Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
sfc /scannow reparieren?

sfc /scannow reparieren?


Log-Analyse und Auswertung: sfc /scannow reparieren?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 15.12.2014, 20:20   #1
schrauber
/// the machine
/// TB-Ausbilder
 
sfc /scannow reparieren? - Standard

sfc /scannow reparieren?


  • Lade Dir bitte Windows Repair - All in one von tweaking.com hier herunter und installiere es.
  • Deaktiviere bitte (wenn möglich) Dein Antivirusprogramm.
  • Bedenke, dass die einzelnen Reparaturen einige Zeit benötigen. Starte keine anderen Anwendungen in dieser Zeit.
  • Starte das Programm und führe die Punkte 1-5 durch. (Siehe Bildanleitung)
  • Achte darauf, dass bei Dir die Häkchen so gesetzt sind wie unter Punkt 4.
  • Setze auch ein Häkchen bei "Restart/Shutdown System" und klicke "Restart System" an bevor Du Punkt 5 durchführst.






ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 16.12.2014, 23:57   #2
rk1757
 
sfc /scannow reparieren? - Standard

Eset Scanner log.txt


Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=45d761cc1813dd44852dc465c7cb13e4
# engine=21572
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-12-16 08:42:49
# local_time=2014-12-16 09:42:49 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 750742 41699763 0 0
# scanned=247296
# found=14
# cleaned=14
# scan_time=9114
sh=8C299A27E16F04E97E2DBABCF412697C43273DFC ft=1 fh=c345d981f4dfe292 vn="Variante von Win32/InstallCore.UE evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\$RECYCLE.BIN\S-1-5-21-459147949-2764265090-3061895288-1004\$R5JV64C.exe"
sh=4370E4F60FB96627C6AD4F4820A4FA8A61F8EC29 ft=1 fh=3b60eb1472d7e959 vn="Variante von Win32/CNETInstaller.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Privat\Downloads\cbsidlm-cbsi213-AMR_MP3_Converter-SEO_DE-75858774.exe"
sh=590563A58616FE1877329EA58948F6961AB0C77F ft=1 fh=5b10c696ef5b2648 vn="Win32/DownWare.W evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Privat\Downloads\RarmaRadio\Rarmaradio_setup.exe"
sh=5F312351C6AE3A2EDCCA2AD96278E1A82E207E7E ft=1 fh=5b10c696dbb63c10 vn="Win32/DownWare.W evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Privat\Downloads\RarmaRadio\Rarmaradio_setup_2-68-3.exe"
sh=590563A58616FE1877329EA58948F6961AB0C77F ft=1 fh=5b10c696ef5b2648 vn="Win32/DownWare.W evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Privat\Downloads\RarmaRadio\Rarmaradio_setup_2.69.1.exe"
sh=075478ED256C74207FB1540F41BE4934B47D549B ft=1 fh=5a1a58d6a5023955 vn="Win32/Somoto.Q evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Privat\Downloads\Streamtransport1.1.6.2\streamtransport_chrome_setup1.1.6.2.exe"
sh=E18B5242B0C893DF09E34A9E89DE551503F31591 ft=1 fh=5a1a58d6d884f372 vn="Win32/Somoto.Q evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Privat\Downloads\Streamtransport1.1.6.2\Streamtransport IE10\streamtransport_setup.exe"
sh=E833436032535FEB243B262717AA6F23AEDEDE9F ft=1 fh=1c0e267f63a665cf vn="Win32/DownWare.L evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Public\Documents\RK_Stick1_01.03.2014\Win18791drv.exe"
sh=2DAAB83B0439BC76845E58F3F7DDB84EE8E210C4 ft=1 fh=855a37aa5dbeb36f vn="Win32/InstallCore.PC evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\R\AppData\Roaming\0F1L1I1P0H1L1E1E1F\Notepad++ Packages\uninstaller.exe"
sh=273A2A936AEC8B68DE2329EF69996F616B0D757E ft=1 fh=6e75ff11b16007d4 vn="NSIS/StartPage.CC Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\R\Downloads\vlc-2.1.3-win64.exe"
sh=075478ED256C74207FB1540F41BE4934B47D549B ft=1 fh=5a1a58d6a5023955 vn="Win32/Somoto.Q evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\R\Downloads\Streamtransport\streamtransport_1.1.6.2\streamtransport_chrome_setup1.1.6.2.exe"
sh=E18B5242B0C893DF09E34A9E89DE551503F31591 ft=1 fh=5a1a58d6d884f372 vn="Win32/Somoto.Q evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\R\Downloads\Streamtransport\streamtransport_1.1.6.2\Streamtransport IE10\streamtransport_setup.exe"
sh=56371D74005B39D794FF8F30891F27BACECA56C8 ft=1 fh=c3e79ff37423ee01 vn="Variante von Win32/Toolbar.Babylon.P evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="D:\Administrator.Reiner-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nohfdhapjjlndfgjnmdlcabloeembdkj\1.0\BUSolution.dll"
sh=F5C514F93292C6B027DCB2898E0010C534428DDA ft=1 fh=5629cfffb69b4f20 vn="Variante von Win32/Toolbar.Babylon.Q evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="D:\Administrator.Reiner-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nohfdhapjjlndfgjnmdlcabloeembdkj\1.0\NPObject.dll"
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.91  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Microsoft Security Essentials   
  (On Access scanning disabled!) 
 Error obtaining update status for antivirus!  
`````````Anti-malware/Other Utilities Check:````````` 
 Java version 32-bit out of Date! 
