sfc /scannow reparieren?

schrauber · 11.12.2014, 10:31

Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

rk1757 · 12.12.2014, 07:44

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-12-2014 01
Ran by Privat (ATTENTION: The logged in user is not administrator) on R-PC on 07-12-2014 12:44:42
Running from C:\Users\Privat\Downloads\FRST 64-Bit
Loaded Profiles: R & Privat (Available profiles: R & Coach & Privat)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Citrix Systems, Inc.) C:\Users\Privat\AppData\Local\Citrix\ICA Client\concentr.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Citrix Systems, Inc.) C:\Users\Privat\AppData\Local\Program Files\Citrix\Receiver\Receiver.exe
(Citrix Systems, Inc.) C:\Users\Privat\AppData\Local\Citrix\SelfService\Program Files\SelfServicePlugin.exe
(Citrix Systems, Inc.) C:\Users\Privat\AppData\Local\Citrix\ICA Client\wfcrun32.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hola Networks Ltd.) C:\Users\Privat\AppData\Local\Hola\firefox\app\hola_plugin.exe
(Canneverbe Limited                                          ) C:\Users\Privat\Downloads\CDBurnerXP\cdbxp_setup_4.5.4.5143.exe
() C:\Users\Privat\AppData\Local\Temp\is-KC1QV.tmp\cdbxp_setup_4.5.4.5143.tmp
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-459147949-2764265090-3061895288-1004\...\Run: [ConnectionCenter] => C:\Users\Privat\AppData\Local\Citrix\ICA Client\concentr.exe [395656 2013-10-01] (Citrix Systems, Inc.)
HKU\S-1-5-21-459147949-2764265090-3061895288-1004\...\MountPoints2: {d5b1e588-28fd-11e4-99a0-002454164d61} - H:\AutoRun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-03-15] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\Users\Privat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll (Acronis)
BootExecute: autocheck autochk * ฀쮛嶐PowerRemov߾PowerRemover.eService\SWMAgent. 'Win32_Process'PowerRemover.e߾PowerRemover.e߾랰šPowerRemover

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-459147949-2764265090-3061895288-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-459147949-2764265090-3061895288-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKU\S-1-5-21-459147949-2764265090-3061895288-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x9DC39E4086D1CF01
HKU\S-1-5-21-459147949-2764265090-3061895288-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
URLSearchHook: [S-1-5-21-459147949-2764265090-3061895288-1001] ATTENTION ==> Default URLSearchHook is missing.
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\S-1-5-21-459147949-2764265090-3061895288-1004 -> {E2F142F7-A180-4898-98E3-6543ADCC6CD9} URL = hxxp://www.sm.de/?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - @C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Users\Privat\AppData\Local\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Privat\AppData\Roaming\Mozilla\Firefox\Profiles\chw91qfc.default
FF NewTab: Home
FF Homepage: www.google.de|www.yahoo.de|www.ard-text.de|www.n24.de|hxxp://www.wissenschaft-aktuell.de/|hxxp://translate.google.de/|hxxp://www.wetteronline.de/wetter/mecklenburg-vorpommern|https://mail.daa.de|hxxp://www.tvtoday.de/tv-programm/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpWinExt,version=5.0 -> C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-459147949-2764265090-3061895288-1004: @Citrix.com/npican -> C:\Users\Privat\AppData\Local\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Extension: Hola Better Internet - C:\Users\Privat\AppData\Roaming\Mozilla\Firefox\Profiles\chw91qfc.default\Extensions\jid1-4P0kohSJxU1qGg@jetpack [2014-12-05]
FF Extension: Adblock Plus - C:\Users\Privat\AppData\Roaming\Mozilla\Firefox\Profiles\chw91qfc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-18]
FF Extension: Tab Mix Plus - C:\Users\Privat\AppData\Roaming\Mozilla\Firefox\Profiles\chw91qfc.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-03-19]
FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\Firefox
FF Extension: Bing Bar - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\Firefox [2014-09-24]
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension
FF Extension: Search Helper Extension - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2014-09-24]
FF HKU\S-1-5-21-459147949-2764265090-3061895288-1004\...\Firefox\Extensions: [{b9aa91db-385d-4c69-8a2f-96790aa9405b}] - c:\program files (x86)\copernic\desktopsearch4\firefoxconnector
FF Extension: Copernic Desktop Search - Search Firefox content - c:\program files (x86)\copernic\desktopsearch4\firefoxconnector [2014-03-16]

