ok das war der haken, sorry habe ich nicht gecheckt ;-) Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-01-2015
Ran by Carolin at 2015-01-10 13:37:59 Run:1
Running from C:\Users\Carolin\Desktop
Loaded Profile: Carolin (Available profiles: UpdatusUser & Carolin & Stefan)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
C:\Program Files (x86)\FreeTime
Emptytemp:
*****************
C:\Program Files (x86)\FreeTime => Moved successfully.
EmptyTemp: => Removed 235 MB temporary data.
The system needed a reboot.
==== End of Fixlog 13:38:20 ====
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015
Ran by Carolin (administrator) on CAROLIN on 10-01-2015 13:44:46
Running from C:\Users\Carolin\Desktop
Loaded Profile: Carolin (Available profiles: UpdatusUser & Carolin & Stefan)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(NTI Corporation) C:\Program Files (x86)\NTI\NTI Backup Now EZ\BackupNowEZSvr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3010800 2013-01-17] (Synaptics Incorporated)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1754424 2014-11-14] (Bitdefender)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [BackupNowEZtray] => C:\Program Files (x86)\NTI\NTI Backup Now EZ\BackupNowEZtray.exe [581624 2013-02-05] (NTI Corporation)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe [2081792 2013-03-29] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2711576 2014-10-03] (Sony Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5562736 2014-07-22] (Western Digital Technologies, Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [131712 2013-01-24] ( (Atheros Communications))
HKU\S-1-5-21-4293654675-2556177190-2138456915-1002\...\Run: [SkyDrive] => C:\Users\Carolin\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-10-09] (Microsoft Corporation)
HKU\S-1-5-21-4293654675-2556177190-2138456915-1002\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2014-11-14] (Bitdefender)
HKU\S-1-5-21-4293654675-2556177190-2138456915-1002\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [615256 2014-11-14] (Bitdefender)
HKU\S-1-5-21-4293654675-2556177190-2138456915-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-4293654675-2556177190-2138456915-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-18\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2014-11-14] (Bitdefender)
HKU\S-1-5-18\...\Run: [Bitdefender-Geldbörse] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-11-14] (Bitdefender)
HKU\S-1-5-18\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [615256 2014-11-14] (Bitdefender)
Startup: C:\Users\Carolin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Carolin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Carolin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-4293654675-2556177190-2138456915-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4293654675-2556177190-2138456915-1002 -> {095A28A6-95D6-4177-98C1-59F03D82324D} URL =
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll (Bitdefender)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Carolin\AppData\Roaming\Mozilla\Firefox\Profiles\4saq1g2n.default
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-02-26]
FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman [2014-02-26]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx [2014-02-27]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227456 2013-01-24] (Qualcomm Atheros Commnucations)
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [77632 2014-11-14] (Bitdefender)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-27] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [470056 2013-04-30] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2013-12-17] (WildTangent)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-01-30] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-06-17] (Acer Incorporate)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software)
R2 NTI BackupNowEZSvr; C:\Program Files (x86)\NTI\NTI Backup Now EZ\BackupNowEZSvr.exe [46072 2013-02-05] (NTI Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [485400 2014-10-03] (Sony Corporation)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2014-11-14] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1536624 2014-11-14] (Bitdefender)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-12-02] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-07-22] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1260120 2014-11-14] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [261496 2014-11-14] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [647752 2014-11-14] (BitDefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 BdfNdisf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [98768 2014-05-27] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2013-07-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\WINDOWS\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-24] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [File not signed]