 Adobe Flash Player 16.0.0.235  
 Adobe Reader XI  
 Mozilla Firefox (34.0.5) 
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
 KlimaLoggPro KlimaLoggProService.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-12-2014 01
Ran by Privat (ATTENTION: The logged in user is not administrator) on R-PC on 16-12-2014 20:58:18
Running from C:\Users\Privat\Downloads\FRST 64-Bit
Loaded Profiles: R & Privat (Available profiles: R & Coach & Privat)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Citrix Systems, Inc.) C:\Users\Privat\AppData\Local\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Users\Privat\AppData\Local\Program Files\Citrix\Receiver\Receiver.exe
(Citrix Systems, Inc.) C:\Users\Privat\AppData\Local\Citrix\SelfService\Program Files\SelfServicePlugin.exe
(Citrix Systems, Inc.) C:\Users\Privat\AppData\Local\Citrix\ICA Client\wfcrun32.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKU\S-1-5-21-459147949-2764265090-3061895288-1001\...\RunOnce: [Adobe Speed Launcher] => 1418709390
HKU\S-1-5-21-459147949-2764265090-3061895288-1004\...\Run: [ConnectionCenter] => C:\Users\Privat\AppData\Local\Citrix\ICA Client\concentr.exe [395656 2013-10-01] (Citrix Systems, Inc.)
HKU\S-1-5-21-459147949-2764265090-3061895288-1004\...\RunOnce: [Adobe Speed Launcher] => 1418758487
HKU\S-1-5-21-459147949-2764265090-3061895288-1004\...\MountPoints2: {d5b1e588-28fd-11e4-99a0-002454164d61} - H:\AutoRun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\Users\Privat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
BootExecute: autocheck autochk * ???PowerRemov??PowerRemover.eService\SWMAgent. 'Win32_Process'?PowerRemover.e??PowerRemover.e???PowerRemover

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-459147949-2764265090-3061895288-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-459147949-2764265090-3061895288-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-459147949-2764265090-3061895288-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-459147949-2764265090-3061895288-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\S-1-5-21-459147949-2764265090-3061895288-1004 -> {E2F142F7-A180-4898-98E3-6543ADCC6CD9} URL = hxxp://www.sm.de/?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} ->  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Privat\AppData\Roaming\Mozilla\Firefox\Profiles\chw91qfc.default
FF NewTab: Home
FF Homepage: www.google.de|www.yahoo.de|www.ard-text.de|www.n24.de|hxxp://www.wissenschaft-aktuell.de/|hxxp://translate.google.de/|hxxp://www.wetteronline.de/wetter/mecklenburg-vorpommern|https://mail.daa.de|hxxp://www.tvtoday.de/tv-programm/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpWinExt,version=5.0 -> C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-459147949-2764265090-3061895288-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-459147949-2764265090-3061895288-1004: @Citrix.com/npican -> C:\Users\Privat\AppData\Local\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Extension: Hola Better Internet - C:\Users\Privat\AppData\Roaming\Mozilla\Firefox\Profiles\chw91qfc.default\Extensions\jid1-4P0kohSJxU1qGg@jetpack [2014-12-16]
FF Extension: Adblock Plus - C:\Users\Privat\AppData\Roaming\Mozilla\Firefox\Profiles\chw91qfc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-18]
FF Extension: Tab Mix Plus - C:\Users\Privat\AppData\Roaming\Mozilla\Firefox\Profiles\chw91qfc.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-03-19]
FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\Firefox
FF Extension: Bing Bar - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\Firefox [2014-09-24]
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension
FF Extension: Search Helper Extension - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2014-09-24]
FF HKU\S-1-5-21-459147949-2764265090-3061895288-1001\...\Firefox\Extensions: [{b9aa91db-385d-4c69-8a2f-96790aa9405b}] - c:\program files (x86)\copernic\desktopsearch4\firefoxconnector
FF Extension: Copernic Desktop Search - Search Firefox content - c:\program files (x86)\copernic\desktopsearch4\firefoxconnector [2014-03-16]
FF HKU\S-1-5-21-459147949-2764265090-3061895288-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\tcwohpok.default\extensions\cliqz@cliqz.com
FF HKU\S-1-5-21-459147949-2764265090-3061895288-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF HKU\S-1-5-21-459147949-2764265090-3061895288-1004\...\Firefox\Extensions: [{b9aa91db-385d-4c69-8a2f-96790aa9405b}] - c:\program files (x86)\copernic\desktopsearch4\firefoxconnector

Chrome: 
=======
CHR HKU\S-1-5-21-459147949-2764265090-3061895288-1001\...\Chrome\Extension: [cnnbdaahphjgdgfhliignpepgnbnfomp] - c:\program files (x86)\copernic\desktopsearch4\ChromeConnector\ChromeConnector.crx [2014-11-04]
CHR HKU\S-1-5-21-459147949-2764265090-3061895288-1004\...\Chrome\Extension: [cnnbdaahphjgdgfhliignpepgnbnfomp] - c:\program files (x86)\copernic\desktopsearch4\ChromeConnector\ChromeConnector.crx [2014-11-04]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173272 2013-11-01] (Microsoft Corp.)
S2 CSUService; C:\Program Files\COMODO\COMODO System Utilities\CSUService.exe [347968 2012-02-24] (Comodo Security Solutions, Inc.)
S3 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [1876816 2014-11-05] (SurfRight B.V.)
