Optimizer Pro

schrauber · 31.12.2014, 18:15

Zitat:

hab ich was falsch gemacht?

Nö. Es gibt nur mehr User hier als nur Dich, deswegen dauert das halt etwas

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

Task: {3091D35C-7453-498F-BD0B-015E9E50D999} - \Update Service YourFileDownloader No Task File <==== ATTENTION
SearchScopes: HKLM -> DefaultScope {6BDE05EA-7188-462D-9130-B5DF3489588D} URL = hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_14_49_ch&cd=2XzuyEtN2Y1L1QzuyByEtByB0E0A0EyD0DyD0EyEzy0AyBzztN0D0Tzu0StCtDyCyDtN1L2XzutAtFyCtFyCtFtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2StDyCzy0CtDyEtA0FtGyC0AyBzytGyC0EyDyEtGtC0DyB0FtGtDyEzzzzzz0Czz0D0AyBtByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0D0A0E0EtByE0FtGzz0BtCtCtGyEzz0CtBtG0A0F0C0AtGtBtC0Bzy0AyDzz0B0C0ByDtA2Q&cr=587638339&ir=
SearchScopes: HKLM -> {6BDE05EA-7188-462D-9130-B5DF3489588D} URL = hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_14_49_ch&cd=2XzuyEtN2Y1L1QzuyByEtByB0E0A0EyD0DyD0EyEzy0AyBzztN0D0Tzu0StCtDyCyDtN1L2XzutAtFyCtFyCtFtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2StDyCzy0CtDyEtA0FtGyC0AyBzytGyC0EyDyEtGtC0DyB0FtGtDyEzzzzzz0Czz0D0AyBtByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0D0A0E0EtByE0FtGzz0BtCtCtGyEzz0CtBtG0A0F0C0AtGtBtC0Bzy0AyDzz0B0C0ByDtA2Q&cr=587638339&ir=
SearchScopes: HKU\S-1-5-21-4278806244-3946690954-89611405-1001 -> DefaultScope {6BDE05EA-7188-462D-9130-B5DF3489588D} URL = hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_14_49_ch&cd=2XzuyEtN2Y1L1QzuyByEtByB0E0A0EyD0DyD0EyEzy0AyBzztN0D0Tzu0StCtDyCyDtN1L2XzutAtFyCtFyCtFtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2StDyCzy0CtDyEtA0FtGyC0AyBzytGyC0EyDyEtGtC0DyB0FtGtDyEzzzzzz0Czz0D0AyBtByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0D0A0E0EtByE0FtGzz0BtCtCtGyEzz0CtBtG0A0F0C0AtGtBtC0Bzy0AyDzz0B0C0ByDtA2Q&cr=587638339&ir=
SearchScopes: HKU\S-1-5-21-4278806244-3946690954-89611405-1001 -> {6BDE05EA-7188-462D-9130-B5DF3489588D} URL = hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_14_49_ch&cd=2XzuyEtN2Y1L1QzuyByEtByB0E0A0EyD0DyD0EyEzy0AyBzztN0D0Tzu0StCtDyCyDtN1L2XzutAtFyCtFyCtFtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2StDyCzy0CtDyEtA0FtGyC0AyBzytGyC0EyDyEtGtC0DyB0FtGtDyEzzzzzz0Czz0D0AyBtByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0D0A0E0EtByE0FtGzz0BtCtCtGyEzz0CtBtG0A0F0C0AtGtBtC0Bzy0AyDzz0B0C0ByDtA2Q&cr=587638339&ir=
SearchScopes: HKU\S-1-5-21-4278806244-3946690954-89611405-1001 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = 
SearchScopes: HKU\S-1-5-21-4278806244-3946690954-89611405-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {6BDE05EA-7188-462D-9130-B5DF3489588D} URL = hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_14_49_ch&cd=2XzuyEtN2Y1L1QzuyByEtByB0E0A0EyD0DyD0EyEzy0AyBzztN0D0Tzu0StCtDyCyDtN1L2XzutAtFyCtFyCtFtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2StDyCzy0CtDyEtA0FtGyC0AyBzytGyC0EyDyEtGtC0DyB0FtGtDyEzzzzzz0Czz0D0AyBtByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0D0A0E0EtByE0FtGzz0BtCtCtGyEzz0CtBtG0A0F0C0AtGtBtC0Bzy0AyDzz0B0C0ByDtA2Q&cr=587638339&ir=
SearchScopes: HKU\S-1-5-21-4278806244-3946690954-89611405-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {6BDE05EA-7188-462D-9130-B5DF3489588D} URL = hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_14_49_ch&cd=2XzuyEtN2Y1L1QzuyByEtByB0E0A0EyD0DyD0EyEzy0AyBzztN0D0Tzu0StCtDyCyDtN1L2XzutAtFyCtFyCtFtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2StDyCzy0CtDyEtA0FtGyC0AyBzytGyC0EyDyEtGtC0DyB0FtGtDyEzzzzzz0Czz0D0AyBtByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0D0A0E0EtByE0FtGzz0BtCtCtGyEzz0CtBtG0A0F0C0AtGtBtC0Bzy0AyDzz0B0C0ByDtA2Q&cr=587638339&ir=
SearchScopes: HKU\S-1-5-21-4278806244-3946690954-89611405-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = 
SearchScopes: HKU\S-1-5-21-4278806244-3946690954-89611405-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> DefaultScope {6BDE05EA-7188-462D-9130-B5DF3489588D} URL = hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_14_49_ch&cd=2XzuyEtN2Y1L1QzuyByEtByB0E0A0EyD0DyD0EyEzy0AyBzztN0D0Tzu0StCtDyCyDtN1L2XzutAtFyCtFyCtFtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2StDyCzy0CtDyEtA0FtGyC0AyBzytGyC0EyDyEtGtC0DyB0FtGtDyEzzzzzz0Czz0D0AyBtByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0D0A0E0EtByE0FtGzz0BtCtCtGyEzz0CtBtG0A0F0C0AtGtBtC0Bzy0AyDzz0B0C0ByDtA2Q&cr=587638339&ir=
SearchScopes: HKU\S-1-5-21-4278806244-3946690954-89611405-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> {6BDE05EA-7188-462D-9130-B5DF3489588D} URL = hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_14_49_ch&cd=2XzuyEtN2Y1L1QzuyByEtByB0E0A0EyD0DyD0EyEzy0AyBzztN0D0Tzu0StCtDyCyDtN1L2XzutAtFyCtFyCtFtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2StDyCzy0CtDyEtA0FtGyC0AyBzytGyC0EyDyEtGtC0DyB0FtGtDyEzzzzzz0Czz0D0AyBtByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0D0A0E0EtByE0FtGzz0BtCtCtGyEzz0CtBtG0A0F0C0AtGtBtC0Bzy0AyDzz0B0C0ByDtA2Q&cr=587638339&ir=
SearchScopes: HKU\S-1-5-21-4278806244-3946690954-89611405-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = 
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF SelectedSearchEngine: Vosteran
FF user.js: detected! => C:\Users\Ute\AppData\Roaming\Mozilla\Firefox\Profiles\956apvdl.default\user.js
FF Extension: No Name - C:\Users\Ute\AppData\Roaming\Mozilla\Firefox\Profiles\956apvdl.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
S2 51cdb72; "C:\WINDOWS\system32\rundll32.exe" "c:\Program Files (x86)\Optimizer Pro 3.11\OptProCrash.dll",ENT
c:\Program Files (x86)\Optimizer Pro 3.11
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

Snoosel · 31.12.2014, 21:14

Sorry, sollte nicht ungeduldig klingen.

