Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: sfc /scannow reparieren?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 10.12.2014, 15:37   #1
rk1757
 
sfc /scannow reparieren? - Icon24

sfc /scannow reparieren?



Hallo,
habe Windows 7 Sp1 (Ultimate).
Seit ein paar Tagen habe ich Probleme beim Suchen mit dem Windows-Explorer (mal ja, mal nein, mal halb...) und auch beim Suchen in Outlook.
CDBURNERXP will definitiv nicht starten, auch nach Neuinstallation nicht.
Antivirenscanner: MSE
Antimalware: Malwarebytes
zusätzlich täglich manuell: ADWCleaner und Superantispyware

Habe keine aktuellen Funde aus den genannten Tools.

Ich komme bei der weiteren (genaueren) Prüfung nicht weiter und suche Hilfe.
Ach so: sfc /scannow meldet fehler, die nicht behoben werden konnten.
Die daraus erzeugte Textdatei zeigt keine Abweichungen.

Wäre nett, wenn mich jemand begleitet/geleitet.

Danke Rainer

Alt 10.12.2014, 15:40   #2
schrauber
/// the machine
/// TB-Ausbilder
 

sfc /scannow reparieren? - Standard

sfc /scannow reparieren?



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 10.12.2014, 17:44   #3
rk1757
 
sfc /scannow reparieren? - Standard

sfc /scannow reparieren?



FRST 4 Bit ausgeführt.
Habe beide Dateien angehängt
und hoffe auf Erfolg.
Danke Rainer
__________________
Angehängte Dateien
Dateityp: txt FRST.txt (48,9 KB, 187x aufgerufen)
Dateityp: txt Addition.txt (27,3 KB, 156x aufgerufen)

Alt 11.12.2014, 10:31   #4
schrauber
/// the machine
/// TB-Ausbilder
 

sfc /scannow reparieren? - Standard

sfc /scannow reparieren?



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 12.12.2014, 07:44   #5
rk1757
 
sfc /scannow reparieren? - Standard

FRST.txt



FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-12-2014 01
Ran by Privat (ATTENTION: The logged in user is not administrator) on R-PC on 07-12-2014 12:44:42
Running from C:\Users\Privat\Downloads\FRST 64-Bit
Loaded Profiles: R & Privat (Available profiles: R & Coach & Privat)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Citrix Systems, Inc.) C:\Users\Privat\AppData\Local\Citrix\ICA Client\concentr.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Citrix Systems, Inc.) C:\Users\Privat\AppData\Local\Program Files\Citrix\Receiver\Receiver.exe
(Citrix Systems, Inc.) C:\Users\Privat\AppData\Local\Citrix\SelfService\Program Files\SelfServicePlugin.exe
(Citrix Systems, Inc.) C:\Users\Privat\AppData\Local\Citrix\ICA Client\wfcrun32.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hola Networks Ltd.) C:\Users\Privat\AppData\Local\Hola\firefox\app\hola_plugin.exe
(Canneverbe Limited                                          ) C:\Users\Privat\Downloads\CDBurnerXP\cdbxp_setup_4.5.4.5143.exe
() C:\Users\Privat\AppData\Local\Temp\is-KC1QV.tmp\cdbxp_setup_4.5.4.5143.tmp
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-459147949-2764265090-3061895288-1004\...\Run: [ConnectionCenter] => C:\Users\Privat\AppData\Local\Citrix\ICA Client\concentr.exe [395656 2013-10-01] (Citrix Systems, Inc.)
HKU\S-1-5-21-459147949-2764265090-3061895288-1004\...\MountPoints2: {d5b1e588-28fd-11e4-99a0-002454164d61} - H:\AutoRun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-03-15] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\Users\Privat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
BootExecute: autocheck autochk * ฀쮛嶐PowerRemov߾PowerRemover.eService\SWMAgent. 'Win32_Process'￿PowerRemover.e߾PowerRemover.e߾랰šPowerRemover

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-459147949-2764265090-3061895288-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-459147949-2764265090-3061895288-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKU\S-1-5-21-459147949-2764265090-3061895288-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x9DC39E4086D1CF01
HKU\S-1-5-21-459147949-2764265090-3061895288-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
URLSearchHook: [S-1-5-21-459147949-2764265090-3061895288-1001] ATTENTION ==> Default URLSearchHook is missing.
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\S-1-5-21-459147949-2764265090-3061895288-1004 -> {E2F142F7-A180-4898-98E3-6543ADCC6CD9} URL = hxxp://www.sm.de/?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - @C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Privat\AppData\Roaming\Mozilla\Firefox\Profiles\chw91qfc.default
FF NewTab: Home
FF Homepage: www.google.de|www.yahoo.de|www.ard-text.de|www.n24.de|hxxp://www.wissenschaft-aktuell.de/|hxxp://translate.google.de/|hxxp://www.wetteronline.de/wetter/mecklenburg-vorpommern|https://mail.daa.de|hxxp://www.tvtoday.de/tv-programm/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpWinExt,version=5.0 -> C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-459147949-2764265090-3061895288-1004: @Citrix.com/npican -> C:\Users\Privat\AppData\Local\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Extension: Hola Better Internet - C:\Users\Privat\AppData\Roaming\Mozilla\Firefox\Profiles\chw91qfc.default\Extensions\jid1-4P0kohSJxU1qGg@jetpack [2014-12-05]
FF Extension: Adblock Plus - C:\Users\Privat\AppData\Roaming\Mozilla\Firefox\Profiles\chw91qfc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-18]
FF Extension: Tab Mix Plus - C:\Users\Privat\AppData\Roaming\Mozilla\Firefox\Profiles\chw91qfc.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-03-19]
FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\Firefox
FF Extension: Bing Bar - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\Firefox [2014-09-24]
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension
FF Extension: Search Helper Extension - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2014-09-24]
FF HKU\S-1-5-21-459147949-2764265090-3061895288-1004\...\Firefox\Extensions: [{b9aa91db-385d-4c69-8a2f-96790aa9405b}] - c:\program files (x86)\copernic\desktopsearch4\firefoxconnector
FF Extension: Copernic Desktop Search - Search Firefox content - c:\program files (x86)\copernic\desktopsearch4\firefoxconnector [2014-03-16]

Chrome: 
=======
CHR HKU\S-1-5-21-459147949-2764265090-3061895288-1004\...\Chrome\Extension: [cnnbdaahphjgdgfhliignpepgnbnfomp] - c:\program files (x86)\copernic\desktopsearch4\ChromeConnector\ChromeConnector.crx [2014-11-04]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173272 2013-11-01] (Microsoft Corp.)
R2 CSUService; C:\Program Files\COMODO\COMODO System Utilities\CSUService.exe [347968 2012-02-24] (Comodo Security Solutions, Inc.)
S3 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [1876816 2014-11-05] (SurfRight B.V.)
R2 KlimaLogg Service; C:\Program Files (x86)\KlimaLoggPro\KlimaLoggProService.exe [2480640 2014-05-27] () [File not signed]
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2283296 2014-10-10] (IObit)
R3 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 lmhosts; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S4 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S4 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2012-11-13] (Nitro PDF Software)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S4 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3020632 2014-04-04] (Samsung Electronics CO., LTD.)
R2 VhdAttach; C:\Program Files\Josip Medved\VHD Attach\VhdAttachService.exe [276936 2014-04-07] (Josip Medved)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 azvusb; C:\Windows\System32\DRIVERS\azvusb.sys [54784 2009-08-24] (AzureWave Technologies, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-15] (Disc Soft Ltd)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [296736 2014-12-07] (Acronis International GmbH)
R2 hmpalert; C:\Windows\System32\drivers\hmpalert.sys [93144 2014-11-05] ()
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [34056 2014-09-18] (Paragon Software Group)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-11-21] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-07] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19936 2010-04-09] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2010-04-09] ()
R3 rtl819xpn64; C:\Windows\System32\DRIVERS\rtl819xp.sys [622624 2010-02-01] (Realtek Semiconductor Corporation                           )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1328928 2014-12-07] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [234784 2014-12-07] (Acronis International GmbH)
R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [102664 2014-09-18] ()
R1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25992 2014-09-18] ()
R1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [700680 2014-09-18] ()
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-07 12:43 - 2014-12-07 12:44 - 00000000 ____D () C:\Users\Privat\Downloads\FRST 64-Bit
2014-12-07 12:35 - 2014-12-07 12:35 - 00000444 _____ () C:\Windows\PFRO.log
2014-12-07 12:35 - 2014-12-07 12:35 - 00000056 _____ () C:\Windows\setupact.log
2014-12-07 12:35 - 2014-12-07 12:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-07 12:22 - 2014-12-07 12:22 - 00296736 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\file_tracker.sys
2014-12-07 12:22 - 2014-12-07 12:22 - 00234784 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib_mounter.sys
2014-12-07 12:21 - 2014-12-07 12:21 - 01328928 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib.sys
2014-12-07 12:21 - 2014-12-07 12:21 - 00304416 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\snapman.sys
2014-12-07 12:21 - 2014-12-07 12:21 - 00134432 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\fltsrv.sys
2014-12-07 12:21 - 2014-12-07 12:21 - 00001217 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis True Image 2015.lnk
2014-12-07 12:14 - 2014-12-07 12:23 - 00000000 ____D () C:\ProgramData\Acronis
2014-12-07 12:14 - 2014-12-07 12:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2014-12-07 12:14 - 2014-12-07 12:21 - 00000000 ____D () C:\Program Files (x86)\Acronis
2014-12-07 03:57 - 2014-12-07 12:02 - 00000000 ____D () C:\Users\R\Downloads\Acronis-EDV Buchversand
2014-12-07 03:53 - 2014-12-07 03:53 - 00000000 ____D () C:\Users\R\AppData\Roaming\6201DCD5-31C3-42A8-9C56-988BDE234E8F
2014-12-06 21:13 - 2014-12-06 21:13 - 00000000 ____D () C:\Users\R\AppData\Roaming\Acronis
2014-12-06 21:01 - 2014-09-17 12:43 - 00000000 ____D () C:\Users\R\Downloads\Acronis TrueImage 2015 Build 5539 Deutsch Lizenz ungültig
2014-12-06 13:01 - 2014-12-06 13:01 - 00000000 ____D () C:\Program Files\Josip Medved
2014-12-06 13:00 - 2014-12-06 13:00 - 01174352 _____ () C:\Users\Privat\Downloads\VHD Attach - CHIP-Installer.exe
2014-12-05 12:24 - 2014-12-07 12:00 - 00000110 _____ () C:\AdwCleanerDebug.txt
2014-12-05 11:05 - 2014-12-05 11:10 - 01939992 _____ () C:\Users\Privat\Downloads\winrar-x64-520.exe
2014-12-03 08:44 - 2014-12-03 08:44 - 00001103 _____ () C:\Users\Privat\Desktop\Bewerbungscoaching.lnk
2014-12-03 07:01 - 2014-12-05 12:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-12-02 21:20 - 2014-12-02 20:20 - 00000052 _____ () C:\Users\Privat\Documents\KlimaLoggPro.log
2014-12-02 20:20 - 2014-11-29 09:06 - 00000052 _____ () C:\Users\Privat\Documents\2014_12_02-KlimaLoggPro.log
2014-11-30 19:28 - 2012-11-11 19:43 - 00175382 _____ () C:\Users\Privat\Documents\Sicherungskopie von 01. und 02.2011.wbk
2014-11-30 15:31 - 2014-11-30 15:31 - 03531024 _____ (DVDVideoSoft Ltd. ) C:\Users\Privat\Downloads\FreeYouTube1122Download.exe
2014-11-29 22:29 - 2014-11-29 22:29 - 00054775 _____ () C:\Users\Privat\AppData\Local\recently-used.xbel
2014-11-29 09:06 - 2014-11-23 11:49 - 00000052 _____ () C:\Users\Privat\Documents\2014_11_29-KlimaLoggPro.log
2014-11-26 10:56 - 2014-11-26 10:56 - 00000000 ____D () C:\Users\Privat\Documents\Marx, Kati
2014-11-25 21:21 - 2014-11-25 21:21 - 05162080 _____ (Piriform Ltd) C:\Users\Privat\Downloads\ccsetup500.exe
2014-11-25 21:16 - 2014-12-07 12:07 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-24 06:54 - 2014-11-24 06:54 - 00003584 _____ () C:\Users\Privat\AppData\Local\dcbc2a71-70d8-4dan-ehr8-e0d61dea3fdf.ini
2014-11-24 06:54 - 2014-11-24 06:54 - 00002393 _____ () C:\ProgramData\klimalogg.dat1.tmp
2014-11-23 14:38 - 2014-12-07 12:42 - 01237068 _____ () C:\Windows\WindowsUpdate.log
2014-11-23 14:36 - 2014-11-24 06:51 - 00151056 _____ () C:\Users\Privat\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-23 14:35 - 2014-11-24 06:51 - 00515600 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-23 14:24 - 2014-11-23 14:24 - 00000000 ____D () C:\Users\R\AppData\Roaming\TeamViewer
2014-11-23 14:21 - 2014-12-01 07:23 - 00000000 ____D () C:\Program Files (x86)\WashAndGo
2014-11-23 14:21 - 2014-11-23 14:21 - 00000000 ____D () C:\Users\R\Documents\Abelssoft
2014-11-23 14:20 - 2014-11-23 14:20 - 18323160 _____ (Abelssoft ) C:\Users\Privat\Downloads\washandgo.exe
2014-11-23 11:49 - 2014-11-20 19:50 - 00000052 _____ () C:\Users\Privat\Documents\2014_11_23-KlimaLoggPro.log
2014-11-23 11:37 - 2014-11-23 11:37 - 00000000 ____D () C:\Users\Privat\Downloads\Bitdefender
2014-11-22 11:29 - 2014-11-22 11:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StreamTransport
2014-11-22 11:29 - 2014-11-22 11:29 - 00000000 ____D () C:\Program Files (x86)\StreamTransport
2014-11-22 11:27 - 2014-11-22 11:28 - 00000000 ____D () C:\Users\Privat\Downloads\Streamtransport1.1.6.2
2014-11-22 11:25 - 2014-11-22 11:26 - 17805707 _____ () C:\Users\R\Downloads\streamtransport_1.1.6.2.zip
2014-11-20 21:34 - 2014-11-20 21:34 - 00000000 ____D () C:\Users\Privat\AppData\Local\Hola
2014-11-20 19:50 - 2014-11-16 10:35 - 00000052 _____ () C:\Users\Privat\Documents\2014_11_20-KlimaLoggPro.log
2014-11-19 06:43 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 06:43 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 06:43 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 06:43 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-18 06:56 - 2014-11-18 20:15 - 00485481 _____ () C:\Users\Privat\Documents\Sicherungskopie von Einladung zum Adventskonzert 2014.wbk
2014-11-17 19:25 - 2014-11-17 19:25 - 00000000 __SHD () C:\Users\Privat\AppData\Local\EmieBrowserModeList
2014-11-16 10:35 - 2014-11-11 08:36 - 00000052 _____ () C:\Users\Privat\Documents\2014_11_16-KlimaLoggPro.log
2014-11-15 15:43 - 2014-12-07 04:21 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-11-15 15:42 - 2014-11-15 15:42 - 20384680 _____ (SUPERAntiSpyware) C:\Users\Privat\Downloads\SUPERAntiSpyware.exe
2014-11-14 14:35 - 2014-11-14 14:35 - 00000000 ____D () C:\Windows\Hewlett-Packard
2014-11-14 11:50 - 2014-11-14 11:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elcomsoft Password Recovery
2014-11-14 11:50 - 2014-11-14 11:50 - 00000000 ____D () C:\ProgramData\Elcomsoft Password Recovery
2014-11-14 11:50 - 2014-11-14 11:50 - 00000000 ____D () C:\Program Files (x86)\Elcomsoft Password Recovery
2014-11-14 11:50 - 2014-11-14 11:50 - 00000000 ____D () C:\Program Files (x86)\Elcomsoft
2014-11-14 11:49 - 2014-11-14 11:49 - 00000000 ____D () C:\Users\Privat\Downloads\PDW PWD_Cracker
2014-11-12 18:25 - 2014-11-12 18:25 - 01540816 _____ ( ) C:\Users\Privat\Downloads\cpu-z_1.71-setup-en.exe
2014-11-11 20:03 - 2014-11-11 20:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2014-11-11 19:59 - 2014-11-23 14:21 - 00000000 ____D () C:\Users\R\AppData\Roaming\Abelssoft
2014-11-11 19:30 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-11 19:30 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-11 19:30 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-11 19:30 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-11 19:30 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-11 19:30 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-11 19:30 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-11 19:30 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-11 19:30 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-11 19:30 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-11 19:30 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-11 19:30 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-11 19:30 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-11 19:30 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-11 19:30 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-11 19:30 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-11 19:30 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-11 19:30 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-11 19:30 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-11 19:30 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-11 19:30 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-11 19:30 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-11 19:30 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-11 19:30 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-11 19:30 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-11 19:30 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-11 19:30 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-11 19:30 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-11 19:30 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-11 19:30 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-11 19:30 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-11 19:30 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-11 19:30 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-11 19:30 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-11 19:30 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-11 19:30 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-11 19:30 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-11 19:30 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-11 19:30 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-11 19:30 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-11 19:30 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-11 19:30 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-11 19:30 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-11 19:30 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-11 19:30 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-11 19:30 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-11 19:30 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-11 19:30 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-11 19:30 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-11 19:30 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-11 19:30 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-11 19:30 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-11 19:30 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-11 19:30 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-11 19:30 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-11 19:30 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-11 19:30 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-11 19:30 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-11 19:30 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-11 19:30 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-11 19:30 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-11 19:30 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-11 19:30 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-11 19:30 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-11 19:30 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-11 19:30 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-11 19:30 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-11 19:30 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-11 19:30 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-11 19:30 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-11 19:30 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-11 19:30 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-11 19:30 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-11 19:30 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-11 19:30 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-11 19:30 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-11 19:30 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-11 19:30 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-11 19:30 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-11 19:30 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-11 19:30 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-11 19:30 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-11 19:30 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-11 19:30 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-11 19:29 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-11 19:29 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-11 19:29 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-11 19:29 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-11 19:29 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-11 19:29 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-11 19:29 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-11 19:29 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-11 19:29 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-11 19:29 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-11 19:29 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-11 19:29 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-11 19:29 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-11 19:29 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-11 19:29 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-11 19:26 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-11 19:26 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-11 10:45 - 2014-11-23 15:42 - 00000000 ____D () C:\Users\Privat\Desktop\Bildbearbeitung
2014-11-11 10:41 - 2014-11-30 15:40 - 00000000 ____D () C:\Users\Privat\Desktop\Musik & Video
2014-11-11 10:27 - 2014-11-11 10:28 - 00000000 ____D () C:\Program Files\UltraDefrag
2014-11-11 10:27 - 2014-11-11 10:27 - 00000860 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraDefrag.lnk
2014-11-11 10:25 - 2014-11-11 10:25 - 00000000 ____D () C:\Users\Privat\Downloads\UltraDefrag
2014-11-11 10:17 - 2014-11-14 07:24 - 00000000 ____D () C:\Users\R\Downloads\Streamtransport
2014-11-11 09:58 - 2014-11-11 09:58 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\Abelssoft
2014-11-11 09:57 - 2014-12-05 12:38 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-11-11 09:57 - 2014-11-11 09:57 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-11-11 09:56 - 2014-11-11 09:57 - 03241528 _____ (Abelssoft ) C:\Users\Privat\Downloads\CHIP_Updater_2.35.exe
2014-11-11 08:36 - 2014-11-09 14:07 - 00000052 _____ () C:\Users\Privat\Documents\2014_11_11-KlimaLoggPro.log
2014-11-10 20:07 - 2014-11-10 20:07 - 00001199 _____ () C:\Users\Public\Desktop\CloneDVD2.lnk
2014-11-10 20:07 - 2014-11-10 20:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2014-11-10 19:54 - 2014-11-10 19:54 - 00000000 ____D () C:\ProgramData\Elaborate Bytes
2014-11-10 18:30 - 2014-11-15 15:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-09 14:07 - 2014-11-07 17:23 - 00000104 _____ () C:\Users\Privat\Documents\2014_11_09-KlimaLoggPro.log
2014-11-08 10:38 - 2014-11-08 10:38 - 00000000 ____D () C:\Windows\CheckSur
2014-11-07 06:42 - 2014-11-04 21:03 - 00000052 _____ () C:\Users\Privat\Documents\2014_11_07-KlimaLoggPro.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-07 12:44 - 2014-08-11 19:32 - 00000000 ____D () C:\FRST
2014-12-07 12:44 - 2009-07-14 05:45 - 00020592 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-07 12:44 - 2009-07-14 05:45 - 00020592 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-07 12:41 - 2014-11-05 12:15 - 00000000 ____D () C:\Users\Privat\Downloads\CDBurnerXP
2014-12-07 12:37 - 2014-11-05 18:15 - 00000000 ____D () C:\Windows\CryptoGuard
2014-12-07 12:37 - 2014-10-16 21:23 - 00000000 ____D () C:\Users\Privat\Desktop\Admi-Tools
2014-12-07 12:35 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-07 12:27 - 2009-07-14 18:58 - 00702704 _____ () C:\Windows\system32\perfh007.dat
2014-12-07 12:27 - 2009-07-14 18:58 - 00150312 _____ () C:\Windows\system32\perfc007.dat
2014-12-07 12:27 - 2009-07-14 06:13 - 01627352 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-07 12:04 - 2014-09-03 06:25 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-07 12:03 - 2014-08-02 09:26 - 00000000 ____D () C:\AdwCleaner
2014-12-07 12:00 - 2014-08-28 05:56 - 00000000 ____D () C:\Users\R\Downloads\AdwCleaner
2014-12-07 03:41 - 2014-03-18 18:51 - 00000000 ____D () C:\Users\Privat\Documents\Outlook-Dateien
2014-12-06 13:29 - 2014-03-16 10:33 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-12-05 12:24 - 2014-08-28 05:49 - 00000000 ____D () C:\Users\Privat\Downloads\AdwCleaner
2014-12-05 11:54 - 2014-10-26 16:44 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-12-05 11:54 - 2014-09-03 06:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-12-05 11:54 - 2014-09-03 06:24 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-12-05 11:35 - 2014-03-16 05:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-12-05 11:35 - 2014-03-16 05:06 - 00000000 ____D () C:\Program Files\WinRAR
2014-12-05 10:51 - 2014-03-17 18:58 - 00000000 ____D () C:\Users\Privat\Documents\Birkenring 40
2014-12-04 07:12 - 2014-10-15 20:02 - 00000000 ____D () C:\Users\R\AppData\Roaming\UseNeXT
2014-12-03 08:43 - 2014-05-29 10:04 - 00100352 ___SH () C:\Users\Privat\Thumbs.db
2014-12-02 20:23 - 2014-10-08 14:57 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\KlimaLoggPro
2014-12-01 08:55 - 2014-03-15 20:16 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-12-01 07:23 - 2014-03-16 09:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-11-30 15:52 - 2014-04-05 10:05 - 00000000 ____D () C:\Users\R\AppData\Roaming\DVDVideoSoft
2014-11-30 15:28 - 2014-04-28 20:23 - 00000000 ____D () C:\Users\Privat\Documents\DVDVideoSoft
2014-11-30 15:28 - 2014-04-28 20:23 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\DVDVideoSoft
2014-11-29 22:30 - 2014-03-31 09:28 - 00000000 ____D () C:\Users\Privat\.gimp-2.8
2014-11-29 22:29 - 2014-03-31 09:32 - 00000000 ____D () C:\Users\Privat\AppData\Local\gtk-2.0
2014-11-27 21:38 - 2014-03-18 20:54 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\MyPhoneExplorer
2014-11-27 08:48 - 2014-10-15 20:30 - 00000000 ____D () C:\Program Files\Recuva
2014-11-26 13:56 - 2014-05-27 14:14 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\Nitro
2014-11-25 21:21 - 2014-03-15 19:16 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-25 21:19 - 2014-03-16 05:19 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-25 21:19 - 2014-03-16 05:19 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-25 20:58 - 2014-05-01 00:24 - 00000000 ____D () C:\Users\Public\Documents\Coaching
2014-11-25 19:28 - 2014-10-04 13:02 - 00002244 _____ () C:\Users\Privat\Desktop\Total Commander    64.lnk
2014-11-25 15:12 - 2014-03-16 16:48 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\vlc
2014-11-25 12:47 - 2014-10-10 10:38 - 00000000 ____D () C:\Users\R\Downloads\MailPassView
2014-11-24 13:13 - 2014-03-31 07:47 - 00000000 ____D () C:\Users\Coach\Documents\Coaching
2014-11-24 06:55 - 2014-06-20 10:54 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\Notepad++
2014-11-24 06:55 - 2014-06-13 14:21 - 00000000 ____D () C:\temp
2014-11-24 06:55 - 2014-04-28 21:30 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\dvdcss
2014-11-24 06:54 - 2014-10-08 14:45 - 00002393 _____ () C:\ProgramData\KlimaLogg.dat1
2014-11-24 06:54 - 2014-09-06 16:42 - 00000000 ____D () C:\Users\R\SecurityScans
2014-11-24 06:54 - 2014-05-27 07:09 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\HpUpdate
2014-11-24 06:54 - 2014-03-16 16:27 - 00000000 ____D () C:\Users\Privat\AppData\Local\Microsoft Help
2014-11-24 06:53 - 2014-03-15 17:38 - 00000000 ____D () C:\Windows\Panther
2014-11-24 06:51 - 2014-07-23 19:36 - 00000000 ____D () C:\Users\R\AppData\Roaming\Skype
2014-11-24 06:51 - 2014-04-24 16:26 - 00000000 ____D () C:\Users\R\AppData\Roaming\Mp3tag
2014-11-24 06:51 - 2014-04-05 11:05 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\TeamViewer
2014-11-24 06:51 - 2014-03-19 16:10 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\Skype
2014-11-24 06:51 - 2014-03-16 17:29 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\Mp3tag
2014-11-23 15:44 - 2014-04-02 06:38 - 00000000 ___RD () C:\Users\Privat\Documents\HP Photo Creations
2014-11-22 11:21 - 2014-10-17 16:59 - 00000000 ____D () C:\Program Files (x86)\ASIO4ALL v2
2014-11-21 06:14 - 2014-09-03 06:24 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-21 06:14 - 2014-09-03 06:24 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-21 06:14 - 2014-09-03 06:24 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-20 14:36 - 2014-05-28 10:19 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\Nitro PDF
2014-11-19 07:21 - 2014-03-15 17:49 - 00000000 ____D () C:\Users\R
2014-11-17 08:30 - 2014-03-15 18:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-16 10:37 - 2014-10-10 11:32 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\IObit
2014-11-15 15:43 - 2014-06-12 15:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-11-14 14:36 - 2014-03-16 09:13 - 00000000 ____D () C:\Program Files (x86)\HP
2014-11-12 10:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-11 20:03 - 2014-03-16 17:28 - 00000000 ____D () C:\Program Files (x86)\Mp3tag
2014-11-11 19:45 - 2014-04-24 06:12 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-11 19:43 - 2014-03-16 09:57 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-11 19:39 - 2014-03-15 18:28 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-11 19:34 - 2014-03-15 18:28 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-11 10:12 - 2014-03-16 13:48 - 00002140 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Copernic Desktop Search 4.lnk
2014-11-11 10:12 - 2014-03-16 13:48 - 00002128 _____ () C:\Users\Public\Desktop\Copernic Desktop Search 4.lnk
2014-11-11 10:08 - 2014-03-19 20:01 - 00001019 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-11-11 10:08 - 2014-03-19 20:01 - 00000000 ____D () C:\Program Files (x86)\Audacity
2014-11-11 10:05 - 2014-03-15 20:13 - 00000894 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2014-11-11 10:02 - 2014-08-28 06:19 - 00000000 ____D () C:\Users\Privat\Downloads\Gimp
2014-11-11 09:57 - 2014-09-08 14:50 - 00000000 ____D () C:\Users\Privat\AppData\Local\Abelssoft
2014-11-10 20:08 - 2014-03-16 16:27 - 00000000 ____D () C:\Users\Privat\AppData\Local\VirtualStore
2014-11-10 20:07 - 2014-05-03 08:16 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes
2014-11-10 18:35 - 2014-09-08 17:47 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-11-10 18:35 - 2014-03-19 16:10 - 00000000 ____D () C:\ProgramData\Skype
2014-11-10 18:09 - 2014-09-21 20:33 - 00000000 ____D () C:\Program Files\CamStudio 2.7
2014-11-09 16:09 - 2014-06-01 13:52 - 00000000 ____D () C:\Users\Privat\MediathekView
2014-11-09 15:46 - 2014-03-28 21:12 - 00000000 ____D () C:\Users\Privat\.mediathek3
2014-11-09 15:45 - 2014-03-28 21:11 - 00000000 ____D () C:\Users\Privat\Downloads\MediathekView
2014-11-08 09:39 - 2014-09-13 06:07 - 00000000 ____D () C:\Windows\Minidump
2014-11-08 09:02 - 2014-11-05 12:10 - 00000000 ____D () C:\Users\Privat\Downloads\Avast-browser-cleanup