R2 KlimaLogg Service; C:\Program Files (x86)\KlimaLoggPro\KlimaLoggProService.exe [2480640 2014-05-27] () [File not signed]
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2283296 2014-10-10] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S4 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed]
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S4 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2012-11-13] (Nitro PDF Software)
S4 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3020632 2014-04-04] (Samsung Electronics CO., LTD.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 azvusb; C:\Windows\System32\DRIVERS\azvusb.sys [54784 2009-08-24] (AzureWave Technologies, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-15] (Disc Soft Ltd)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [296736 2014-12-07] (Acronis International GmbH)
R2 hmpalert; C:\Windows\System32\drivers\hmpalert.sys [93144 2014-11-05] ()
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [34056 2014-09-18] (Paragon Software Group)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-11-21] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19936 2010-04-09] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2010-04-09] ()
R3 rtl819xpn64; C:\Windows\System32\DRIVERS\rtl819xp.sys [622624 2010-02-01] (Realtek Semiconductor Corporation                           )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1328928 2014-12-07] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [234784 2014-12-07] (Acronis International GmbH)
R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [102664 2014-09-18] ()
R1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25992 2014-09-18] ()
R1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [700680 2014-09-18] ()
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-16 20:37 - 2014-12-16 20:37 - 00852490 _____ () C:\Users\Privat\Downloads\SecurityCheck.exe
2014-12-16 17:00 - 2014-12-16 17:00 - 00064643 _____ () C:\Users\Privat\AppData\Local\recently-used.xbel
2014-12-16 06:59 - 2014-12-16 07:00 - 00000000 ____D () C:\Users\R\Downloads\ESET Online Scanner
2014-12-15 21:16 - 2014-12-15 20:16 - 00000052 _____ () C:\Users\Privat\Documents\KlimaLoggPro.log
2014-12-15 20:24 - 2014-12-15 20:24 - 00002159 _____ () C:\Users\R\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2014-12-15 20:24 - 2014-12-15 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-12-15 20:24 - 2014-12-15 20:24 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-12-15 20:16 - 2014-12-15 20:19 - 00002393 _____ () C:\ProgramData\KlimaLogg.dat1.tmp
2014-12-15 20:16 - 2014-12-07 16:05 - 00000052 _____ () C:\Users\Privat\Documents\2014_12_15-KlimaLoggPro.log
2014-12-15 19:40 - 2014-12-15 19:40 - 00001155 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-12-15 19:40 - 2014-12-15 19:40 - 00001105 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2014-12-15 19:40 - 2014-12-15 19:40 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-12-15 18:44 - 2014-12-15 18:49 - 00000000 ____D () C:\Users\Privat\Downloads\Windows 7 Ultimate mit SP1 64-Bit deutsch
2014-12-15 16:22 - 2014-12-15 16:26 - 00000000 ____D () C:\Users\Privat\Downloads\Advanced Token Manager
2014-12-15 15:58 - 2014-12-15 18:44 - 00000000 ____D () C:\Users\Privat\Downloads\Windows 7 Ultimate  ohne SP1 in Deutsch
2014-12-15 09:51 - 2014-12-15 09:51 - 00027430 _____ () C:\ComboFix.txt
2014-12-15 09:40 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-12-15 09:40 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-12-15 09:40 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-12-15 09:40 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-12-15 09:40 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-12-15 09:40 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-12-15 09:40 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-12-15 09:40 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-12-15 09:36 - 2014-12-15 09:51 - 00000000 ____D () C:\Qoobox
2014-12-15 09:36 - 2014-12-15 09:49 - 00000000 ____D () C:\Windows\erdnt
2014-12-15 09:30 - 2014-12-15 09:31 - 00000000 ____D () C:\Users\Privat\Downloads\Combofix
2014-12-14 23:08 - 2014-12-14 23:09 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-14 23:08 - 2014-12-14 23:09 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-13 21:52 - 2014-12-13 21:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-12-13 21:52 - 2014-12-13 21:52 - 00001241 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-12-13 17:59 - 2014-12-16 06:56 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-13 17:59 - 2014-12-13 17:59 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-12-13 17:59 - 2014-12-13 17:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-12-13 17:59 - 2014-12-13 17:59 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-12-13 17:59 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-13 17:59 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-13 17:59 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-13 13:24 - 2014-12-16 10:44 - 00016562 _____ () C:\Windows\PFRO.log
2014-12-13 12:51 - 2014-12-13 12:51 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-R-PC-Microsoft-Windows-7-Ultimate-(64-bit).dat
2014-12-13 12:51 - 2014-12-13 12:51 - 00000000 ____D () C:\RegBackup
2014-12-13 08:32 - 2014-12-15 20:23 - 00000000 ____D () C:\Users\Privat\Downloads\Win-Repair
2014-12-12 16:38 - 2014-12-12 16:38 - 00001289 _____ () C:\Users\Public\Desktop\YTD Video Downloader.lnk
2014-12-12 15:19 - 2014-12-12 15:19 - 00347816 _____ (Microsoft Corporation) C:\Users\R\Downloads\MicrosoftFixit.maintenance.RNP.146341819919314831.5.1.Run.exe
2014-12-12 15:16 - 2014-12-12 15:16 - 00347816 _____ (Microsoft Corporation) C:\Users\R\Downloads\MicrosoftFixit.Printing.RNP.146341819919314831.4.1.Run.exe
2014-12-12 15:16 - 2014-12-12 15:16 - 00000000 ____D () C:\Users\R\AppData\Roaming\Nitro PDF
2014-12-12 15:12 - 2014-12-12 15:12 - 00347816 _____ (Microsoft Corporation) C:\Users\R\Downloads\MicrosoftFixit.Search.RNP.146341819919314831.3.1.Run.exe