der Trojaner wird mich heute und morgen nicht töten glaube ich. Wir können auch übermorgen weitermachen.
Hier schonmal die Daten

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-12-2014
Ran by Ute at 2014-12-31 18:35:35 Run:2
Running from C:\Users\Ute\Desktop
Loaded Profiles: Ute &  (Available profiles: Ute & admin & admin2 & Administrator)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Task: {3091D35C-7453-498F-BD0B-015E9E50D999} - \Update Service YourFileDownloader No Task File <==== ATTENTION
SearchScopes: HKLM -> DefaultScope {6BDE05EA-7188-462D-9130-B5DF3489588D} URL = hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_14_49_ch&cd=2XzuyEtN2Y1L1QzuyByEtByB0E0A0EyD0DyD0EyEzy0AyBzztN0D0Tzu0StCtDyCyDtN1L2XzutAtFyCtFyCtFtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2StDyCzy0CtDyEtA0FtGyC0AyBzytGyC0EyDyEtGtC0DyB0FtGtDyEzzzzzz0Czz0D0AyBtByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0D0A0E0EtByE0FtGzz0BtCtCtGyEzz0CtBtG0A0F0C0AtGtBtC0Bzy0AyDzz0B0C0ByDtA2Q&cr=587638339&ir=
SearchScopes: HKLM -> {6BDE05EA-7188-462D-9130-B5DF3489588D} URL = hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_14_49_ch&cd=2XzuyEtN2Y1L1QzuyByEtByB0E0A0EyD0DyD0EyEzy0AyBzztN0D0Tzu0StCtDyCyDtN1L2XzutAtFyCtFyCtFtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2StDyCzy0CtDyEtA0FtGyC0AyBzytGyC0EyDyEtGtC0DyB0FtGtDyEzzzzzz0Czz0D0AyBtByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0D0A0E0EtByE0FtGzz0BtCtCtGyEzz0CtBtG0A0F0C0AtGtBtC0Bzy0AyDzz0B0C0ByDtA2Q&cr=587638339&ir=
SearchScopes: HKU\S-1-5-21-4278806244-3946690954-89611405-1001 -> DefaultScope {6BDE05EA-7188-462D-9130-B5DF3489588D} URL = hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_14_49_ch&cd=2XzuyEtN2Y1L1QzuyByEtByB0E0A0EyD0DyD0EyEzy0AyBzztN0D0Tzu0StCtDyCyDtN1L2XzutAtFyCtFyCtFtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2StDyCzy0CtDyEtA0FtGyC0AyBzytGyC0EyDyEtGtC0DyB0FtGtDyEzzzzzz0Czz0D0AyBtByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0D0A0E0EtByE0FtGzz0BtCtCtGyEzz0CtBtG0A0F0C0AtGtBtC0Bzy0AyDzz0B0C0ByDtA2Q&cr=587638339&ir=
SearchScopes: HKU\S-1-5-21-4278806244-3946690954-89611405-1001 -> {6BDE05EA-7188-462D-9130-B5DF3489588D} URL = hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_14_49_ch&cd=2XzuyEtN2Y1L1QzuyByEtByB0E0A0EyD0DyD0EyEzy0AyBzztN0D0Tzu0StCtDyCyDtN1L2XzutAtFyCtFyCtFtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2StDyCzy0CtDyEtA0FtGyC0AyBzytGyC0EyDyEtGtC0DyB0FtGtDyEzzzzzz0Czz0D0AyBtByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0D0A0E0EtByE0FtGzz0BtCtCtGyEzz0CtBtG0A0F0C0AtGtBtC0Bzy0AyDzz0B0C0ByDtA2Q&cr=587638339&ir=
SearchScopes: HKU\S-1-5-21-4278806244-3946690954-89611405-1001 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = 
SearchScopes: HKU\S-1-5-21-4278806244-3946690954-89611405-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {6BDE05EA-7188-462D-9130-B5DF3489588D} URL = hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_14_49_ch&cd=2XzuyEtN2Y1L1QzuyByEtByB0E0A0EyD0DyD0EyEzy0AyBzztN0D0Tzu0StCtDyCyDtN1L2XzutAtFyCtFyCtFtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2StDyCzy0CtDyEtA0FtGyC0AyBzytGyC0EyDyEtGtC0DyB0FtGtDyEzzzzzz0Czz0D0AyBtByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0D0A0E0EtByE0FtGzz0BtCtCtGyEzz0CtBtG0A0F0C0AtGtBtC0Bzy0AyDzz0B0C0ByDtA2Q&cr=587638339&ir=
SearchScopes: HKU\S-1-5-21-4278806244-3946690954-89611405-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {6BDE05EA-7188-462D-9130-B5DF3489588D} URL = hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_14_49_ch&cd=2XzuyEtN2Y1L1QzuyByEtByB0E0A0EyD0DyD0EyEzy0AyBzztN0D0Tzu0StCtDyCyDtN1L2XzutAtFyCtFyCtFtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2StDyCzy0CtDyEtA0FtGyC0AyBzytGyC0EyDyEtGtC0DyB0FtGtDyEzzzzzz0Czz0D0AyBtByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0D0A0E0EtByE0FtGzz0BtCtCtGyEzz0CtBtG0A0F0C0AtGtBtC0Bzy0AyDzz0B0C0ByDtA2Q&cr=587638339&ir=
SearchScopes: HKU\S-1-5-21-4278806244-3946690954-89611405-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = 
