sfc /scannow reparieren?

rk1757 · 15.12.2014, 10:14

Hallo Schrauber,
danke für die weitere Hilfe.
Hier nun die Log vom Combofix

Code:

ATTFilter

ComboFix 14-12-14.01 - R 15.12.2014   9:42.1.2 - x64 MINIMAL
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.4061.3342 [GMT 1:00]
ausgeführt von:: c:\users\Privat\Downloads\Combofix\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Enabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\klimalogg.dat1.tmp
c:\users\R\AppData\Local\assembly\tmp
E:\install.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-11-15 bis 2014-12-15  ))))))))))))))))))))))))))))))
.
.
2014-12-14 22:08 . 2014-12-14 22:09	--------	d-----w-	c:\windows\system32\appraiser
2014-12-14 22:08 . 2014-12-14 22:09	--------	d-s---w-	c:\windows\system32\CompatTel
2014-12-14 15:52 . 2014-11-01 19:21	11632448	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0F681727-3CF7-4487-8763-5AD78AC7315C}\mpengine.dll
2014-12-13 20:51 . 2014-12-13 20:59	--------	d-----w-	c:\program files (x86)\Common Files\DVDVideoSoft
2014-12-13 17:05 . 2014-12-13 17:12	--------	d-----w-	c:\windows\system32\catroot2
2014-12-13 16:59 . 2014-12-13 20:21	129752	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-13 16:59 . 2014-11-21 05:14	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2014-12-13 16:59 . 2014-11-21 05:14	93400	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2014-12-13 16:59 . 2014-11-21 05:14	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2014-12-13 16:59 . 2014-12-13 16:59	--------	d-----w-	c:\program files (x86)\ Malwarebytes Anti-Malware 
2014-12-13 12:26 . 2014-11-01 19:21	11632448	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-12-13 12:10 . 2014-12-13 12:10	--------	d-----w-	c:\windows\SysWow64\wbem\Performance
2014-12-13 11:51 . 2014-12-13 11:51	--------	d-----w-	C:\RegBackup
2014-12-12 14:16 . 2014-12-12 14:16	--------	d-----w-	c:\users\R\AppData\Roaming\Nitro PDF
2014-12-10 15:16 . 2014-12-07 16:16	1188440	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A8EB7AFC-67DD-42EF-BC0A-CE881B9DAF73}\gapaengine.dll
2014-12-10 12:44 . 2014-12-10 12:44	--------	d-----w-	c:\users\Privat\AppData\Roaming\DesktopDPO-b590ce5c4fa12d0f57bf76ef54d1be94
2014-12-10 12:20 . 2014-12-10 12:22	--------	d-----w-	c:\program files (x86)\Office-Bibliothek
2014-12-10 12:18 . 2001-09-05 03:18	225280	------w-	c:\program files (x86)\Common Files\InstallShield\IScript\IScript.dll
2014-12-10 12:18 . 2001-09-05 03:18	77824	----a-w-	c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\ctor.dll
2014-12-10 12:18 . 2001-09-05 03:14	176128	------w-	c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\iuser.dll
2014-12-10 12:18 . 2001-09-05 03:13	32768	------w-	c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\objectps.dll
2014-12-10 12:18 . 2004-04-21 19:10	212992	------w-	c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\ILog.dll
2014-12-10 06:32 . 2014-10-18 01:33	3209728	----a-w-	c:\windows\SysWow64\mf.dll
2014-12-10 06:32 . 2014-10-18 02:05	4121600	----a-w-	c:\windows\system32\mf.dll
2014-12-10 06:26 . 2014-12-04 02:50	192000	----a-w-	c:\windows\system32\aepic.dll
2014-12-10 06:26 . 2014-12-04 02:44	1083392	----a-w-	c:\windows\system32\aeinv.dll