2014-12-12 15:12 - 2014-12-12 15:12 - 00347816 _____ (Microsoft Corporation) C:\Users\R\Downloads\MicrosoftFixit.malware.RNP.146341819919314831.2.1.Run.exe
2014-12-12 15:11 - 2014-12-12 15:11 - 00347816 _____ (Microsoft Corporation) C:\Users\R\Downloads\MicrosoftFixit.WinSecurity.FISC.146341819919314831.1.2.Run.exe
2014-12-12 14:59 - 2014-12-12 14:59 - 00347816 _____ (Microsoft Corporation) C:\Users\R\Downloads\MicrosoftFixit.ProgramInstallUninstall.FISC.146341819919314831.1.1.Run.exe
2014-12-12 14:55 - 2014-12-12 14:55 - 00347816 _____ (Microsoft Corporation) C:\Users\Privat\Downloads\MicrosoftFixit.ProgramInstallUninstall.FISC.Run.exe
2014-12-12 14:23 - 2014-12-16 20:33 - 00000784 _____ () C:\Windows\setupact.log
2014-12-12 14:23 - 2014-12-12 14:23 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-12 14:20 - 2014-12-12 14:22 - 00000004 _____ () C:\Windows\CSCCompactState
2014-12-12 14:20 - 2014-12-12 14:20 - 00002036 _____ () C:\Windows\hiveList.dmp
2014-12-12 14:09 - 2014-12-12 14:13 - 00002186 _____ () C:\Users\R\Desktop\Entfernen des Avira PC Cleaners.lnk
2014-12-12 14:09 - 2014-12-12 14:13 - 00002130 _____ () C:\Users\R\Desktop\Avira PC Cleaner.lnk
2014-12-12 09:08 - 2014-12-12 09:08 - 00260028 _____ () C:\Users\R\Desktop\sfcdetails.txt
2014-12-12 09:07 - 2014-12-12 09:07 - 00000000 _____ () C:\Users\Privat\Desktop\sfcdetails.txt
2014-12-10 16:47 - 2014-12-10 16:50 - 00000000 ____D () C:\Users\Privat\Downloads\Farbar Recovery Scan Tool FRST64
2014-12-10 14:39 - 2014-12-10 16:04 - 00086676 _____ () C:\sfcdetails.txt
2014-12-10 14:09 - 2014-12-10 14:09 - 00064802 _____ () C:\Users\Privat\Downloads\Extras.Txt
2014-12-10 14:08 - 2014-12-10 14:08 - 00097336 _____ () C:\Users\Privat\Downloads\OTL.Txt
2014-12-10 13:54 - 2014-12-10 13:54 - 00602112 _____ (OldTimer Tools) C:\Users\Privat\Downloads\OTL.exe
2014-12-10 13:44 - 2014-12-10 13:44 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\DesktopDPO-b590ce5c4fa12d0f57bf76ef54d1be94
2014-12-10 13:22 - 2014-12-10 13:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Office-Bibliothek
2014-12-10 13:20 - 2014-12-10 13:22 - 00000000 ____D () C:\Program Files (x86)\Office-Bibliothek
2014-12-10 13:07 - 2014-12-10 13:07 - 04065011 _____ () C:\Users\R\Downloads\EF_Find_7.60.zip
2014-12-10 12:34 - 2014-12-10 12:34 - 03732040 _____ (Microsoft Corporation) C:\Users\Privat\Downloads\OutlookConnector.exe
2014-12-10 11:54 - 2014-12-10 13:16 - 00000000 ____D () C:\Users\Privat\Downloads\HotFix
2014-12-10 07:37 - 2014-12-10 07:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-10 07:32 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 07:32 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 07:27 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 07:27 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 07:27 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 07:27 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 07:27 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 07:27 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 07:27 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 07:27 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 07:27 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 07:27 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 07:27 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 07:27 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 07:27 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 07:27 - 2014-11-22 03:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-10 07:27 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 07:27 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 07:27 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 07:27 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 07:27 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 07:27 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 07:27 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 07:27 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 07:27 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 07:27 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 07:27 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 07:27 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 07:27 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 07:27 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 07:27 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 07:27 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 07:27 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 07:27 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 07:27 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 07:27 - 2014-11-22 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-10 07:27 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 07:27 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 07:27 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 07:27 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 07:27 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 07:27 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 07:27 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 07:27 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 07:27 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 07:27 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 07:27 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 07:27 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 07:27 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 07:27 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 07:27 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 07:27 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 07:27 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 07:27 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 07:27 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 07:27 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 07:27 