SearchScopes: HKU\S-1-5-21-4278806244-3946690954-89611405-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> DefaultScope {6BDE05EA-7188-462D-9130-B5DF3489588D} URL = hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_14_49_ch&cd=2XzuyEtN2Y1L1QzuyByEtByB0E0A0EyD0DyD0EyEzy0AyBzztN0D0Tzu0StCtDyCyDtN1L2XzutAtFyCtFyCtFtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2StDyCzy0CtDyEtA0FtGyC0AyBzytGyC0EyDyEtGtC0DyB0FtGtDyEzzzzzz0Czz0D0AyBtByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0D0A0E0EtByE0FtGzz0BtCtCtGyEzz0CtBtG0A0F0C0AtGtBtC0Bzy0AyDzz0B0C0ByDtA2Q&cr=587638339&ir=
SearchScopes: HKU\S-1-5-21-4278806244-3946690954-89611405-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> {6BDE05EA-7188-462D-9130-B5DF3489588D} URL = hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_14_49_ch&cd=2XzuyEtN2Y1L1QzuyByEtByB0E0A0EyD0DyD0EyEzy0AyBzztN0D0Tzu0StCtDyCyDtN1L2XzutAtFyCtFyCtFtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2StDyCzy0CtDyEtA0FtGyC0AyBzytGyC0EyDyEtGtC0DyB0FtGtDyEzzzzzz0Czz0D0AyBtByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0D0A0E0EtByE0FtGzz0BtCtCtGyEzz0CtBtG0A0F0C0AtGtBtC0Bzy0AyDzz0B0C0ByDtA2Q&cr=587638339&ir=
SearchScopes: HKU\S-1-5-21-4278806244-3946690954-89611405-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = 
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF SelectedSearchEngine: Vosteran
FF user.js: detected! => C:\Users\Ute\AppData\Roaming\Mozilla\Firefox\Profiles\956apvdl.default\user.js
FF Extension: No Name - C:\Users\Ute\AppData\Roaming\Mozilla\Firefox\Profiles\956apvdl.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
S2 51cdb72; "C:\WINDOWS\system32\rundll32.exe" "c:\Program Files (x86)\Optimizer Pro 3.11\OptProCrash.dll",ENT
c:\Program Files (x86)\Optimizer Pro 3.11
Emptytemp:
*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3091D35C-7453-498F-BD0B-015E9E50D999}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3091D35C-7453-498F-BD0B-015E9E50D999}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Update Service YourFileDownloader" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6BDE05EA-7188-462D-9130-B5DF3489588D} => Key not found. 
HKCR\CLSID\{6BDE05EA-7188-462D-9130-B5DF3489588D} => Key not found. 
HKU\S-1-5-21-4278806244-3946690954-89611405-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-21-4278806244-3946690954-89611405-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6BDE05EA-7188-462D-9130-B5DF3489588D} => Key not found. 
HKCR\CLSID\{6BDE05EA-7188-462D-9130-B5DF3489588D} => Key not found. 
HKU\S-1-5-21-4278806244-3946690954-89611405-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} => Key not found. 
HKCR\CLSID\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} => Key not found. 
HKU\S-1-5-21-4278806244-3946690954-89611405-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-21-4278806244-3946690954-89611405-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6BDE05EA-7188-462D-9130-B5DF3489588D} => Key not found. 
HKCR\CLSID\{6BDE05EA-7188-462D-9130-B5DF3489588D} => Key not found. 
HKU\S-1-5-21-4278806244-3946690954-89611405-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} => Key not found. 
HKCR\CLSID\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} => Key not found. 
HKU\S-1-5-21-4278806244-3946690954-89611405-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-21-4278806244-3946690954-89611405-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6BDE05EA-7188-462D-9130-B5DF3489588D} => Key not found. 
HKCR\CLSID\{6BDE05EA-7188-462D-9130-B5DF3489588D} => Key not found. 
HKU\S-1-5-21-4278806244-3946690954-89611405-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} => Key not found. 
HKCR\CLSID\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} => Key not found. 
Firefox Keyword.URL deleted successfully.
Firefox SelectedSearchEngine deleted successfully.
C:\Users\Ute\AppData\Roaming\Mozilla\Firefox\Profiles\956apvdl.default\user.js not found.
C:\Users\Ute\AppData\Roaming\Mozilla\Firefox\Profiles\956apvdl.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} not found.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} not found.
Chrome DefaultSuggestURL not detected.
51cdb72 => Service not found.
"c:\Program Files (x86)\Optimizer Pro 3.11" => File/Directory not found.
EmptyTemp: => Removed 10.4 MB temporary data.


The system needed a reboot. 