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2014 01
Ran by Privat at 2014-12-07 12:46:09
Running from C:\Users\Privat\Downloads\FRST 64-Bit
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acronis True Image 2015 (HKLM-x32\...\{08DC7D7A-1CA0-4E96-B12F-9B9577FCF0F8}Visible) (Version: 18.0.6525 - Acronis)
Acronis True Image 2015 (x32 Version: 18.0.6525 - Acronis) Hidden
Acronis Universal Restore Bootable Media Builder (HKLM-x32\...\{21A0454F-5B00-4DA7-81FF-A0B1FA295924}) (Version: 11.5.38938 - Acronis)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Advanced PDF Password Recovery (HKLM-x32\...\{A85CC7BA-760F-4B65-8E2F-640BE314F2F8}) (Version: 5.06.113.2041 - Elcomsoft Co. Ltd.)
Amazon Music (HKU\S-1-5-21-459147949-2764265090-3061895288-1004\...\Amazon Amazon Music) (Version: 3.4.0.628 - Amazon Services LLC)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 - Michael Tippach)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
AutoUpdate (HKLM-x32\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
Bing Bar (HKLM-x32\...\{08234a0d-cf39-4dca-99f0-0c5cb496da81}) (Version: 5.0.1449.0 - Microsoft Corporation)
Bing Bar Platform (x32 Version: 5.0.1449.0 - Microsoft Corporation) Hidden
Bing-Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.347.0 - Microsoft Corporation)
calibre (HKLM-x32\...\{18681CFA-4FAF-47F7-B1AA-E7B5D02CA274}) (Version: 2.4.0 - Kovid Goyal)
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
CHIP Updater (HKLM-x32\...\CHIP Updater_is1) (Version: 2.39 - Abelssoft)
CHIP Updater (HKLM-x32\...\UpdateYeti_is1) (Version: 2.37 - Abelssoft)
Citrix Receiver (HKU\S-1-5-21-459147949-2764265090-3061895288-1004\...\CitrixOnlinePluginPackWeb) (Version: 14.1.0.0 - Citrix Systems, Inc.)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes)
COMODO System Utilities (HKLM\...\{A7DA4247-9F22-4d4a-974A-DD455CCF43B6}) (Version: 4.0.226743.26 - COMODO)
Copernic Desktop Search 4 (HKLM-x32\...\CopernicDesktopSearch4) (Version: 4.2.0.6628 - Copernic)
Copernic Desktop Search 4 (x32 Version: 4.2.0.6628 - Copernic) Hidden
Corel Graphics Suite 11 (x32 Version: 11 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 11 (HKLM-x32\...\InstallShield_{1C63DD23-6554-4A1F-8D0D-B5A6B49D8015}) (Version: 11 - Corel Corporation)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Digital DJ (HKLM-x32\...\Digital DJ) (Version: 2.0 - MAGIX)
DivX Codec (HKLM-x32\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.6.1 - DivX, Inc.)
FFmpeg v0.6.2 for Audacity (HKLM-x32\...\FFmpeg for Audacity_is1) (Version:  - )
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version:  - FileHippo.com)
FLAC To MP3 V4.0.4 (HKLM-x32\...\FLAC To MP3_is1) (Version:  - FLAC To MP3, Inc.)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Gadwin PrintScreen (64-Bit) (HKLM\...\{4D1B6540-9F0C-413F-8444-C04FC0F69B7B}) (Version: 5.0.1.0 - Gadwin Systems)
GetFoldersize 2.5.24 (HKLM-x32\...\GetFoldersize_is1) (Version: 2.5.24 - Michael Thummerer Software Design)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
HitmanPro.Alert (HKLM\...\HitmanPro.Alert) (Version: 2.6.5.77 - SurfRight B.V.)
HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (HKLM\...\{C41713B3-DCB0-48C3-B830-47CB59C60B89}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710n-z Hilfe (HKLM-x32\...\{EFBC0CB1-AFFD-4E74-ACEF-42099F1D49C3}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4 - HP)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.0.4.25 - IObit)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
KlimaLogg Pro (HKLM-x32\...\KlimaLogg Pro_is1) (Version:  - TFA Dostmann)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Baseline Security Analyzer 2.3 (HKLM\...\{D8D25854-D7F0-45C5-8702-D650A5A23E21}) (Version: 2.3.2208 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Windows Performance Toolkit (HKLM\...\{E7F9E526-2324-437B-A609-E8C5309465CB}) (Version: 4.8.0 - Microsoft Corporation)
Microsoft Windows SDK for Windows 7 (7.1) (HKLM\...\SDKSetup_7.1.7600.0.30514) (Version: 7.1.7600.0.30514 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MiniTool Partition Recovery 5.0 (HKLM-x32\...\{BDCEB6A6-5966-4291-861A-058F49A2195A}_is1) (Version:  - MiniTool Solution Ltd.)
MixMeister BPM Analyzer 1.0 (HKLM-x32\...\MixMeister BPM Analyzer_is1) (Version:  - MixMeister Technology LLC)
Mozilla Firefox 33.1.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.1.1 (x86 de)) (Version: 33.1.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Mp3tag v2.65a (HKLM-x32\...\Mp3tag) (Version: v2.65a - Florian Heidenreich)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
Netzmanager (HKLM-x32\...\Netzmanager) (Version: 1.081 - Deutsche Telekom AG)
Netzmanager (Version: 1.081 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
Nitro Pro 8 (HKLM\...\{EE77DB04-2F1B-45FE-AC5B-04EA3A1C5658}) (Version: 8.0.8.3 - Nitro)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
Online Plug-in (x32 Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Paragon Festplatten Manager™ 15 Suite (HKLM\...\{29258311-EA49-11DE-967C-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.308.2 - Tracker Software Products Ltd)
Pinnacle Instant DVD Recorder (HKLM-x32\...\{C1212AE3-DBB9-4365-8473-F8ABC7B06BBB}) (Version: 2.5.0.092 - Pinnacle Systems)
RarmaRadio 2.69.1 (HKLM-x32\...\RarmaRadio_is1) (Version:  - RaimerSoft)
Recovery Media Builder™ (HKLM\...\{EC1AB719-E98B-532C-95D4-381FB69F5CD2}) (Version: 1.00.0000 - Paragon Software)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
S Agent (Version: 1.1.47 - Samsung Electronics CO., LTD.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
SeaTools for Windows (HKLM-x32\...\SeaTools for Windows) (Version:  - Seagate Technology)
Self-Service Plug-in (x32 Version: 4.1.0.41738 - Citrix Systems, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.105 - Skype Technologies S.A.)
SmartTools Publishing • Word Falz & Lochmarken-Assistent (HKLM-x32\...\SmartToolsFalz & Lochmarken-Assistentv7.05) (Version: v7.05 - SmartTools Publishing)
StreamTransport version: 1.1.6.1 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
Studie zur Verbesserung von HP Officejet 6500 E710n-z Produkten (HKLM\...\{C9347A74-CDAD-4076-B754-11752F6BE324}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1164 - SUPERAntiSpyware.com)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
TVCenter (HKLM\...\{DD0A0C72-A7C3-4722-86C9-2399F9FC0DE7}) (Version: 6.4.5.933 - PCTV Systems)
Ultra Defragmenter (HKLM-x32\...\UltraDefrag) (Version: 6.0.4 - UltraDefrag Development Team)
VHD Attach 3.90 (HKLM\...\JosipMedved_VhdAttach_is1) (Version: 3.90 - Josip Medved)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

Could not list Restore Points. Check "winmgmt" service or repair WMI.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => ?

