Trojaner-Board - Sicherheits-Dienst konnte nicht gestartet werden und Firewall deaktiviert (Trojan.Siredef.C)

nein, es gibt keine anderen Logs. Im Avira wurde nie etwas gefunden. Und den Malwarebytes Scan hatte ich heute zum erstenmal ausgeführt. Ich habe für den FRST Scan mein Avira jetzt deaktivert. Ist das eigentlich korrekt oder kann man den anlassen wen man mit einem zweiten Programm sucht?

Hier die FRST Logs:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2014

Ran by Administrator (administrator) on RICHTER on 24-01-2014 12:03:12

Running from C:\Users\Administrator\Downloads

Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard

Internet Explorer Version 10

Boot Mode: Normal
 
 
 

==================== Processes (Whitelisted) =================
 

(Sanford, L.P.) C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe

(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

(Sage Software) C:\Program Files (x86)\Common Files\Sage Software Shared\Deploymentservice.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe

(Tobit Software) C:\Windows\SysWOW64\DV4TS.EXE

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

(Microsoft Corporation) C:\Windows\System32\mstsc.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6960864 2012-12-18] (Realtek Semiconductor)

HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-11-19] (Intel Corporation)

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-12] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\Run: [DV4TS.EXE] - c:\windows\SysWOW64\DV4TS.EXE [138304 2006-11-19] (Tobit Software)

HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] fastprox.dll ATTENTION! ====> ZeroAccess?

HKU\Rolf Richter\...\Run: [DymoQuickPrint] - C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe [1825360 2011-01-28] (Sanford, L.P.)

Startup: C:\Users\Rolf Richter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Outlook 2010.lnk

ShortcutTarget: Microsoft Outlook 2010.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\outicon.exe ()
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xAEA1B21744DCCD01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE

SearchScopes: HKLM - DefaultScope {BA948268-E5D0-42A4-916D-E5F7E5BDDED0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MASBJS

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM - {BA948268-E5D0-42A4-916D-E5F7E5BDDED0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MASBJS

SearchScopes: HKLM-x32 - {BA948268-E5D0-42A4-916D-E5F7E5BDDED0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MASBJS

SearchScopes: HKCU - {BA948268-E5D0-42A4-916D-E5F7E5BDDED0} URL = 

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.13.0.cab

Hosts: 192.168.1.100                remote.kudell.de

Tcpip\Parameters: [DhcpNameServer] 192.168.1.100 192.168.1.254
 

FireFox:

========

FF ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\ah69x2eh.default

FF Homepage: www.google.de

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()

FF Plugin-x32: @dymo.com/DymoLabelFramework - C:\Program Files (x86)\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll ( Sanford L.P.)

FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
 

==================== Services (Whitelisted) =================
 

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [908856 2013-12-12] (Avira Operations GmbH & Co. KG)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-12] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-14] (Avira Operations GmbH & Co. KG)

R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1011768 2013-12-12] (Avira Operations GmbH & Co. KG)

R2 DymoPnpService; C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [32336 2011-01-28] (Sanford, L.P.)

R2 SageDeploymentService; C:\Program Files (x86)\Common Files\Sage Software Shared\Deploymentservice.exe [428400 2013-07-09] (Sage Software)
 

==================== Drivers (Whitelisted) ====================
 

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-14] (Avira Operations GmbH & Co. KG)

R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [84720 2013-12-12] (Avira Operations GmbH & Co. KG)

S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()

S3 E100B; C:\Windows\System32\DRIVERS\efe5b32e.sys [192256 2009-06-10] (Intel Corporation)

R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28216 2012-11-19] (Intel Corporation)

S3 e1edc438-f640-4184-a443-d2a7c37a01dc; \??\C:\$OEM$\OA2\ASUS\amd64\690b33e1-0462-4e84-9bea-c7552b45432a.sys [x]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-01-24 12:03 - 2014-01-24 12:03 - 00009209 _____ C:\Users\Administrator\Downloads\FRST.txt