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-10] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2013-01-17] (Synaptics Incorporated)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [419616 2014-11-14] (BitDefender S.R.L.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-10 13:37 - 2015-01-10 13:37 - 02124288 _____ (Farbar) C:\Users\Carolin\Desktop\FRST64.exe
2015-01-10 13:00 - 2015-01-10 13:45 - 00020971 _____ () C:\Users\Carolin\Desktop\FRST.txt
2015-01-10 13:00 - 2015-01-10 13:00 - 00039046 _____ () C:\Users\Carolin\Desktop\Addition.txt
2015-01-10 09:06 - 2015-01-10 13:39 - 00002654 _____ () C:\WINDOWS\PFRO.log
2015-01-09 21:12 - 2015-01-09 21:12 - 02124288 _____ (Farbar) C:\Users\Carolin\Downloads\FRST64 (1).exe
2015-01-09 21:12 - 2015-01-09 21:12 - 00045187 _____ () C:\Users\Carolin\Downloads\FRST.txt
2015-01-09 21:12 - 2015-01-09 21:12 - 00043607 _____ () C:\Users\Carolin\Downloads\Addition.txt
2015-01-09 21:08 - 2015-01-09 21:08 - 02124288 _____ (Farbar) C:\Users\Carolin\Downloads\FRST64.exe
2015-01-09 06:17 - 2015-01-10 13:33 - 00003576 _____ () C:\WINDOWS\System32\Tasks\Bitdefender Auto-Scan
2015-01-08 21:15 - 2015-01-08 21:15 - 00000000 ____D () C:\WINDOWS\ERUNT
2015-01-08 20:41 - 2015-01-10 13:41 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-08 20:41 - 2015-01-08 20:41 - 00001122 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-08 20:41 - 2015-01-08 20:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-08 20:41 - 2015-01-08 20:41 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-08 20:41 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-01-08 20:41 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-01-08 20:41 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-01-08 19:18 - 2015-01-08 09:22 - 00376768 _____ () C:\Users\Carolin\Desktop\1420701576_1_01.xml
2015-01-08 19:18 - 2015-01-06 13:00 - 00373964 _____ () C:\Users\Carolin\Desktop\1420541765_1_02.xml
2015-01-08 16:49 - 2015-01-10 13:44 - 00000000 ____D () C:\FRST
2015-01-08 09:02 - 2015-01-08 09:37 - 00000000 ____D () C:\ProgramData\Dumps
2015-01-07 18:58 - 2015-01-07 18:58 - 00003930 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{383E0617-C8B6-4649-8199-915EBE4FC5ED}
2015-01-07 18:58 - 2015-01-07 18:58 - 00000000 __SHD () C:\Users\Stefan\AppData\Local\EmieUserList
2015-01-07 18:58 - 2015-01-07 18:58 - 00000000 __SHD () C:\Users\Stefan\AppData\Local\EmieSiteList
2015-01-07 18:58 - 2015-01-07 18:58 - 00000000 __SHD () C:\Users\Stefan\AppData\Local\EmieBrowserModeList
2015-01-07 18:58 - 2015-01-07 18:58 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Macromedia
2015-01-07 18:57 - 2015-01-07 18:58 - 00000000 ____D () C:\Users\Stefan\OneDrive
2015-01-07 18:55 - 2015-01-07 18:55 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Synaptics
2015-01-07 18:55 - 2015-01-07 18:55 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Sony Corporation
2015-01-07 18:55 - 2015-01-07 18:55 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Bitdefender
2015-01-07 18:55 - 2015-01-07 18:55 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Atheros
2015-01-07 18:55 - 2015-01-07 18:55 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Apple Computer
2015-01-07 18:54 - 2015-01-07 18:54 - 00001418 _____ () C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-07 18:54 - 2015-01-07 18:54 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Adobe
2015-01-07 18:54 - 2015-01-07 18:54 - 00000000 ____D () C:\Users\Stefan\AppData\Local\VirtualStore
2015-01-07 18:53 - 2015-01-07 18:56 - 00000000 ____D () C:\Users\Stefan\AppData\Local\Packages
2015-01-07 18:51 - 2015-01-07 18:51 - 00000020 ___SH () C:\Users\Stefan\ntuser.ini
2015-01-07 18:51 - 2015-01-07 18:51 - 00000000 _SHDL () C:\Users\Stefan\Vorlagen
2015-01-07 18:51 - 2015-01-07 18:51 - 00000000 _SHDL () C:\Users\Stefan\Startmenü
2015-01-07 18:51 - 2015-01-07 18:51 - 00000000 _SHDL () C:\Users\Stefan\Netzwerkumgebung
2015-01-07 18:51 - 2015-01-07 18:51 - 00000000 _SHDL () C:\Users\Stefan\Lokale Einstellungen