Chrome: 
=======
CHR HKU\S-1-5-21-459147949-2764265090-3061895288-1004\...\Chrome\Extension: [cnnbdaahphjgdgfhliignpepgnbnfomp] - c:\program files (x86)\copernic\desktopsearch4\ChromeConnector\ChromeConnector.crx [2014-11-04]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173272 2013-11-01] (Microsoft Corp.)
R2 CSUService; C:\Program Files\COMODO\COMODO System Utilities\CSUService.exe [347968 2012-02-24] (Comodo Security Solutions, Inc.)
S3 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [1876816 2014-11-05] (SurfRight B.V.)
R2 KlimaLogg Service; C:\Program Files (x86)\KlimaLoggPro\KlimaLoggProService.exe [2480640 2014-05-27] () [File not signed]
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2283296 2014-10-10] (IObit)
R3 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 lmhosts; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S4 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S4 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2012-11-13] (Nitro PDF Software)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S4 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3020632 2014-04-04] (Samsung Electronics CO., LTD.)
R2 VhdAttach; C:\Program Files\Josip Medved\VHD Attach\VhdAttachService.exe [276936 2014-04-07] (Josip Medved)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 azvusb; C:\Windows\System32\DRIVERS\azvusb.sys [54784 2009-08-24] (AzureWave Technologies, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-15] (Disc Soft Ltd)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [296736 2014-12-07] (Acronis International GmbH)
R2 hmpalert; C:\Windows\System32\drivers\hmpalert.sys [93144 2014-11-05] ()
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [34056 2014-09-18] (Paragon Software Group)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-11-21] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-07] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19936 2010-04-09] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2010-04-09] ()
R3 rtl819xpn64; C:\Windows\System32\DRIVERS\rtl819xp.sys [622624 2010-02-01] (Realtek Semiconductor Corporation                           )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1328928 2014-12-07] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [234784 2014-12-07] (Acronis International GmbH)
R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [102664 2014-09-18] ()
R1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25992 2014-09-18] ()
R1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [700680 2014-09-18] ()
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-07 12:43 - 2014-12-07 12:44 - 00000000 ____D () C:\Users\Privat\Downloads\FRST 64-Bit
2014-12-07 12:35 - 2014-12-07 12:35 - 00000444 _____ () C:\Windows\PFRO.log
2014-12-07 12:35 - 2014-12-07 12:35 - 00000056 _____ () C:\Windows\setupact.log
2014-12-07 12:35 - 2014-12-07 12:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-07 12:22 - 2014-12-07 12:22 - 00296736 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\file_tracker.sys
2014-12-07 12:22 - 2014-12-07 12:22 - 00234784 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib_mounter.sys
2014-12-07 12:21 - 2014-12-07 12:21 - 01328928 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib.sys
2014-12-07 12:21 - 2014-12-07 12:21 - 00304416 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\snapman.sys
2014-12-07 12:21 - 2014-12-07 12:21 - 00134432 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\fltsrv.sys
2014-12-07 12:21 - 2014-12-07 12:21 - 00001217 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis True Image 2015.lnk
2014-12-07 12:14 - 2014-12-07 12:23 - 00000000 ____D () C:\ProgramData\Acronis
2014-12-07 12:14 - 2014-12-07 12:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2014-12-07 12:14 - 2014-12-07 12:21 - 00000000 ____D () C:\Program Files (x86)\Acronis
2014-12-07 03:57 - 2014-12-07 12:02 - 00000000 ____D () C:\Users\R\Downloads\Acronis-EDV Buchversand
2014-12-07 03:53 - 2014-12-07 03:53 - 00000000 ____D () C:\Users\R\AppData\Roaming\6201DCD5-31C3-42A8-9C56-988BDE234E8F
2014-12-06 21:13 - 2014-12-06 21:13 - 00000000 ____D () C:\Users\R\AppData\Roaming\Acronis
2014-12-06 21:01 - 2014-09-17 12:43 - 00000000 ____D () C:\Users\R\Downloads\Acronis TrueImage 2015 Build 5539 Deutsch Lizenz ungültig
2014-12-06 13:01 - 2014-12-06 13:01 - 00000000 ____D () C:\Program Files\Josip Medved
2014-12-06 13:00 - 2014-12-06 13:00 - 01174352 _____ () C:\Users\Privat\Downloads\VHD Attach - CHIP-Installer.exe
2014-12-05 12:24 - 2014-12-07 12:00 - 00000110 _____ () C:\AdwCleanerDebug.txt
2014-12-05 11:05 - 2014-12-05 11:10 - 01939992 _____ () C:\Users\Privat\Downloads\winrar-x64-520.exe
2014-12-03 08:44 - 2014-12-03 08:44 - 00001103 _____ () C:\Users\Privat\Desktop\Bewerbungscoaching.lnk
2014-12-03 07:01 - 2014-12-05 12:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-12-02 21:20 - 2014-12-02 20:20 - 00000052 _____ () C:\Users\Privat\Documents\KlimaLoggPro.log
2014-12-02 20:20 - 2014-11-29 09:06 - 00000052 _____ () C:\Users\Privat\Documents\2014_12_02-KlimaLoggPro.log