==================== Loaded Modules (whitelisted) =============

2013-09-04 23:17 - 2013-09-04 23:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-12-07 12:41 - 2014-12-07 12:41 - 01556480 _____ () C:\Users\Privat\AppData\Local\Temp\is-KC1QV.tmp\cdbxp_setup_4.5.4.5143.tmp

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: NitroDriverReadSpool8 => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SWUpdateService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^O&O Defrag Tray.lnk => C:\Windows\pss\O&O Defrag Tray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup
MSCONFIG\startupreg: !BingBar => "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\MUExe\7.1.361.0\BingBarSetup-Partner.EXE" /C:"BBSetup.exe cabLocation=.\BingBarPartnerConfig.cab ismu=2"
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: AcronisTibMounterMonitor => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Bing Bar => "C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: Microsoft Default Manager => "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
MSCONFIG\startupreg: TrueImageMonitor.exe => "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-459147949-2764265090-3061895288-500 - Administrator - Disabled)
Coach (S-1-5-21-459147949-2764265090-3061895288-1003 - Limited - Enabled) => C:\Users\Coach
Gast (S-1-5-21-459147949-2764265090-3061895288-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-459147949-2764265090-3061895288-1002 - Limited - Enabled)
Privat (S-1-5-21-459147949-2764265090-3061895288-1004 - Limited - Enabled) => C:\Users\Privat
R (S-1-5-21-459147949-2764265090-3061895288-1001 - Administrator - Enabled) => C:\Users\R

==================== Faulty Device Manager Devices =============

Name: Namuga 1.3M Webcam
Description: USB-Videogerät
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/07/2014 11:57:41 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/07/2014 11:57:41 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/07/2014 11:57:41 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/07/2014 11:57:41 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)

Error: (12/07/2014 11:57:37 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/07/2014 11:57:37 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (12/07/2014 11:57:37 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/07/2014 11:57:37 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=4700} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/07/2014 11:57:37 AM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: Der Jet-Eigenschaftenspeicher kann von Windows Search nicht geöffnet werden.


Details:
	0x%08x (0xc0041800 - Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800))

Error: (12/07/2014 11:57:36 AM) (Source: ESENT) (EventID: 455) (User: )
Description: Windows (2712) Windows: Fehler -1811 beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS005D3.log.


System errors:
=============
Error: (12/07/2014 00:37:07 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (12/07/2014 00:35:56 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "\\?\Volume{79d9c15c-ae74-11e3-99f7-002454164d61}" können nicht gelesen werden.

Error: (12/07/2014 00:35:56 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "\\?\Volume{480761ad-ac60-11e3-b16b-806e6f6e6963}" können nicht gelesen werden.

Error: (12/07/2014 00:35:56 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "\\?\Volume{480761ac-ac60-11e3-b16b-806e6f6e6963}" können nicht gelesen werden.

Error: (12/07/2014 00:35:42 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (12/07/2014 00:35:42 PM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (12/07/2014 00:24:59 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "" können nicht gelesen werden.

Error: (12/07/2014 00:24:59 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "" können nicht gelesen werden.

Error: (12/07/2014 00:24:59 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "" können nicht gelesen werden.

Error: (12/07/2014 00:23:13 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Acronis Nonstop Backup Service" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056


Microsoft Office Sessions:
=========================
Error: (12/07/2014 11:57:41 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: 
Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/07/2014 11:57:41 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontext: Windows Anwendung


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/07/2014 11:57:41 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/07/2014 11:57:41 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (12/07/2014 11:57:37 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (12/07/2014 11:57:37 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (12/07/2014 11:57:37 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: 
Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (12/07/2014 11:57:37 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: 
Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
4700

Error: (12/07/2014 11:57:37 AM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: 
Details:
	0x%08x (0xc0041800 - Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800))

Error: (12/07/2014 11:57:36 AM) (Source: ESENT) (EventID: 455) (User: )
Description: Windows2712Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS005D3.log-1811


CodeIntegrity Errors:
===================================
  Date: 2014-12-07 12:35:55.134
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-07 12:03:57.170
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-07 11:57:04.009
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-07 11:45:40.231
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-07 11:31:26.208
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-07 09:17:45.682
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-07 04:24:01.608
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-07 03:58:34.979
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-07 03:40:40.797
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-06 23:16:55.581
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU P7550 @ 2.26GHz
Percentage of memory in use: 48%
Total physical RAM: 4060.61 MB
Available physical RAM: 2078.7 MB
Total Pagefile: 8119.41 MB
Available Pagefile: 5851.97 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:198.89 GB) (Free:28.63 GB) NTFS
Drive d: (temp) (Fixed) (Total:59.43 GB) (Free:18.22 GB) NTFS
Drive e: (Daten) (Fixed) (Total:131.39 GB) (Free:24.72 GB) NTFS

==================== MBR & Partition Table ==================

==================== End Of Log ============================
         


Alt 12.12.2014, 23:11   #6
schrauber
/// the machine
/// TB-Ausbilder
 

sfc /scannow reparieren? - Standard

sfc /scannow reparieren?



unsere Tools brauchen immer Adminrechte !!


Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
--> sfc /scannow reparieren?

Alt 15.12.2014, 10:14   #7
rk1757
 
sfc /scannow reparieren? - Standard

sfc /scannow reparieren?