2015-01-07 18:51 - 2015-01-07 18:51 - 00000000 _SHDL () C:\Users\Stefan\Eigene Dateien
2015-01-07 18:51 - 2015-01-07 18:51 - 00000000 _SHDL () C:\Users\Stefan\Druckumgebung
2015-01-07 18:51 - 2015-01-07 18:51 - 00000000 _SHDL () C:\Users\Stefan\Documents\Eigene Musik
2015-01-07 18:51 - 2015-01-07 18:51 - 00000000 _SHDL () C:\Users\Stefan\Documents\Eigene Bilder
2015-01-07 18:51 - 2015-01-07 18:51 - 00000000 _SHDL () C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-07 18:51 - 2015-01-07 18:51 - 00000000 _SHDL () C:\Users\Stefan\AppData\Local\Verlauf
2015-01-07 18:51 - 2015-01-07 18:51 - 00000000 _SHDL () C:\Users\Stefan\AppData\Local\Anwendungsdaten
2015-01-07 18:51 - 2015-01-07 18:51 - 00000000 _SHDL () C:\Users\Stefan\Anwendungsdaten
2015-01-07 18:50 - 2015-01-07 18:57 - 00000000 ____D () C:\Users\Stefan
2015-01-07 18:50 - 2014-11-14 17:57 - 00000000 ___RD () C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-07 18:50 - 2014-09-21 13:36 - 00000000 ___RD () C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-01-07 18:50 - 2014-02-22 05:37 - 00000369 _____ () C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-01-07 18:50 - 2014-02-22 05:37 - 00000369 _____ () C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-01-07 18:50 - 2014-01-04 22:51 - 00000000 ____D () C:\Users\Stefan\AppData\Local\Pokki
2015-01-07 18:50 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-07 18:50 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-06 15:57 - 2015-01-06 15:57 - 00000000 ____D () C:\ProgramData\Emsisoft
2015-01-06 14:15 - 2015-01-08 21:07 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-01-06 14:15 - 2015-01-08 11:09 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-01-06 14:15 - 2015-01-06 14:15 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2015-01-05 23:46 - 2015-01-05 23:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-01-05 23:31 - 2015-01-05 23:31 - 05249448 _____ (ParetoLogic Inc.) C:\Users\Carolin\Downloads\ParetoLogic PC Health Advisor_de(1).exe
2015-01-05 23:01 - 2015-01-05 23:01 - 00000000 ____D () C:\Users\Carolin\AppData\Local\Mozilla
2015-01-05 22:27 - 2015-01-05 22:27 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Carolin\Downloads\mbam-setup-2.0.4.1028_CB-DL-Manager [1].exe
2015-01-05 22:26 - 2015-01-05 22:26 - 00823792 _____ ( ) C:\Users\Carolin\Downloads\mbam-setup-2.0.4.1028_CB-DL-Manager.exe
2015-01-05 21:30 - 2015-01-05 21:30 - 05317104 _____ (Piriform Ltd) C:\Users\Carolin\Downloads\ccsetup501.exe
2015-01-05 21:30 - 2015-01-05 21:30 - 00000798 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-01-05 21:27 - 2015-01-05 21:27 - 05249448 _____ (ParetoLogic Inc.) C:\Users\Carolin\Downloads\ParetoLogic PC Health Advisor_de.exe
2015-01-05 20:51 - 2015-01-05 20:51 - 00247236 _____ () C:\Users\Carolin\Downloads\onedrivets (1).diagcab
2015-01-05 20:10 - 2015-01-05 20:51 - 00003382 _____ () C:\WINDOWS\System32\Tasks\START SKYDRIVE
2015-01-05 20:09 - 2015-01-05 20:09 - 00247236 _____ () C:\Users\Carolin\Downloads\onedrivets.diagcab
2015-01-03 12:42 - 2015-01-03 12:42 - 00000000 ____D () C:\Users\Public\Documents\Gnom
2015-01-03 09:22 - 2015-01-04 22:44 - 00000000 ____D () C:\Users\Carolin\Achim
2015-01-02 18:32 - 2015-01-02 18:32 - 00001090 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-12-27 20:14 - 2014-12-27 20:14 - 00000000 ____D () C:\Analytics
2014-12-27 20:12 - 2014-12-27 20:12 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Western Digital
2014-12-27 20:09 - 2015-01-10 13:41 - 00008192 _____ () C:\WINDOWS\SysWOW64\WDPABKP.dat
2014-12-27 20:09 - 2015-01-05 21:11 - 00000000 ____D () C:\Users\Carolin\AppData\Local\Western_Digital_Technolog
2014-12-27 20:09 - 2015-01-05 21:11 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-27 20:09 - 2015-01-05 21:11 - 00000000 ____D () C:\Program Files\Common Files\Western Digital
2014-12-27 20:09 - 2014-12-27 20:09 - 00000000 ____D () C:\Program Files\Western Digital
2014-12-27 20:04 - 2014-12-27 20:04 - 41112192 _____ () C:\Users\Carolin\Downloads\SmartWare_Windows_Upgrader (1).zip
2014-12-27 20:04 - 2014-12-27 20:04 - 04461527 _____ () C:\Users\Carolin\Downloads\WD_Quick_View_Setup_for_Windows.zip
2014-12-27 13:56 - 2014-12-27 13:58 - 41112192 _____ () C:\Users\Carolin\Downloads\SmartWare_Windows_Upgrader.zip
2014-12-27 13:05 - 2014-12-27 13:05 - 65350992 _____ () C:\Users\Carolin\Downloads\WDMyCloud_win.exe
2014-12-27 13:03 - 2015-01-05 21:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