2014-11-30 19:28 - 2012-11-11 19:43 - 00175382 _____ () C:\Users\Privat\Documents\Sicherungskopie von 01. und 02.2011.wbk
2014-11-30 15:31 - 2014-11-30 15:31 - 03531024 _____ (DVDVideoSoft Ltd. ) C:\Users\Privat\Downloads\FreeYouTube1122Download.exe
2014-11-29 22:29 - 2014-11-29 22:29 - 00054775 _____ () C:\Users\Privat\AppData\Local\recently-used.xbel
2014-11-29 09:06 - 2014-11-23 11:49 - 00000052 _____ () C:\Users\Privat\Documents\2014_11_29-KlimaLoggPro.log
2014-11-26 10:56 - 2014-11-26 10:56 - 00000000 ____D () C:\Users\Privat\Documents\Marx, Kati
2014-11-25 21:21 - 2014-11-25 21:21 - 05162080 _____ (Piriform Ltd) C:\Users\Privat\Downloads\ccsetup500.exe
2014-11-25 21:16 - 2014-12-07 12:07 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-24 06:54 - 2014-11-24 06:54 - 00003584 _____ () C:\Users\Privat\AppData\Local\dcbc2a71-70d8-4dan-ehr8-e0d61dea3fdf.ini
2014-11-24 06:54 - 2014-11-24 06:54 - 00002393 _____ () C:\ProgramData\klimalogg.dat1.tmp
2014-11-23 14:38 - 2014-12-07 12:42 - 01237068 _____ () C:\Windows\WindowsUpdate.log
2014-11-23 14:36 - 2014-11-24 06:51 - 00151056 _____ () C:\Users\Privat\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-23 14:35 - 2014-11-24 06:51 - 00515600 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-23 14:24 - 2014-11-23 14:24 - 00000000 ____D () C:\Users\R\AppData\Roaming\TeamViewer
2014-11-23 14:21 - 2014-12-01 07:23 - 00000000 ____D () C:\Program Files (x86)\WashAndGo
2014-11-23 14:21 - 2014-11-23 14:21 - 00000000 ____D () C:\Users\R\Documents\Abelssoft
2014-11-23 14:20 - 2014-11-23 14:20 - 18323160 _____ (Abelssoft ) C:\Users\Privat\Downloads\washandgo.exe
2014-11-23 11:49 - 2014-11-20 19:50 - 00000052 _____ () C:\Users\Privat\Documents\2014_11_23-KlimaLoggPro.log
2014-11-23 11:37 - 2014-11-23 11:37 - 00000000 ____D () C:\Users\Privat\Downloads\Bitdefender
2014-11-22 11:29 - 2014-11-22 11:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StreamTransport
2014-11-22 11:29 - 2014-11-22 11:29 - 00000000 ____D () C:\Program Files (x86)\StreamTransport
2014-11-22 11:27 - 2014-11-22 11:28 - 00000000 ____D () C:\Users\Privat\Downloads\Streamtransport1.1.6.2
2014-11-22 11:25 - 2014-11-22 11:26 - 17805707 _____ () C:\Users\R\Downloads\streamtransport_1.1.6.2.zip
2014-11-20 21:34 - 2014-11-20 21:34 - 00000000 ____D () C:\Users\Privat\AppData\Local\Hola
2014-11-20 19:50 - 2014-11-16 10:35 - 00000052 _____ () C:\Users\Privat\Documents\2014_11_20-KlimaLoggPro.log
2014-11-19 06:43 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 06:43 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 06:43 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 06:43 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-18 06:56 - 2014-11-18 20:15 - 00485481 _____ () C:\Users\Privat\Documents\Sicherungskopie von Einladung zum Adventskonzert 2014.wbk
2014-11-17 19:25 - 2014-11-17 19:25 - 00000000 __SHD () C:\Users\Privat\AppData\Local\EmieBrowserModeList
2014-11-16 10:35 - 2014-11-11 08:36 - 00000052 _____ () C:\Users\Privat\Documents\2014_11_16-KlimaLoggPro.log
2014-11-15 15:43 - 2014-12-07 04:21 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-11-15 15:42 - 2014-11-15 15:42 - 20384680 _____ (SUPERAntiSpyware) C:\Users\Privat\Downloads\SUPERAntiSpyware.exe
2014-11-14 14:35 - 2014-11-14 14:35 - 00000000 ____D () C:\Windows\Hewlett-Packard
2014-11-14 11:50 - 2014-11-14 11:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elcomsoft Password Recovery
2014-11-14 11:50 - 2014-11-14 11:50 - 00000000 ____D () C:\ProgramData\Elcomsoft Password Recovery
2014-11-14 11:50 - 2014-11-14 11:50 - 00000000 ____D () C:\Program Files (x86)\Elcomsoft Password Recovery
2014-11-14 11:50 - 2014-11-14 11:50 - 00000000 ____D () C:\Program Files (x86)\Elcomsoft
2014-11-14 11:49 - 2014-11-14 11:49 - 00000000 ____D () C:\Users\Privat\Downloads\PDW PWD_Cracker
2014-11-12 18:25 - 2014-11-12 18:25 - 01540816 _____ ( ) C:\Users\Privat\Downloads\cpu-z_1.71-setup-en.exe
2014-11-11 20:03 - 2014-11-11 20:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2014-11-11 19:59 - 2014-11-23 14:21 - 00000000 ____D () C:\Users\R\AppData\Roaming\Abelssoft
2014-11-11 19:30 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-11 19:30 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-11 19:30 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-11 19:30 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-11 19:30 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-11 19:30 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-11 19:30 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-11 19:30 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-11 19:30 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-11 19:30 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-11 19:30 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-11 19:30 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-11 19:30 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-11 19:30 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-11 