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 07:27 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 07:26 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 07:26 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 07:26 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 07:26 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 07:26 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 07:26 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 07:26 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 07:26 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-10 07:26 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 07:25 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 07:25 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 07:25 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 07:25 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-10 07:25 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 07:25 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 07:25 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 07:25 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 07:25 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 07:25 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-10 07:25 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 07:25 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-10 07:25 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-10 07:25 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-10 07:23 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 07:23 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-08 07:29 - 2014-12-08 07:29 - 00000000 ____D () C:\Users\Privat\AppData\Local\colorpicker
2014-12-08 07:29 - 2014-12-08 07:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ColorPicker
2014-12-08 07:29 - 2014-12-08 07:29 - 00000000 ____D () C:\Program Files (x86)\ColorPicker
2014-12-08 07:28 - 2014-12-08 07:29 - 01803444 _____ (Cronoxyd.de ) C:\Users\Privat\Downloads\setup.exe
2014-12-07 19:31 - 2014-12-07 19:39 - 00017444 _____ () C:\Users\Privat\Documents\Sicherungskopie von Einzelnachweis DAA 12.2014.wbk
2014-12-07 19:29 - 2014-12-07 19:45 - 00020432 _____ () C:\Users\Privat\Documents\Sicherungskopie von Einzelnachweis DAA 11.2014.wbk
2014-12-07 19:28 - 2014-12-07 19:45 - 00020146 _____ () C:\Users\Privat\Documents\Sicherungskopie von Einzelnachweis DAA 10.2014.wbk
2014-12-07 19:26 - 2014-12-07 19:46 - 00019971 _____ () C:\Users\Privat\Documents\Sicherungskopie von Einzelnachweis DAA 09.2014.wbk
2014-12-07 19:19 - 2014-12-07 19:47 - 00020370 _____ () C:\Users\Privat\Documents\Sicherungskopie von Einzelnachweis DAA 08.2014.wbk
2014-12-07 17:42 - 2014-12-07 19:24 - 00024293 _____ () C:\Users\Privat\Documents\Einzelnachweis DAA GVM.xlsx
2014-12-07 17:10 - 2014-12-07 17:10 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-12-07 17:10 - 2014-12-07 17:10 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-12-07 17:10 - 2014-12-07 17:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-12-07 17:08 - 2014-12-07 17:09 - 14107296 _____ (Microsoft Corporation) C:\Users\Privat\Downloads\mseinstall.exe
2014-12-07 16:35 - 2014-12-07 16:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-12-07 16:05 - 2014-12-02 20:20 - 00000052 _____ () C:\Users\Privat\Documents\2014_12_07-KlimaLoggPro.log
2014-12-07 15:15 - 2014-12-07 15:15 - 00000000 ____D () C:\Users\R\AppData\Roaming\DesktopDPO-b590ce5c4fa12d0f57bf76ef54d1be94
2014-12-07 15:14 - 2014-12-07 15:14 - 00001919 _____ () C:\Users\Public\Desktop\Design&PrintAvery Zweckform.lnk
2014-12-07 15:14 - 2014-12-07 15:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avery Zweckform
2014-12-07 15:09 - 2014-12-07 15:14 - 00000000 ____D () C:\Program Files (x86)\Design&Print
2014-12-07 15:08 - 2014-12-07 15:08 - 00000000 ____D () C:\Users\Privat\Downloads\CD-Eriketten
2014-12-07 12:43 - 2014-12-16 20:58 - 00000000 ____D () C:\Users\Privat\Downloads\FRST 64-Bit
2014-12-07 12:22 - 2014-12-07 12:22 - 00296736 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\file_tracker.sys
2014-12-07 12:22 - 2014-12-07 12:22 - 00234784 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib_mounter.sys
2014-12-07 12:21 - 2014-12-07 12:21 - 01328928 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib.sys
2014-12-07 12:21 - 2014-12-07 12:21 - 00304416 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\snapman.sys
2014-12-07 12:21 - 2014-12-07 12:21 - 00134432 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\fltsrv.sys
2014-12-07 12:21 - 2014-12-07 12:21 - 00001217 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis True Image 2015.lnk
2014-12-07 12:14 - 2014-12-07 12:23 - 00000000 ____D () C:\ProgramData\Acronis
2014-12-07 12:14 - 2014-12-07 12:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2014-12-07 12:14 - 2014-12-07 12:21 - 00000000 ____D () C:\Program Files (x86)\Acronis
2014-12-07 03:57 - 2014-12-07 12:02 - 00000000 ____D () C:\Users\R\Downloads\Acronis-EDV Buchversand
2014-12-07 03:53 - 2014-12-07 03:53 - 00000000 ____D () C:\Users\R\AppData\Roaming\6201DCD5-31C3-42A8-9C56-988BDE234E8F
2014-12-06 21:13 - 2014-12-06 21:13 - 00000000 ____D () C:\Users\R\AppData\Roaming\Acronis
2014-12-06 13:01 - 2014-12-06 13:01 - 00000000 ____D () C:\Program Files\Josip Medved
2014-12-06 13:00 - 2014-12-06 13:00 - 01174352 _____ () C:\Users\Privat\Downloads\VHD Attach - CHIP-Installer.exe
2014-12-05 12:24 - 2014-12-07 17:23 - 00000220 _____ () C:\AdwCleanerDebug.txt
2014-12-03 08:44 - 2014-12-03 08:44 - 00001103 _____ () C:\Users\Privat\Desktop\Bewerbungscoaching.lnk
2014-12-02 20:20 - 2014-11-29 09:06 - 00000052 _____ () C:\Users\Privat\Documents\2014_12_02-KlimaLoggPro.log
2014-11-30 19:28 - 2012-11-11 19:43 - 00175382 _____ () C:\Users\Privat\Documents\Sicherungskopie von 01. und 02.2011.wbk
2014-11-29 09:06 - 2014-11-23 11:49 - 00000052 _____ () C:\Users\Privat\Documents\2014_11_29-KlimaLoggPro.log
2014-11-26 10:56 - 2014-11-26 10:56 - 00000000 ____D () C:\Users\Privat\Documents\Marx, Kati