==== End of Fixlog 18:35:38 ====

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=cdc1b37cb71ccc4d9b6e668f82e2d66a
# engine=21773
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-12-31 07:36:43
# local_time=2014-12-31 08:36:43 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 44311 10358922 0 0
# scanned=313607
# found=8
# cleaned=0
# scan_time=6815
sh=98DE2AA40D75CB4FEF8737DC30B1EA95C2B767C3 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbllbcbdnfpemakidmbnadpfdfphnlip\198\HML5N5.js.vir"
sh=B582D2DFEE30BCBC1776749124012AC56D487E83 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbllbcbdnfpemakidmbnadpfdfphnlip\198\lsdb.js.vir"
sh=98DE2AA40D75CB4FEF8737DC30B1EA95C2B767C3 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbllbcbdnfpemakidmbnadpfdfphnlip\198\HML5N5.js.vir"
sh=B582D2DFEE30BCBC1776749124012AC56D487E83 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbllbcbdnfpemakidmbnadpfdfphnlip\198\lsdb.js.vir"
sh=98DE2AA40D75CB4FEF8737DC30B1EA95C2B767C3 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ute\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbllbcbdnfpemakidmbnadpfdfphnlip\198\HML5N5.js.vir"
sh=B582D2DFEE30BCBC1776749124012AC56D487E83 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ute\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbllbcbdnfpemakidmbnadpfdfphnlip\198\lsdb.js.vir"
sh=57084642139D7158610331746DD62A6A8B3708D7 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ute\AppData\Roaming\Mozilla\Firefox\Profiles\956apvdl.default\Extensions\tm4IzK@S.org\content\bg.js.vir"
sh=D957B0EC634B5C52AA2B8934223A6248D5152807 ft=1 fh=4c2491a4bea30714 vn="Variante von Win32/InstallCore.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\PDF Creator\message.exe"

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.93  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Windows Defender   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 2.0.3.1025  
 Java 7 Update 67  
 Java version 32-bit out of Date! 
 Adobe Reader XI  
 Mozilla Firefox 31.0 Firefox out of Date!  
 Mozilla Thunderbird (31.3.0) 
 Google Chrome (39.0.2171.71) 
 Google Chrome (39.0.2171.95) 
````````Process Check: objlist.exe by Laurent````````  
 Windows Defender MSMpEng.exe 
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````

Keine Ahnung was das ist,

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2014
Ran by Ute at 2014-12-31 21:08:32
Running from C:\Users\Ute\Desktop\troj
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.34 (HKLM-x32\...\{23170F69-40C1-2701-0934-000001000000}) (Version: 9.34.00.0 - Igor Pavlov)
7-Zip 9.34 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0934-000001000000}) (Version: 9.34.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Advantage Database Server for Windows v11.10 (HKLM-x32\...\{8F7F5EAD-7785-4246-83F0-C6A9204AF971}) (Version: 11.10.0001 - Sybase, Inc.)
Amazon Cloud Player (HKU\S-1-5-21-4278806244-3946690954-89611405-1001\...\Amazon Amazon Cloud Player) (Version: 2.4.0.33 - Amazon Services LLC)
Amazon Music Importer (HKLM-x32\...\com.amazon.music.uploader) (Version: 3.0.0 - Amazon Services LLC)
Amazon Music Importer (x32 Version: 3.0.0 - Amazon Services LLC) Hidden
AVM FRITZ! (HKLM-x32\...\FRITZ! 2.0) (Version:  - AVM Berlin)
AVM ISDN CAPI Port (HKLM-x32\...\AVM ISDN CAPI Port) (Version:  - )
BUHL-Lizenzmanagement-Software (x32 Version: 1.01.0000 - Buhl Data Service GmbH) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Cisco WebEx-Produktivitätswerkzeuge (HKLM-x32\...\{EC4A8038-085D-4FB7-BF70-338296E33FE5}) (Version: 11.1.30800 - Cisco WebEx LLC)
Classic Shell (HKLM\...\{2368907C-E8F6-4750-A023-254C3E2B5E8D}) (Version: 4.0.4 - IvoSoft)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4107 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Driver & Application Installation (HKLM-x32\...\{BFECCF2A-F094-4066-8BFA-29CCBB7F6602}) (Version: 6.12.0911 - Lenovo)
Dropbox (HKU\S-1-5-21-4278806244-3946690954-89611405-1001\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
Fotostory 3 für Windows (HKLM-x32\...\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}) (Version: 3.0.1115.15 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GoToMeeting 7.0.5.2130 (HKU\S-1-5-21-4278806244-3946690954-89611405-1001\...\GoToMeeting) (Version: 7.0.5.2130 - CitrixOnline)
IIS 7.5 Express (HKLM-x32\...\{433E2032-D3E0-46FF-BAA4-0976F333C1E4}) (Version: 7.5.1070 - Microsoft Corporation)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Lenovo Assistant (HKLM-x32\...\{B2DE4F30-B8C7-49C0-85B9-2F37A5290F00}) (Version: 2.0.0.29 - Lenovo)
Lenovo Blacksilk USB Keyboard Driver (HKLM-x32\...\{B266E062-D6C5-485B-B426-51B152B041A6}) (Version: V1.6.13.0724 - Lenovo)
Lenovo Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.7408 - CyberLink Corp.)