19:30 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-11 19:30 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-11 19:30 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-11 19:30 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-11 19:30 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-11 19:30 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-11 19:30 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-11 19:30 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-11 19:30 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-11 19:30 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-11 19:30 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-11 19:30 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-11 19:30 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-11 19:30 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-11 19:30 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-11 19:30 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-11 19:30 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-11 19:30 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-11 19:30 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-11 19:30 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-11 19:30 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-11 19:30 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-11 19:30 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-11 19:30 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-11 19:30 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-11 19:30 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-11 19:30 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-11 19:30 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-11 19:30 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-11 19:30 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-11 19:30 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-11 19:30 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-11 19:30 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-11 19:30 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-11 19:30 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-11 19:30 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-11 19:30 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-11 19:30 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-11 19:30 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-11 19:30 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-11 19:30 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-11 19:30 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-11 19:30 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-11 19:30 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-11 19:30 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-11 19:30 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-11 19:30 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-11 19:30 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-11 19:30 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-11 19:30 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-11 19:30 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-11 19:30 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-11 19:30 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-11 19:30 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-11 19:30 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-11 19:30 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-11 19:30 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-11 19:30 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-11 19:30 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-11 19:30 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-11 19:30 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-11 19:30 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-11 19:30 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-11 19:30 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-11 19:30 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-11 19:30 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-11 19:30 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-11 19:30 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-11 19:30 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-11 19:30 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-11 19:29 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-11 19:29 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-11 19:29 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-11 19:29 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-11 19:29 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-11 19:29 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-11 19:29 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-11 19:29 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-11 19:29 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-11 19:29 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-11 19:29 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-11 19:29 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-11 19:29 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-11 19:29 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-11 19:29 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-11 19:26 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-11 19:26 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-11 10:45 - 2014-11-23 15:42 - 00000000 ____D () C:\Users\Privat\Desktop\Bildbearbeitung