Hallo Schrauber,
danke für die weitere Hilfe.
Hier nun die Log vom Combofix
Code:
ATTFilter
ComboFix 14-12-14.01 - R 15.12.2014   9:42.1.2 - x64 MINIMAL
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.4061.3342 [GMT 1:00]
ausgeführt von:: c:\users\Privat\Downloads\Combofix\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Enabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\klimalogg.dat1.tmp
c:\users\R\AppData\Local\assembly\tmp
E:\install.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-11-15 bis 2014-12-15  ))))))))))))))))))))))))))))))
.
.
2014-12-14 22:08 . 2014-12-14 22:09	--------	d-----w-	c:\windows\system32\appraiser
2014-12-14 22:08 . 2014-12-14 22:09	--------	d-s---w-	c:\windows\system32\CompatTel
2014-12-14 15:52 . 2014-11-01 19:21	11632448	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0F681727-3CF7-4487-8763-5AD78AC7315C}\mpengine.dll
2014-12-13 20:51 . 2014-12-13 20:59	--------	d-----w-	c:\program files (x86)\Common Files\DVDVideoSoft
2014-12-13 17:05 . 2014-12-13 17:12	--------	d-----w-	c:\windows\system32\catroot2
2014-12-13 16:59 . 2014-12-13 20:21	129752	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-13 16:59 . 2014-11-21 05:14	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2014-12-13 16:59 . 2014-11-21 05:14	93400	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2014-12-13 16:59 . 2014-11-21 05:14	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2014-12-13 16:59 . 2014-12-13 16:59	--------	d-----w-	c:\program files (x86)\ Malwarebytes Anti-Malware 
2014-12-13 12:26 . 2014-11-01 19:21	11632448	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-12-13 12:10 . 2014-12-13 12:10	--------	d-----w-	c:\windows\SysWow64\wbem\Performance
2014-12-13 11:51 . 2014-12-13 11:51	--------	d-----w-	C:\RegBackup
2014-12-12 14:16 . 2014-12-12 14:16	--------	d-----w-	c:\users\R\AppData\Roaming\Nitro PDF
2014-12-10 15:16 . 2014-12-07 16:16	1188440	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A8EB7AFC-67DD-42EF-BC0A-CE881B9DAF73}\gapaengine.dll
2014-12-10 12:44 . 2014-12-10 12:44	--------	d-----w-	c:\users\Privat\AppData\Roaming\DesktopDPO-b590ce5c4fa12d0f57bf76ef54d1be94
2014-12-10 12:20 . 2014-12-10 12:22	--------	d-----w-	c:\program files (x86)\Office-Bibliothek
2014-12-10 12:18 . 2001-09-05 03:18	225280	------w-	c:\program files (x86)\Common Files\InstallShield\IScript\IScript.dll
2014-12-10 12:18 . 2001-09-05 03:18	77824	----a-w-	c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\ctor.dll
2014-12-10 12:18 . 2001-09-05 03:14	176128	------w-	c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\iuser.dll
2014-12-10 12:18 . 2001-09-05 03:13	32768	------w-	c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\objectps.dll
2014-12-10 12:18 . 2004-04-21 19:10	212992	------w-	c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\ILog.dll
2014-12-10 06:32 . 2014-10-18 01:33	3209728	----a-w-	c:\windows\SysWow64\mf.dll
2014-12-10 06:32 . 2014-10-18 02:05	4121600	----a-w-	c:\windows\system32\mf.dll
2014-12-10 06:26 . 2014-12-04 02:50	192000	----a-w-	c:\windows\system32\aepic.dll
2014-12-10 06:26 . 2014-12-04 02:44	1083392	----a-w-	c:\windows\system32\aeinv.dll
2014-12-10 06:26 . 2014-12-01 23:28	1232040	----a-w-	c:\windows\system32\aitstatic.exe
2014-12-10 06:26 . 2014-12-04 02:50	741376	----a-w-	c:\windows\system32\invagent.dll
2014-12-10 06:26 . 2014-12-04 02:50	413184	----a-w-	c:\windows\system32\generaltel.dll
2014-12-10 06:26 . 2014-12-04 02:50	396800	----a-w-	c:\windows\system32\devinv.dll
2014-12-10 06:26 . 2014-12-04 02:50	227328	----a-w-	c:\windows\system32\aepdu.dll
2014-12-10 06:26 . 2014-11-11 01:46	119296	----a-w-	c:\windows\system32\drivers\tdx.sys
2014-12-10 06:23 . 2014-11-08 03:16	2048	----a-w-	c:\windows\system32\tzres.dll
2014-12-10 06:23 . 2014-11-08 02:45	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2014-12-10 06:18 . 2014-12-07 16:16	1188440	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-12-08 06:29 . 2014-12-08 06:29	--------	d-----w-	c:\users\Privat\AppData\Local\colorpicker
2014-12-08 06:29 . 2014-12-08 06:29	--------	d-----w-	c:\program files (x86)\ColorPicker
2014-12-07 16:10 . 2014-12-07 16:10	--------	d-----w-	c:\program files (x86)\Microsoft Security Client
2014-12-07 16:10 . 2014-12-07 16:10	--------	d-----w-	c:\program files\Microsoft Security Client
2014-12-07 14:15 . 2014-12-07 14:15	--------	d-----w-	c:\users\R\AppData\Roaming\DesktopDPO-b590ce5c4fa12d0f57bf76ef54d1be94
2014-12-07 14:09 . 2014-12-07 14:14	--------	d-----w-	c:\program files (x86)\Design&Print
2014-12-07 11:29 . 2014-12-07 11:29	--------	d-sh--w-	c:\users\R\AppData\Local\EmieBrowserModeList
2014-12-07 11:22 . 2014-12-07 11:22	296736	----a-w-	c:\windows\system32\drivers\file_tracker.sys
2014-12-07 11:22 . 2014-12-07 11:22	234784	----a-w-	c:\windows\system32\drivers\tib_mounter.sys
2014-12-07 11:21 . 2014-12-07 11:21	1328928	----a-w-	c:\windows\system32\drivers\tib.sys
2014-12-07 11:21 . 2014-12-07 11:21	304416	----a-w-	c:\windows\system32\drivers\snapman.sys
2014-12-07 11:21 . 2014-12-07 11:21	134432	----a-w-	c:\windows\system32\drivers\fltsrv.sys
2014-12-07 11:14 . 2014-12-07 11:21	--------	d-----w-	c:\program files (x86)\Acronis
2014-12-07 02:53 . 2014-12-07 02:53	--------	d-----w-	c:\users\R\AppData\Roaming\6201DCD5-31C3-42A8-9C56-988BDE234E8F
2014-12-06 20:09 . 2014-12-07 11:22	--------	d-----w-	c:\program files (x86)\Common Files\Acronis
2014-12-06 12:01 . 2014-12-06 12:01	--------	d-----w-	c:\program files\Josip Medved
2014-11-25 13:24 . 2014-11-25 13:24	24294072	----a-w-	c:\program files\Common Files\Microsoft Shared\OFFICE14\MSO.DLL
2014-11-25 12:59 . 2014-11-25 12:59	18638520	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\OFFICE14\MSO.DLL
2014-11-23 13:24 . 2014-11-23 13:24	--------	d-----w-	c:\users\R\AppData\Roaming\TeamViewer
2014-11-22 10:29 . 2014-11-22 10:29	--------	d-----w-	c:\program files (x86)\StreamTransport
2014-11-21 05:52 . 2014-11-21 05:52	--------	d-----w-	c:\windows\SysWow64\Wat
2014-11-21 05:52 . 2014-11-21 05:52	--------	d-----w-	c:\windows\system32\Wat
2014-11-20 20:34 . 2014-11-20 20:34	--------	d-----w-	c:\users\Privat\AppData\Local\Hola
2014-11-19 05:43 . 2014-11-11 03:08	241152	----a-w-	c:\windows\system32\pku2u.dll
2014-11-19 05:43 . 2014-11-11 03:08	728064	----a-w-	c:\windows\system32\kerberos.dll
2014-11-19 05:43 . 2014-11-11 02:44	186880	----a-w-	c:\windows\SysWow64\pku2u.dll
2014-11-19 05:43 . 2014-11-11 02:44	550912	----a-w-	c:\windows\SysWow64\kerberos.dll
2014-11-19 03:26 . 2014-11-19 03:26	1614504	----a-w-	c:\windows\system32\FM20.DLL
2014-11-17 18:25 . 2014-11-17 18:25	--------	d-sh--w-	c:\users\Privat\AppData\Local\EmieBrowserModeList
2014-11-15 14:43 . 2014-12-11 05:21	--------	d-----w-	c:\program files\SUPERAntiSpyware
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-14 21:58 . 2009-07-14 02:36	152576	----a-w-	c:\windows\SysWow64\msclmd.dll
2014-12-14 21:58 . 2009-07-14 02:36	175616	----a-w-	c:\windows\system32\msclmd.dll
2014-12-13 11:50 . 2014-03-16 04:19	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-13 11:50 . 2014-03-16 04:19	701616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-12-10 06:37 . 2014-03-15 17:28	112710672	----a-w-	c:\windows\system32\MRT.exe
2014-11-05 21:55 . 2014-11-05 17:15	93144	----a-w-	c:\windows\system32\drivers\hmpalert.sys
2014-11-05 21:55 . 2014-11-05 17:15	548424	----a-w-	c:\windows\system32\hmpalert.dll
2014-11-05 21:55 . 2014-11-05 17:15	477008	----a-w-	c:\windows\SysWow64\hmpalert.dll
2014-10-30 11:25 . 2014-03-15 17:10	275080	------w-	c:\windows\system32\MpSigStub.exe
2014-10-26 15:41 . 2014-07-22 09:11	111016	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2014-10-26 15:41 . 2014-10-26 15:44	191400	----a-w-	c:\windows\system32\javaw.exe
2014-10-26 15:41 . 2014-10-26 15:44	190888	----a-w-	c:\windows\system32\java.exe
2014-10-26 15:41 . 2014-07-22 09:11	320936	----a-w-	c:\windows\system32\javaws.exe
2014-10-25 02:10 . 2014-10-25 02:10	92160	----a-w-	c:\windows\system32\udefrag.exe
2014-10-25 02:10 . 2014-10-25 02:10	13312	----a-w-	c:\windows\system32\hibernate4win.exe
2014-10-25 02:10 . 2014-10-25 02:10	12288	----a-w-	c:\windows\system32\bootexctrl.exe
2014-10-25 02:10 . 2014-10-25 02:10	33792	----a-w-	c:\windows\system32\wgx.dll
2014-10-25 02:09 . 2014-10-25 02:09	132608	----a-w-	c:\windows\system32\lua5.1a.dll
2014-10-25 02:09 . 2014-10-25 02:09	394752	----a-w-	c:\windows\system32\defrag_native.exe
2014-10-25 02:09 . 2014-10-25 02:09	55808	----a-w-	c:\windows\system32\udefrag.dll
2014-10-25 02:09 . 2014-10-25 02:09	337920	----a-w-	c:\windows\system32\zenwinx.dll
2014-10-25 01:57 . 2014-11-11 18:30	77824	----a-w-	c:\windows\system32\packager.dll
2014-10-25 01:32 . 2014-11-11 18:30	67584	----a-w-	c:\windows\SysWow64\packager.dll
2014-10-18 02:05 . 2014-11-11 18:26	861696	----a-w-	c:\windows\system32\oleaut32.dll
2014-10-18 01:33 . 2014-11-11 18:26	571904	----a-w-	c:\windows\SysWow64\oleaut32.dll
2014-10-14 02:16 . 2014-11-11 18:30	155064	----a-w-	c:\windows\system32\drivers\ksecpkg.sys
2014-10-14 02:13 . 2014-11-11 18:30	683520	----a-w-	c:\windows\system32\termsrv.dll
2014-10-14 02:13 . 2014-11-11 18:29	3241984	----a-w-	c:\windows\system32\msi.dll
2014-10-14 02:12 . 2014-11-11 18:30	1460736	----a-w-	c:\windows\system32\lsasrv.dll
2014-10-14 02:09 . 2014-11-11 18:30	146432	----a-w-	c:\windows\system32\msaudite.dll
2014-10-14 02:07 . 2014-11-11 18:30	681984	----a-w-	c:\windows\system32\adtschema.dll
2014-10-14 01:50 . 2014-11-11 18:30	22016	----a-w-	c:\windows\SysWow64\secur32.dll
2014-10-14 01:50 . 2014-11-11 18:29	2363904	----a-w-	c:\windows\SysWow64\msi.dll
2014-10-14 01:49 . 2014-11-11 18:30	96768	----a-w-	c:\windows\SysWow64\sspicli.dll
2014-10-14 01:47 . 2014-11-11 18:30	146432	----a-w-	c:\windows\SysWow64\msaudite.dll
2014-10-14 01:46 . 2014-11-11 18:30	681984	----a-w-	c:\windows\SysWow64\adtschema.dll
2014-10-10 00:57 . 2014-11-11 18:29	3198976	----a-w-	c:\windows\system32\win32k.sys
2014-10-03 02:12 . 2014-11-11 18:29	500224	----a-w-	c:\windows\system32\AUDIOKSE.dll
2014-10-03 02:11 . 2014-11-11 18:29	284672	----a-w-	c:\windows\system32\EncDump.dll
2014-10-03 02:11 . 2014-11-11 18:29	680960	----a-w-	c:\windows\system32\audiosrv.dll
2014-10-03 02:11 . 2014-11-11 18:29	440832	----a-w-	c:\windows\system32\AudioEng.dll
2014-10-03 02:11 . 2014-11-11 18:29	296448	----a-w-	c:\windows\system32\AudioSes.dll
2014-10-03 01:44 . 2014-11-11 18:29	442880	----a-w-	c:\windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:44 . 2014-11-11 18:29	374784	----a-w-	c:\windows\SysWow64\AudioEng.dll
2014-10-03 01:44 . 2014-11-11 18:29	195584	----a-w-	c:\windows\SysWow64\AudioSes.dll
2014-09-25 02:08 . 2014-10-01 09:15	371712	----a-w-	c:\windows\system32\qdvd.dll
2014-09-25 01:40 . 2014-10-01 09:15	519680	----a-w-	c:\windows\SysWow64\qdvd.dll
2014-09-24 08:22 . 2014-09-24 08:22	2268	----a-w-	c:\windows\system32\ud-boot-time.cmd
2014-09-19 09:42 . 2014-11-11 18:30	210944	----a-w-	c:\windows\system32\wdigest.dll
2014-09-19 09:42 . 2014-11-11 18:30	86528	----a-w-	c:\windows\system32\TSpkg.dll
2014-09-19 09:42 . 2014-11-11 18:30	342016	----a-w-	c:\windows\system32\schannel.dll
2014-09-19 09:42 . 2014-11-11 18:30	309760	----a-w-	c:\windows\system32\ncrypt.dll
2014-09-19 09:42 . 2014-11-11 18:30	314880	----a-w-	c:\windows\system32\msv1_0.dll
2014-09-19 09:42 . 2014-11-11 18:30	22016	----a-w-	c:\windows\system32\credssp.dll
2014-09-19 09:23 . 2014-11-11 18:30	172032	----a-w-	c:\windows\SysWow64\wdigest.dll
2014-09-19 09:23 . 2014-11-11 18:30	65536	----a-w-	c:\windows\SysWow64\TSpkg.dll
2014-09-19 09:23 . 2014-11-11 18:30	248832	----a-w-	c:\windows\SysWow64\schannel.dll
2014-09-19 09:23 . 2014-11-11 18:30	221184	----a-w-	c:\windows\SysWow64\ncrypt.dll
2014-09-19 09:23 . 2014-11-11 18:30	259584	----a-w-	c:\windows\SysWow64\msv1_0.dll
2014-09-19 09:23 . 2014-11-11 18:30	17408	----a-w-	c:\windows\SysWow64\credssp.dll
2014-09-18 09:16 . 2014-09-18 09:16	700680	----a-w-	c:\windows\system32\drivers\uim_im.sys
2014-09-18 09:16 . 2014-09-18 09:16	556552	----a-w-	c:\windows\system32\drivers\UimFIO.sys
2014-09-18 09:16 . 2014-09-18 09:16	25992	----a-w-	c:\windows\system32\drivers\uim_devim.sys
2014-09-18 09:16 . 2014-09-18 09:16	102664	----a-w-	c:\windows\system32\drivers\UimBus.sys
2014-09-18 09:16 . 2014-10-04 13:00	34056	----a-w-	c:\windows\system32\drivers\hotcore3.sys
2014-09-18 09:16 . 2014-09-18 09:16	944904	----a-w-	c:\windows\system32\Vim.RWBlock.dll
2014-09-18 09:16 . 2014-09-18 09:16	86792	----a-w-	c:\windows\system32\vimbase.dll
2014-09-18 09:16 . 2014-09-18 09:16	531720	----a-w-	c:\windows\system32\drivers\UMDF\blockmounter.dll
2014-09-18 09:16 . 2014-09-18 09:16	2065160	----a-w-	c:\windows\system32\vimsdk.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-11-20 1021128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0??\0?\0PowerRemov??\0PowerRemover.eService\SWMAgent. 'Win32_Process'\0?\0PowerRemover.e??\0PowerRemover.e?\0??\0PowerRemover
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
R1 Uim_DEVIM;UIM Direct Device Image Plugin;c:\windows\system32\DRIVERS\uim_devim.sys;c:\windows\SYSNATIVE\DRIVERS\uim_devim.sys [x]
R2 afcdpsrv;Acronis Nonstop Backup Service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [x]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
R2 BingDesktopUpdate;Bing Desktop Update service;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 CSUService;COMODO System Utilities Service;c:\program files\COMODO\COMODO System Utilities\CSUService.exe;c:\program files\COMODO\COMODO System Utilities\CSUService.exe [x]
R2 hmpalert;HitmanPro.Alert Support Driver;c:\windows\system32\drivers\hmpalert.sys;c:\windows\SYSNATIVE\drivers\hmpalert.sys [x]
R2 KlimaLogg Service;KlimaLogg Service;c:\program files (x86)\KlimaLoggPro\KlimaLoggProService.exe;c:\program files (x86)\KlimaLoggPro\KlimaLoggProService.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R2 syncagentsrv;Acronis Sync Agent Service;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [x]
R2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 hmpalertsvc;HitmanPro.Alert Service;c:\program files (x86)\HitmanPro.Alert\hmpalert.exe;c:\program files (x86)\HitmanPro.Alert\hmpalert.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys;c:\windows\SYSNATIVE\pwdrvio.sys [x]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys;c:\windows\SYSNATIVE\pwdspio.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 rtl819xpn64;Realtek RTL8190/RTL8192E 802.11n Wireless LAN (Mini-) PCI NIC-NT-Treiber;c:\windows\system32\DRIVERS\rtl819xp.sys;c:\windows\SYSNATIVE\DRIVERS\rtl819xp.sys [x]
R3 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
R4 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R4 Netzmanager Service;Netzmanager Infrastruktur Informationssystem Dienst;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe ;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe  [x]
R4 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8;c:\program files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe;c:\program files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [x]
R4 SWUpdateService;SW Update Service;c:\programdata\Samsung\SW Update Service\SWMAgent.exe;c:\programdata\Samsung\SW Update Service\SWMAgent.exe [x]
R4 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [x]
S0 file_tracker;file_tracker;c:\windows\system32\DRIVERS\file_tracker.sys;c:\windows\SYSNATIVE\DRIVERS\file_tracker.sys [x]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys;c:\windows\SYSNATIVE\DRIVERS\fltsrv.sys [x]
S0 hotcore3;hc3ServiceName;c:\windows\system32\DRIVERS\hotcore3.sys;c:\windows\SYSNATIVE\DRIVERS\hotcore3.sys [x]
S0 tib;Acronis TIB Manager;c:\windows\system32\DRIVERS\tib.sys;c:\windows\SYSNATIVE\DRIVERS\tib.sys [x]
S0 tib_mounter;Acronis TIB Mounter;c:\windows\system32\DRIVERS\tib_mounter.sys;c:\windows\SYSNATIVE\DRIVERS\tib_mounter.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S3 azvusb;Virtual USB Hub;c:\windows\system32\DRIVERS\azvusb.sys;c:\windows\SYSNATIVE\DRIVERS\azvusb.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2014-12-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-16 11:50]
.
2014-04-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-03-19 10:46]
.
2014-04-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-03-19 10:46]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncError]
@="{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}"
[HKEY_CLASSES_ROOT\CLSID\{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}]
2014-09-09 09:05	2832680	----a-w-	c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncInProgress]
@="{00F848DC-B1D4-4892-9C25-CAADC86A215D}"
[HKEY_CLASSES_ROOT\CLSID\{00F848DC-B1D4-4892-9C25-CAADC86A215D}]
2014-09-09 09:05	2832680	----a-w-	c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncOk]
@="{71573297-552E-46fc-BE3D-3DFAF88D47B7}"
[HKEY_CLASSES_ROOT\CLSID\{71573297-552E-46fc-BE3D-3DFAF88D47B7}]
2014-09-09 09:05	2832680	----a-w-	c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 108144]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-08-22 1331288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"MSPCLOCK"="streamci" [X]
"MSPQM"="streamci" [X]
"MSKSSRV"="streamci" [X]
"MSTEE.CxTransform"="streamci" [X]
"MSTEE.Splitter"="streamci" [X]
"WDM_DRMKAUD"="streamci" [X]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
IE: An OneNote s&enden - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\R\AppData\Roaming\Mozilla\Firefox\Profiles\is3epxns.default-1410158323112\
FF - prefs.js: browser.startup.homepage - www.google.de|hxxps://translate.google.de/
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled\Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG17.00.00.01PROFESSIONAL"="64BD35466F5C9ECDE918AE6040F7C8AFF8C5B1D7D54B9EAF1B8285F6757C2BB215233113DF2234B57088A88FB1801161C92341F62ACF41A27884FD1F2E9B665D0401A3E02D297DAA65662660CAF176269EFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D1407A6A0AC4980AC7933BA7FD869164D6794A6A0AC4980AC79336A917B151DB4880D5B7A67519B18E202240584849E808C4B4074E5614E32F73F17570AE9B659B7ECAF741F1B401845B6707B5DE93D6B67AFF115681080D31856E6374CA70B5C8B95074E7F1AC7EBB71995B5F7D6CE5E79F3F2825A67497CBA9240192347D439BA029116789182C0D2812D87FCFC5E5E5CEAE37633A70C251CE26E3D77356EF8BFDF63AF06BD6657717CB519120299FEEC9FCCFCEA01CED738EE2133B0D0D73DDB12F4D221488B07B3C79066650052EB4CCD9775011E3DB5D20FECE141ED353A11AE2388C954AEB6FED7013DA606FCE360E41197F496266FF0D0C6831955CCB8A581AE2F0476B1647BD4B2C30B153637D18AED69CEFBFBCCDDF60B252F418D15A688BAFB563799221499B270CA243ACE8D96C349165057AA27F5FA2800E485BD617550734F148D937A35F18FA21CEBA244170DE7D90A70F71FF7B6C287E0E9386A305CF17A7EDB7421EA4541535BCF426DCAA7C9AB95A7B6DAD8477FCACF909D98D12E256F5BF58F413467F722B390CFBEA656C6A0D080FEB52C993B4F3C761986A97B10C3026EC7D6BA74FD576C7B81B8D2BF8CD20FA0FB4E377BA820A6BB6B933BDA0992410191225F6EEB3F3E83211AAD6D1C5F18D36D85711FCCCB83A468E23B4B3CFCDA0876A735BAB3AA57BE0EE8C5CE4AE8260825820B9E01E33A9778DA942B27A6010794AE822398EDDA6539ED61B6BF93E7D10D2F6373738027A2182967BF1DB55F219BC3C35531E25DD7A9B776D9F70A02669D3992FDA63C1AF2D7BA84AF4557919FD137A9E0EB646994F995345346FA8922E792DF806FB4575F5C42720A1A3AA96F101D163D0654FD45D61EF9A2CC958A828EF149A3770E965DDBB8EBBDE8132C20C4CCA04294180CB18529DB280691832BC75200723EEC058A25D86020579811696FE316AEFD96F8C6595523ACBEA768E2E170EADC93FDC02617A0F168D986C6222742F4A280BD2198BD02CCD716959F14B8CEA2351E6EDE1426D377343C9C2E49930BF0A4AAFC50DC315687BA039C84CEC1B375B2D7F1E75CDAFA79829D9E9BFCF227721E5FC9C8EB453AB9C6CC83E5C404A964F18DBED5AA50DFB9B8EE5459031542935AD69C4145A1DAFAD1901386CD19FE2472628F1CCE3890A79F7989A245E14D248D9D726489FE299896BF191DE4B2C49E95CA239B3DD762EBE1D58DA9D0D07B284C924BCE7FAC5C12B39DE756A79251"
.
Zeit der Fertigstellung: 2014-12-15  09:51:22
ComboFix-quarantined-files.txt  2014-12-15 08:51
.
Vor Suchlauf: 16 Verzeichnis(se), 25.232.564.224 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 24.866.021.376 Bytes frei
.
- - End Of File - - D16DCB99570CCC53D7DD631942A55431
A36C5E4F47E84449FF07ED3517B43A31
         

Alt 15.12.2014, 20:20   #8
schrauber
/// the machine
/// TB-Ausbilder
 

sfc /scannow reparieren? - Standard

sfc /scannow reparieren?



  • Lade Dir bitte Windows Repair - All in one von tweaking.com hier herunter und installiere es.
  • Deaktiviere bitte (wenn möglich) Dein Antivirusprogramm.
  • Bedenke, dass die einzelnen Reparaturen einige Zeit benötigen. Starte keine anderen Anwendungen in dieser Zeit.
  • Starte das Programm und führe die Punkte 1-5 durch. (Siehe Bildanleitung)
  • Achte darauf, dass bei Dir die Häkchen so gesetzt sind wie unter Punkt 4.
  • Setze auch ein Häkchen bei "Restart/Shutdown System" und klicke "Restart System" an bevor Du Punkt 5 durchführst.






ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 16.12.2014, 23:57   #9
rk1757
 
sfc /scannow reparieren? - Standard

Eset Scanner log.txt



Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=45d761cc1813dd44852dc465c7cb13e4
# engine=21572
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-12-16 08:42:49
# local_time=2014-12-16 09:42:49 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 750742 41699763 0 0
# scanned=247296
# found=14
# cleaned=14
# scan_time=9114
sh=8C299A27E16F04E97E2DBABCF412697C43273DFC ft=1 fh=c345d981f4dfe292 vn="Variante von Win32/InstallCore.UE evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\$RECYCLE.BIN\S-1-5-21-459147949-2764265090-3061895288-1004\$R5JV64C.exe"
sh=4370E4F60FB96627C6AD4F4820A4FA8A61F8EC29 ft=1 fh=3b60eb1472d7e959 vn="Variante von Win32/CNETInstaller.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Privat\Downloads\cbsidlm-cbsi213-AMR_MP3_Converter-SEO_DE-75858774.exe"
sh=590563A58616FE1877329EA58948F6961AB0C77F ft=1 fh=5b10c696ef5b2648 vn="Win32/DownWare.W evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Privat\Downloads\RarmaRadio\Rarmaradio_setup.exe"
sh=5F312351C6AE3A2EDCCA2AD96278E1A82E207E7E ft=1 fh=5b10c696dbb63c10 vn="Win32/DownWare.W evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Privat\Downloads\RarmaRadio\Rarmaradio_setup_2-68-3.exe"
sh=590563A58616FE1877329EA58948F6961AB0C77F ft=1 fh=5b10c696ef5b2648 vn="Win32/DownWare.W evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Privat\Downloads\RarmaRadio\Rarmaradio_setup_2.69.1.exe"
sh=075478ED256C74207FB1540F41BE4934B47D549B ft=1 fh=5a1a58d6a5023955 vn="Win32/Somoto.Q evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Privat\Downloads\Streamtransport1.1.6.2\streamtransport_chrome_setup1.1.6.2.exe"
sh=E18B5242B0C893DF09E34A9E89DE551503F31591 ft=1 fh=5a1a58d6d884f372 vn="Win32/Somoto.Q evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Privat\Downloads\Streamtransport1.1.6.2\Streamtransport IE10\streamtransport_setup.exe"
sh=E833436032535FEB243B262717AA6F23AEDEDE9F ft=1 fh=1c0e267f63a665cf vn="Win32/DownWare.L evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Public\Documents\RK_Stick1_01.03.2014\Win18791drv.exe"
sh=2DAAB83B0439BC76845E58F3F7DDB84EE8E210C4 ft=1 fh=855a37aa5dbeb36f vn="Win32/InstallCore.PC evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\R\AppData\Roaming\0F1L1I1P0H1L1E1E1F\Notepad++ Packages\uninstaller.exe"
sh=273A2A936AEC8B68DE2329EF69996F616B0D757E ft=1 fh=6e75ff11b16007d4 vn="NSIS/StartPage.CC Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\R\Downloads\vlc-2.1.3-win64.exe"
sh=075478ED256C74207FB1540F41BE4934B47D549B ft=1 fh=5a1a58d6a5023955 vn="Win32/Somoto.Q evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\R\Downloads\Streamtransport\streamtransport_1.1.6.2\streamtransport_chrome_setup1.1.6.2.exe"
sh=E18B5242B0C893DF09E34A9E89DE551503F31591 ft=1 fh=5a1a58d6d884f372 vn="Win32/Somoto.Q evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\R\Downloads\Streamtransport\streamtransport_1.1.6.2\Streamtransport IE10\streamtransport_setup.exe"
sh=56371D74005B39D794FF8F30891F27BACECA56C8 ft=1 fh=c3e79ff37423ee01 vn="Variante von Win32/Toolbar.Babylon.P evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="D:\Administrator.Reiner-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nohfdhapjjlndfgjnmdlcabloeembdkj\1.0\BUSolution.dll"
sh=F5C514F93292C6B027DCB2898E0010C534428DDA ft=1 fh=5629cfffb69b4f20 vn="Variante von Win32/Toolbar.Babylon.Q evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="D:\Administrator.Reiner-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nohfdhapjjlndfgjnmdlcabloeembdkj\1.0\NPObject.dll"
         