Lenovo Power2Go (x32 Version: 6.0.7408 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5108.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5108.52 - CyberLink Corp.) Hidden
LVT (HKLM-x32\...\{9E3469A6-443A-452C-BF44-8D7CE3A9A7E2}) (Version: 5.00.0914 - Lenovo)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{D32EF103-4016-4C15-BCB0-700C0A7A2309}) (Version: 3.0.50813.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Mozilla Thunderbird 31.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.3.0 (x86 de)) (Version: 31.3.0 - Mozilla)
PDF24 Creator 6.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6743 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
ScanSoft PaperPort 11 (HKLM-x32\...\{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}) (Version: 11.2.0000 - Nuance Communications, Inc.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Snagit 11 (HKLM-x32\...\{A7E2223E-4AE4-45C8-9B6C-1C893EDF11BD}) (Version: 11.4.0 - TechSmith Corporation)
TopApps Service (HKLM-x32\...\{B2BB7D05-F646-41C7-9CE4-CE77469C0899}_is1) (Version: 2.5.1 - )
TopKontor Handwerk Version 5 (HKLM-x32\...\{640A92A1-9B8B-4C80-B412-9595460EBC53}_is1) (Version: 5 - )
UltiDev Web Server Pro (x32 Version: 2.0.18 - UltiDev LLC) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VR-NetWorld (HKLM-x32\...\{8815F011-43AF-4F50-BBD8-D78ED3D6F5B9}) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4278806244-3946690954-89611405-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Ute\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4278806244-3946690954-89611405-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-4278806244-3946690954-89611405-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Ute\AppData\Local\Citrix\GoToMeeting\1259\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-4278806244-3946690954-89611405-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ute\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4278806244-3946690954-89611405-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ute\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4278806244-3946690954-89611405-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ute\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4278806244-3946690954-89611405-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ute\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4278806244-3946690954-89611405-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ute\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4278806244-3946690954-89611405-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ute\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4278806244-3946690954-89611405-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ute\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4278806244-3946690954-89611405-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ute\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

16-12-2014 07:38:47 Windows Modules Installer
24-12-2014 11:29:49 Geplanter Prüfpunkt
29-12-2014 12:39:30 Wiederherstellungsvorgang

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {10C464AB-F818-496E-9743-F105C3A2E2C0} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {28CD7355-CB57-4CC9-BDA7-6351E804957A} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {2EC50909-A5B8-4061-900F-7FBAF516F26A} - System32\Tasks\Lenovo\Lenovo-25838 => C:\ProgramData\Lenovo-25838.vbs [2013-10-18] ()
Task: {3864244B-592B-4F61-8F7E-F61734C03B58} - System32\Tasks\G2MUpdateTask-S-1-5-21-4278806244-3946690954-89611405-1001 => C:\Users\Ute\AppData\Local\Citrix\GoToMeeting\2130\g2mupdate.exe [2014-12-31] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {4927924C-A5E3-47FF-B9E9-B80557B576DE} - System32\Tasks\{4DFDCA33-7855-42CE-A167-53B2FA91D197} => pcalua.exe -a "C:\Users\Ute\AppData\Roaming\1H1Q1V1N1N1O1R\PDF Creator Packages\uninstaller.exe" -c /Uninstall /NM="PDF Creator Packages" /AN="1H1Q1V1N1N1O1R" /MBN="PDF Creator Packages"
Task: {51A427BB-2B0C-4F4B-B3BE-A9A2FAD1E4DF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {57799BD6-455E-4C11-B681-1B5A10F1C796} - System32\Tasks\TechSmith Updater => C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [2013-10-04] (TechSmith Corporation)
Task: {76F82560-6DA7-4132-8EEA-034B4CEF1C14} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-29] (Google Inc.)
Task: {7E83B592-067F-4486-9D07-E9250B9FCC71} - System32\Tasks\{8DC9A3B1-9955-4D2E-8E23-E1AD9817AA96} => pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe"
Task: {8D39BC23-CB47-408E-BE53-D89D35E46A7B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-29] (Google Inc.)
Task: {976D87FC-8514-464C-BD25-378970532BD8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-29] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-4278806244-3946690954-89611405-1001.job => C:\Users\Ute\AppData\Local\Citrix\GoToMeeting\2130\g2mupdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-12-20 13:57 - 2006-02-23 11:35 - 00020480 _____ () C:\WINDOWS\System32\FritzColorPort64.dll
2013-12-20 13:57 - 2006-02-22 10:39 - 00020480 _____ () C:\WINDOWS\System32\FritzPort64.dll
2013-10-18 10:59 - 2011-08-16 19:46 - 00032768 _____ () C:\Windows\jmesoft\Service.exe
2013-10-18 11:15 - 2013-05-14 19:53 - 00390632 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-12-02 14:20 - 2014-12-02 14:20 - 00010752 _____ () C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Temporary ASP.NET Files\root\07504d0b\fa6973ba\App_Web_0cazmffj.dll
2014-12-02 14:20 - 2014-12-02 14:20 - 00049152 _____ () C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Temporary ASP.NET Files\root\07504d0b\fa6973ba\App_Web_csh4c4a6.dll
2014-12-30 14:29 - 2014-12-06 02:16 - 01408328 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-30 14:29 - 2014-12-06 02:16 - 00204616 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-30 14:29 - 2014-12-06 02:17 - 10689352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-30 14:29 - 2014-12-06 02:16 - 01856840 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-12-30 14:29 - 2014-12-06 02:17 - 26725192 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll
2013-12-16 19:57 - 2013-01-23 08:57 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Ute\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Ute\Desktop\Fwd  Daten zur Einrichtung.eml:OECustomProperty
AlternateDataStreams: C:\Users\Ute\Desktop\Ihr Gutschein für druckerzubehoer.de.eml:OECustomProperty
AlternateDataStreams: C:\Users\Ute\Desktop\Ihr Jochen Schweizer Beleg.eml:OECustomProperty
AlternateDataStreams: C:\Users\Ute\Desktop\[Ticket#10297215] Ihre Buchung bei Jochen Schweizer Erlebnisse.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "ISDNWatch.lnk"
HKLM\...\StartupApproved\StartupFolder: => "VR-NetWorld Auftragsprüfung.lnk"
HKLM\...\StartupApproved\Run: => "vksts"
HKLM\...\StartupApproved\Run: => "TrayApplication"
HKLM\...\StartupApproved\Run: => "CsrAudioguiCtrl"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "LVT"
HKLM\...\StartupApproved\Run32: => "mcpltui_exe"
HKLM\...\StartupApproved\Run32: => "mcui_exe"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "ControlCenter3"
HKLM\...\StartupApproved\Run32: => "AvastUI.exe"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "BrMfcWnd"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "PPort11reminder"
HKLM\...\StartupApproved\Run32: => "IndexSearch"
HKLM\...\StartupApproved\Run32: => "PaperPort PTD"
HKLM\...\StartupApproved\Run32: => "PSUAMain"
HKU\S-1-5-21-4278806244-3946690954-89611405-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-4278806244-3946690954-89611405-1001\...\StartupApproved\StartupFolder: => "OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk"
HKU\S-1-5-21-4278806244-3946690954-89611405-1001\...\StartupApproved\Run: => "RESTART_STICKY_NOTES"
HKU\S-1-5-21-4278806244-3946690954-89611405-1001\...\StartupApproved\Run: => "Amazon Cloud Player"
HKU\S-1-5-21-4278806244-3946690954-89611405-1001\...\StartupApproved\Run: => "PTOneClick"

========================= Accounts: ==========================

admin (S-1-5-21-4278806244-3946690954-89611405-1005 - Administrator - Enabled) => C:\Users\admin
admin2 (S-1-5-21-4278806244-3946690954-89611405-1006 - Limited - Enabled) => C:\Users\admin2
Administrator (S-1-5-21-4278806244-3946690954-89611405-500 - Administrator - Disabled) => C:\Users\Administrator
Gast (S-1-5-21-4278806244-3946690954-89611405-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-4278806244-3946690954-89611405-1004 - Limited - Enabled)
Ute (S-1-5-21-4278806244-3946690954-89611405-1001 - Administrator - Enabled) => C:\Users\Ute

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/31/2014 09:07:49 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (12/31/2014 09:06:06 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (12/31/2014 09:03:12 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (12/31/2014 06:46:48 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (12/31/2014 06:41:02 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (12/31/2014 06:41:02 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (12/31/2014 06:40:45 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (12/30/2014 06:34:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.1.711, Zeitstempel: 0x542b53ec
Name des fehlerhaften Moduls: mbamcore.dll, Version: 1.1.20.0, Zeitstempel: 0x5425b0dd
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000023d4
ID des fehlerhaften Prozesses: 0x10a0
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3
Vollständiger Name des fehlerhaften Pakets: mbam.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: mbam.exe5

Error: (12/30/2014 06:18:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm mbam.exe, Version 1.0.1.711 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 18dc

Startzeit: 01d024096a810c25

Endzeit: 45

Anwendungspfad: C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe

Berichts-ID: df1a6034-9047-11e4-bf18-7427eae5d5e4

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (12/30/2014 00:55:05 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.