2014-11-11 10:41 - 2014-11-30 15:40 - 00000000 ____D () C:\Users\Privat\Desktop\Musik & Video
2014-11-11 10:27 - 2014-11-11 10:28 - 00000000 ____D () C:\Program Files\UltraDefrag
2014-11-11 10:27 - 2014-11-11 10:27 - 00000860 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraDefrag.lnk
2014-11-11 10:25 - 2014-11-11 10:25 - 00000000 ____D () C:\Users\Privat\Downloads\UltraDefrag
2014-11-11 10:17 - 2014-11-14 07:24 - 00000000 ____D () C:\Users\R\Downloads\Streamtransport
2014-11-11 09:58 - 2014-11-11 09:58 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\Abelssoft
2014-11-11 09:57 - 2014-12-05 12:38 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-11-11 09:57 - 2014-11-11 09:57 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-11-11 09:56 - 2014-11-11 09:57 - 03241528 _____ (Abelssoft ) C:\Users\Privat\Downloads\CHIP_Updater_2.35.exe
2014-11-11 08:36 - 2014-11-09 14:07 - 00000052 _____ () C:\Users\Privat\Documents\2014_11_11-KlimaLoggPro.log
2014-11-10 20:07 - 2014-11-10 20:07 - 00001199 _____ () C:\Users\Public\Desktop\CloneDVD2.lnk
2014-11-10 20:07 - 2014-11-10 20:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2014-11-10 19:54 - 2014-11-10 19:54 - 00000000 ____D () C:\ProgramData\Elaborate Bytes
2014-11-10 18:30 - 2014-11-15 15:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-09 14:07 - 2014-11-07 17:23 - 00000104 _____ () C:\Users\Privat\Documents\2014_11_09-KlimaLoggPro.log
2014-11-08 10:38 - 2014-11-08 10:38 - 00000000 ____D () C:\Windows\CheckSur
2014-11-07 06:42 - 2014-11-04 21:03 - 00000052 _____ () C:\Users\Privat\Documents\2014_11_07-KlimaLoggPro.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-07 12:44 - 2014-08-11 19:32 - 00000000 ____D () C:\FRST
2014-12-07 12:44 - 2009-07-14 05:45 - 00020592 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-07 12:44 - 2009-07-14 05:45 - 00020592 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-07 12:41 - 2014-11-05 12:15 - 00000000 ____D () C:\Users\Privat\Downloads\CDBurnerXP
2014-12-07 12:37 - 2014-11-05 18:15 - 00000000 ____D () C:\Windows\CryptoGuard
2014-12-07 12:37 - 2014-10-16 21:23 - 00000000 ____D () C:\Users\Privat\Desktop\Admi-Tools
2014-12-07 12:35 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-07 12:27 - 2009-07-14 18:58 - 00702704 _____ () C:\Windows\system32\perfh007.dat
2014-12-07 12:27 - 2009-07-14 18:58 - 00150312 _____ () C:\Windows\system32\perfc007.dat
2014-12-07 12:27 - 2009-07-14 06:13 - 01627352 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-07 12:04 - 2014-09-03 06:25 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-07 12:03 - 2014-08-02 09:26 - 00000000 ____D () C:\AdwCleaner
2014-12-07 12:00 - 2014-08-28 05:56 - 00000000 ____D () C:\Users\R\Downloads\AdwCleaner
2014-12-07 03:41 - 2014-03-18 18:51 - 00000000 ____D () C:\Users\Privat\Documents\Outlook-Dateien
2014-12-06 13:29 - 2014-03-16 10:33 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-12-05 12:24 - 2014-08-28 05:49 - 00000000 ____D () C:\Users\Privat\Downloads\AdwCleaner
2014-12-05 11:54 - 2014-10-26 16:44 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-12-05 11:54 - 2014-09-03 06:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-12-05 11:54 - 2014-09-03 06:24 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-12-05 11:35 - 2014-03-16 05:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-12-05 11:35 - 2014-03-16 05:06 - 00000000 ____D () C:\Program Files\WinRAR
2014-12-05 10:51 - 2014-03-17 18:58 - 00000000 ____D () C:\Users\Privat\Documents\Birkenring 40
2014-12-04 07:12 - 2014-10-15 20:02 - 00000000 ____D () C:\Users\R\AppData\Roaming\UseNeXT
2014-12-03 08:43 - 2014-05-29 10:04 - 00100352 ___SH () C:\Users\Privat\Thumbs.db
2014-12-02 20:23 - 2014-10-08 14:57 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\KlimaLoggPro
2014-12-01 08:55 - 2014-03-15 20:16 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-12-01 07:23 - 2014-03-16 09:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-11-30 15:52 - 2014-04-05 10:05 - 00000000 ____D () C:\Users\R\AppData\Roaming\DVDVideoSoft
2014-11-30 15:28 - 2014-04-28 20:23 - 00000000 ____D () C:\Users\Privat\Documents\DVDVideoSoft
2014-11-30 15:28 - 2014-04-28 20:23 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\DVDVideoSoft
2014-11-29 22:30 - 2014-03-31 09:28 - 00000000 ____D () C:\Users\Privat\.gimp-2.8
2014-11-29 22:29 - 2014-03-31 09:32 - 00000000 ____D () C:\Users\Privat\AppData\Local\gtk-2.0
2014-11-27 21:38 - 2014-03-18 20:54 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\MyPhoneExplorer