2014-12-10 06:26 . 2014-12-01 23:28	1232040	----a-w-	c:\windows\system32\aitstatic.exe
2014-12-10 06:26 . 2014-12-04 02:50	741376	----a-w-	c:\windows\system32\invagent.dll
2014-12-10 06:26 . 2014-12-04 02:50	413184	----a-w-	c:\windows\system32\generaltel.dll
2014-12-10 06:26 . 2014-12-04 02:50	396800	----a-w-	c:\windows\system32\devinv.dll
2014-12-10 06:26 . 2014-12-04 02:50	227328	----a-w-	c:\windows\system32\aepdu.dll
2014-12-10 06:26 . 2014-11-11 01:46	119296	----a-w-	c:\windows\system32\drivers\tdx.sys
2014-12-10 06:23 . 2014-11-08 03:16	2048	----a-w-	c:\windows\system32\tzres.dll
2014-12-10 06:23 . 2014-11-08 02:45	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2014-12-10 06:18 . 2014-12-07 16:16	1188440	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-12-08 06:29 . 2014-12-08 06:29	--------	d-----w-	c:\users\Privat\AppData\Local\colorpicker
2014-12-08 06:29 . 2014-12-08 06:29	--------	d-----w-	c:\program files (x86)\ColorPicker
2014-12-07 16:10 . 2014-12-07 16:10	--------	d-----w-	c:\program files (x86)\Microsoft Security Client
2014-12-07 16:10 . 2014-12-07 16:10	--------	d-----w-	c:\program files\Microsoft Security Client
2014-12-07 14:15 . 2014-12-07 14:15	--------	d-----w-	c:\users\R\AppData\Roaming\DesktopDPO-b590ce5c4fa12d0f57bf76ef54d1be94
2014-12-07 14:09 . 2014-12-07 14:14	--------	d-----w-	c:\program files (x86)\Design&Print
2014-12-07 11:29 . 2014-12-07 11:29	--------	d-sh--w-	c:\users\R\AppData\Local\EmieBrowserModeList
2014-12-07 11:22 . 2014-12-07 11:22	296736	----a-w-	c:\windows\system32\drivers\file_tracker.sys
2014-12-07 11:22 . 2014-12-07 11:22	234784	----a-w-	c:\windows\system32\drivers\tib_mounter.sys
2014-12-07 11:21 . 2014-12-07 11:21	1328928	----a-w-	c:\windows\system32\drivers\tib.sys
2014-12-07 11:21 . 2014-12-07 11:21	304416	----a-w-	c:\windows\system32\drivers\snapman.sys
2014-12-07 11:21 . 2014-12-07 11:21	134432	----a-w-	c:\windows\system32\drivers\fltsrv.sys
2014-12-07 11:14 . 2014-12-07 11:21	--------	d-----w-	c:\program files (x86)\Acronis
2014-12-07 02:53 . 2014-12-07 02:53	--------	d-----w-	c:\users\R\AppData\Roaming\6201DCD5-31C3-42A8-9C56-988BDE234E8F
2014-12-06 20:09 . 2014-12-07 11:22	--------	d-----w-	c:\program files (x86)\Common Files\Acronis
2014-12-06 12:01 . 2014-12-06 12:01	--------	d-----w-	c:\program files\Josip Medved
2014-11-25 13:24 . 2014-11-25 13:24	24294072	----a-w-	c:\program files\Common Files\Microsoft Shared\OFFICE14\MSO.DLL
2014-11-25 12:59 . 2014-11-25 12:59	18638520	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\OFFICE14\MSO.DLL
2014-11-23 13:24 . 2014-11-23 13:24	--------	d-----w-	c:\users\R\AppData\Roaming\TeamViewer
2014-11-22 10:29 . 2014-11-22 10:29	--------	d-----w-	c:\program files (x86)\StreamTransport
2014-11-21 05:52 . 2014-11-21 05:52	--------	d-----w-	c:\windows\SysWow64\Wat
2014-11-21 05:52 . 2014-11-21 05:52	--------	d-----w-	c:\windows\system32\Wat
2014-11-20 20:34 . 2014-11-20 20:34	--------	d-----w-	c:\users\Privat\AppData\Local\Hola
2014-11-19 05:43 . 2014-11-11 03:08	241152	----a-w-	c:\windows\system32\pku2u.dll
2014-11-19 05:43 . 2014-11-11 03:08	728064	----a-w-	c:\windows\system32\kerberos.dll
2014-11-19 05:43 . 2014-11-11 02:44	186880	----a-w-	c:\windows\SysWow64\pku2u.dll
2014-11-19 05:43 . 2014-11-11 02:44	550912	----a-w-	c:\windows\SysWow64\kerberos.dll