System errors:
=============
Error: (12/31/2014 06:37:30 PM) (Source: DCOM) (EventID: 10016) (User: Fugentechnik)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}FugentechnikUteS-1-5-21-4278806244-3946690954-89611405-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/31/2014 06:37:30 PM) (Source: DCOM) (EventID: 10016) (User: Fugentechnik)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}FugentechnikUteS-1-5-21-4278806244-3946690954-89611405-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/31/2014 06:37:30 PM) (Source: DCOM) (EventID: 10016) (User: Fugentechnik)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}FugentechnikUteS-1-5-21-4278806244-3946690954-89611405-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/31/2014 06:37:30 PM) (Source: DCOM) (EventID: 10016) (User: Fugentechnik)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}FugentechnikUteS-1-5-21-4278806244-3946690954-89611405-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/31/2014 06:37:30 PM) (Source: DCOM) (EventID: 10016) (User: Fugentechnik)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}FugentechnikUteS-1-5-21-4278806244-3946690954-89611405-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/31/2014 06:37:30 PM) (Source: DCOM) (EventID: 10016) (User: Fugentechnik)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}FugentechnikUteS-1-5-21-4278806244-3946690954-89611405-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/31/2014 06:37:30 PM) (Source: DCOM) (EventID: 10016) (User: Fugentechnik)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}FugentechnikUteS-1-5-21-4278806244-3946690954-89611405-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/31/2014 06:36:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CSR OBEX-Dienst" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/31/2014 06:27:58 PM) (Source: DCOM) (EventID: 10016) (User: Fugentechnik)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}FugentechnikUteS-1-5-21-4278806244-3946690954-89611405-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/31/2014 06:27:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CSR OBEX-Dienst" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-12-31 08:57:23.315
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-12-31 08:57:23.211
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-12-31 08:57:23.091
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-12-31 08:57:20.137
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-12-31 08:57:20.040
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-12-31 08:57:19.756
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-12-31 08:57:19.377
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-12-30 23:55:11.722
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-12-30 23:55:11.566
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-12-30 23:55:11.402
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-4130 CPU @ 3.40GHz
Percentage of memory in use: 49%
Total physical RAM: 4010.35 MB
Available physical RAM: 2038.05 MB
Total Pagefile: 5290.35 MB
Available Pagefile: 2754.42 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:439.16 GB) (Free:373.79 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: A5C61E19)

Partition: GPT Partition Type.

==================== End Of Log ============================

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2014
Ran by Ute at 2014-12-31 21:08:32
Running from C:\Users\Ute\Desktop\troj
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.34 (HKLM-x32\...\{23170F69-40C1-2701-0934-000001000000}) (Version: 9.34.00.0 - Igor Pavlov)
7-Zip 9.34 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0934-000001000000}) (Version: 9.34.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Advantage Database Server for Windows v11.10 (HKLM-x32\...\{8F7F5EAD-7785-4246-83F0-C6A9204AF971}) (Version: 11.10.0001 - Sybase, Inc.)
Amazon Cloud Player (HKU\S-1-5-21-4278806244-3946690954-89611405-1001\...\Amazon Amazon Cloud Player) (Version: 2.4.0.33 - Amazon Services LLC)
Amazon Music Importer (HKLM-x32\...\com.amazon.music.uploader) (Version: 3.0.0 - Amazon Services LLC)
Amazon Music Importer (x32 Version: 3.0.0 - Amazon Services LLC) Hidden
AVM FRITZ! (HKLM-x32\...\FRITZ! 2.0) (Version:  - AVM Berlin)
AVM ISDN CAPI Port (HKLM-x32\...\AVM ISDN CAPI Port) (Version:  - )
BUHL-Lizenzmanagement-Software (x32 Version: 1.01.0000 - Buhl Data Service GmbH) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Cisco WebEx-Produktivitätswerkzeuge (HKLM-x32\...\{EC4A8038-085D-4FB7-BF70-338296E33FE5}) (Version: 11.1.30800 - Cisco WebEx LLC)
Classic Shell (HKLM\...\{2368907C-E8F6-4750-A023-254C3E2B5E8D}) (Version: 4.0.4 - IvoSoft)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4107 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Driver & Application Installation (HKLM-x32\...\{BFECCF2A-F094-4066-8BFA-29CCBB7F6602}) (Version: 6.12.0911 - Lenovo)
Dropbox (HKU\S-1-5-21-4278806244-3946690954-89611405-1001\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
Fotostory 3 für Windows (HKLM-x32\...\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}) (Version: 3.0.1115.15 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GoToMeeting 7.0.5.2130 (HKU\S-1-5-21-4278806244-3946690954-89611405-1001\...\GoToMeeting) (Version: 7.0.5.2130 - CitrixOnline)
IIS 7.5 Express (HKLM-x32\...\{433E2032-D3E0-46FF-BAA4-0976F333C1E4}) (Version: 7.5.1070 - Microsoft Corporation)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Lenovo Assistant (HKLM-x32\...\{B2DE4F30-B8C7-49C0-85B9-2F37A5290F00}) (Version: 2.0.0.29 - Lenovo)
Lenovo Blacksilk USB Keyboard Driver (HKLM-x32\...\{B266E062-D6C5-485B-B426-51B152B041A6}) (Version: V1.6.13.0724 - Lenovo)
Lenovo Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.7408 - CyberLink Corp.)