2014-11-27 08:48 - 2014-10-15 20:30 - 00000000 ____D () C:\Program Files\Recuva
2014-11-26 13:56 - 2014-05-27 14:14 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\Nitro
2014-11-25 21:21 - 2014-03-15 19:16 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-25 21:19 - 2014-03-16 05:19 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-25 21:19 - 2014-03-16 05:19 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-25 20:58 - 2014-05-01 00:24 - 00000000 ____D () C:\Users\Public\Documents\Coaching
2014-11-25 19:28 - 2014-10-04 13:02 - 00002244 _____ () C:\Users\Privat\Desktop\Total Commander    64.lnk
2014-11-25 15:12 - 2014-03-16 16:48 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\vlc
2014-11-25 12:47 - 2014-10-10 10:38 - 00000000 ____D () C:\Users\R\Downloads\MailPassView
2014-11-24 13:13 - 2014-03-31 07:47 - 00000000 ____D () C:\Users\Coach\Documents\Coaching
2014-11-24 06:55 - 2014-06-20 10:54 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\Notepad++
2014-11-24 06:55 - 2014-06-13 14:21 - 00000000 ____D () C:\temp
2014-11-24 06:55 - 2014-04-28 21:30 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\dvdcss
2014-11-24 06:54 - 2014-10-08 14:45 - 00002393 _____ () C:\ProgramData\KlimaLogg.dat1
2014-11-24 06:54 - 2014-09-06 16:42 - 00000000 ____D () C:\Users\R\SecurityScans
2014-11-24 06:54 - 2014-05-27 07:09 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\HpUpdate
2014-11-24 06:54 - 2014-03-16 16:27 - 00000000 ____D () C:\Users\Privat\AppData\Local\Microsoft Help
2014-11-24 06:53 - 2014-03-15 17:38 - 00000000 ____D () C:\Windows\Panther
2014-11-24 06:51 - 2014-07-23 19:36 - 00000000 ____D () C:\Users\R\AppData\Roaming\Skype
2014-11-24 06:51 - 2014-04-24 16:26 - 00000000 ____D () C:\Users\R\AppData\Roaming\Mp3tag
2014-11-24 06:51 - 2014-04-05 11:05 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\TeamViewer
2014-11-24 06:51 - 2014-03-19 16:10 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\Skype
2014-11-24 06:51 - 2014-03-16 17:29 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\Mp3tag
2014-11-23 15:44 - 2014-04-02 06:38 - 00000000 ___RD () C:\Users\Privat\Documents\HP Photo Creations
2014-11-22 11:21 - 2014-10-17 16:59 - 00000000 ____D () C:\Program Files (x86)\ASIO4ALL v2
2014-11-21 06:14 - 2014-09-03 06:24 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-21 06:14 - 2014-09-03 06:24 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-21 06:14 - 2014-09-03 06:24 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-20 14:36 - 2014-05-28 10:19 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\Nitro PDF
2014-11-19 07:21 - 2014-03-15 17:49 - 00000000 ____D () C:\Users\R
2014-11-17 08:30 - 2014-03-15 18:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-16 10:37 - 2014-10-10 11:32 - 00000000 ____D () C:\Users\Privat\AppData\Roaming\IObit
2014-11-15 15:43 - 2014-06-12 15:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-11-14 14:36 - 2014-03-16 09:13 - 00000000 ____D () C:\Program Files (x86)\HP
2014-11-12 10:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-11 20:03 - 2014-03-16 17:28 - 00000000 ____D () C:\Program Files (x86)\Mp3tag
2014-11-11 19:45 - 2014-04-24 06:12 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-11 19:43 - 2014-03-16 09:57 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-11 19:39 - 2014-03-15 18:28 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-11 19:34 - 2014-03-15 18:28 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-11 10:12 - 2014-03-16 13:48 - 00002140 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Copernic Desktop Search 4.lnk
2014-11-11 10:12 - 2014-03-16 13:48 - 00002128 _____ () C:\Users\Public\Desktop\Copernic Desktop Search 4.lnk
2014-11-11 10:08 - 2014-03-19 20:01 - 00001019 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-11-11 10:08 - 2014-03-19 20:01 - 00000000 ____D () C:\Program Files (x86)\Audacity
2014-11-11 10:05 - 2014-03-15 20:13 - 00000894 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2014-11-11 10:02 - 2014-08-28 06:19 - 00000000 ____D () C:\Users\Privat\Downloads\Gimp
2014-11-11 09:57 - 2014-09-08 14:50 - 00000000 ____D () C:\Users\Privat\AppData\Local\Abelssoft
2014-11-10 20:08 - 2014-03-16 16:27 - 00000000 ____D () C:\Users\Privat\AppData\Local\VirtualStore
2014-11-10 20:07 - 2014-05-03 08:16 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes
2014-11-10 18:35 - 2014-09-08 17:47 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-11-10 18:35 - 2014-03-19 16:10 - 00000000 ____D () C:\ProgramData\Skype
2014-11-10 18:09 - 2014-09-21 20:33 - 00000000 ____D () C:\Program Files\CamStudio 2.7
2014-11-09 16:09 - 2014-06-01 13:52 - 00000000 ____D () C:\Users\Privat\MediathekView
2014-11-09 15:46 - 2014-03-28 21:12 - 00000000 ____D () C:\Users\Privat\.mediathek3
2014-11-09 15:45 - 2014-03-28 21:11 - 00000000 ____D () C:\Users\Privat\Downloads\MediathekView
2014-11-08 09:39 - 2014-09-13 06:07 - 00000000 ____D () C:\Windows\Minidump
2014-11-08 09:02 - 2014-11-05 12:10 - 00000000 ____D () C:\Users\Privat\Downloads\Avast-browser-cleanup