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.91  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Microsoft Security Essentials   
  (On Access scanning disabled!) 
 Error obtaining update status for antivirus!  
`````````Anti-malware/Other Utilities Check:````````` 
 Java version 32-bit out of Date! 
 Adobe Flash Player 16.0.0.235  
 Adobe Reader XI  
 Mozilla Firefox (34.0.5) 
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
 KlimaLoggPro KlimaLoggProService.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-12-2014 01
Ran by Privat (ATTENTION: The logged in user is not administrator) on R-PC on 16-12-2014 20:58:18
Running from C:\Users\Privat\Downloads\FRST 64-Bit
Loaded Profiles: R & Privat (Available profiles: R & Coach & Privat)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Citrix Systems, Inc.) C:\Users\Privat\AppData\Local\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Users\Privat\AppData\Local\Program Files\Citrix\Receiver\Receiver.exe
(Citrix Systems, Inc.) C:\Users\Privat\AppData\Local\Citrix\SelfService\Program Files\SelfServicePlugin.exe
(Citrix Systems, Inc.) C:\Users\Privat\AppData\Local\Citrix\ICA Client\wfcrun32.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKU\S-1-5-21-459147949-2764265090-3061895288-1001\...\RunOnce: [Adobe Speed Launcher] => 1418709390
HKU\S-1-5-21-459147949-2764265090-3061895288-1004\...\Run: [ConnectionCenter] => C:\Users\Privat\AppData\Local\Citrix\ICA Client\concentr.exe [395656 2013-10-01] (Citrix Systems, Inc.)
HKU\S-1-5-21-459147949-2764265090-3061895288-1004\...\RunOnce: [Adobe Speed Launcher] => 1418758487
HKU\S-1-5-21-459147949-2764265090-3061895288-1004\...\MountPoints2: {d5b1e588-28fd-11e4-99a0-002454164d61} - H:\AutoRun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\Users\Privat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
BootExecute: autocheck autochk * ???PowerRemov??PowerRemover.eService\SWMAgent. 'Win32_Process'?PowerRemover.e??PowerRemover.e???PowerRemover

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-459147949-2764265090-3061895288-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-459147949-2764265090-3061895288-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-459147949-2764265090-3061895288-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-459147949-2764265090-3061895288-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\S-1-5-21-459147949-2764265090-3061895288-1004 -> {E2F142F7-A180-4898-98E3-6543ADCC6CD9} URL = hxxp://www.sm.de/?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} ->  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Privat\AppData\Roaming\Mozilla\Firefox\Profiles\chw91qfc.default
FF NewTab: Home
FF Homepage: www.google.de|www.yahoo.de|www.ard-text.de|www.n24.de|hxxp://www.wissenschaft-aktuell.de/|hxxp://translate.google.de/|hxxp://www.wetteronline.de/wetter/mecklenburg-vorpommern|https://mail.daa.de|hxxp://www.tvtoday.de/tv-programm/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpWinExt,version=5.0 -> C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-459147949-2764265090-3061895288-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-459147949-2764265090-3061895288-1004: @Citrix.com/npican -> C:\Users\Privat\AppData\Local\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Extension: Hola Better Internet - C:\Users\Privat\AppData\Roaming\Mozilla\Firefox\Profiles\chw91qfc.default\Extensions\jid1-4P0kohSJxU1qGg@jetpack [2014-12-16]
FF Extension: Adblock Plus - C:\Users\Privat\AppData\Roaming\Mozilla\Firefox\Profiles\chw91qfc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-18]
FF Extension: Tab Mix Plus - C:\Users\Privat\AppData\Roaming\Mozilla\Firefox\Profiles\chw91qfc.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-03-19]
FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\Firefox
FF Extension: Bing Bar - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\Firefox [2014-09-24]
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension
FF Extension: Search Helper Extension - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2014-09-24]
FF HKU\S-1-5-21-459147949-2764265090-3061895288-1001\...\Firefox\Extensions: [{b9aa91db-385d-4c69-8a2f-96790aa9405b}] - c:\program files (x86)\copernic\desktopsearch4\firefoxconnector
FF Extension: Copernic Desktop Search - Search Firefox content - c:\program files (x86)\copernic\desktopsearch4\firefoxconnector [2014-03-16]
FF HKU\S-1-5-21-459147949-2764265090-3061895288-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\tcwohpok.default\extensions\cliqz@cliqz.com
FF HKU\S-1-5-21-459147949-2764265090-3061895288-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF HKU\S-1-5-21-459147949-2764265090-3061895288-1004\...\Firefox\Extensions: [{b9aa91db-385d-4c69-8a2f-96790aa9405b}] - c:\program files (x86)\copernic\desktopsearch4\firefoxconnector

Chrome: 
=======
CHR HKU\S-1-5-21-459147949-2764265090-3061895288-1001\...\Chrome\Extension: [cnnbdaahphjgdgfhliignpepgnbnfomp] - c:\program files (x86)\copernic\desktopsearch4\ChromeConnector\ChromeConnector.crx [2014-11-04]
CHR HKU\S-1-5-21-459147949-2764265090-3061895288-1004\...\Chrome\Extension: [cnnbdaahphjgdgfhliignpepgnbnfomp] - c:\program files (x86)\copernic\desktopsearch4\ChromeConnector\ChromeConnector.crx [2014-11-04]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173272 2013-11-01] (Microsoft Corp.)
S2 CSUService; C:\Program Files\COMODO\COMODO System Utilities\CSUService.exe [347968 2012-02-24] (Comodo Security Solutions, Inc.)
S3 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [1876816 2014-11-05] (SurfRight B.V.)
R2 KlimaLogg Service; C:\Program Files (x86)\KlimaLoggPro\KlimaLoggProService.exe [2480640 2014-05-27] () [File not signed]
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2283296 2014-10-10] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S4 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed]
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S4 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2012-11-13] (Nitro PDF Software)
S4 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3020632 2014-04-04] (Samsung Electronics CO., LTD.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 azvusb; C:\Windows\System32\DRIVERS\azvusb.sys [54784 2009-08-24] (AzureWave Technologies, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-15] (Disc Soft Ltd)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [296736 2014-12-07] (Acronis International GmbH)
R2 hmpalert; C:\Windows\System32\drivers\hmpalert.sys [93144 2014-11-05] ()
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [34056 2014-09-18] (Paragon Software Group)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-11-21] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19936 2010-04-09] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2010-04-09] ()
R3 rtl819xpn64; C:\Windows\System32\DRIVERS\rtl819xp.sys [622624 2010-02-01] (Realtek Semiconductor Corporation                           )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1328928 2014-12-07] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [234784 2014-12-07] (Acronis International GmbH)
R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [102664 2014-09-18] ()
R1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25992 2014-09-18] ()
R1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [700680 2014-09-18] ()
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-16 20:37 - 2014-12-16 20:37 - 00852490 _____ () C:\Users\Privat\Downloads\SecurityCheck.exe
2014-12-16 17:00 - 2014-12-16 17:00 - 00064643 _____ () C:\Users\Privat\AppData\Local\recently-used.xbel
2014-12-16 06:59 - 2014-12-16 07:00 - 00000000 ____D () C:\Users\R\Downloads\ESET Online Scanner
2014-12-15 21:16 - 2014-12-15 20:16 - 00000052 _____ () C:\Users\Privat\Documents\KlimaLoggPro.log
2014-12-15 20:24 - 2014-12-15 20:24 - 00002159 _____ () C:\Users\R\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2014-12-15 20:24 - 2014-12-15 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-12-15 20:24 - 2014-12-15 20:24 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-12-15 20:16 - 2014-12-15 20:19 - 00002393 _____ () C:\ProgramData\KlimaLogg.dat1.tmp
2014-12-15 20:16 - 2014-12-07 16:05 - 00000052 _____ () C:\Users\Privat\Documents\2014_12_15-KlimaLoggPro.log
2014-12-15 19:40 - 2014-12-15 19:40 - 00001155 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-12-15 19:40 - 2014-12-15 19:40 - 00001105 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2014-12-15 19:40 - 2014-12-15 19:40 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-12-15 18:44 - 2014-12-15 18:49 - 00000000 ____D () C:\Users\Privat\Downloads\Windows 7 Ultimate mit SP1 64-Bit deutsch
2014-12-15 16:22 - 2014-12-15 16:26 - 00000000 ____D () C:\Users\Privat\Downloads\Advanced Token Manager
2014-12-15 15:58 - 2014-12-15 18:44 - 00000000 ____D () C:\Users\Privat\Downloads\Windows 7 Ultimate  ohne SP1 in Deutsch
2014-12-15 09:51 - 2014-12-15 09:51 - 00027430 _____ () C:\ComboFix.txt
2014-12-15 09:40 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-12-15 09:40 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-12-15 09:40 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-12-15 09:40 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-12-15 09:40 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-12-15 09:40 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-12-15 09:40 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-12-15 09:40 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-12-15 09:36 - 2014-12-15 09:51 - 00000000 ____D () C:\Qoobox
2014-12-15 09:36 - 2014-12-15 09:49 - 00000000 ____D () C:\Windows\erdnt
2014-12-15 09:30 - 2014-12-15 09:31 - 00000000 ____D () C:\Users\Privat\Downloads\Combofix
2014-12-14 23:08 - 2014-12-14 23:09 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-14 23:08 - 2014-12-14 23:09 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-13 21:52 - 2014-12-13 21:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-12-13 21:52 - 2014-12-13 21:52 - 00001241 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-12-13 17:59 - 2014-12-16 06:56 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-13 17:59 - 2014-12-13 17:59 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-12-13 17:59 - 2014-12-13 17:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-12-13 17:59 - 2014-12-13 17:59 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-12-13 17:59 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-13 17:59 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-13 17:59 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-13 13:24 - 2014-12-16 10:44 - 00016562 _____ () C:\Windows\PFRO.log
2014-12-13 12:51 - 2014-12-13 12:51 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-R-PC-Microsoft-Windows-7-Ultimate-(64-bit).dat
2014-12-13 12:51 - 2014-12-13 12:51 - 00000000 ____D () C:\RegBackup
2014-12-13 08:32 - 2014-12-15 20:23 - 00000000 ____D () C:\Users\Privat\Downloads\Win-Repair
2014-12-12 16:38 - 2014-12-12 16:38 - 00001289 _____ () C:\Users\Public\Desktop\YTD Video Downloader.lnk
2014-12-12 15:19 - 2014-12-12 15:19 - 00347816 _____ (Microsoft Corporation) C:\Users\R\Downloads\MicrosoftFixit.maintenance.RNP.146341819919314831.5.1.Run.exe
2014-12-12 15:16 - 2014-12-12 15:16 - 00347816 _____ (Microsoft Corporation) C:\Users\R\Downloads\MicrosoftFixit.Printing.RNP.146341819919314831.4.1.Run.exe
2014-12-12 15:16 - 2014-12-12 15:16 - 00000000 ____D () C:\Users\R\AppData\Roaming\Nitro PDF
2014-12-12 15:12 - 2014-12-12 15:12 - 00347816 _____ (Microsoft Corporation) C:\Users\R\Downloads\MicrosoftFixit.Search.RNP.146341819919314831.3.1.Run.exe
2014-12-12 15:12 - 2014-12-12 15:12 - 00347816 _____ (Microsoft Corporation) C:\Users\R\Downloads\MicrosoftFixit.malware.RNP.146341819919314831.2.1.Run.exe
2014-12-12 15:11 - 2014-12-12 15:11 - 00347816 _____ (Microsoft Corporation) C:\Users\R\Downloads\MicrosoftFixit.WinSecurity.FISC.146341819919314831.1.2.Run.exe
2014-12-12 14:59 - 2014-12-12 14:59 - 00347816 _____ (Microsoft Corporation) C:\Users\R\Downloads\MicrosoftFixit.ProgramInstallUninstall.FISC.146341819919314831.1.1.Run.exe
2014-12-12 14:55 - 2014-12-12 14:55 - 00347816 _____ (Microsoft Corporation) C:\Users\Privat\Downloads\MicrosoftFixit.ProgramInstallUninstall.FISC.Run.exe
2014-12-12 14:23 - 2014-12-16 20:33 - 00000784 _____ () C:\Windows\setupact.log
2014-12-12 14:23 - 2014-12-12 14:23 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-12 14:20 - 2014-12-12 14:22 - 00000004 _____ () C:\Windows\CSCCompactState
2014-12-12 14:20 - 2014-12-12 14:20 - 00002036 _____ () C:\Windows\hiveList.dmp
2014-12-12 14:09 - 2014-12-12 14:13 - 00002186 _____ () C:\Users\R\Desktop\Entfernen des Avira PC Cleaners.lnk
2014-12-12 14:09 - 2014-12-12 14:13 - 00002130 _____ () C:\Users\R\Desktop\Avira PC Cleaner.lnk
2014-12-12 09:08 - 2014-12-12 09:08 - 00260028 _____ () C:\Users\R\Desktop\sfcdetails.txt
2014-12-12 09:07 - 2014-12-12 09:07 - 00000000 _____ () C:\Users\Privat\Desktop\sfcdetails.txt
2014-12-10 16:47 - 2014-12-10 16:50 - 00000000 ____D () C:\Users\Privat\Downloads\Farbar Recovery Scan Tool FRST64
2014-12-10 14:39 - 2014-12-10 16:04 - 00086676 _____ () C:\sfcdetails.txt
2014-12-10 14:09 - 2014-12-10 14:09 - 00064802 _____ () C:\Users\Privat\Downloads\Extras.Txt
2014-12-10 14:08 - 2014-12-10 14:08 - 00097336 _____ () C:\Users\Privat\Downloads\OTL.Txt
2014-12-10 13:54 - 2014-12-10 13:54 - 00602112 _____ (OldTimer Tools) C:\Users\Privat\Downloads\OTL.exe
2014-12-10 13:44 - 2014-12-10 13:44 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\DesktopDPO-b590ce5c4fa12d0f57bf76ef54d1be94
2014-12-10 13:22 - 2014-12-10 13:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Office-Bibliothek
2014-12-10 13:20 - 2014-12-10 13:22 - 00000000 ____D () C:\Program Files (x86)\Office-Bibliothek
2014-12-10 13:07 - 2014-12-10 13:07 - 04065011 _____ () C:\Users\R\Downloads\EF_Find_7.60.zip
2014-12-10 12:34 - 2014-12-10 12:34 - 03732040 _____ (Microsoft Corporation) C:\Users\Privat\Downloads\OutlookConnector.exe
2014-12-10 11:54 - 2014-12-10 13:16 - 00000000 ____D () C:\Users\Privat\Downloads\HotFix
2014-12-10 07:37 - 2014-12-10 07:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-10 07:32 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 07:32 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 07:27 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 07:27 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 07:27 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 07:27 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 07:27 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 07:27 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 07:27 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 07:27 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 07:27 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 07:27 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 07:27 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 07:27 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 07:27 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 07:27 - 2014-11-22 03:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-10 07:27 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 07:27 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 07:27 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 07:27 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 07:27 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 07:27 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 07:27 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 07:27 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 07:27 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 07:27 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 07:27 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 07:27 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 07:27 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 07:27 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 07:27 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 07:27 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 07:27 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 07:27 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 07:27 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 07:27 - 2014-11-22 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-10 07:27 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 07:27 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 07:27 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 07:27 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 07:27 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 07:27 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 07:27 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 07:27 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 07:27 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 07:27 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 07:27 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 07:27 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 07:27 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 07:27 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 07:27 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 07:27 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 07:27 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 07:27 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 07:27 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 07:27 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 07:27 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 07:27 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 07:26 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 07:26 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 07:26 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 07:26 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 07:26 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 07:26 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 07:26 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 07:26 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-10 07:26 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 07:25 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 07:25 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 07:25 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 07:25 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-10 07:25 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 07:25 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 07:25 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 07:25 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 07:25 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 07:25 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-10 07:25 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 07:25 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-10 07:25 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-10 07:25 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-10 07:23 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 07:23 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-08 07:29 - 2014-12-08 07:29 - 00000000 ____D () C:\Users\Privat\AppData\Local\colorpicker