2014-01-24 12:03 - 2014-01-24 12:03 - 00000000 ____D C:\FRST

2014-01-24 12:02 - 2014-01-24 12:02 - 02077696 _____ (Farbar) C:\Users\Administrator\Downloads\FRST64.exe

2014-01-24 11:21 - 2014-01-24 11:21 - 00000000 ____D C:\Users\Administrator\AppData\Local\CrashDumps

2014-01-24 11:14 - 2014-01-24 11:14 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-01-24 11:13 - 2014-01-24 11:20 - 00000000 ____D C:\Users\Administrator\Desktop\mbar

2014-01-24 11:13 - 2014-01-24 11:13 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-01-24 10:52 - 2014-01-24 10:53 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Administrator\Downloads\mbar-1.07.0.1009.exe

2014-01-24 10:23 - 2014-01-24 10:23 - 00000000 ____D C:\Program Files (x86)\ESET

2014-01-24 10:20 - 2014-01-24 10:20 - 00987425 _____ C:\Users\Administrator\Downloads\SecurityCheck.exe

2014-01-24 09:44 - 2014-01-24 09:44 - 00000000 ____D C:\ProgramData\Oracle

2014-01-24 09:43 - 2014-01-24 09:43 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2014-01-24 09:43 - 2014-01-24 09:43 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2014-01-24 09:43 - 2014-01-24 09:43 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2014-01-24 09:43 - 2014-01-24 09:43 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2014-01-24 09:43 - 2014-01-24 09:43 - 00000000 ____D C:\Program Files (x86)\Java

2014-01-24 09:40 - 2014-01-24 11:55 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-01-24 09:40 - 2014-01-24 11:55 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-01-24 09:38 - 2014-01-24 11:55 - 00000000 ____D C:\Users\Administrator\AppData\Local\Adobe

2014-01-24 09:23 - 2014-01-24 09:23 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Malwarebytes

2014-01-24 09:23 - 2014-01-24 09:23 - 00000000 ____D C:\ProgramData\Malwarebytes

2014-01-16 19:16 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys

2014-01-16 19:16 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys

2014-01-16 19:16 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys

2014-01-16 19:16 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys

2014-01-16 19:16 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys

2014-01-16 19:16 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys

2014-01-16 19:16 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys

2014-01-16 19:15 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-01-16 18:07 - 2014-01-16 18:07 - 00000000 ____D C:\Users\Administrator\AppData\Local\Macromedia

2014-01-16 17:46 - 2014-01-16 17:46 - 00001672 _____ C:\Users\Public\Desktop\Sage HWP 2013 .lnk

2014-01-16 17:45 - 2014-01-16 17:48 - 00017065 _____ C:\HWP2013_RI.log

2014-01-16 17:45 - 2014-01-16 17:46 - 06105958 _____ C:\HWP2013.log

2014-01-16 16:37 - 2014-01-16 16:37 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Mozilla

2014-01-16 16:37 - 2014-01-16 16:37 - 00000000 ____D C:\Users\Administrator\AppData\Local\Mozilla

2014-01-16 16:32 - 2014-01-16 16:32 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Macromedia

2014-01-16 16:00 - 2014-01-17 09:26 - 00097840 _____ C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT

2014-01-16 16:00 - 2014-01-16 16:00 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Intel Corporation

2014-01-16 15:59 - 2014-01-24 11:21 - 00002176 ____H C:\Users\Administrator\Documents\Default.rdp

2014-01-16 15:59 - 2014-01-16 15:59 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Avira

2014-01-16 15:58 - 2014-01-24 11:52 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe

2014-01-16 15:58 - 2014-01-16 15:59 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2014-01-16 15:58 - 2014-01-16 15:59 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

2014-01-16 15:58 - 2014-01-16 15:58 - 00001427 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-01-16 15:58 - 2014-01-16 15:58 - 00000000 _SHDL C:\Users\Administrator\Vorlagen

2014-01-16 15:58 - 2014-01-16 15:58 - 00000000 _SHDL C:\Users\Administrator\Startmenü

2014-01-16 15:58 - 2014-01-16 15:58 - 00000000 _SHDL C:\Users\Administrator\Netzwerkumgebung