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2014 01
Ran by Privat at 2014-12-07 12:46:09
Running from C:\Users\Privat\Downloads\FRST 64-Bit
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acronis True Image 2015 (HKLM-x32\...\{08DC7D7A-1CA0-4E96-B12F-9B9577FCF0F8}Visible) (Version: 18.0.6525 - Acronis)
Acronis True Image 2015 (x32 Version: 18.0.6525 - Acronis) Hidden
Acronis Universal Restore Bootable Media Builder (HKLM-x32\...\{21A0454F-5B00-4DA7-81FF-A0B1FA295924}) (Version: 11.5.38938 - Acronis)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Advanced PDF Password Recovery (HKLM-x32\...\{A85CC7BA-760F-4B65-8E2F-640BE314F2F8}) (Version: 5.06.113.2041 - Elcomsoft Co. Ltd.)
Amazon Music (HKU\S-1-5-21-459147949-2764265090-3061895288-1004\...\Amazon Amazon Music) (Version: 3.4.0.628 - Amazon Services LLC)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 - Michael Tippach)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
AutoUpdate (HKLM-x32\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
Bing Bar (HKLM-x32\...\{08234a0d-cf39-4dca-99f0-0c5cb496da81}) (Version: 5.0.1449.0 - Microsoft Corporation)
Bing Bar Platform (x32 Version: 5.0.1449.0 - Microsoft Corporation) Hidden
Bing-Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.347.0 - Microsoft Corporation)
calibre (HKLM-x32\...\{18681CFA-4FAF-47F7-B1AA-E7B5D02CA274}) (Version: 2.4.0 - Kovid Goyal)
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
CHIP Updater (HKLM-x32\...\CHIP Updater_is1) (Version: 2.39 - Abelssoft)
CHIP Updater (HKLM-x32\...\UpdateYeti_is1) (Version: 2.37 - Abelssoft)
Citrix Receiver (HKU\S-1-5-21-459147949-2764265090-3061895288-1004\...\CitrixOnlinePluginPackWeb) (Version: 14.1.0.0 - Citrix Systems, Inc.)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes)
COMODO System Utilities (HKLM\...\{A7DA4247-9F22-4d4a-974A-DD455CCF43B6}) (Version: 4.0.226743.26 - COMODO)
Copernic Desktop Search 4 (HKLM-x32\...\CopernicDesktopSearch4) (Version: 4.2.0.6628 - Copernic)
Copernic Desktop Search 4 (x32 Version: 4.2.0.6628 - Copernic) Hidden
Corel Graphics Suite 11 (x32 Version: 11 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 11 (HKLM-x32\...\InstallShield_{1C63DD23-6554-4A1F-8D0D-B5A6B49D8015}) (Version: 11 - Corel Corporation)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Digital DJ (HKLM-x32\...\Digital DJ) (Version: 2.0 - MAGIX)
DivX Codec (HKLM-x32\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.6.1 - DivX, Inc.)
FFmpeg v0.6.2 for Audacity (HKLM-x32\...\FFmpeg for Audacity_is1) (Version:  - )
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version:  - FileHippo.com)
FLAC To MP3 V4.0.4 (HKLM-x32\...\FLAC To MP3_is1) (Version:  - FLAC To MP3, Inc.)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Gadwin PrintScreen (64-Bit) (HKLM\...\{4D1B6540-9F0C-413F-8444-C04FC0F69B7B}) (Version: 5.0.1.0 - Gadwin Systems)
GetFoldersize 2.5.24 (HKLM-x32\...\GetFoldersize_is1) (Version: 2.5.24 - Michael Thummerer Software Design)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
HitmanPro.Alert (HKLM\...\HitmanPro.Alert) (Version: 2.6.5.77 - SurfRight B.V.)
HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (HKLM\...\{C41713B3-DCB0-48C3-B830-47CB59C60B89}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710n-z Hilfe (HKLM-x32\...\{EFBC0CB1-AFFD-4E74-ACEF-42099F1D49C3}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4 - HP)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.0.4.25 - IObit)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
KlimaLogg Pro (HKLM-x32\...\KlimaLogg Pro_is1) (Version:  - TFA Dostmann)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Baseline Security Analyzer 2.3 (HKLM\...\{D8D25854-D7F0-45C5-8702-D650A5A23E21}) (Version: 2.3.2208 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Windows Performance Toolkit (HKLM\...\{E7F9E526-2324-437B-A609-E8C5309465CB}) (Version: 4.8.0 - Microsoft Corporation)
Microsoft Windows SDK for Windows 7 (7.1) (HKLM\...\SDKSetup_7.1.7600.0.30514) (Version: 7.1.7600.0.30514 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MiniTool Partition Recovery 5.0 (HKLM-x32\...\{BDCEB6A6-5966-4291-861A-058F49A2195A}_is1) (Version:  - MiniTool Solution Ltd.)
MixMeister BPM Analyzer 1.0 (HKLM-x32\...\MixMeister BPM Analyzer_is1) (Version:  - MixMeister Technology LLC)
Mozilla Firefox 33.1.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.1.1 (x86 de)) (Version: 33.1.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Mp3tag v2.65a (HKLM-x32\...\Mp3tag) (Version: v2.65a - Florian Heidenreich)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
Netzmanager (HKLM-x32\...\Netzmanager) (Version: 1.081 - Deutsche Telekom AG)
Netzmanager (Version: 1.081 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
Nitro Pro 8 (HKLM\...\{EE77DB04-2F1B-45FE-AC5B-04EA3A1C5658}) (Version: 8.0.8.3 - Nitro)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
Online Plug-in (x32 Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Paragon Festplatten Manager™ 15 Suite (HKLM\...\{29258311-EA49-11DE-967C-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.308.2 - Tracker Software Products Ltd)
Pinnacle Instant DVD Recorder (HKLM-x32\...\{C1212AE3-DBB9-4365-8473-F8ABC7B06BBB}) (Version: 2.5.0.092 - Pinnacle Systems)
RarmaRadio 2.69.1 (HKLM-x32\...\RarmaRadio_is1) (Version:  - RaimerSoft)
Recovery Media Builder™ (HKLM\...\{EC1AB719-E98B-532C-95D4-381FB69F5CD2}) (Version: 1.00.0000 - Paragon Software)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
S Agent (Version: 1.1.47 - Samsung Electronics CO., LTD.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
SeaTools for Windows (HKLM-x32\...\SeaTools for Windows) (Version:  - Seagate Technology)
Self-Service Plug-in (x32 Version: 4.1.0.41738 - Citrix Systems, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.105 - Skype Technologies S.A.)
SmartTools Publishing • Word Falz & Lochmarken-Assistent (HKLM-x32\...\SmartToolsFalz & Lochmarken-Assistentv7.05) (Version: v7.05 - SmartTools Publishing)
StreamTransport version: 1.1.6.1 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
Studie zur Verbesserung von HP Officejet 6500 E710n-z Produkten (HKLM\...\{C9347A74-CDAD-4076-B754-11752F6BE324}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1164 - SUPERAntiSpyware.com)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
TVCenter (HKLM\...\{DD0A0C72-A7C3-4722-86C9-2399F9FC0DE7}) (Version: 6.4.5.933 - PCTV Systems)
Ultra Defragmenter (HKLM-x32\...\UltraDefrag) (Version: 6.0.4 - UltraDefrag Development Team)
VHD Attach 3.90 (HKLM\...\JosipMedved_VhdAttach_is1) (Version: 3.90 - Josip Medved)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