2014-11-25 21:16 - 2014-12-16 17:07 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-24 06:54 - 2014-11-24 06:54 - 00003584 _____ () C:\Users\Privat\AppData\Local\dcbc2a71-70d8-4dan-ehr8-e0d61dea3fdf.ini
2014-11-23 14:38 - 2014-12-16 20:38 - 01778540 _____ () C:\Windows\WindowsUpdate.log
2014-11-23 14:36 - 2014-12-16 10:45 - 00155280 _____ () C:\Users\Privat\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-23 14:35 - 2014-12-16 06:55 - 00524200 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-23 14:24 - 2014-11-23 14:24 - 00000000 ____D () C:\Users\R\AppData\Roaming\TeamViewer
2014-11-23 11:49 - 2014-11-20 19:50 - 00000052 _____ () C:\Users\Privat\Documents\2014_11_23-KlimaLoggPro.log
2014-11-23 11:37 - 2014-11-23 11:37 - 00000000 ____D () C:\Users\Privat\Downloads\Bitdefender
2014-11-22 11:29 - 2014-11-22 11:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StreamTransport
2014-11-22 11:29 - 2014-11-22 11:29 - 00000000 ____D () C:\Program Files (x86)\StreamTransport
2014-11-22 11:27 - 2014-12-16 09:40 - 00000000 ____D () C:\Users\Privat\Downloads\Streamtransport1.1.6.2
2014-11-22 11:25 - 2014-11-22 11:26 - 17805707 _____ () C:\Users\R\Downloads\streamtransport_1.1.6.2.zip
2014-11-22 11:21 - 2014-11-22 11:21 - 00001093 _____ () C:\Users\R\Desktop\ASIO4ALL v2 Anleitung.lnk
2014-11-20 21:34 - 2014-11-20 21:34 - 00000000 ____D () C:\Users\Privat\AppData\Local\Hola
2014-11-20 19:50 - 2014-11-16 10:35 - 00000052 _____ () C:\Users\Privat\Documents\2014_11_20-KlimaLoggPro.log
2014-11-19 06:43 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 06:43 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 06:43 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 06:43 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-19 04:26 - 2014-11-19 04:26 - 01614504 _____ (Microsoft Corporation) C:\Windows\system32\FM20.DLL
2014-11-18 06:56 - 2014-11-18 20:15 - 00485481 _____ () C:\Users\Privat\Documents\Sicherungskopie von Einladung zum Adventskonzert 2014.wbk
2014-11-17 19:25 - 2014-11-17 19:25 - 00000000 __SHD () C:\Users\Privat\AppData\Local\EmieBrowserModeList
2014-11-16 10:35 - 2014-11-11 08:36 - 00000052 _____ () C:\Users\Privat\Documents\2014_11_16-KlimaLoggPro.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-16 20:58 - 2014-08-11 19:32 - 00000000 ____D () C:\FRST
2014-12-16 20:57 - 2014-03-16 05:03 - 00000000 ____D () C:\Users\R\AppData\Roaming\Notepad++
2014-12-16 20:43 - 2009-07-14 05:45 - 00020592 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-16 20:43 - 2009-07-14 05:45 - 00020592 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-16 20:39 - 2009-07-14 18:58 - 00688842 _____ () C:\Windows\system32\perfh007.dat
2014-12-16 20:39 - 2009-07-14 18:58 - 00146142 _____ () C:\Windows\system32\perfc007.dat
2014-12-16 20:39 - 2009-07-14 06:13 - 01627352 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-16 20:35 - 2014-11-05 18:15 - 00000000 ____D () C:\Windows\CryptoGuard
2014-12-16 20:34 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-16 17:00 - 2014-03-31 09:28 - 00000000 ____D () C:\Users\Privat\.gimp-2.8
2014-12-16 16:50 - 2014-03-31 09:32 - 00000000 ____D () C:\Users\Privat\AppData\Local\gtk-2.0
2014-12-16 09:41 - 2014-03-15 14:47 - 00000000 ____D () C:\Users\Public\Documents\RK_Stick1_01.03.2014
2014-12-16 09:40 - 2014-05-27 14:32 - 00000000 ____D () C:\Users\Privat\Downloads\RarmaRadio
2014-12-16 06:55 - 2009-07-14 19:18 - 00000000 ____D () C:\Windows\CSC
2014-12-16 06:37 - 2009-07-14 03:34 - 00000514 _____ () C:\Windows\win.ini
2014-12-15 20:19 - 2014-10-08 14:57 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\KlimaLoggPro
2014-12-15 20:19 - 2014-10-08 14:45 - 00002393 _____ () C:\ProgramData\KlimaLogg.dat1
2014-12-15 20:06 - 2014-08-28 05:47 - 00000000 ____D () C:\Users\Privat\Downloads\Mbam
2014-12-15 20:04 - 2014-03-17 18:58 - 00000000 ____D () C:\Users\Privat\Documents\Birkenring 40
2014-12-15 19:31 - 2012-08-08 07:54 - 00000000 ____D () C:\Users\Privat\Downloads\Licensecrawler
2014-12-15 18:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-15 16:59 - 2014-03-18 18:51 - 00000000 ____D () C:\Users\Privat\Documents\Outlook-Dateien
2014-12-15 10:08 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-15 09:51 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-12-15 09:47 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-12-15 09:47 - 2009-07-14 03:34 - 00000027 _____ () C:\Windows\system32\Drivers\etc\hosts_bak_690
2014-12-14 23:22 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-14 23:09 - 2009-07-14 19:18 - 00000000 __SHD () C:\Windows\BitLockerDiscoveryVolumeContents
2014-12-14 23:09 - 2009-07-14 19:18 - 00000000 ____D () C:\Program Files\Windows Journal
2014-12-14 23:09 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-12-14 23:09 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-12-14 23:09 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-12-14 23:09 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-12-14 23:09 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\DVD Maker
2014-12-14 23:09 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-12-14 23:09 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-12-14 23:09 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-12-14 23:09 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\sppui
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Setup
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\manifeststore
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\AdvancedInstallers
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sppui
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Setup
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\oobe
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\migwiz
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\manifeststore
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\servicing
