518.1014)

Microsoft Office Proof (French) 2007 (x32 Version: 12.0.4518.1014)

Microsoft Office Proof (German) 2007 (x32 Version: 12.0.4518.1014)

Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.4518.1014)

Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)

Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.4518.1014)

Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.4518.1014)

Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.4518.1014)

Microsoft Silverlight (x32 Version: 4.0.60310.0)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)

Mozilla Firefox 25.0 (x86 de) (x32 Version: 25.0)

Mozilla Maintenance Service (x32 Version: 25.0)

NVIDIA GeForce Experience 1.7 (Version: 1.7)

NVIDIA Grafiktreiber 331.65 (Version: 331.65)

NVIDIA HD-Audiotreiber 1.3.26.4 (Version: 1.3.26.4)

NVIDIA Install Application (Version: 2.1002.140.952)

NVIDIA LED Visualizer 1.0 (Version: 1.0)

NVIDIA PhysX (x32 Version: 9.13.0725)

NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725)

NVIDIA ShadowPlay 9.3.16 (Version: 9.3.16)

NVIDIA Systemsteuerung 331.65 (Version: 331.65)

NVIDIA Update 9.3.16 (Version: 9.3.16)

NVIDIA Update Components (Version: 9.3.16)

NVIDIA Virtual Audio 1.2.9 (Version: 1.2.9)

PVSonyDll (Version: 1.00.0001)

SHIELD Streaming (Version: 1.6.34)

Spybot - Search & Destroy (x32 Version: 2.2.25)

TuneUp Utilities 2013 (x32 Version: 13.0.4000.122)

TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.4000.122)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)

Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3)

VLC media player 2.1.0 (x32 Version: 2.1.0)
 

==================== Restore Points  =========================
 

03-11-2013 12:17:02 Windows Update

03-11-2013 14:36:43 Installiert EpsonNet Setup 3.3

03-11-2013 14:40:29 Installed EpsonNet Print

03-11-2013 14:41:15 Configured EpsonNet Print

03-11-2013 14:42:07 Installed ABBYY FineReader 9.0 Sprint

03-11-2013 14:47:16 Installed Epson Event Manager

03-11-2013 14:48:34 Microsoft Visual C++ 2005 Redistributable wird installiert

03-11-2013 14:50:03 Installiert Easy Photo Print Plug-in for PMB(Picture Motion Browí*r

03-11-2013 16:05:33 Windows Update

03-11-2013 19:20:20 Windows-Sicherung

04-11-2013 02:00:10 Windows Update

07-11-2013 19:47:05 Installed Microsoft Office Home and Student 2007

07-11-2013 20:08:51 Configured Microsoft Office Home and Student 2007

08-11-2013 15:49:56 Windows Update
 

==================== Hosts content: ==========================
 

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {14C3A86D-023E-4607-84C5-B73225940781} - System32\Tasks\{E6E76D89-6477-4554-9DF4-57A4DE76F15A} => C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe

Task: {16840EBD-C132-4684-8B7D-02EA2E47E104} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe

Task: {18C39A33-1390-4295-9C13-CBC1F8FD92FC} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe [2013-10-11] (TuneUp Software)

Task: {18D8DA6B-542F-463B-AE2F-A7502E6F61A2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-04] (Google Inc.)

Task: {3396FF2A-14C2-4282-BCD5-5302EE8CBA2A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-22] (Piriform Ltd)

Task: {48441575-19DF-441C-8B4A-AF714303B4D4} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-09-05] (Adobe Systems Incorporated)

Task: {5B8F3CA4-FDC0-47C2-89B0-4450DEF0F9D6} - System32\Tasks\BackgroundContainer Startup Task => Rundll32.exe "C:\Users\Ulla\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun

Task: {628E09A8-CCD1-4B1E-9F7F-F6FD10935B8E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe

Task: {77072CA6-B3CF-436E-80E1-F09940709A84} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe

Task: {7826A475-DF53-48BC-A13A-1206E7E8C30D} - System32\Tasks\{A28C3811-2E85-4979-9DA4-2BB7886EC5A9} => C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe

Task: {8DDE90D9-B8EC-4C3C-8DBA-EA918592D485} - System32\Tasks\{0B9D3405-7E3D-443D-B407-1CB8EFCF8FD5} => C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe

Task: {9F9AD0FC-390F-4142-AA43-6BE8F9A366D8} - System32\Tasks\Omiga Plus RunAsStdUser => C:\Program Files (x86)\Omiga Plus\omigaplus.exe

Task: {AA8CFB4A-5612-4E77-9E3B-E7C25EEA5C6E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-04] (Google Inc.)