Could not list Restore Points. Check "winmgmt" service or repair WMI.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => ?

==================== Loaded Modules (whitelisted) =============

2013-09-04 23:17 - 2013-09-04 23:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-12-07 12:41 - 2014-12-07 12:41 - 01556480 _____ () C:\Users\Privat\AppData\Local\Temp\is-KC1QV.tmp\cdbxp_setup_4.5.4.5143.tmp

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: NitroDriverReadSpool8 => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SWUpdateService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^O&O Defrag Tray.lnk => C:\Windows\pss\O&O Defrag Tray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup
MSCONFIG\startupreg: !BingBar => "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\MUExe\7.1.361.0\BingBarSetup-Partner.EXE" /C:"BBSetup.exe cabLocation=.\BingBarPartnerConfig.cab ismu=2"
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: AcronisTibMounterMonitor => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Bing Bar => "C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: Microsoft Default Manager => "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
MSCONFIG\startupreg: TrueImageMonitor.exe => "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-459147949-2764265090-3061895288-500 - Administrator - Disabled)
Coach (S-1-5-21-459147949-2764265090-3061895288-1003 - Limited - Enabled) => C:\Users\Coach
Gast (S-1-5-21-459147949-2764265090-3061895288-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-459147949-2764265090-3061895288-1002 - Limited - Enabled)
Privat (S-1-5-21-459147949-2764265090-3061895288-1004 - Limited - Enabled) => C:\Users\Privat
R (S-1-5-21-459147949-2764265090-3061895288-1001 - Administrator - Enabled) => C:\Users\R

==================== Faulty Device Manager Devices =============

Name: Namuga 1.3M Webcam
Description: USB-Videogerät
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/07/2014 11:57:41 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/07/2014 11:57:41 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/07/2014 11:57:41 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/07/2014 11:57:41 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)

Error: (12/07/2014 11:57:37 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/07/2014 11:57:37 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (12/07/2014 11:57:37 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/07/2014 11:57:37 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=4700} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/07/2014 11:57:37 AM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: Der Jet-Eigenschaftenspeicher kann von Windows Search nicht geöffnet werden.


Details:
	0x%08x (0xc0041800 - Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800))

Error: (12/07/2014 11:57:36 AM) (Source: ESENT) (EventID: 455) (User: )
Description: Windows (2712) Windows: Fehler -1811 beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS005D3.log.


System errors:
=============
Error: (12/07/2014 00:37:07 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (12/07/2014 00:35:56 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "\\?\Volume{79d9c15c-ae74-11e3-99f7-002454164d61}" können nicht gelesen werden.

Error: (12/07/2014 00:35:56 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "\\?\Volume{480761ad-ac60-11e3-b16b-806e6f6e6963}" können nicht gelesen werden.

Error: (12/07/2014 00:35:56 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "\\?\Volume{480761ac-ac60-11e3-b16b-806e6f6e6963}" können nicht gelesen werden.

Error: (12/07/2014 00:35:42 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (12/07/2014 00:35:42 PM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (12/07/2014 00:24:59 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "" können nicht gelesen werden.

Error: (12/07/2014 00:24:59 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "" können nicht gelesen werden.

Error: (12/07/2014 00:24:59 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "" können nicht gelesen werden.

Error: (12/07/2014 00:23:13 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Acronis Nonstop Backup Service" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056


Microsoft Office Sessions:
=========================
Error: (12/07/2014 11:57:41 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: 
Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/07/2014 11:57:41 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontext: Windows Anwendung


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/07/2014 11:57:41 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/07/2014 11:57:41 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (12/07/2014 11:57:37 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (12/07/2014 11:57:37 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (12/07/2014 11:57:37 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: 
Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (12/07/2014 11:57:37 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: 
Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
4700

Error: (12/07/2014 11:57:37 AM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: 
Details:
	0x%08x (0xc0041800 - Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800))

Error: (12/07/2014 11:57:36 AM) (Source: ESENT) (EventID: 455) (User: )
Description: Windows2712Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS005D3.log-1811


CodeIntegrity Errors:
===================================
  Date: 2014-12-07 12:35:55.134
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-07 12:03:57.170
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-07 11:57:04.009
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-07 11:45:40.231
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-07 11:31:26.208
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-07 09:17:45.682
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-07 04:24:01.608
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-07 03:58:34.979
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-07 03:40:40.797
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-06 23:16:55.581
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU P7550 @ 2.26GHz
Percentage of memory in use: 48%
Total physical RAM: 4060.61 MB
Available physical RAM: 2078.7 MB
Total Pagefile: 8119.41 MB
Available Pagefile: 5851.97 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:198.89 GB) (Free:28.63 GB) NTFS
Drive d: (temp) (Fixed) (Total:59.43 GB) (Free:18.22 GB) NTFS
Drive e: (Daten) (Fixed) (Total:131.39 GB) (Free:24.72 GB) NTFS

==================== MBR & Partition Table ==================

==================== End Of Log ============================

sfc /scannow reparieren?

Log-Analyse und Auswertung: sfc /scannow reparieren?

sfc /scannow reparieren?

FRST.txt

Ähnliche Themen: sfc /scannow reparieren?