2014-01-16 15:58 - 2014-01-16 15:58 - 00000000 _SHDL C:\Users\Administrator\Lokale Einstellungen

2014-01-16 15:58 - 2014-01-16 15:58 - 00000000 _SHDL C:\Users\Administrator\Eigene Dateien

2014-01-16 15:58 - 2014-01-16 15:58 - 00000000 _SHDL C:\Users\Administrator\Druckumgebung

2014-01-16 15:58 - 2014-01-16 15:58 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Musik

2014-01-16 15:58 - 2014-01-16 15:58 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Bilder

2014-01-16 15:58 - 2014-01-16 15:58 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2014-01-16 15:58 - 2014-01-16 15:58 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Verlauf

2014-01-16 15:58 - 2014-01-16 15:58 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Anwendungsdaten

2014-01-16 15:58 - 2014-01-16 15:58 - 00000000 _SHDL C:\Users\Administrator\Anwendungsdaten

2014-01-16 15:58 - 2014-01-16 15:58 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Windows Small Business Server

2014-01-16 15:58 - 2014-01-16 15:58 - 00000000 ____D C:\Users\Administrator

2014-01-16 15:58 - 2013-07-11 14:35 - 00000000 ____D C:\Users\Administrator\AppData\Local\Microsoft Help

2014-01-16 15:58 - 2013-04-11 16:03 - 00002054 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk

2014-01-16 15:58 - 2010-11-21 03:50 - 00000020 ___SH C:\Users\Administrator\ntuser.ini

2014-01-16 15:58 - 2009-07-14 05:54 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2014-01-16 15:58 - 2009-07-14 05:49 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2014-01-09 15:19 - 2014-01-09 15:19 - 00000960 _____ C:\Users\Rolf Richter\Desktop\EasyScan.exe - Verknüpfung.lnk

2014-01-08 11:49 - 2014-01-08 11:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2014-01-08 10:51 - 2014-01-08 12:06 - 00002212 ____H C:\Users\Rolf Richter\Documents\Default.rdp

2014-01-08 09:51 - 2014-01-24 11:36 - 00001425 _____ C:\Windows\setupact.log

2014-01-08 09:51 - 2014-01-24 11:21 - 00005540 _____ C:\Windows\PFRO.log

2014-01-08 09:51 - 2014-01-17 08:32 - 00379680 _____ C:\Windows\system32\FNTCACHE.DAT

2014-01-08 09:51 - 2014-01-08 09:51 - 00000000 _____ C:\Windows\setuperr.log
 

==================== One Month Modified Files and Folders =======
 

2014-01-24 12:03 - 2014-01-24 12:03 - 00009209 _____ C:\Users\Administrator\Downloads\FRST.txt

2014-01-24 12:03 - 2014-01-24 12:03 - 00000000 ____D C:\FRST

2014-01-24 12:02 - 2014-01-24 12:02 - 02077696 _____ (Farbar) C:\Users\Administrator\Downloads\FRST64.exe

2014-01-24 11:55 - 2014-01-24 09:40 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-01-24 11:55 - 2014-01-24 09:40 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-01-24 11:55 - 2014-01-24 09:38 - 00000000 ____D C:\Users\Administrator\AppData\Local\Adobe

2014-01-24 11:54 - 2013-04-11 18:12 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-01-24 11:54 - 2013-04-11 18:12 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-01-24 11:52 - 2014-01-16 15:58 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe

2014-01-24 11:48 - 2013-04-11 16:02 - 01274699 _____ C:\Windows\WindowsUpdate.log

2014-01-24 11:43 - 2009-07-14 05:45 - 00034224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-01-24 11:43 - 2009-07-14 05:45 - 00034224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-01-24 11:40 - 2011-04-12 08:43 - 00704018 _____ C:\Windows\system32\perfh007.dat

2014-01-24 11:40 - 2011-04-12 08:43 - 00151156 _____ C:\Windows\system32\perfc007.dat

2014-01-24 11:40 - 2009-07-14 06:13 - 01632866 _____ C:\Windows\system32\PerfStringBackup.INI