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-14 23:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-12-14 22:58 - 2009-07-14 03:36 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2014-12-14 22:58 - 2009-07-14 03:36 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2014-12-13 21:59 - 2014-04-05 10:05 - 00000000 ____D () C:\Users\R\AppData\Roaming\DVDVideoSoft
2014-12-13 21:27 - 2014-08-02 09:26 - 00000000 ____D () C:\AdwCleaner
2014-12-13 13:25 - 2009-07-14 19:18 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-12-13 13:22 - 2014-03-16 16:48 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\vlc
2014-12-13 12:50 - 2014-03-16 05:19 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-13 12:50 - 2014-03-16 05:19 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-13 08:40 - 2014-03-19 11:21 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-12 14:08 - 2014-11-05 12:14 - 00000000 ____D () C:\Users\Privat\Downloads\CCleaner
2014-12-12 13:56 - 2014-11-05 12:15 - 00000000 ____D () C:\Users\Privat\Downloads\CDBurnerXP
2014-12-12 10:54 - 2014-03-17 19:43 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-11 06:21 - 2014-11-15 15:43 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-12-10 17:51 - 2014-05-29 10:04 - 00100352 ___SH () C:\Users\Privat\Thumbs.db
2014-12-10 15:49 - 2014-04-07 15:47 - 00000000 ____D () C:\Program Files (x86)\FileHippo.com
2014-12-10 13:35 - 2014-03-15 17:49 - 00000000 ____D () C:\Users\R
2014-12-10 13:20 - 2014-03-18 21:41 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-10 12:34 - 2014-03-17 16:49 - 00000000 ____D () C:\Program Files (x86)\MSECache
2014-12-10 11:59 - 2014-03-15 18:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-10 07:47 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 07:44 - 2014-03-15 18:28 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 07:37 - 2014-03-16 09:57 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 07:37 - 2014-03-15 18:28 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-09 06:59 - 2014-10-15 19:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paragon Festplatten Manager™ 15 Suite
2014-12-09 06:55 - 2014-08-28 05:56 - 00000000 ____D () C:\Users\R\Downloads\AdwCleaner
2014-12-09 06:55 - 2014-08-28 05:49 - 00000000 ____D () C:\Users\Privat\Downloads\AdwCleaner
2014-12-08 07:07 - 2014-05-28 10:19 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\Nitro PDF
2014-12-07 20:46 - 2014-03-16 10:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-07 17:10 - 2014-03-15 19:04 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-12-07 17:09 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-12-07 16:35 - 2014-08-28 06:00 - 00000000 ____D () C:\Users\R\Downloads\WinRar
2014-12-07 16:35 - 2014-03-16 05:06 - 00000000 ____D () C:\Program Files\WinRAR
2014-12-07 12:37 - 2014-10-16 21:23 - 00000000 ____D () C:\Users\Privat\Desktop\Admi-Tools
2014-12-06 13:29 - 2014-03-16 10:33 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-12-04 07:12 - 2014-10-15 20:02 - 00000000 ____D () C:\Users\R\AppData\Roaming\UseNeXT
2014-12-01 07:23 - 2014-03-16 09:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-11-30 15:40 - 2014-11-11 10:41 - 00000000 ____D () C:\Users\Privat\Desktop\Musik & Video
2014-11-30 15:28 - 2014-04-28 20:23 - 00000000 ____D () C:\Users\Privat\Documents\DVDVideoSoft
2014-11-30 15:28 - 2014-04-28 20:23 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\DVDVideoSoft
2014-11-27 21:38 - 2014-03-18 20:54 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\MyPhoneExplorer
2014-11-27 08:48 - 2014-10-15 20:30 - 00000000 ____D () C:\Program Files\Recuva
2014-11-26 13:56 - 2014-05-27 14:14 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\Nitro
2014-11-25 21:21 - 2014-03-15 19:16 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-25 20:58 - 2014-05-01 00:24 - 00000000 ____D () C:\Users\Public\Documents\Coaching
2014-11-25 19:28 - 2014-10-04 13:02 - 00002244 _____ () C:\Users\Privat\Desktop\Total Commander    64.lnk
2014-11-25 12:47 - 2014-10-10 10:38 - 00000000 ____D () C:\Users\R\Downloads\MailPassView
2014-11-24 13:13 - 2014-03-31 07:47 - 00000000 ____D () C:\Users\Coach\Documents\Coaching
2014-11-24 06:55 - 2014-06-20 10:54 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\Notepad++
2014-11-24 06:55 - 2014-06-13 14:21 - 00000000 ____D () C:\temp
2014-11-24 06:55 - 2014-04-28 21:30 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\dvdcss
2014-11-24 06:54 - 2014-09-06 16:42 - 00000000 ____D () C:\Users\R\SecurityScans
2014-11-24 06:54 - 2014-05-27 07:09 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\HpUpdate
2014-11-24 06:54 - 2014-03-16 16:27 - 00000000 ____D () C:\Users\Privat\AppData\Local\Microsoft Help
2014-11-24 06:53 - 2014-03-15 17:38 - 00000000 ____D () C:\Windows\Panther
2014-11-24 06:51 - 2014-07-23 19:36 - 00000000 ____D () C:\Users\R\AppData\Roaming\Skype
2014-11-24 06:51 - 2014-04-24 16:26 - 00000000 ____D () C:\Users\R\AppData\Roaming\Mp3tag
2014-11-24 06:51 - 2014-04-05 11:05 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\TeamViewer
2014-11-24 06:51 - 2014-03-19 16:10 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\Skype
2014-11-24 06:51 - 2014-03-16 17:29 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\Mp3tag
2014-11-23 15:44 - 2014-04-02 06:38 - 00000000 ___RD () C:\Users\Privat\Documents\HP Photo Creations
2014-11-23 15:42 - 2014-11-11 10:45 - 00000000 ____D () C:\Users\Privat\Desktop\Bildbearbeitung
2014-11-23 14:21 - 2014-11-11 19:59 - 00000000 ____D () C:\Users\R\AppData\Roaming\Abelssoft
2014-11-22 11:21 - 2014-10-17 16:59 - 00000000 ____D () C:\Program Files (x86)\ASIO4ALL v2
2014-11-16 10:37 - 2014-10-10 11:32 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\IObit

Some content of TEMP:
====================
C:\Users\Privat\AppData\Local\temp\Hola-Setup-Plugin-x64-1.5.794.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

--- --- ---

Hallo Schrauber,
habe nach Ende ESET Online Scanner den Rechner runtergefahren
und später neu gebootet. Problemfrei
Nach Ausführung SecurityCheck problemfrei runtergefahren,
beim Hochfahren Crashdump F4.