2014-11-19 03:26 . 2014-11-19 03:26	1614504	----a-w-	c:\windows\system32\FM20.DLL
2014-11-17 18:25 . 2014-11-17 18:25	--------	d-sh--w-	c:\users\Privat\AppData\Local\EmieBrowserModeList
2014-11-15 14:43 . 2014-12-11 05:21	--------	d-----w-	c:\program files\SUPERAntiSpyware
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-14 21:58 . 2009-07-14 02:36	152576	----a-w-	c:\windows\SysWow64\msclmd.dll
2014-12-14 21:58 . 2009-07-14 02:36	175616	----a-w-	c:\windows\system32\msclmd.dll
2014-12-13 11:50 . 2014-03-16 04:19	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-13 11:50 . 2014-03-16 04:19	701616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-12-10 06:37 . 2014-03-15 17:28	112710672	----a-w-	c:\windows\system32\MRT.exe
2014-11-05 21:55 . 2014-11-05 17:15	93144	----a-w-	c:\windows\system32\drivers\hmpalert.sys
2014-11-05 21:55 . 2014-11-05 17:15	548424	----a-w-	c:\windows\system32\hmpalert.dll
2014-11-05 21:55 . 2014-11-05 17:15	477008	----a-w-	c:\windows\SysWow64\hmpalert.dll
2014-10-30 11:25 . 2014-03-15 17:10	275080	------w-	c:\windows\system32\MpSigStub.exe
2014-10-26 15:41 . 2014-07-22 09:11	111016	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2014-10-26 15:41 . 2014-10-26 15:44	191400	----a-w-	c:\windows\system32\javaw.exe
2014-10-26 15:41 . 2014-10-26 15:44	190888	----a-w-	c:\windows\system32\java.exe
2014-10-26 15:41 . 2014-07-22 09:11	320936	----a-w-	c:\windows\system32\javaws.exe
2014-10-25 02:10 . 2014-10-25 02:10	92160	----a-w-	c:\windows\system32\udefrag.exe
2014-10-25 02:10 . 2014-10-25 02:10	13312	----a-w-	c:\windows\system32\hibernate4win.exe
2014-10-25 02:10 . 2014-10-25 02:10	12288	----a-w-	c:\windows\system32\bootexctrl.exe
2014-10-25 02:10 . 2014-10-25 02:10	33792	----a-w-	c:\windows\system32\wgx.dll
2014-10-25 02:09 . 2014-10-25 02:09	132608	----a-w-	c:\windows\system32\lua5.1a.dll
2014-10-25 02:09 . 2014-10-25 02:09	394752	----a-w-	c:\windows\system32\defrag_native.exe
2014-10-25 02:09 . 2014-10-25 02:09	55808	----a-w-	c:\windows\system32\udefrag.dll
2014-10-25 02:09 . 2014-10-25 02:09	337920	----a-w-	c:\windows\system32\zenwinx.dll
2014-10-25 01:57 . 2014-11-11 18:30	77824	----a-w-	c:\windows\system32\packager.dll
2014-10-25 01:32 . 2014-11-11 18:30	67584	----a-w-	c:\windows\SysWow64\packager.dll
2014-10-18 02:05 . 2014-11-11 18:26	861696	----a-w-	c:\windows\system32\oleaut32.dll
2014-10-18 01:33 . 2014-11-11 18:26	571904	----a-w-	c:\windows\SysWow64\oleaut32.dll
2014-10-14 02:16 . 2014-11-11 18:30	155064	----a-w-	c:\windows\system32\drivers\ksecpkg.sys
2014-10-14 02:13 . 2014-11-11 18:30	683520	----a-w-	c:\windows\system32\termsrv.dll
2014-10-14 02:13 . 2014-11-11 18:29	3241984	----a-w-	c:\windows\system32\msi.dll
2014-10-14 02:12 . 2014-11-11 18:30	1460736	----a-w-	c:\windows\system32\lsasrv.dll
2014-10-14 02:09 . 2014-11-11 18:30	146432	----a-w-	c:\windows\system32\msaudite.dll
2014-10-14 02:07 . 2014-11-11 18:30	681984	----a-w-	c:\windows\system32\adtschema.dll
2014-10-14 01:50 . 2014-11-11 18:30	22016	----a-w-	c:\windows\SysWow64\secur32.dll
2014-10-14 01:50 . 2014-11-11 18:29	2363904	----a-w-	c:\windows\SysWow64\msi.dll
2014-10-14 01:49 . 2014-11-11 18:30	96768	----a-w-	c:\windows\SysWow64\sspicli.dll