2014-01-24 11:36 - 2014-01-08 09:51 - 00001425 _____ C:\Windows\setupact.log

2014-01-24 11:36 - 2013-04-13 11:26 - 00000120 _____ C:\Windows\system32\config\netlogon.ftl

2014-01-24 11:36 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2014-01-24 11:26 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Defender

2014-01-24 11:26 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender

2014-01-24 11:21 - 2014-01-24 11:21 - 00000000 ____D C:\Users\Administrator\AppData\Local\CrashDumps

2014-01-24 11:21 - 2014-01-16 15:59 - 00002176 ____H C:\Users\Administrator\Documents\Default.rdp

2014-01-24 11:21 - 2014-01-08 09:51 - 00005540 _____ C:\Windows\PFRO.log

2014-01-24 11:21 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\addins

2014-01-24 11:20 - 2014-01-24 11:13 - 00000000 ____D C:\Users\Administrator\Desktop\mbar

2014-01-24 11:14 - 2014-01-24 11:14 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-01-24 11:13 - 2014-01-24 11:13 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-01-24 10:53 - 2014-01-24 10:52 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Administrator\Downloads\mbar-1.07.0.1009.exe

2014-01-24 10:37 - 2013-04-13 13:25 - 00000000 ____D C:\Users\Rolf Richter

2014-01-24 10:23 - 2014-01-24 10:23 - 00000000 ____D C:\Program Files (x86)\ESET

2014-01-24 10:20 - 2014-01-24 10:20 - 00987425 _____ C:\Users\Administrator\Downloads\SecurityCheck.exe

2014-01-24 09:44 - 2014-01-24 09:44 - 00000000 ____D C:\ProgramData\Oracle

2014-01-24 09:43 - 2014-01-24 09:43 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2014-01-24 09:43 - 2014-01-24 09:43 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2014-01-24 09:43 - 2014-01-24 09:43 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2014-01-24 09:43 - 2014-01-24 09:43 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2014-01-24 09:43 - 2014-01-24 09:43 - 00000000 ____D C:\Program Files (x86)\Java

2014-01-24 09:23 - 2014-01-24 09:23 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Malwarebytes

2014-01-24 09:23 - 2014-01-24 09:23 - 00000000 ____D C:\ProgramData\Malwarebytes

2014-01-17 09:26 - 2014-01-16 16:00 - 00097840 _____ C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT

2014-01-17 08:32 - 2014-01-08 09:51 - 00379680 _____ C:\Windows\system32\FNTCACHE.DAT

2014-01-16 18:07 - 2014-01-16 18:07 - 00000000 ____D C:\Users\Administrator\AppData\Local\Macromedia

2014-01-16 17:48 - 2014-01-16 17:45 - 00017065 _____ C:\HWP2013_RI.log

2014-01-16 17:46 - 2014-01-16 17:46 - 00001672 _____ C:\Users\Public\Desktop\Sage HWP 2013 .lnk

2014-01-16 17:46 - 2014-01-16 17:45 - 06105958 _____ C:\HWP2013.log

2014-01-16 16:37 - 2014-01-16 16:37 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Mozilla

2014-01-16 16:37 - 2014-01-16 16:37 - 00000000 ____D C:\Users\Administrator\AppData\Local\Mozilla

2014-01-16 16:32 - 2014-01-16 16:32 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Macromedia

2014-01-16 16:00 - 2014-01-16 16:00 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Intel Corporation

2014-01-16 15:59 - 2014-01-16 15:59 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Avira

2014-01-16 15:59 - 2014-01-16 15:58 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2014-01-16 15:59 - 2014-01-16 15:58 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

2014-01-16 15:58 - 2014-01-16 15:58 - 00001427 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-01-16 15:58 - 2014-01-16 15:58 - 00000000 _SHDL C:\Users\Administrator\Vorlagen

2014-01-16 15:58 - 2014-01-16 15:58 - 00000000 _SHDL C:\Users\Administrator\Startmenü

2014-01-16 15:58 - 2014-01-16 15:58 - 00000000 _SHDL C:\Users\Administrator\Netzwerkumgebung