Lenovo Power2Go (x32 Version: 6.0.7408 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5108.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5108.52 - CyberLink Corp.) Hidden
LVT (HKLM-x32\...\{9E3469A6-443A-452C-BF44-8D7CE3A9A7E2}) (Version: 5.00.0914 - Lenovo)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{D32EF103-4016-4C15-BCB0-700C0A7A2309}) (Version: 3.0.50813.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Mozilla Thunderbird 31.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.3.0 (x86 de)) (Version: 31.3.0 - Mozilla)
PDF24 Creator 6.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6743 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
ScanSoft PaperPort 11 (HKLM-x32\...\{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}) (Version: 11.2.0000 - Nuance Communications, Inc.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Snagit 11 (HKLM-x32\...\{A7E2223E-4AE4-45C8-9B6C-1C893EDF11BD}) (Version: 11.4.0 - TechSmith Corporation)
TopApps Service (HKLM-x32\...\{B2BB7D05-F646-41C7-9CE4-CE77469C0899}_is1) (Version: 2.5.1 - )
TopKontor Handwerk Version 5 (HKLM-x32\...\{640A92A1-9B8B-4C80-B412-9595460EBC53}_is1) (Version: 5 - )
UltiDev Web Server Pro (x32 Version: 2.0.18 - UltiDev LLC) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VR-NetWorld (HKLM-x32\...\{8815F011-43AF-4F50-BBD8-D78ED3D6F5B9}) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4278806244-3946690954-89611405-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Ute\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4278806244-3946690954-89611405-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-4278806244-3946690954-89611405-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Ute\AppData\Local\Citrix\GoToMeeting\1259\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-4278806244-3946690954-89611405-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ute\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4278806244-3946690954-89611405-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ute\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4278806244-3946690954-89611405-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ute\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4278806244-3946690954-89611405-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ute\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4278806244-3946690954-89611405-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ute\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4278806244-3946690954-89611405-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ute\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4278806244-3946690954-89611405-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ute\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4278806244-3946690954-89611405-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ute\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

16-12-2014 07:38:47 Windows Modules Installer
24-12-2014 11:29:49 Geplanter Prüfpunkt
29-12-2014 12:39:30 Wiederherstellungsvorgang

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {10C464AB-F818-496E-9743-F105C3A2E2C0} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {28CD7355-CB57-4CC9-BDA7-6351E804957A} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {2EC50909-A5B8-4061-900F-7FBAF516F26A} - System32\Tasks\Lenovo\Lenovo-25838 => C:\ProgramData\Lenovo-25838.vbs [2013-10-18] ()
Task: {3864244B-592B-4F61-8F7E-F61734C03B58} - System32\Tasks\G2MUpdateTask-S-1-5-21-4278806244-3946690954-89611405-1001 => C:\Users\Ute\AppData\Local\Citrix\GoToMeeting\2130\g2mupdate.exe [2014-12-31] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {4927924C-A5E3-47FF-B9E9-B80557B576DE} - System32\Tasks\{4DFDCA33-7855-42CE-A167-53B2FA91D197} => pcalua.exe -a "C:\Users\Ute\AppData\Roaming\1H1Q1V1N1N1O1R\PDF Creator Packages\uninstaller.exe" -c /Uninstall /NM="PDF Creator Packages" /AN="1H1Q1V1N1N1O1R" /MBN="PDF Creator Packages"
Task: {51A427BB-2B0C-4F4B-B3BE-A9A2FAD1E4DF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {57799BD6-455E-4C11-B681-1B5A10F1C796} - System32\Tasks\TechSmith Updater => C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [2013-10-04] (TechSmith Corporation)
Task: {76F82560-6DA7-4132-8EEA-034B4CEF1C14} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-29] (Google Inc.)
Task: {7E83B592-067F-4486-9D07-E9250B9FCC71} - System32\Tasks\{8DC9A3B1-9955-4D2E-8E23-E1AD9817AA96} => pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe"
Task: {8D39BC23-CB47-408E-BE53-D89D35E46A7B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-29] (Google Inc.)