2014-10-14 01:47 . 2014-11-11 18:30	146432	----a-w-	c:\windows\SysWow64\msaudite.dll
2014-10-14 01:46 . 2014-11-11 18:30	681984	----a-w-	c:\windows\SysWow64\adtschema.dll
2014-10-10 00:57 . 2014-11-11 18:29	3198976	----a-w-	c:\windows\system32\win32k.sys
2014-10-03 02:12 . 2014-11-11 18:29	500224	----a-w-	c:\windows\system32\AUDIOKSE.dll
2014-10-03 02:11 . 2014-11-11 18:29	284672	----a-w-	c:\windows\system32\EncDump.dll
2014-10-03 02:11 . 2014-11-11 18:29	680960	----a-w-	c:\windows\system32\audiosrv.dll
2014-10-03 02:11 . 2014-11-11 18:29	440832	----a-w-	c:\windows\system32\AudioEng.dll
2014-10-03 02:11 . 2014-11-11 18:29	296448	----a-w-	c:\windows\system32\AudioSes.dll
2014-10-03 01:44 . 2014-11-11 18:29	442880	----a-w-	c:\windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:44 . 2014-11-11 18:29	374784	----a-w-	c:\windows\SysWow64\AudioEng.dll
2014-10-03 01:44 . 2014-11-11 18:29	195584	----a-w-	c:\windows\SysWow64\AudioSes.dll
2014-09-25 02:08 . 2014-10-01 09:15	371712	----a-w-	c:\windows\system32\qdvd.dll
2014-09-25 01:40 . 2014-10-01 09:15	519680	----a-w-	c:\windows\SysWow64\qdvd.dll
2014-09-24 08:22 . 2014-09-24 08:22	2268	----a-w-	c:\windows\system32\ud-boot-time.cmd
2014-09-19 09:42 . 2014-11-11 18:30	210944	----a-w-	c:\windows\system32\wdigest.dll
2014-09-19 09:42 . 2014-11-11 18:30	86528	----a-w-	c:\windows\system32\TSpkg.dll
2014-09-19 09:42 . 2014-11-11 18:30	342016	----a-w-	c:\windows\system32\schannel.dll
2014-09-19 09:42 . 2014-11-11 18:30	309760	----a-w-	c:\windows\system32\ncrypt.dll
2014-09-19 09:42 . 2014-11-11 18:30	314880	----a-w-	c:\windows\system32\msv1_0.dll
2014-09-19 09:42 . 2014-11-11 18:30	22016	----a-w-	c:\windows\system32\credssp.dll
2014-09-19 09:23 . 2014-11-11 18:30	172032	----a-w-	c:\windows\SysWow64\wdigest.dll
2014-09-19 09:23 . 2014-11-11 18:30	65536	----a-w-	c:\windows\SysWow64\TSpkg.dll
2014-09-19 09:23 . 2014-11-11 18:30	248832	----a-w-	c:\windows\SysWow64\schannel.dll
2014-09-19 09:23 . 2014-11-11 18:30	221184	----a-w-	c:\windows\SysWow64\ncrypt.dll
2014-09-19 09:23 . 2014-11-11 18:30	259584	----a-w-	c:\windows\SysWow64\msv1_0.dll
2014-09-19 09:23 . 2014-11-11 18:30	17408	----a-w-	c:\windows\SysWow64\credssp.dll
2014-09-18 09:16 . 2014-09-18 09:16	700680	----a-w-	c:\windows\system32\drivers\uim_im.sys
2014-09-18 09:16 . 2014-09-18 09:16	556552	----a-w-	c:\windows\system32\drivers\UimFIO.sys
2014-09-18 09:16 . 2014-09-18 09:16	25992	----a-w-	c:\windows\system32\drivers\uim_devim.sys
2014-09-18 09:16 . 2014-09-18 09:16	102664	----a-w-	c:\windows\system32\drivers\UimBus.sys
2014-09-18 09:16 . 2014-10-04 13:00	34056	----a-w-	c:\windows\system32\drivers\hotcore3.sys
2014-09-18 09:16 . 2014-09-18 09:16	944904	----a-w-	c:\windows\system32\Vim.RWBlock.dll
2014-09-18 09:16 . 2014-09-18 09:16	86792	----a-w-	c:\windows\system32\vimbase.dll
2014-09-18 09:16 . 2014-09-18 09:16	531720	----a-w-	c:\windows\system32\drivers\UMDF\blockmounter.dll
2014-09-18 09:16 . 2014-09-18 09:16	2065160	----a-w-	c:\windows\system32\vimsdk.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-11-20 1021128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0??\0?\0PowerRemov??\0PowerRemover.eService\SWMAgent. 'Win32_Process'\0?\0PowerRemover.e??\0PowerRemover.e?\0??\0PowerRemover