2014-12-08 07:29 - 2014-12-08 07:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ColorPicker
2014-12-08 07:29 - 2014-12-08 07:29 - 00000000 ____D () C:\Program Files (x86)\ColorPicker
2014-12-08 07:28 - 2014-12-08 07:29 - 01803444 _____ (Cronoxyd.de ) C:\Users\Privat\Downloads\setup.exe
2014-12-07 19:31 - 2014-12-07 19:39 - 00017444 _____ () C:\Users\Privat\Documents\Sicherungskopie von Einzelnachweis DAA 12.2014.wbk
2014-12-07 19:29 - 2014-12-07 19:45 - 00020432 _____ () C:\Users\Privat\Documents\Sicherungskopie von Einzelnachweis DAA 11.2014.wbk
2014-12-07 19:28 - 2014-12-07 19:45 - 00020146 _____ () C:\Users\Privat\Documents\Sicherungskopie von Einzelnachweis DAA 10.2014.wbk
2014-12-07 19:26 - 2014-12-07 19:46 - 00019971 _____ () C:\Users\Privat\Documents\Sicherungskopie von Einzelnachweis DAA 09.2014.wbk
2014-12-07 19:19 - 2014-12-07 19:47 - 00020370 _____ () C:\Users\Privat\Documents\Sicherungskopie von Einzelnachweis DAA 08.2014.wbk
2014-12-07 17:42 - 2014-12-07 19:24 - 00024293 _____ () C:\Users\Privat\Documents\Einzelnachweis DAA GVM.xlsx
2014-12-07 17:10 - 2014-12-07 17:10 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-12-07 17:10 - 2014-12-07 17:10 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-12-07 17:10 - 2014-12-07 17:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-12-07 17:08 - 2014-12-07 17:09 - 14107296 _____ (Microsoft Corporation) C:\Users\Privat\Downloads\mseinstall.exe
2014-12-07 16:35 - 2014-12-07 16:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-12-07 16:05 - 2014-12-02 20:20 - 00000052 _____ () C:\Users\Privat\Documents\2014_12_07-KlimaLoggPro.log
2014-12-07 15:15 - 2014-12-07 15:15 - 00000000 ____D () C:\Users\R\AppData\Roaming\DesktopDPO-b590ce5c4fa12d0f57bf76ef54d1be94
2014-12-07 15:14 - 2014-12-07 15:14 - 00001919 _____ () C:\Users\Public\Desktop\Design&PrintAvery Zweckform.lnk
2014-12-07 15:14 - 2014-12-07 15:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avery Zweckform
2014-12-07 15:09 - 2014-12-07 15:14 - 00000000 ____D () C:\Program Files (x86)\Design&Print
2014-12-07 15:08 - 2014-12-07 15:08 - 00000000 ____D () C:\Users\Privat\Downloads\CD-Eriketten
2014-12-07 12:43 - 2014-12-16 20:58 - 00000000 ____D () C:\Users\Privat\Downloads\FRST 64-Bit
2014-12-07 12:22 - 2014-12-07 12:22 - 00296736 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\file_tracker.sys
2014-12-07 12:22 - 2014-12-07 12:22 - 00234784 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib_mounter.sys
2014-12-07 12:21 - 2014-12-07 12:21 - 01328928 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib.sys
2014-12-07 12:21 - 2014-12-07 12:21 - 00304416 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\snapman.sys
2014-12-07 12:21 - 2014-12-07 12:21 - 00134432 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\fltsrv.sys
2014-12-07 12:21 - 2014-12-07 12:21 - 00001217 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis True Image 2015.lnk
2014-12-07 12:14 - 2014-12-07 12:23 - 00000000 ____D () C:\ProgramData\Acronis
2014-12-07 12:14 - 2014-12-07 12:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2014-12-07 12:14 - 2014-12-07 12:21 - 00000000 ____D () C:\Program Files (x86)\Acronis
2014-12-07 03:57 - 2014-12-07 12:02 - 00000000 ____D () C:\Users\R\Downloads\Acronis-EDV Buchversand
2014-12-07 03:53 - 2014-12-07 03:53 - 00000000 ____D () C:\Users\R\AppData\Roaming\6201DCD5-31C3-42A8-9C56-988BDE234E8F
2014-12-06 21:13 - 2014-12-06 21:13 - 00000000 ____D () C:\Users\R\AppData\Roaming\Acronis
2014-12-06 13:01 - 2014-12-06 13:01 - 00000000 ____D () C:\Program Files\Josip Medved
2014-12-06 13:00 - 2014-12-06 13:00 - 01174352 _____ () C:\Users\Privat\Downloads\VHD Attach - CHIP-Installer.exe
2014-12-05 12:24 - 2014-12-07 17:23 - 00000220 _____ () C:\AdwCleanerDebug.txt
2014-12-03 08:44 - 2014-12-03 08:44 - 00001103 _____ () C:\Users\Privat\Desktop\Bewerbungscoaching.lnk
2014-12-02 20:20 - 2014-11-29 09:06 - 00000052 _____ () C:\Users\Privat\Documents\2014_12_02-KlimaLoggPro.log
2014-11-30 19:28 - 2012-11-11 19:43 - 00175382 _____ () C:\Users\Privat\Documents\Sicherungskopie von 01. und 02.2011.wbk
2014-11-29 09:06 - 2014-11-23 11:49 - 00000052 _____ () C:\Users\Privat\Documents\2014_11_29-KlimaLoggPro.log
2014-11-26 10:56 - 2014-11-26 10:56 - 00000000 ____D () C:\Users\Privat\Documents\Marx, Kati
2014-11-25 21:16 - 2014-12-16 17:07 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-24 06:54 - 2014-11-24 06:54 - 00003584 _____ () C:\Users\Privat\AppData\Local\dcbc2a71-70d8-4dan-ehr8-e0d61dea3fdf.ini
2014-11-23 14:38 - 2014-12-16 20:38 - 01778540 _____ () C:\Windows\WindowsUpdate.log
2014-11-23 14:36 - 2014-12-16 10:45 - 00155280 _____ () C:\Users\Privat\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-23 14:35 - 2014-12-16 06:55 - 00524200 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-23 14:24 - 2014-11-23 14:24 - 00000000 ____D () C:\Users\R\AppData\Roaming\TeamViewer
2014-11-23 11:49 - 2014-11-20 19:50 - 00000052 _____ () C:\Users\Privat\Documents\2014_11_23-KlimaLoggPro.log
2014-11-23 11:37 - 2014-11-23 11:37 - 00000000 ____D () C:\Users\Privat\Downloads\Bitdefender
2014-11-22 11:29 - 2014-11-22 11:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StreamTransport
2014-11-22 11:29 - 2014-11-22 11:29 - 00000000 ____D () C:\Program Files (x86)\StreamTransport
2014-11-22 11:27 - 2014-12-16 09:40 - 00000000 ____D () C:\Users\Privat\Downloads\Streamtransport1.1.6.2
2014-11-22 11:25 - 2014-11-22 11:26 - 17805707 _____ () C:\Users\R\Downloads\streamtransport_1.1.6.2.zip
2014-11-22 11:21 - 2014-11-22 11:21 - 00001093 _____ () C:\Users\R\Desktop\ASIO4ALL v2 Anleitung.lnk
2014-11-20 21:34 - 2014-11-20 21:34 - 00000000 ____D () C:\Users\Privat\AppData\Local\Hola
2014-11-20 19:50 - 2014-11-16 10:35 - 00000052 _____ () C:\Users\Privat\Documents\2014_11_20-KlimaLoggPro.log
2014-11-19 06:43 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 06:43 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 06:43 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 06:43 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-19 04:26 - 2014-11-19 04:26 - 01614504 _____ (Microsoft Corporation) C:\Windows\system32\FM20.DLL
2014-11-18 06:56 - 2014-11-18 20:15 - 00485481 _____ () C:\Users\Privat\Documents\Sicherungskopie von Einladung zum Adventskonzert 2014.wbk
2014-11-17 19:25 - 2014-11-17 19:25 - 00000000 __SHD () C:\Users\Privat\AppData\Local\EmieBrowserModeList
2014-11-16 10:35 - 2014-11-11 08:36 - 00000052 _____ () C:\Users\Privat\Documents\2014_11_16-KlimaLoggPro.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-16 20:58 - 2014-08-11 19:32 - 00000000 ____D () C:\FRST
2014-12-16 20:57 - 2014-03-16 05:03 - 00000000 ____D () C:\Users\R\AppData\Roaming\Notepad++
2014-12-16 20:43 - 2009-07-14 05:45 - 00020592 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-16 20:43 - 2009-07-14 05:45 - 00020592 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-16 20:39 - 2009-07-14 18:58 - 00688842 _____ () C:\Windows\system32\perfh007.dat
2014-12-16 20:39 - 2009-07-14 18:58 - 00146142 _____ () C:\Windows\system32\perfc007.dat
2014-12-16 20:39 - 2009-07-14 06:13 - 01627352 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-16 20:35 - 2014-11-05 18:15 - 00000000 ____D () C:\Windows\CryptoGuard
2014-12-16 20:34 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-16 17:00 - 2014-03-31 09:28 - 00000000 ____D () C:\Users\Privat\.gimp-2.8
2014-12-16 16:50 - 2014-03-31 09:32 - 00000000 ____D () C:\Users\Privat\AppData\Local\gtk-2.0
2014-12-16 09:41 - 2014-03-15 14:47 - 00000000 ____D () C:\Users\Public\Documents\RK_Stick1_01.03.2014
2014-12-16 09:40 - 2014-05-27 14:32 - 00000000 ____D () C:\Users\Privat\Downloads\RarmaRadio
2014-12-16 06:55 - 2009-07-14 19:18 - 00000000 ____D () C:\Windows\CSC
2014-12-16 06:37 - 2009-07-14 03:34 - 00000514 _____ () C:\Windows\win.ini
2014-12-15 20:19 - 2014-10-08 14:57 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\KlimaLoggPro
2014-12-15 20:19 - 2014-10-08 14:45 - 00002393 _____ () C:\ProgramData\KlimaLogg.dat1
2014-12-15 20:06 - 2014-08-28 05:47 - 00000000 ____D () C:\Users\Privat\Downloads\Mbam
2014-12-15 20:04 - 2014-03-17 18:58 - 00000000 ____D () C:\Users\Privat\Documents\Birkenring 40
2014-12-15 19:31 - 2012-08-08 07:54 - 00000000 ____D () C:\Users\Privat\Downloads\Licensecrawler
2014-12-15 18:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-15 16:59 - 2014-03-18 18:51 - 00000000 ____D () C:\Users\Privat\Documents\Outlook-Dateien
2014-12-15 10:08 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-15 09:51 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-12-15 09:47 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-12-15 09:47 - 2009-07-14 03:34 - 00000027 _____ () C:\Windows\system32\Drivers\etc\hosts_bak_690
2014-12-14 23:22 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-14 23:09 - 2009-07-14 19:18 - 00000000 __SHD () C:\Windows\BitLockerDiscoveryVolumeContents
2014-12-14 23:09 - 2009-07-14 19:18 - 00000000 ____D () C:\Program Files\Windows Journal
2014-12-14 23:09 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-12-14 23:09 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-12-14 23:09 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-12-14 23:09 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-12-14 23:09 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\DVD Maker
2014-12-14 23:09 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-12-14 23:09 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-12-14 23:09 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-12-14 23:09 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\sppui
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Setup
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\manifeststore
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\AdvancedInstallers
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sppui
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Setup
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\oobe
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\migwiz
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\manifeststore
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\servicing
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-12-14 22:58 - 2009-07-14 03:36 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2014-12-14 22:58 - 2009-07-14 03:36 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2014-12-13 21:59 - 2014-04-05 10:05 - 00000000 ____D () C:\Users\R\AppData\Roaming\DVDVideoSoft
2014-12-13 21:27 - 2014-08-02 09:26 - 00000000 ____D () C:\AdwCleaner
2014-12-13 13:25 - 2009-07-14 19:18 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-12-13 13:22 - 2014-03-16 16:48 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\vlc
2014-12-13 12:50 - 2014-03-16 05:19 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-13 12:50 - 2014-03-16 05:19 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-13 08:40 - 2014-03-19 11:21 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-12 14:08 - 2014-11-05 12:14 - 00000000 ____D () C:\Users\Privat\Downloads\CCleaner
2014-12-12 13:56 - 2014-11-05 12:15 - 00000000 ____D () C:\Users\Privat\Downloads\CDBurnerXP
2014-12-12 10:54 - 2014-03-17 19:43 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-11 06:21 - 2014-11-15 15:43 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-12-10 17:51 - 2014-05-29 10:04 - 00100352 ___SH () C:\Users\Privat\Thumbs.db
2014-12-10 15:49 - 2014-04-07 15:47 - 00000000 ____D () C:\Program Files (x86)\FileHippo.com
2014-12-10 13:35 - 2014-03-15 17:49 - 00000000 ____D () C:\Users\R
2014-12-10 13:20 - 2014-03-18 21:41 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-10 12:34 - 2014-03-17 16:49 - 00000000 ____D () C:\Program Files (x86)\MSECache
2014-12-10 11:59 - 2014-03-15 18:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-10 07:47 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 07:44 - 2014-03-15 18:28 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 07:37 - 2014-03-16 09:57 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 07:37 - 2014-03-15 18:28 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-09 06:59 - 2014-10-15 19:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paragon Festplatten Manager™ 15 Suite
2014-12-09 06:55 - 2014-08-28 05:56 - 00000000 ____D () C:\Users\R\Downloads\AdwCleaner
2014-12-09 06:55 - 2014-08-28 05:49 - 00000000 ____D () C:\Users\Privat\Downloads\AdwCleaner
2014-12-08 07:07 - 2014-05-28 10:19 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\Nitro PDF
2014-12-07 20:46 - 2014-03-16 10:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-07 17:10 - 2014-03-15 19:04 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-12-07 17:09 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-12-07 16:35 - 2014-08-28 06:00 - 00000000 ____D () C:\Users\R\Downloads\WinRar
2014-12-07 16:35 - 2014-03-16 05:06 - 00000000 ____D () C:\Program Files\WinRAR
2014-12-07 12:37 - 2014-10-16 21:23 - 00000000 ____D () C:\Users\Privat\Desktop\Admi-Tools
2014-12-06 13:29 - 2014-03-16 10:33 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-12-04 07:12 - 2014-10-15 20:02 - 00000000 ____D () C:\Users\R\AppData\Roaming\UseNeXT
2014-12-01 07:23 - 2014-03-16 09:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-11-30 15:40 - 2014-11-11 10:41 - 00000000 ____D () C:\Users\Privat\Desktop\Musik & Video
2014-11-30 15:28 - 2014-04-28 20:23 - 00000000 ____D () C:\Users\Privat\Documents\DVDVideoSoft
2014-11-30 15:28 - 2014-04-28 20:23 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\DVDVideoSoft
2014-11-27 21:38 - 2014-03-18 20:54 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\MyPhoneExplorer
2014-11-27 08:48 - 2014-10-15 20:30 - 00000000 ____D () C:\Program Files\Recuva
2014-11-26 13:56 - 2014-05-27 14:14 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\Nitro
2014-11-25 21:21 - 2014-03-15 19:16 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-25 20:58 - 2014-05-01 00:24 - 00000000 ____D () C:\Users\Public\Documents\Coaching
2014-11-25 19:28 - 2014-10-04 13:02 - 00002244 _____ () C:\Users\Privat\Desktop\Total Commander    64.lnk
2014-11-25 12:47 - 2014-10-10 10:38 - 00000000 ____D () C:\Users\R\Downloads\MailPassView
2014-11-24 13:13 - 2014-03-31 07:47 - 00000000 ____D () C:\Users\Coach\Documents\Coaching
2014-11-24 06:55 - 2014-06-20 10:54 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\Notepad++
2014-11-24 06:55 - 2014-06-13 14:21 - 00000000 ____D () C:\temp
2014-11-24 06:55 - 2014-04-28 21:30 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\dvdcss
2014-11-24 06:54 - 2014-09-06 16:42 - 00000000 ____D () C:\Users\R\SecurityScans
2014-11-24 06:54 - 2014-05-27 07:09 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\HpUpdate
2014-11-24 06:54 - 2014-03-16 16:27 - 00000000 ____D () C:\Users\Privat\AppData\Local\Microsoft Help
2014-11-24 06:53 - 2014-03-15 17:38 - 00000000 ____D () C:\Windows\Panther
2014-11-24 06:51 - 2014-07-23 19:36 - 00000000 ____D () C:\Users\R\AppData\Roaming\Skype
2014-11-24 06:51 - 2014-04-24 16:26 - 00000000 ____D () C:\Users\R\AppData\Roaming\Mp3tag
2014-11-24 06:51 - 2014-04-05 11:05 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\TeamViewer
2014-11-24 06:51 - 2014-03-19 16:10 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\Skype
2014-11-24 06:51 - 2014-03-16 17:29 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\Mp3tag
2014-11-23 15:44 - 2014-04-02 06:38 - 00000000 ___RD () C:\Users\Privat\Documents\HP Photo Creations
2014-11-23 15:42 - 2014-11-11 10:45 - 00000000 ____D () C:\Users\Privat\Desktop\Bildbearbeitung
2014-11-23 14:21 - 2014-11-11 19:59 - 00000000 ____D () C:\Users\R\AppData\Roaming\Abelssoft
2014-11-22 11:21 - 2014-10-17 16:59 - 00000000 ____D () C:\Program Files (x86)\ASIO4ALL v2
2014-11-16 10:37 - 2014-10-10 11:32 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\IObit

Some content of TEMP:
====================
C:\Users\Privat\AppData\Local\temp\Hola-Setup-Plugin-x64-1.5.794.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

--- --- ---

Hallo Schrauber,
habe nach Ende ESET Online Scanner den Rechner runtergefahren
und später neu gebootet. Problemfrei
Nach Ausführung SecurityCheck problemfrei runtergefahren,
beim Hochfahren Crashdump F4.
Starthilfe versuchte Problem zu beheben => Ergebnis nicht raparabel
Systemwiederherstellung abgebrochen mit unbekannten Fehlercode f4
und weiteren Parametern
Fehler läßt sich durch booten reproduzieren
Starten im abgesicherten Modus bringt das gleiche Ergebnis - F4 mit Dump
Letzte funktionierende Konfiguration => F4 mit Dump
Im Moment läuft die Systemwiederherstellung vom gestrigen abend.

Gruß R

Hallo Schrauber,
Systemwiederherstellung brachte Probleme, daher nicht erfolgreich ausgeführt.
Habe dann abermals Starhilfe angefordert: Oh Wunder Windows konnte repariert werden, läuft also.
Sofort Malware byte,dann Superantispy und adnn ADWcleaner laufen lassen.
ADWCleaner bringt trotz Löschauftrag und booten immer wieder 2 Einträge aus der Registry,
werden wohl nicht wirklich (dauerhaft) gelöscht.

Code:
ATTFilter
***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}
         
Hast Du noch eine Aufgabe/Tipp an mich?
Danke R.

Alt 17.12.2014, 20:23   #10
schrauber
/// the machine
/// TB-Ausbilder
 

sfc /scannow reparieren? - Standard

sfc /scannow reparieren?



POste bitte jetzt mal ein frisches FRST log inklusive Addition.txt nach der Startreparatur.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 18.12.2014, 07:29   #11
rk1757
 
sfc /scannow reparieren? - Standard

sfc /scannow reparieren?



Hallo Schrauber,
die im zuvor gennannten Text genannten Einträge, die ADWcleaner nicht wegbekam, sind weg.