2014-01-16 15:58 - 2014-01-16 15:58 - 00000000 _SHDL C:\Users\Administrator\Lokale Einstellungen

2014-01-16 15:58 - 2014-01-16 15:58 - 00000000 _SHDL C:\Users\Administrator\Eigene Dateien

2014-01-16 15:58 - 2014-01-16 15:58 - 00000000 _SHDL C:\Users\Administrator\Druckumgebung

2014-01-16 15:58 - 2014-01-16 15:58 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Musik

2014-01-16 15:58 - 2014-01-16 15:58 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Bilder

2014-01-16 15:58 - 2014-01-16 15:58 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2014-01-16 15:58 - 2014-01-16 15:58 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Verlauf

2014-01-16 15:58 - 2014-01-16 15:58 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Anwendungsdaten

2014-01-16 15:58 - 2014-01-16 15:58 - 00000000 _SHDL C:\Users\Administrator\Anwendungsdaten

2014-01-16 15:58 - 2014-01-16 15:58 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Windows Small Business Server

2014-01-16 15:58 - 2014-01-16 15:58 - 00000000 ____D C:\Users\Administrator

2014-01-16 15:55 - 2013-05-24 13:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2014-01-09 15:19 - 2014-01-09 15:19 - 00000960 _____ C:\Users\Rolf Richter\Desktop\EasyScan.exe - Verknüpfung.lnk

2014-01-09 15:18 - 2013-04-13 14:21 - 00000000 ____D C:\AW_EasyScan

2014-01-08 12:06 - 2014-01-08 10:51 - 00002212 ____H C:\Users\Rolf Richter\Documents\Default.rdp

2014-01-08 11:49 - 2014-01-08 11:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2014-01-08 09:51 - 2014-01-08 09:51 - 00000000 _____ C:\Windows\setuperr.log
 

Files to move or delete:

====================

C:\Users\Rolf Richter\AppData\Roaming\skype.ini
 
 

Some content of TEMP:

====================

C:\Users\Administrator\AppData\Local\Temp\avgnt.exe

C:\Users\Administrator\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe

C:\Users\Administrator\AppData\Local\Temp\Quarantine.exe

C:\Users\Rolf Richter\AppData\Local\Temp\avgnt.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2014-01-16 17:29
 

==================== End Of Log ============================

--- --- ---

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2014

Ran by Administrator at 2014-01-24 12:03:38

Running from C:\Users\Administrator\Downloads

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

AV: Avira Desktop (Disabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

AS: Avira Desktop (Disabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installed Programs ======================
 

Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)

Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)

Avira Antivirus Suite (x32 Version: 14.0.2.286 - Avira)

Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000 - Microsoft Corporation)

Corel PaintShop Pro X5 (x32 Version: 15.1.0.10 - Corel Corporation)

David.InfoCenter  (x32 Version: 10.00a - Tobit.Software)

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32 Version:  - Microsoft)

DYMO Label v.8 (x32 Version: 8.3.0.1242 - Sanford, L.P.)

ESET Online Scanner v3 (x32 Version:  - )

ICA (x32 Version: 15.1.0.10 - Corel Corporation) Hidden

Intel(R) Processor Graphics (x32 Version: 9.18.10.3071 - Intel Corporation)

Intel(R) Rapid Storage Technology (x32 Version: 11.7.0.1013 - Intel Corporation)

Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 3.0.0.63463 - Intel Corporation)

IPM_PSP_COM (x32 Version: 15.1.0.10 - Corel Corporation) Hidden

IrfanView (remove only) (x32 Version: 4.27 - Irfan Skiljan)

Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)

Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden

Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden

Microsoft Office 2007 Primary Interop Assemblies (x32 Version: 12.0.4518.1014 - Microsoft Corporation)

Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Home and Business 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft SQL Server 2005-Abwärtskompatibilität (Version: 8.05.2309 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)

Microsoft Works (x32 Version: 9.7.0621 - Microsoft Corporation)

Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)

Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)

PDF-XChange 4 (Version: 4.0.160.0 - Tracker Software Products Ltd)

PSPPContent (x32 Version: 15.2.0.12 - Corel Corporation) Hidden

PSPPHelp (x32 Version: 15.1.0.10 - Corel Corporation) Hidden

PSPPro64 (Version: 15.1.0.10 - Corel Corporation) Hidden

Realtek High Definition Audio Driver (x32 Version: 6.0.1.6804 - Realtek Semiconductor Corp.)