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
R1 Uim_DEVIM;UIM Direct Device Image Plugin;c:\windows\system32\DRIVERS\uim_devim.sys;c:\windows\SYSNATIVE\DRIVERS\uim_devim.sys [x]
R2 afcdpsrv;Acronis Nonstop Backup Service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [x]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
R2 BingDesktopUpdate;Bing Desktop Update service;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 CSUService;COMODO System Utilities Service;c:\program files\COMODO\COMODO System Utilities\CSUService.exe;c:\program files\COMODO\COMODO System Utilities\CSUService.exe [x]
R2 hmpalert;HitmanPro.Alert Support Driver;c:\windows\system32\drivers\hmpalert.sys;c:\windows\SYSNATIVE\drivers\hmpalert.sys [x]
R2 KlimaLogg Service;KlimaLogg Service;c:\program files (x86)\KlimaLoggPro\KlimaLoggProService.exe;c:\program files (x86)\KlimaLoggPro\KlimaLoggProService.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R2 syncagentsrv;Acronis Sync Agent Service;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [x]
R2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 hmpalertsvc;HitmanPro.Alert Service;c:\program files (x86)\HitmanPro.Alert\hmpalert.exe;c:\program files (x86)\HitmanPro.Alert\hmpalert.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys;c:\windows\SYSNATIVE\pwdrvio.sys [x]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys;c:\windows\SYSNATIVE\pwdspio.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 rtl819xpn64;Realtek RTL8190/RTL8192E 802.11n Wireless LAN (Mini-) PCI NIC-NT-Treiber;c:\windows\system32\DRIVERS\rtl819xp.sys;c:\windows\SYSNATIVE\DRIVERS\rtl819xp.sys [x]
R3 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
R4 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R4 Netzmanager Service;Netzmanager Infrastruktur Informationssystem Dienst;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe ;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe  [x]
R4 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8;c:\program files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe;c:\program files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [x]
R4 SWUpdateService;SW Update Service;c:\programdata\Samsung\SW Update Service\SWMAgent.exe;c:\programdata\Samsung\SW Update Service\SWMAgent.exe [x]
R4 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [x]
S0 file_tracker;file_tracker;c:\windows\system32\DRIVERS\file_tracker.sys;c:\windows\SYSNATIVE\DRIVERS\file_tracker.sys [x]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys;c:\windows\SYSNATIVE\DRIVERS\fltsrv.sys [x]
S0 hotcore3;hc3ServiceName;c:\windows\system32\DRIVERS\hotcore3.sys;c:\windows\SYSNATIVE\DRIVERS\hotcore3.sys [x]
S0 tib;Acronis TIB Manager;c:\windows\system32\DRIVERS\tib.sys;c:\windows\SYSNATIVE\DRIVERS\tib.sys [x]
S0 tib_mounter;Acronis TIB Mounter;c:\windows\system32\DRIVERS\tib_mounter.sys;c:\windows\SYSNATIVE\DRIVERS\tib_mounter.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S3 azvusb;Virtual USB Hub;c:\windows\system32\DRIVERS\azvusb.sys;c:\windows\SYSNATIVE\DRIVERS\azvusb.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2014-12-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-16 11:50]
.
2014-04-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-03-19 10:46]
.