Ich habe OTL laufen lassen und mich an folgendem Artikel gehalten.
http://www.trojaner-board.de/119791-...uswertung.html

Hier nun die FRST-Log

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-12-2014
Ran by Privat (ATTENTION: The logged in user is not administrator) on R-PC on 18-12-2014 07:06:14
Running from C:\Users\Privat\Downloads\FRST 64-Bit
Loaded Profile: Privat (Available profiles: R & Coach & Privat)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Citrix Systems, Inc.) C:\Users\Privat\AppData\Local\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Users\Privat\AppData\Local\Program Files\Citrix\Receiver\Receiver.exe
(Citrix Systems, Inc.) C:\Users\Privat\AppData\Local\Citrix\ICA Client\wfcrun32.exe
(Citrix Systems, Inc.) C:\Users\Privat\AppData\Local\Citrix\SelfService\Program Files\SelfServicePlugin.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hola Networks Ltd.) C:\Users\Privat\AppData\Local\Hola\firefox\app\hola_plugin.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKU\S-1-5-21-459147949-2764265090-3061895288-1004\...\Run: [ConnectionCenter] => C:\Users\Privat\AppData\Local\Citrix\ICA Client\concentr.exe [395656 2013-10-01] (Citrix Systems, Inc.)
HKU\S-1-5-21-459147949-2764265090-3061895288-1004\...\RunOnce: [Adobe Speed Launcher] => 1418829470
HKU\S-1-5-21-459147949-2764265090-3061895288-1004\...\MountPoints2: {d5b1e588-28fd-11e4-99a0-002454164d61} - H:\AutoRun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\Users\Privat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
BootExecute: autocheck autochk * ???PowerRemov??PowerRemover.eService\SWMAgent. 'Win32_Process'?PowerRemover.e??PowerRemover.e???PowerRemover

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-459147949-2764265090-3061895288-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-459147949-2764265090-3061895288-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-459147949-2764265090-3061895288-1004 -> {E2F142F7-A180-4898-98E3-6543ADCC6CD9} URL = hxxp://www.sm.de/?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Privat\AppData\Roaming\Mozilla\Firefox\Profiles\chw91qfc.default
FF NewTab: Home
FF Homepage: www.google.de|www.yahoo.de|www.ard-text.de|www.n24.de|hxxp://www.wissenschaft-aktuell.de/|hxxp://translate.google.de/|hxxp://www.wetteronline.de/wetter/mecklenburg-vorpommern|https://mail.daa.de|hxxp://www.tvtoday.de/tv-programm/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpWinExt,version=5.0 -> C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-459147949-2764265090-3061895288-1004: @Citrix.com/npican -> C:\Users\Privat\AppData\Local\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Extension: Hola Better Internet - C:\Users\Privat\AppData\Roaming\Mozilla\Firefox\Profiles\chw91qfc.default\Extensions\jid1-4P0kohSJxU1qGg@jetpack [2014-12-18]
FF Extension: Adblock Plus - C:\Users\Privat\AppData\Roaming\Mozilla\Firefox\Profiles\chw91qfc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-18]
FF Extension: Tab Mix Plus - C:\Users\Privat\AppData\Roaming\Mozilla\Firefox\Profiles\chw91qfc.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-03-19]
FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\Firefox
FF Extension: Bing Bar - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\Firefox [2014-09-24]
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension
FF Extension: Search Helper Extension - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2014-09-24]
FF HKU\S-1-5-21-459147949-2764265090-3061895288-1004\...\Firefox\Extensions: [{b9aa91db-385d-4c69-8a2f-96790aa9405b}] - c:\program files (x86)\copernic\desktopsearch4\firefoxconnector
FF Extension: Copernic Desktop Search - Search Firefox content - c:\program files (x86)\copernic\desktopsearch4\firefoxconnector [2014-03-16]

Chrome: 
=======
CHR HKU\S-1-5-21-459147949-2764265090-3061895288-1004\...\Chrome\Extension: [cnnbdaahphjgdgfhliignpepgnbnfomp] - c:\program files (x86)\copernic\desktopsearch4\ChromeConnector\ChromeConnector.crx [2014-11-04]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173272 2013-11-01] (Microsoft Corp.)
S2 CSUService; C:\Program Files\COMODO\COMODO System Utilities\CSUService.exe [347968 2012-02-24] (Comodo Security Solutions, Inc.)
S3 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [1876816 2014-11-05] (SurfRight B.V.)
R2 KlimaLogg Service; C:\Program Files (x86)\KlimaLoggPro\KlimaLoggProService.exe [2480640 2014-05-27] () [File not signed]
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2283296 2014-10-10] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S4 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S4 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2012-11-13] (Nitro PDF Software)
S4 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3020632 2014-04-04] (Samsung Electronics CO., LTD.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 azvusb; C:\Windows\System32\DRIVERS\azvusb.sys [54784 2009-08-24] (AzureWave Technologies, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-15] (Disc Soft Ltd)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [296736 2014-12-07] (Acronis International GmbH)
R2 hmpalert; C:\Windows\System32\drivers\hmpalert.sys [93144 2014-11-05] ()
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [34056 2014-09-18] (Paragon Software Group)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-11-21] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-17] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19936 2010-04-09] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2010-04-09] ()
R3 rtl819xpn64; C:\Windows\System32\DRIVERS\rtl819xp.sys [622624 2010-02-01] (Realtek Semiconductor Corporation                           )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1328928 2014-12-07] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [234784 2014-12-07] (Acronis International GmbH)
R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [102664 2014-09-18] ()
R1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25992 2014-09-18] ()
R1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [700680 2014-09-18] ()
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-17 07:16 - 2014-12-17 07:16 - 00000000 ____D () C:\_OTL
2014-12-17 07:14 - 2014-12-17 07:14 - 00602112 _____ (OldTimer Tools) C:\Users\R\Downloads\OTL.exe
2014-12-17 07:08 - 2014-12-17 07:12 - 00002114 _____ () C:\Users\R\Desktop\Rkill.txt
2014-12-17 07:07 - 2014-12-17 07:07 - 01940728 _____ (Bleeping Computer, LLC) C:\Users\R\Downloads\rkill.exe
2014-12-16 23:23 - 2014-12-17 07:19 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-16 23:22 - 2014-12-16 23:24 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-12-16 23:22 - 2014-12-16 23:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-12-16 23:22 - 2014-12-16 23:24 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-12-16 23:22 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-16 23:22 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-16 23:22 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-16 17:00 - 2014-12-16 17:00 - 00064643 _____ () C:\Users\Privat\AppData\Local\recently-used.xbel
2014-12-15 21:16 - 2014-12-15 20:16 - 00000052 _____ () C:\Users\Privat\Documents\KlimaLoggPro.log
2014-12-15 20:24 - 2014-12-15 20:24 - 00002159 _____ () C:\Users\R\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2014-12-15 20:24 - 2014-12-15 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-12-15 20:24 - 2014-12-15 20:24 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-12-15 20:16 - 2014-12-15 20:19 - 00002393 _____ () C:\ProgramData\KlimaLogg.dat1.tmp
2014-12-15 20:16 - 2014-12-07 16:05 - 00000052 _____ () C:\Users\Privat\Documents\2014_12_15-KlimaLoggPro.log
2014-12-15 18:44 - 2014-12-15 18:49 - 00000000 ____D () C:\Users\Privat\Downloads\Windows 7 Ultimate mit SP1 64-Bit deutsch
2014-12-15 16:22 - 2014-12-15 16:26 - 00000000 ____D () C:\Users\Privat\Downloads\Advanced Token Manager
2014-12-15 15:58 - 2014-12-15 18:44 - 00000000 ____D () C:\Users\Privat\Downloads\Windows 7 Ultimate  ohne SP1 in Deutsch
2014-12-15 09:51 - 2014-12-15 09:51 - 00027430 _____ () C:\ComboFix.txt
2014-12-15 09:40 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-12-15 09:40 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-12-15 09:40 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-12-15 09:40 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-12-15 09:40 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-12-15 09:40 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-12-15 09:40 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-12-15 09:40 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-12-15 09:36 - 2014-12-15 09:51 - 00000000 ____D () C:\Qoobox
2014-12-15 09:36 - 2014-12-15 09:49 - 00000000 ____D () C:\Windows\erdnt
2014-12-15 09:30 - 2014-12-15 09:31 - 00000000 ____D () C:\Users\Privat\Downloads\Combofix
2014-12-14 23:08 - 2014-12-14 23:09 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-14 23:08 - 2014-12-14 23:09 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-13 21:52 - 2014-12-13 21:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-12-13 21:52 - 2014-12-13 21:52 - 00001241 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-12-13 13:24 - 2014-12-17 07:01 - 00016096 _____ () C:\Windows\PFRO.log
2014-12-13 12:51 - 2014-12-13 12:51 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-R-PC-Microsoft-Windows-7-Ultimate-(64-bit).dat
2014-12-13 12:51 - 2014-12-13 12:51 - 00000000 ____D () C:\RegBackup
2014-12-13 08:32 - 2014-12-15 20:23 - 00000000 ____D () C:\Users\Privat\Downloads\Win-Repair
2014-12-12 16:38 - 2014-12-12 16:38 - 00001289 _____ () C:\Users\Public\Desktop\YTD Video Downloader.lnk
2014-12-12 15:19 - 2014-12-12 15:19 - 00347816 _____ (Microsoft Corporation) C:\Users\R\Downloads\MicrosoftFixit.maintenance.RNP.146341819919314831.5.1.Run.exe
2014-12-12 15:16 - 2014-12-12 15:16 - 00347816 _____ (Microsoft Corporation) C:\Users\R\Downloads\MicrosoftFixit.Printing.RNP.146341819919314831.4.1.Run.exe
2014-12-12 15:16 - 2014-12-12 15:16 - 00000000 ____D () C:\Users\R\AppData\Roaming\Nitro PDF
2014-12-12 15:12 - 2014-12-12 15:12 - 00347816 _____ (Microsoft Corporation) C:\Users\R\Downloads\MicrosoftFixit.Search.RNP.146341819919314831.3.1.Run.exe
2014-12-12 15:12 - 2014-12-12 15:12 - 00347816 _____ (Microsoft Corporation) C:\Users\R\Downloads\MicrosoftFixit.malware.RNP.146341819919314831.2.1.Run.exe
2014-12-12 15:11 - 2014-12-12 15:11 - 00347816 _____ (Microsoft Corporation) C:\Users\R\Downloads\MicrosoftFixit.WinSecurity.FISC.146341819919314831.1.2.Run.exe
2014-12-12 14:59 - 2014-12-12 14:59 - 00347816 _____ (Microsoft Corporation) C:\Users\R\Downloads\MicrosoftFixit.ProgramInstallUninstall.FISC.146341819919314831.1.1.Run.exe
2014-12-12 14:55 - 2014-12-12 14:55 - 00347816 _____ (Microsoft Corporation) C:\Users\Privat\Downloads\MicrosoftFixit.ProgramInstallUninstall.FISC.Run.exe
2014-12-12 14:23 - 2014-12-17 16:17 - 00001176 _____ () C:\Windows\setupact.log
2014-12-12 14:23 - 2014-12-12 14:23 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-12 14:20 - 2014-12-12 14:22 - 00000004 _____ () C:\Windows\CSCCompactState
2014-12-12 14:20 - 2014-12-12 14:20 - 00002036 _____ () C:\Windows\hiveList.dmp
2014-12-12 14:09 - 2014-12-12 14:13 - 00002186 _____ () C:\Users\R\Desktop\Entfernen des Avira PC Cleaners.lnk
2014-12-12 14:09 - 2014-12-12 14:13 - 00002130 _____ () C:\Users\R\Desktop\Avira PC Cleaner.lnk
2014-12-12 09:08 - 2014-12-12 09:08 - 00260028 _____ () C:\Users\R\Desktop\sfcdetails.txt
2014-12-12 09:07 - 2014-12-12 09:07 - 00000000 _____ () C:\Users\Privat\Desktop\sfcdetails.txt
2014-12-10 16:47 - 2014-12-10 16:50 - 00000000 ____D () C:\Users\Privat\Downloads\Farbar Recovery Scan Tool FRST64
2014-12-10 14:39 - 2014-12-10 16:04 - 00086676 _____ () C:\sfcdetails.txt
2014-12-10 14:09 - 2014-12-10 14:09 - 00064802 _____ () C:\Users\Privat\Downloads\Extras.Txt
2014-12-10 14:08 - 2014-12-10 14:08 - 00097336 _____ () C:\Users\Privat\Downloads\OTL.Txt
2014-12-10 13:54 - 2014-12-10 13:54 - 00602112 _____ (OldTimer Tools) C:\Users\Privat\Downloads\OTL.exe
2014-12-10 13:44 - 2014-12-10 13:44 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\DesktopDPO-b590ce5c4fa12d0f57bf76ef54d1be94
2014-12-10 13:22 - 2014-12-10 13:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Office-Bibliothek
2014-12-10 13:20 - 2014-12-10 13:22 - 00000000 ____D () C:\Program Files (x86)\Office-Bibliothek
2014-12-10 13:07 - 2014-12-10 13:07 - 04065011 _____ () C:\Users\R\Downloads\EF_Find_7.60.zip
2014-12-10 12:34 - 2014-12-10 12:34 - 03732040 _____ (Microsoft Corporation) C:\Users\Privat\Downloads\OutlookConnector.exe
2014-12-10 11:54 - 2014-12-10 13:16 - 00000000 ____D () C:\Users\Privat\Downloads\HotFix
2014-12-10 07:37 - 2014-12-10 07:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-10 07:32 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 07:32 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 07:27 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 07:27 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 07:27 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 07:27 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 07:27 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 07:27 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 07:27 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 07:27 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 07:27 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 07:27 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 07:27 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 07:27 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 07:27 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 07:27 - 2014-11-22 03:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-10 07:27 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 07:27 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 07:27 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 07:27 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 07:27 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 07:27 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 07:27 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 07:27 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 07:27 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 07:27 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 07:27 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 07:27 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 07:27 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 07:27 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 07:27 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 07:27 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 07:27 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 07:27 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 07:27 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 07:27 - 2014-11-22 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-10 07:27 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 07:27 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 07:27 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 07:27 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 07:27 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 07:27 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 07:27 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 07:27 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 07:27 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 07:27 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 07:27 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 07:27 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 07:27 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 07:27 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 07:27 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 07:27 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 07:27 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 07:27 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 07:27 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 07:27 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 07:27 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 07:27 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 07:26 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 07:26 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 07:26 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 07:26 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 07:26 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 07:26 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 07:26 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 07:26 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-10 07:26 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 07:25 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 07:25 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 07:25 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 07:25 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-10 07:25 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 07:25 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 07:25 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 07:25 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 07:25 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 07:25 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-10 07:25 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 07:25 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-10 07:25 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-10 07:25 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-10 07:23 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 07:23 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-08 07:29 - 2014-12-08 07:29 - 00000000 ____D () C:\Users\Privat\AppData\Local\colorpicker
2014-12-08 07:29 - 2014-12-08 07:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ColorPicker
2014-12-08 07:29 - 2014-12-08 07:29 - 00000000 ____D () C:\Program Files (x86)\ColorPicker
2014-12-08 07:28 - 2014-12-08 07:29 - 01803444 _____ (Cronoxyd.de ) C:\Users\Privat\Downloads\setup.exe
2014-12-07 19:31 - 2014-12-07 19:39 - 00017444 _____ () C:\Users\Privat\Documents\Sicherungskopie von Einzelnachweis DAA 12.2014.wbk
2014-12-07 19:29 - 2014-12-07 19:45 - 00020432 _____ () C:\Users\Privat\Documents\Sicherungskopie von Einzelnachweis DAA 11.2014.wbk