Task: {976D87FC-8514-464C-BD25-378970532BD8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-29] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-4278806244-3946690954-89611405-1001.job => C:\Users\Ute\AppData\Local\Citrix\GoToMeeting\2130\g2mupdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-12-20 13:57 - 2006-02-23 11:35 - 00020480 _____ () C:\WINDOWS\System32\FritzColorPort64.dll
2013-12-20 13:57 - 2006-02-22 10:39 - 00020480 _____ () C:\WINDOWS\System32\FritzPort64.dll
2013-10-18 10:59 - 2011-08-16 19:46 - 00032768 _____ () C:\Windows\jmesoft\Service.exe
2013-10-18 11:15 - 2013-05-14 19:53 - 00390632 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-12-02 14:20 - 2014-12-02 14:20 - 00010752 _____ () C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Temporary ASP.NET Files\root\07504d0b\fa6973ba\App_Web_0cazmffj.dll
2014-12-02 14:20 - 2014-12-02 14:20 - 00049152 _____ () C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Temporary ASP.NET Files\root\07504d0b\fa6973ba\App_Web_csh4c4a6.dll
2014-12-30 14:29 - 2014-12-06 02:16 - 01408328 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-30 14:29 - 2014-12-06 02:16 - 00204616 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-30 14:29 - 2014-12-06 02:17 - 10689352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-30 14:29 - 2014-12-06 02:16 - 01856840 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-12-30 14:29 - 2014-12-06 02:17 - 26725192 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll
2013-12-16 19:57 - 2013-01-23 08:57 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Ute\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Ute\Desktop\Fwd  Daten zur Einrichtung.eml:OECustomProperty
AlternateDataStreams: C:\Users\Ute\Desktop\Ihr Gutschein für druckerzubehoer.de.eml:OECustomProperty
AlternateDataStreams: C:\Users\Ute\Desktop\Ihr Jochen Schweizer Beleg.eml:OECustomProperty
AlternateDataStreams: C:\Users\Ute\Desktop\[Ticket#10297215] Ihre Buchung bei Jochen Schweizer Erlebnisse.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "ISDNWatch.lnk"
HKLM\...\StartupApproved\StartupFolder: => "VR-NetWorld Auftragsprüfung.lnk"
HKLM\...\StartupApproved\Run: => "vksts"
HKLM\...\StartupApproved\Run: => "TrayApplication"
HKLM\...\StartupApproved\Run: => "CsrAudioguiCtrl"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "LVT"
HKLM\...\StartupApproved\Run32: => "mcpltui_exe"
HKLM\...\StartupApproved\Run32: => "mcui_exe"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "ControlCenter3"
HKLM\...\StartupApproved\Run32: => "AvastUI.exe"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "BrMfcWnd"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "PPort11reminder"
HKLM\...\StartupApproved\Run32: => "IndexSearch"
HKLM\...\StartupApproved\Run32: => "PaperPort PTD"
HKLM\...\StartupApproved\Run32: => "PSUAMain"
HKU\S-1-5-21-4278806244-3946690954-89611405-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-4278806244-3946690954-89611405-1001\...\StartupApproved\StartupFolder: => "OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk"
HKU\S-1-5-21-4278806244-3946690954-89611405-1001\...\StartupApproved\Run: => "RESTART_STICKY_NOTES"
HKU\S-1-5-21-4278806244-3946690954-89611405-1001\...\StartupApproved\Run: => "Amazon Cloud Player"
HKU\S-1-5-21-4278806244-3946690954-89611405-1001\...\StartupApproved\Run: => "PTOneClick"

========================= Accounts: ==========================

admin (S-1-5-21-4278806244-3946690954-89611405-1005 - Administrator - Enabled) => C:\Users\admin
admin2 (S-1-5-21-4278806244-3946690954-89611405-1006 - Limited - Enabled) => C:\Users\admin2
Administrator (S-1-5-21-4278806244-3946690954-89611405-500 - Administrator - Disabled) => C:\Users\Administrator
Gast (S-1-5-21-4278806244-3946690954-89611405-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-4278806244-3946690954-89611405-1004 - Limited - Enabled)
Ute (S-1-5-21-4278806244-3946690954-89611405-1001 - Administrator - Enabled) => C:\Users\Ute

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/31/2014 09:07:49 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (12/31/2014 09:06:06 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (12/31/2014 09:03:12 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (12/31/2014 06:46:48 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (12/31/2014 06:41:02 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (12/31/2014 06:41:02 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (12/31/2014 06:40:45 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (12/30/2014 06:34:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.1.711, Zeitstempel: 0x542b53ec
Name des fehlerhaften Moduls: mbamcore.dll, Version: 1.1.20.0, Zeitstempel: 0x5425b0dd
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000023d4
ID des fehlerhaften Prozesses: 0x10a0
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3
Vollständiger Name des fehlerhaften Pakets: mbam.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: mbam.exe5

Error: (12/30/2014 06:18:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm mbam.exe, Version 1.0.1.711 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 18dc

Startzeit: 01d024096a810c25

Endzeit: 45

Anwendungspfad: C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe

Berichts-ID: df1a6034-9047-11e4-bf18-7427eae5d5e4

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (12/30/2014 00:55:05 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.


System errors:
=============
Error: (12/31/2014 06:37:30 PM) (Source: DCOM) (EventID: 10016) (User: Fugentechnik)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}FugentechnikUteS-1-5-21-4278806244-3946690954-89611405-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/31/2014 06:37:30 PM) (Source: DCOM) (EventID: 10016) (User: Fugentechnik)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}FugentechnikUteS-1-5-21-4278806244-3946690954-89611405-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/31/2014 06:37:30 PM) (Source: DCOM) (EventID: 10016) (User: Fugentechnik)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}FugentechnikUteS-1-5-21-4278806244-3946690954-89611405-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/31/2014 06:37:30 PM) (Source: DCOM) (EventID: 10016) (User: Fugentechnik)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}FugentechnikUteS-1-5-21-4278806244-3946690954-89611405-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/31/2014 06:37:30 PM) (Source: DCOM) (EventID: 10016) (User: Fugentechnik)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}FugentechnikUteS-1-5-21-4278806244-3946690954-89611405-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/31/2014 06:37:30 PM) (Source: DCOM) (EventID: 10016) (User: Fugentechnik)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}FugentechnikUteS-1-5-21-4278806244-3946690954-89611405-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/31/2014 06:37:30 PM) (Source: DCOM) (EventID: 10016) (User: Fugentechnik)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}FugentechnikUteS-1-5-21-4278806244-3946690954-89611405-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/31/2014 06:36:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CSR OBEX-Dienst" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/31/2014 06:27:58 PM) (Source: DCOM) (EventID: 10016) (User: Fugentechnik)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}FugentechnikUteS-1-5-21-4278806244-3946690954-89611405-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/31/2014 06:27:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CSR OBEX-Dienst" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-12-31 08:57:23.315
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-12-31 08:57:23.211
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-12-31 08:57:23.091
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-12-31 08:57:20.137
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-12-31 08:57:20.040
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-12-31 08:57:19.756
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-12-31 08:57:19.377
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-12-30 23:55:11.722
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-12-30 23:55:11.566
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-12-30 23:55:11.402
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-4130 CPU @ 3.40GHz
Percentage of memory in use: 49%
Total physical RAM: 4010.35 MB
Available physical RAM: 2038.05 MB
Total Pagefile: 5290.35 MB
Available Pagefile: 2754.42 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:439.16 GB) (Free:373.79 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: A5C61E19)

Partition: GPT Partition Type.

==================== End Of Log ============================

Optimizer Pro

Plagegeister aller Art und deren Bekämpfung: Optimizer Pro

Optimizer Pro

Optimizer Pro

Ähnliche Themen: Optimizer Pro