2014-04-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-03-19 10:46]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncError]
@="{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}"
[HKEY_CLASSES_ROOT\CLSID\{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}]
2014-09-09 09:05	2832680	----a-w-	c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncInProgress]
@="{00F848DC-B1D4-4892-9C25-CAADC86A215D}"
[HKEY_CLASSES_ROOT\CLSID\{00F848DC-B1D4-4892-9C25-CAADC86A215D}]
2014-09-09 09:05	2832680	----a-w-	c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncOk]
@="{71573297-552E-46fc-BE3D-3DFAF88D47B7}"
[HKEY_CLASSES_ROOT\CLSID\{71573297-552E-46fc-BE3D-3DFAF88D47B7}]
2014-09-09 09:05	2832680	----a-w-	c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 108144]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-08-22 1331288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"MSPCLOCK"="streamci" [X]
"MSPQM"="streamci" [X]
"MSKSSRV"="streamci" [X]
"MSTEE.CxTransform"="streamci" [X]
"MSTEE.Splitter"="streamci" [X]
"WDM_DRMKAUD"="streamci" [X]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
IE: An OneNote s&enden - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\R\AppData\Roaming\Mozilla\Firefox\Profiles\is3epxns.default-1410158323112\
FF - prefs.js: browser.startup.homepage - www.google.de|hxxps://translate.google.de/
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled\Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG17.00.00.01PROFESSIONAL"="64BD35466F5C9ECDE918AE6040F7C8AFF8C5B1D7D54B9EAF1B8285F6757C2BB215233113DF2234B57088A88FB1801161C92341F62ACF41A27884FD1F2E9B665D0401A3E02D297DAA65662660CAF176269EFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D1407A6A0AC4980AC7933BA7FD869164D6794A6A0AC4980AC79336A917B151DB4880D5B7A67519B18E202240584849E808C4B4074E5614E32F73F17570AE9B659B7ECAF741F1B401845B6707B5DE93D6B67AFF115681080D31856E6374CA70B5C8B95074E7F1AC7EBB71995B5F7D6CE5E79F3F2825A67497CBA9240192347D439BA029116789182C0D2812D87FCFC5E5E5CEAE37633A70C251CE26E3D77356EF8BFDF63AF06BD6657717CB519120299FEEC9FCCFCEA01CED738EE2133B0D0D73DDB12F4D221488B07B3C79066650052EB4CCD9775011E3DB5D20FECE141ED353A11AE2388C954AEB6FED7013DA606FCE360E41197F496266FF0D0C6831955CCB8A581AE2F0476B1647BD4B2C30B153637D18AED69CEFBFBCCDDF60B252F418D15A688BAFB563799221499B270CA243ACE8D96C349165057AA27F5FA2800E485BD617550734F148D937A35F18FA21CEBA244170DE7D90A70F71FF7B6C287E0E9386A305CF17A7EDB7421EA4541535BCF426DCAA7C9AB95A7B6DAD8477FCACF909D98D12E256F5BF58F413467F722B390CFBEA656C6A0D080FEB52C993B4F3C761986A97B10C3026EC7D6BA74FD576C7B81B8D2BF8CD20FA0FB4E377BA820A6BB6B933BDA0992410191225F6EEB3F3E83211AAD6D1C5F18D36D85711FCCCB83A468E23B4B3CFCDA0876A735BAB3AA57BE0EE8C5CE4AE8260825820B9E01E33A9778DA942B27A6010794AE822398EDDA6539ED61B6BF93E7D10D2F6373738027A2182967BF1DB55F219BC3C35531E25DD7A9B776D9F70A02669D3992FDA63C1AF2D7BA84AF4557919FD137A9E0EB646994F995345346FA8922E792DF806FB4575F5C42720A1A3AA96F101D163D0654FD45D61EF9A2CC958A828EF149A3770E965DDBB8EBBDE8132C20C4CCA04294180CB18529DB280691832BC75200723EEC058A25D86020579811696FE316AEFD96F8C6595523ACBEA768E2E170EADC93FDC02617A0F168D986C6222742F4A280BD2198BD02CCD716959F14B8CEA2351E6EDE1426D377343C9C2E49930BF0A4AAFC50DC315687BA039C84CEC1B375B2D7F1E75CDAFA79829D9E9BFCF227721E5FC9C8EB453AB9C6CC83E5C404A964F18DBED5AA50DFB9B8EE5459031542935AD69C4145A1DAFAD1901386CD19FE2472628F1CCE3890A79F7989A245E14D248D9D726489FE299896BF191DE4B2C49E95CA239B3DD762EBE1D58DA9D0D07B284C924BCE7FAC5C12B39DE756A79251"
.
Zeit der Fertigstellung: 2014-12-15  09:51:22
ComboFix-quarantined-files.txt  2014-12-15 08:51
.
Vor Suchlauf: 16 Verzeichnis(se), 25.232.564.224 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 24.866.021.376 Bytes frei
.
- - End Of File - - D16DCB99570CCC53D7DD631942A55431
A36C5E4F47E84449FF07ED3517B43A31

sfc /scannow reparieren?

Log-Analyse und Auswertung: sfc /scannow reparieren?

sfc /scannow reparieren?

Ähnliche Themen: sfc /scannow reparieren?