Task: {BFD30473-7E53-47ED-91ED-EE54A1397910} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)

Task: {CCA5C627-3CC4-4541-B0B2-E32B52E1C427} - System32\Tasks\{5B275A09-E7A8-4357-B8F5-9EAD23CC6C8C} => C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe

Task: {F2DF522B-EF57-487C-A3D2-75D28556933F} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 

==================== Loaded Modules (whitelisted) =============
 

2013-11-10 15:47 - 2013-11-10 09:14 - 02140672 _____ () C:\Program Files\AVAST Software\Avast\defs\13111000\algo.dll

2013-10-31 21:02 - 2013-10-31 21:02 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

2013-11-04 10:30 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl

2013-11-04 10:30 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl

2013-11-04 10:30 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll

2013-11-04 10:30 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl

2013-11-04 10:30 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll

2013-11-01 23:10 - 2013-11-01 23:10 - 00337920 _____ () C:\Program Files (x86)\glindorus\bin\sqlite3.DLL

2013-11-04 00:35 - 2013-10-09 01:01 - 00698832 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libglesv2.dll

2013-11-04 00:35 - 2013-10-09 01:01 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libegl.dll

2013-11-04 00:35 - 2013-10-09 01:02 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll

2013-11-04 00:35 - 2013-10-09 01:02 - 00415184 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll

2013-11-04 00:35 - 2013-10-09 01:01 - 01604560 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll
 

==================== Alternate Data Streams (whitelisted) =========
 
 

==================== Safe Mode (whitelisted) ===================
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service"
 

==================== Faulty Device Manager Devices =============
 

Name: Coprozessor

Description: Coprozessor

Class Guid: 

Manufacturer: 

Service: 

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (11/10/2013 03:47:07 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (11/09/2013 05:36:28 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (11/09/2013 10:05:01 AM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (11/09/2013 02:31:07 AM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (11/08/2013 04:45:41 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (11/08/2013 09:01:02 AM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (11/07/2013 07:03:04 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (11/06/2013 01:45:57 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (11/05/2013 09:24:18 AM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (11/04/2013 10:39:41 AM) (Source: Application Hang) (User: )

Description: Programm SDFiles.exe, Version 2.2.18.135 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
 

Prozess-ID: e74
 

Startzeit: 01ced94156f893a0
 

Endzeit: 31
 

Anwendungspfad: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFiles.exe
 

Berichts-ID: fc5f70c1-4534-11e3-9ff5-001e68d0fa14
 
 

System errors:

=============

Error: (11/10/2013 03:48:59 PM) (Source: DCOM) (User: NT-AUTORITÄT)

Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
 

Error: (11/10/2013 02:31:39 AM) (Source: DCOM) (User: )

Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
 

Error: (11/09/2013 05:38:13 PM) (Source: DCOM) (User: NT-AUTORITÄT)

Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
 

Error: (11/09/2013 02:32:41 AM) (Source: DCOM) (User: NT-AUTORITÄT)

Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
 

Error: (11/08/2013 04:47:29 PM) (Source: DCOM) (User: NT-AUTORITÄT)

Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
 

Error: (11/08/2013 09:02:40 AM) (Source: DCOM) (User: NT-AUTORITÄT)

Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
 

Error: (11/07/2013 07:04:36 PM) (Source: DCOM) (User: NT-AUTORITÄT)

Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
 

Error: (11/07/2013 07:02:53 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1053
 

Error: (11/07/2013 07:02:53 PM) (Source: Service Control Manager) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.
 

Error: (11/06/2013 01:47:32 PM) (Source: DCOM) (User: NT-AUTORITÄT)

Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
 
 

Microsoft Office Sessions:

=========================
 

==================== Memory info =========================== 
 

Percentage of memory in use: 39%

Total physical RAM: 3838.43 MB

Available physical RAM: 2312.6 MB

Total Pagefile: 7675.03 MB

Available Pagefile: 5835.85 MB

Total Virtual: 8192 MB

Available Virtual: 8191.79 MB
 

==================== Drives ================================
 

Drive c: () (Fixed) (Total:232.79 GB) (Free:199.64 GB) NTFS

Drive d: (Volume) (Fixed) (Total:232.88 GB) (Free:153.59 GB) NTFS

Drive f: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 2C74BADC)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=233 GB) - (Type=07 NTFS)
 

========================================================

Disk: 1 (Size: 233 GB) (Disk ID: CF764C8C)

Partition 1: (Not Active) - (Size=233 GB) - (Type=07 NTFS)
 

==================== End Of Log ============================
--- --- ---

Oh nein den ersten Log habe ich nur noch in Zip:kloppen: oder ich finde die txt. Datei nicht mehr......Tut mir leid...den anderen habe ich jetzt geschafft zu posten....Lg

Immer wenn ich FRST.txt posten möchte, sagt mir das Forum das die Datei zu groß ist. Im Moment bin ich Überfordert :-)