Sage Handwerk Setup-Requirements (x32 Version: 1.00.0000 - Sage Software GmbH)

Sage HWP 2013 (x32 Version: 5.2 - Sage Software GmbH)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden

Setup (x32 Version: 15.1.0.10 - Ihr Firmenname) Hidden

System Requirements Lab for Intel (x32 Version: 4.5.13.0 - Husdawg, LLC)

Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (x32 Version:  - Microsoft)

Visual Studio Tools for the Office system 3.0 Runtime (x32 Version:  - Microsoft Corporation)

Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden

Visual Studio Tools for the Office system 3.0 Runtime Language Pack - DEU (x32 Version: 9.0.21022 - Microsoft Corporation) Hidden

Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (x32 Version: 1 - Microsoft Corporation)

Visual Studio-Tools für Office System 3.0 Runtime Language Pack - DEU (x32 Version:  - Microsoft Corporation)

Windows Small Business Server 2011 Standard ClientAgent (Version: 6.1.7900.1 - Microsoft Corporation)

Windows Small Business Server 2011 Standard WMI Provider (x32 Version: 6.1.7900.1 - Microsoft Corporation) Hidden
 

==================== Restore Points  =========================
 

18-12-2013 14:27:59 Windows Update

08-01-2014 09:28:34 Geplanter Prüfpunkt

08-01-2014 11:06:10 Windows Update

09-01-2014 14:01:42 Windows Update

09-01-2014 14:21:17 Windows Update

16-01-2014 16:45:25 Sage HWP 2013 wird installiert

16-01-2014 18:15:46 Windows Update

17-01-2014 07:36:07 Windows Update

17-01-2014 09:09:12 Windows Update

24-01-2014 08:01:39 Windows Update

24-01-2014 08:33:43 Removed Java 7 Update 25

24-01-2014 08:35:07 Microsoft Office PowerPoint Viewer 2007 (German) wird entfernt

24-01-2014 08:43:03 Installed Java 7 Update 51

24-01-2014 09:23:06 Windows Update

24-01-2014 09:50:11 Windows Update

24-01-2014 10:19:41 Malwarebytes Anti-Rootkit Restore Point

24-01-2014 10:25:32 Windows Update
 

==================== Hosts content: ==========================
 
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {C31A0E82-9A2A-4BBB-A14E-16E9FF3FD237} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-24] (Adobe Systems Incorporated)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
 

==================== Loaded Modules (whitelisted) =============
 

2013-01-25 07:25 - 2012-12-12 16:38 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

2013-08-15 05:41 - 2013-08-15 05:41 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\fcfe81854b457b21a4bccd230aad1e81\PSIClient.ni.dll

2013-04-11 18:37 - 2013-01-25 08:31 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll

2014-01-08 11:49 - 2014-01-08 11:49 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
 

==================== Alternate Data Streams (whitelisted) =========
 
 

==================== Safe Mode (whitelisted) ===================
 
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (01/24/2014 11:38:13 AM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)

Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
 

Error: (01/24/2014 11:22:46 AM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)

Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
 

Error: (01/24/2014 11:20:58 AM) (Source: Application Error) (User: )

Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 26.0.0.5087, Zeitstempel: 0x52a0d273

Name des fehlerhaften Moduls: xul.dll, Version: 26.0.0.5087, Zeitstempel: 0x52a0d20a

Ausnahmecode: 0xc0000005

Fehleroffset: 0x0014e1a8

ID des fehlerhaften Prozesses: 0xef4

Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0

Pfad der fehlerhaften Anwendung: firefox.exe1

Pfad des fehlerhaften Moduls: firefox.exe2

Berichtskennung: firefox.exe3
 

Error: (01/24/2014 11:11:18 AM) (Source: SideBySide) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in

Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 

Error: (01/24/2014 10:23:35 AM) (Source: SideBySide) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in

Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 

Error: (01/24/2014 10:23:31 AM) (Source: SideBySide) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in

Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 

Error: (01/24/2014 10:20:49 AM) (Source: SideBySide) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in

Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 

Error: (01/24/2014 10:19:24 AM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)

Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
 

Error: (01/24/2014 10:15:26 AM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)

Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
 

Error: (01/24/2014 09:44:24 AM) (Source: MsiInstaller) (User: KUDELL)

Description: Produkt: Microsoft Fix it 50981 -- Dieses Microsoft-Fix it ist nicht für Ihr Betriebssystem oder Ihre Version der Anwendung vorgesehen.
 
 

System errors:

=============

Error: (01/24/2014 11:41:35 AM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Avira Email Schutz" wurde mit folgendem dienstspezifischem Fehler beendet: %%1.
 

Error: (01/24/2014 11:40:57 AM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Avira Email Schutz" wurde mit folgendem dienstspezifischem Fehler beendet: %%1.
 

Error: (01/24/2014 11:36:41 AM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Avira Email Schutz" wurde mit folgendem dienstspezifischem Fehler beendet: %%1.
 

Error: (01/24/2014 11:35:18 AM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Avira Email Schutz" wurde mit folgendem dienstspezifischem Fehler beendet: %%1.
 

Error: (01/24/2014 11:22:05 AM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Avira Email Schutz" wurde mit folgendem dienstspezifischem Fehler beendet: %%1.
 

Error: (01/24/2014 11:20:15 AM) (Source: Service Control Manager) (User: )

Description: Der Dienst "IPsec-Richtlinien-Agent" ist vom Dienst "Basisfiltermodul" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 

%%1290
 

Error: (01/24/2014 11:20:15 AM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Basisfiltermodul" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1290
 

Error: (01/24/2014 11:20:06 AM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Sicherheitscenter" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1314
 

Error: (01/24/2014 11:20:04 AM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Windows-Firewall" ist vom Dienst "Basisfiltermodul" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 

%%1290
 

Error: (01/24/2014 11:20:04 AM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Basisfiltermodul" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1290
 
 

Microsoft Office Sessions:

=========================

Error: (01/24/2014 11:38:13 AM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (01/24/2014 11:22:46 AM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (01/24/2014 11:20:58 AM) (Source: Application Error)(User: )

Description: firefox.exe26.0.0.508752a0d273xul.dll26.0.0.508752a0d20ac00000050014e1a8ef401cf18e5564aad3eC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dll371cb047-84e1-11e3-a7fc-08606e803bf7
 

Error: (01/24/2014 11:11:18 AM) (Source: SideBySide)(User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
 

Error: (01/24/2014 10:23:35 AM) (Source: SideBySide)(User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Administrator\Downloads\esetsmartinstaller_enu.exe
 

Error: (01/24/2014 10:23:31 AM) (Source: SideBySide)(User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Administrator\Downloads\esetsmartinstaller_enu.exe
 

Error: (01/24/2014 10:20:49 AM) (Source: SideBySide)(User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Administrator\Downloads\esetsmartinstaller_enu.exe
 

Error: (01/24/2014 10:19:24 AM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (01/24/2014 10:15:26 AM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (01/24/2014 09:44:24 AM) (Source: MsiInstaller)(User: KUDELL)

Description: Produkt: Microsoft Fix it 50981 -- Dieses Microsoft-Fix it ist nicht für Ihr Betriebssystem oder Ihre Version der Anwendung vorgesehen.(NULL)(NULL)(NULL)(NULL)(NULL)
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 22%

Total physical RAM: 7884.24 MB

Available physical RAM: 6090.86 MB

Total Pagefile: 15766.67 MB

Available Pagefile: 13874.64 MB

Total Virtual: 8192 MB

Available Virtual: 8191.8 MB
 

==================== Drives ================================
 

Drive c: (System) (Fixed) (Total:931.51 GB) (Free:887.07 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 3AD01575)

Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)
 

==================== End Of Log ============================