2014-12-07 19:28 - 2014-12-07 19:45 - 00020146 _____ () C:\Users\Privat\Documents\Sicherungskopie von Einzelnachweis DAA 10.2014.wbk
2014-12-07 19:26 - 2014-12-07 19:46 - 00019971 _____ () C:\Users\Privat\Documents\Sicherungskopie von Einzelnachweis DAA 09.2014.wbk
2014-12-07 19:19 - 2014-12-07 19:47 - 00020370 _____ () C:\Users\Privat\Documents\Sicherungskopie von Einzelnachweis DAA 08.2014.wbk
2014-12-07 17:42 - 2014-12-07 19:24 - 00024293 _____ () C:\Users\Privat\Documents\Einzelnachweis DAA GVM.xlsx
2014-12-07 17:10 - 2014-12-07 17:10 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-12-07 17:10 - 2014-12-07 17:10 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-12-07 17:10 - 2014-12-07 17:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-12-07 17:08 - 2014-12-07 17:09 - 14107296 _____ (Microsoft Corporation) C:\Users\Privat\Downloads\mseinstall.exe
2014-12-07 16:35 - 2014-12-07 16:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-12-07 16:05 - 2014-12-02 20:20 - 00000052 _____ () C:\Users\Privat\Documents\2014_12_07-KlimaLoggPro.log
2014-12-07 15:15 - 2014-12-07 15:15 - 00000000 ____D () C:\Users\R\AppData\Roaming\DesktopDPO-b590ce5c4fa12d0f57bf76ef54d1be94
2014-12-07 15:14 - 2014-12-07 15:14 - 00001919 _____ () C:\Users\Public\Desktop\Design&PrintAvery Zweckform.lnk
2014-12-07 15:14 - 2014-12-07 15:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avery Zweckform
2014-12-07 15:09 - 2014-12-07 15:14 - 00000000 ____D () C:\Program Files (x86)\Design&Print
2014-12-07 15:08 - 2014-12-07 15:08 - 00000000 ____D () C:\Users\Privat\Downloads\CD-Eriketten
2014-12-07 12:43 - 2014-12-18 07:06 - 00000000 ____D () C:\Users\Privat\Downloads\FRST 64-Bit
2014-12-07 12:22 - 2014-12-07 12:22 - 00296736 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\file_tracker.sys
2014-12-07 12:22 - 2014-12-07 12:22 - 00234784 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib_mounter.sys
2014-12-07 12:21 - 2014-12-07 12:21 - 01328928 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib.sys
2014-12-07 12:21 - 2014-12-07 12:21 - 00304416 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\snapman.sys
2014-12-07 12:21 - 2014-12-07 12:21 - 00134432 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\fltsrv.sys
2014-12-07 12:21 - 2014-12-07 12:21 - 00001217 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis True Image 2015.lnk
2014-12-07 12:14 - 2014-12-07 12:23 - 00000000 ____D () C:\ProgramData\Acronis
2014-12-07 12:14 - 2014-12-07 12:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2014-12-07 12:14 - 2014-12-07 12:21 - 00000000 ____D () C:\Program Files (x86)\Acronis
2014-12-07 03:57 - 2014-12-07 12:02 - 00000000 ____D () C:\Users\R\Downloads\Acronis-EDV Buchversand
2014-12-07 03:53 - 2014-12-07 03:53 - 00000000 ____D () C:\Users\R\AppData\Roaming\6201DCD5-31C3-42A8-9C56-988BDE234E8F
2014-12-06 21:13 - 2014-12-06 21:13 - 00000000 ____D () C:\Users\R\AppData\Roaming\Acronis
2014-12-06 13:01 - 2014-12-06 13:01 - 00000000 ____D () C:\Program Files\Josip Medved
2014-12-06 13:00 - 2014-12-06 13:00 - 01174352 _____ () C:\Users\Privat\Downloads\VHD Attach - CHIP-Installer.exe
2014-12-05 12:24 - 2014-12-07 17:23 - 00000220 _____ () C:\AdwCleanerDebug.txt
2014-12-03 08:44 - 2014-12-03 08:44 - 00001103 _____ () C:\Users\Privat\Desktop\Bewerbungscoaching.lnk
2014-12-02 20:20 - 2014-11-29 09:06 - 00000052 _____ () C:\Users\Privat\Documents\2014_12_02-KlimaLoggPro.log
2014-11-30 19:28 - 2012-11-11 19:43 - 00175382 _____ () C:\Users\Privat\Documents\Sicherungskopie von 01. und 02.2011.wbk
2014-11-29 09:06 - 2014-11-23 11:49 - 00000052 _____ () C:\Users\Privat\Documents\2014_11_29-KlimaLoggPro.log
2014-11-26 10:56 - 2014-11-26 10:56 - 00000000 ____D () C:\Users\Privat\Documents\Marx, Kati
2014-11-25 21:16 - 2014-12-18 07:07 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-24 06:54 - 2014-11-24 06:54 - 00003584 _____ () C:\Users\Privat\AppData\Local\dcbc2a71-70d8-4dan-ehr8-e0d61dea3fdf.ini
2014-11-23 14:38 - 2014-12-18 02:10 - 01770001 _____ () C:\Windows\WindowsUpdate.log
2014-11-23 14:36 - 2014-12-17 00:12 - 00155280 _____ () C:\Users\Privat\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-23 14:35 - 2014-12-15 09:34 - 00524200 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-23 14:24 - 2014-11-23 14:24 - 00000000 ____D () C:\Users\R\AppData\Roaming\TeamViewer
2014-11-23 11:49 - 2014-11-20 19:50 - 00000052 _____ () C:\Users\Privat\Documents\2014_11_23-KlimaLoggPro.log
2014-11-23 11:37 - 2014-11-23 11:37 - 00000000 ____D () C:\Users\Privat\Downloads\Bitdefender
2014-11-22 11:29 - 2014-11-22 11:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StreamTransport
2014-11-22 11:29 - 2014-11-22 11:29 - 00000000 ____D () C:\Program Files (x86)\StreamTransport
2014-11-22 11:27 - 2014-12-16 23:10 - 00000000 ____D () C:\Users\Privat\Downloads\Streamtransport1.1.6.2
2014-11-22 11:25 - 2014-11-22 11:26 - 17805707 _____ () C:\Users\R\Downloads\streamtransport_1.1.6.2.zip
2014-11-22 11:21 - 2014-11-22 11:21 - 00001093 _____ () C:\Users\R\Desktop\ASIO4ALL v2 Anleitung.lnk
2014-11-20 21:34 - 2014-11-20 21:34 - 00000000 ____D () C:\Users\Privat\AppData\Local\Hola
2014-11-20 19:50 - 2014-11-16 10:35 - 00000052 _____ () C:\Users\Privat\Documents\2014_11_20-KlimaLoggPro.log
2014-11-19 06:43 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 06:43 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 06:43 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 06:43 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-19 04:26 - 2014-11-19 04:26 - 01614504 _____ (Microsoft Corporation) C:\Windows\system32\FM20.DLL
2014-11-18 06:56 - 2014-11-18 20:15 - 00485481 _____ () C:\Users\Privat\Documents\Sicherungskopie von Einladung zum Adventskonzert 2014.wbk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-18 07:06 - 2014-08-11 19:32 - 00000000 ____D () C:\FRST
2014-12-18 07:05 - 2014-11-05 18:15 - 00000000 ____D () C:\Windows\CryptoGuard
2014-12-18 07:05 - 2014-03-18 18:51 - 00000000 ____D () C:\Users\Privat\Documents\Outlook-Dateien
2014-12-17 16:22 - 2009-07-14 05:45 - 00020592 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-17 16:22 - 2009-07-14 05:45 - 00020592 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-17 16:21 - 2009-07-14 18:58 - 00702704 _____ () C:\Windows\system32\perfh007.dat
2014-12-17 16:21 - 2009-07-14 18:58 - 00150312 _____ () C:\Windows\system32\perfc007.dat
2014-12-17 16:21 - 2009-07-14 06:13 - 01627352 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-17 16:17 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-17 11:52 - 2014-03-16 16:48 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\vlc
2014-12-17 09:32 - 2014-03-17 18:58 - 00000000 ____D () C:\Users\Privat\Documents\Birkenring 40
2014-12-17 07:38 - 2014-11-15 15:43 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-12-17 07:30 - 2014-08-02 09:26 - 00000000 ____D () C:\AdwCleaner
2014-12-16 23:12 - 2014-03-15 17:49 - 00000000 ____D () C:\Users\R
2014-12-16 23:11 - 2014-09-13 06:07 - 00000000 ____D () C:\Windows\Minidump
2014-12-16 23:10 - 2014-05-27 14:32 - 00000000 ____D () C:\Users\Privat\Downloads\RarmaRadio
2014-12-16 23:10 - 2014-03-31 09:32 - 00000000 ____D () C:\Users\Privat\AppData\Local\gtk-2.0
2014-12-16 23:10 - 2014-03-16 16:27 - 00000000 ____D () C:\Users\Privat
2014-12-16 23:10 - 2014-03-16 15:52 - 00000000 ____D () C:\Users\Coach
2014-12-16 23:10 - 2014-03-15 14:47 - 00000000 ____D () C:\Users\Public\Documents\RK_Stick1_01.03.2014
2014-12-16 23:10 - 2009-07-14 19:18 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-12-16 23:09 - 2014-11-11 10:17 - 00000000 ____D () C:\Users\R\Downloads\Streamtransport
2014-12-16 23:09 - 2014-09-08 17:44 - 00000000 ____D () C:\Users\R\AppData\Roaming\0F1L1I1P0H1L1E1E1F
2014-12-16 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-12-16 20:57 - 2014-03-16 05:03 - 00000000 ____D () C:\Users\R\AppData\Roaming\Notepad++
2014-12-16 17:00 - 2014-03-31 09:28 - 00000000 ____D () C:\Users\Privat\.gimp-2.8
2014-12-16 06:55 - 2009-07-14 19:18 - 00000000 ____D () C:\Windows\CSC
2014-12-15 20:19 - 2014-10-08 14:57 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\KlimaLoggPro
2014-12-15 20:19 - 2014-10-08 14:45 - 00002393 _____ () C:\ProgramData\KlimaLogg.dat1
2014-12-15 20:06 - 2014-08-28 05:47 - 00000000 ____D () C:\Users\Privat\Downloads\Mbam
2014-12-15 19:31 - 2012-08-08 07:54 - 00000000 ____D () C:\Users\Privat\Downloads\Licensecrawler
2014-12-15 18:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-15 10:08 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-15 09:51 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-12-15 09:47 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-12-14 23:22 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-14 23:09 - 2009-07-14 19:18 - 00000000 __SHD () C:\Windows\BitLockerDiscoveryVolumeContents
2014-12-14 23:09 - 2009-07-14 19:18 - 00000000 ____D () C:\Program Files\Windows Journal
2014-12-14 23:09 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-12-14 23:09 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-12-14 23:09 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-12-14 23:09 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-12-14 23:09 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\DVD Maker
2014-12-14 23:09 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-12-14 23:09 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-12-14 23:09 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-12-14 23:09 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\sppui
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Setup
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\manifeststore
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\AdvancedInstallers
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sppui
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Setup
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\oobe
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\migwiz
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\manifeststore
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\servicing
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-12-14 22:58 - 2009-07-14 03:36 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2014-12-14 22:58 - 2009-07-14 03:36 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2014-12-13 21:59 - 2014-04-05 10:05 - 00000000 ____D () C:\Users\R\AppData\Roaming\DVDVideoSoft
2014-12-13 13:17 - 2009-07-14 03:34 - 00000514 _____ () C:\Windows\win.ini
2014-12-13 12:50 - 2014-03-16 05:19 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-13 12:50 - 2014-03-16 05:19 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-13 08:40 - 2014-03-19 11:21 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-12 14:08 - 2014-11-05 12:14 - 00000000 ____D () C:\Users\Privat\Downloads\CCleaner
2014-12-12 13:56 - 2014-11-05 12:15 - 00000000 ____D () C:\Users\Privat\Downloads\CDBurnerXP
2014-12-12 10:54 - 2014-03-17 19:43 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-10 17:51 - 2014-05-29 10:04 - 00100352 ___SH () C:\Users\Privat\Thumbs.db
2014-12-10 15:49 - 2014-04-07 15:47 - 00000000 ____D () C:\Program Files (x86)\FileHippo.com
2014-12-10 13:20 - 2014-03-18 21:41 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-10 12:34 - 2014-03-17 16:49 - 00000000 ____D () C:\Program Files (x86)\MSECache
2014-12-10 11:59 - 2014-03-15 18:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-10 07:47 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 07:44 - 2014-03-15 18:28 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 07:37 - 2014-03-16 09:57 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 07:37 - 2014-03-15 18:28 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-09 06:59 - 2014-10-15 19:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paragon Festplatten Manager™ 15 Suite
2014-12-09 06:55 - 2014-08-28 05:56 - 00000000 ____D () C:\Users\R\Downloads\AdwCleaner
2014-12-09 06:55 - 2014-08-28 05:49 - 00000000 ____D () C:\Users\Privat\Downloads\AdwCleaner
2014-12-08 07:07 - 2014-05-28 10:19 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\Nitro PDF
2014-12-07 20:46 - 2014-03-16 10:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-07 17:10 - 2014-03-15 19:04 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-12-07 17:09 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-12-07 16:35 - 2014-08-28 06:00 - 00000000 ____D () C:\Users\R\Downloads\WinRar
2014-12-07 16:35 - 2014-03-16 05:06 - 00000000 ____D () C:\Program Files\WinRAR
2014-12-07 12:37 - 2014-10-16 21:23 - 00000000 ____D () C:\Users\Privat\Desktop\Admi-Tools
2014-12-06 13:29 - 2014-03-16 10:33 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-12-04 07:12 - 2014-10-15 20:02 - 00000000 ____D () C:\Users\R\AppData\Roaming\UseNeXT
2014-12-01 07:23 - 2014-03-16 09:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-11-30 15:40 - 2014-11-11 10:41 - 00000000 ____D () C:\Users\Privat\Desktop\Musik & Video
2014-11-30 15:28 - 2014-04-28 20:23 - 00000000 ____D () C:\Users\Privat\Documents\DVDVideoSoft
2014-11-30 15:28 - 2014-04-28 20:23 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\DVDVideoSoft
2014-11-27 21:38 - 2014-03-18 20:54 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\MyPhoneExplorer
2014-11-27 08:48 - 2014-10-15 20:30 - 00000000 ____D () C:\Program Files\Recuva
2014-11-26 13:56 - 2014-05-27 14:14 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\Nitro
2014-11-25 21:21 - 2014-03-15 19:16 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-25 20:58 - 2014-05-01 00:24 - 00000000 ____D () C:\Users\Public\Documents\Coaching
2014-11-25 19:28 - 2014-10-04 13:02 - 00002244 _____ () C:\Users\Privat\Desktop\Total Commander    64.lnk
2014-11-25 12:47 - 2014-10-10 10:38 - 00000000 ____D () C:\Users\R\Downloads\MailPassView
2014-11-24 13:13 - 2014-03-31 07:47 - 00000000 ____D () C:\Users\Coach\Documents\Coaching
2014-11-24 06:55 - 2014-06-20 10:54 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\Notepad++
2014-11-24 06:55 - 2014-06-13 14:21 - 00000000 ____D () C:\temp
2014-11-24 06:55 - 2014-04-28 21:30 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\dvdcss
2014-11-24 06:54 - 2014-09-06 16:42 - 00000000 ____D () C:\Users\R\SecurityScans
2014-11-24 06:54 - 2014-05-27 07:09 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\HpUpdate
2014-11-24 06:54 - 2014-03-16 16:27 - 00000000 ____D () C:\Users\Privat\AppData\Local\Microsoft Help
2014-11-24 06:53 - 2014-03-15 17:38 - 00000000 ____D () C:\Windows\Panther
2014-11-24 06:51 - 2014-07-23 19:36 - 00000000 ____D () C:\Users\R\AppData\Roaming\Skype
2014-11-24 06:51 - 2014-04-24 16:26 - 00000000 ____D () C:\Users\R\AppData\Roaming\Mp3tag
2014-11-24 06:51 - 2014-04-05 11:05 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\TeamViewer
2014-11-24 06:51 - 2014-03-19 16:10 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\Skype
2014-11-24 06:51 - 2014-03-16 17:29 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\Mp3tag
2014-11-23 15:44 - 2014-04-02 06:38 - 00000000 ___RD () C:\Users\Privat\Documents\HP Photo Creations
2014-11-23 15:42 - 2014-11-11 10:45 - 00000000 ____D () C:\Users\Privat\Desktop\Bildbearbeitung
2014-11-23 14:21 - 2014-11-11 19:59 - 00000000 ____D () C:\Users\R\AppData\Roaming\Abelssoft
2014-11-22 11:21 - 2014-10-17 16:59 - 00000000 ____D () C:\Program Files (x86)\ASIO4ALL v2

Some content of TEMP:
====================
C:\Users\Privat\AppData\Local\temp\Hola-Setup-Plugin-x64-1.5.806.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

Gruß R.

ergänzende Mitteilung:
nach FRST-log noch ein anstehendes IE-Update eingespielt.
Versuch den User abzumelden bringt Fehler "Initialisierungprozess nicht möglich"
Daraufhin hartes herunterfahren. Versuch des Neustartes bringt wieder ... F4 Chrash>Dump.

Gruß R.

Alt 18.12.2014, 21:07   #12
schrauber
/// the machine
/// TB-Ausbilder
 

sfc /scannow reparieren? - Standard

sfc /scannow reparieren?



Lade Dir bitte Bluescreenview und installiere es:
BlueScreenView - Download - Filepony

Öffnen und den aktuellsten Dump analysieren lassen (macht das Tool automatisch).
Output hier posten.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu sfc /scannow reparieren?
aktuelle, aktuellen, fehlercode 0x5, fehlercode 0x80070490, fehlercode 22, neuinstallation, nsis/startpage.cc, probleme, reparieren, sfc_/scannow, this device is disabled. (code 22), ultimate, win32/cnetinstaller.b, win32/downware.l, win32/downware.w, win32/installcore.pc, win32/installcore.ue, win32/somoto.q, win32/toolbar.babylon.p, win32/toolbar.babylon.q, windows 7, windows-explorer



Ähnliche Themen: sfc /scannow reparieren?


  1. sfc /scannow
    Alles rund um Windows - 01.09.2015 (16)
  2. sfc /scannow: Ressourcenschutz hat beschädigte Dateien gefunden
    Diskussionsforum - 19.06.2015 (28)
  3. Frage zu MBR von Vista reparieren
    Alles rund um Windows - 01.05.2014 (3)
  4. TRAtrap.gen2 MBR reparieren?
    Log-Analyse und Auswertung - 01.11.2012 (25)
  5. Beschädigte Fotos reparieren
    Plagegeister aller Art und deren Bekämpfung - 15.07.2012 (1)
  6. MBR Regenerator - Windows 7 MBR reparieren
    Anleitungen, FAQs & Links - 03.09.2011 (2)
  7. BKA Virus - Beschädigungen reparieren
    Plagegeister aller Art und deren Bekämpfung - 29.08.2011 (2)
  8. TR/Dropper.Gen - Wie entfernen/reparieren?
    Plagegeister aller Art und deren Bekämpfung - 14.01.2010 (7)
  9. MBR von Windows XP, Vista, 7 reparieren
    Anleitungen, FAQs & Links - 30.09.2009 (3)
  10. sfc /scannow - Windows Systemdateien reparieren
    Anleitungen, FAQs & Links - 07.05.2009 (2)
  11. TR/Dropper.Gen - Wie entfernen/reparieren?
    Plagegeister aller Art und deren Bekämpfung - 20.04.2009 (1)
  12. Laptop reparieren + Linksuche
    Diskussionsforum - 16.02.2009 (5)
  13. Windows XP reparieren??!
    Alles rund um Windows - 23.01.2008 (9)
  14. Internet Explorer 6 reparieren!
    Plagegeister aller Art und deren Bekämpfung - 13.10.2006 (10)
  15. Reparieren sinnvoll ?
    Log-Analyse und Auswertung - 07.06.2006 (2)
  16. Datei reparieren
    Plagegeister aller Art und deren Bekämpfung - 27.10.2005 (1)
  17. ie reparieren
    Netzwerk und Hardware - 11.02.2003 (13)

Zum Thema sfc /scannow reparieren? - Hallo, habe Windows 7 Sp1 (Ultimate). Seit ein paar Tagen habe ich Probleme beim Suchen mit dem Windows-Explorer (mal ja, mal nein, mal halb...) und auch beim Suchen in Outlook. - sfc /scannow reparieren?...
Archiv
Du betrachtest: sfc /scannow reparieren? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.