Starthilfe versuchte Problem zu beheben => Ergebnis nicht raparabel
Systemwiederherstellung abgebrochen mit unbekannten Fehlercode f4
und weiteren Parametern
Fehler läßt sich durch booten reproduzieren
Starten im abgesicherten Modus bringt das gleiche Ergebnis - F4 mit Dump
Letzte funktionierende Konfiguration => F4 mit Dump
Im Moment läuft die Systemwiederherstellung vom gestrigen abend.

Gruß R

Hallo Schrauber,
Systemwiederherstellung brachte Probleme, daher nicht erfolgreich ausgeführt.
Habe dann abermals Starhilfe angefordert: Oh Wunder Windows konnte repariert werden, läuft also.
Sofort Malware byte,dann Superantispy und adnn ADWcleaner laufen lassen.
ADWCleaner bringt trotz Löschauftrag und booten immer wieder 2 Einträge aus der Registry,
werden wohl nicht wirklich (dauerhaft) gelöscht.

Code:
ATTFilter
***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}
Hast Du noch eine Aufgabe/Tipp an mich?
Danke R.
__________________
Antwort

Themen zu sfc /scannow reparieren?
aktuelle, aktuellen, fehlercode 0x5, fehlercode 0x80070490, fehlercode 22, neuinstallation, nsis/startpage.cc, probleme, reparieren, sfc_/scannow, this device is disabled. (code 22), ultimate, win32/cnetinstaller.b, win32/downware.l, win32/downware.w, win32/installcore.pc, win32/installcore.ue, win32/somoto.q, win32/toolbar.babylon.p, win32/toolbar.babylon.q, windows 7, windows-explorer


« Windows 7: Adware oder ähnliches. Browser und steam betroffen | Windows 7 : Task Manager zeigt mehrmals update.exe an. 100 % CPU Auslastung bei Interneteinwahl. »


Ähnliche Themen: sfc /scannow reparieren?


  1. sfc /scannow
    Alles rund um Windows - 01.09.2015 (16)
  2. sfc /scannow: Ressourcenschutz hat beschädigte Dateien gefunden
    Diskussionsforum - 19.06.2015 (28)
  3. Frage zu MBR von Vista reparieren
    Alles rund um Windows - 01.05.2014 (3)
  4. TRAtrap.gen2 MBR reparieren?
    Log-Analyse und Auswertung - 01.11.2012 (25)
  5. Beschädigte Fotos reparieren
    Plagegeister aller Art und deren Bekämpfung - 15.07.2012 (1)
  6. MBR Regenerator - Windows 7 MBR reparieren
    Anleitungen, FAQs & Links - 03.09.2011 (2)
  7. BKA Virus - Beschädigungen reparieren
    Plagegeister aller Art und deren Bekämpfung - 29.08.2011 (2)
  8. TR/Dropper.Gen - Wie entfernen/reparieren?
    Plagegeister aller Art und deren Bekämpfung - 14.01.2010 (7)
  9. MBR von Windows XP, Vista, 7 reparieren
    Anleitungen, FAQs & Links - 30.09.2009 (3)
  10. sfc /scannow - Windows Systemdateien reparieren
    Anleitungen, FAQs & Links - 07.05.2009 (2)
  11. TR/Dropper.Gen - Wie entfernen/reparieren?
    Plagegeister aller Art und deren Bekämpfung - 20.04.2009 (1)
  12. Laptop reparieren + Linksuche
    Diskussionsforum - 16.02.2009 (5)
  13. Windows XP reparieren??!
    Alles rund um Windows - 23.01.2008 (9)
  14. Internet Explorer 6 reparieren!
    Plagegeister aller Art und deren Bekämpfung - 13.10.2006 (10)
  15. Reparieren sinnvoll ?
    Log-Analyse und Auswertung - 07.06.2006 (2)
  16. Datei reparieren
    Plagegeister aller Art und deren Bekämpfung - 27.10.2005 (1)
  17. ie reparieren
    Netzwerk und Hardware - 11.02.2003 (13)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema sfc /scannow reparieren? - Lade Dir bitte Windows Repair - All in one von tweaking.com hier herunter und installiere es. Deaktiviere bitte (wenn möglich) Dein Antivirusprogramm. Bedenke, dass die einzelnen Reparaturen einige Zeit benötigen. - sfc /scannow reparieren?...
Archiv
Du betrachtest: sfc /scannow reparieren? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19