2014-12-27 13:03 - 2015-01-05 21:11 - 00000000 ____D () C:\Program Files (x86)\Western Digital
2014-12-27 13:03 - 2014-12-27 13:03 - 65350992 _____ () C:\Users\Carolin\WDMyCloud_win.exe
2014-12-27 13:00 - 2014-12-27 20:09 - 00000000 ____D () C:\ProgramData\Western Digital
2014-12-27 13:00 - 2014-12-27 13:03 - 00001173 _____ () C:\Users\Public\Desktop\WD My Cloud.lnk
2014-12-27 13:00 - 2014-12-27 13:02 - 00000000 ____D () C:\Users\Carolin\AppData\Roaming\com.wd.WDMyCloud
2014-12-27 13:00 - 2014-12-27 13:00 - 00000204 _____ () C:\Users\Carolin\Desktop\Lerncenter WD My Cloud.url
2014-12-27 13:00 - 2014-12-27 13:00 - 00000158 _____ () C:\Users\Carolin\Desktop\WD My Cloud – Öffentliche Freigabe.url
2014-12-27 13:00 - 2014-12-27 13:00 - 00000154 _____ () C:\Users\Carolin\Desktop\WD My Cloud-Dashboard.url
2014-12-27 13:00 - 2014-12-27 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bonjour-Druckdienste
2014-12-27 13:00 - 2014-12-27 13:00 - 00000000 ____D () C:\Program Files\Bonjour Print Services
2014-12-27 12:49 - 2015-01-05 21:11 - 00000000 ____D () C:\Users\Carolin\AppData\Local\Western Digital
2014-12-27 12:48 - 2014-12-27 12:48 - 71601392 _____ () C:\Users\Carolin\Downloads\mc_windows_setup.exe
2014-12-26 21:04 - 2014-12-26 21:04 - 00001431 _____ () C:\Users\Carolin\Desktop\CopyTrans Control Center.lnk
2014-12-26 21:04 - 2014-12-26 21:04 - 00000000 ____D () C:\Users\Carolin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
2014-12-26 21:03 - 2014-12-26 21:04 - 05102256 _____ (WindSolutions) C:\Users\Carolin\Downloads\Install_CopyTransControlCenter.exe
2014-12-26 21:00 - 2014-12-26 21:09 - 00000000 ____D () C:\Users\Carolin\AppData\Roaming\WindSolutions
2014-12-26 20:59 - 2014-12-26 21:08 - 00000000 ____D () C:\ProgramData\WindSolutions
2014-12-26 20:58 - 2014-12-26 20:58 - 09280316 _____ () C:\Users\Carolin\Downloads\CopyTransManagerDEv1.013.zip
2014-12-17 16:18 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-17 16:18 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-12-13 01:50 - 2014-12-13 01:50 - 00829264 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100.dll
2014-12-13 01:50 - 2014-12-13 01:50 - 00608080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp100.dll
2014-12-12 23:22 - 2014-12-12 23:22 - 00773968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100.dll
2014-12-12 23:22 - 2014-12-12 23:22 - 00421200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp100.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-10 13:42 - 2014-04-08 16:33 - 00005140 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for CAROLIN-Carolin Carolin
2015-01-10 13:41 - 2014-01-21 20:39 - 01697280 ___SH () C:\Users\Carolin\Desktop\Thumbs.db
2015-01-10 13:41 - 2014-01-04 12:01 - 00000000 __RDO () C:\Users\Carolin\SkyDrive
2015-01-10 13:40 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-10 13:39 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-10 13:38 - 2014-01-04 22:43 - 02095811 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-10 13:38 - 2014-01-04 14:27 - 00000000 ____D () C:\Users\Carolin\Documents\WISO Mein Geld
2015-01-10 13:04 - 2014-04-27 20:43 - 00401920 ___SH () C:\Users\Carolin\Thumbs.db
2015-01-10 13:03 - 2014-01-04 22:47 - 00000000 ____D () C:\Users\Carolin
2015-01-10 13:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-10 09:17 - 2014-01-04 23:30 - 00003934 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D47BDD1F-9221-4378-922D-20DF3289565D}
2015-01-09 20:19 - 2014-01-26 17:43 - 02090496 ___SH () C:\Users\Carolin\Downloads\Thumbs.db
2015-01-08 21:15 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-08 21:06 - 2014-02-26 14:51 - 00000000 ____D () C:\AdwCleaner
2015-01-08 20:50 - 2014-01-04 11:55 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4293654675-2556177190-2138456915-1002
2015-01-08 09:21 - 2014-02-26 09:52 - 00000000 ____D () C:\ProgramData\BDLogging
2015-01-07 18:55 - 2014-01-04 11:48 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2015-01-07 18:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-01-06 17:42 - 2014-06-16 17:26 - 00000000 ____D () C:\schrankplaner
2015-01-06 17:42 - 2013-08-22 15:44 - 00446440 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-01-06 14:12 - 2014-01-04 11:46 - 00000000 ____D () C:\Users\Carolin\AppData\Local\VirtualStore
2015-01-06 13:56 - 2014-01-04 23:12 - 00000000 ____D () C:\Users\Carolin\AppData\Local\Deployment
2015-01-06 12:11 - 2014-01-05 19:38 - 00000000 ____D () C:\Users\Carolin\AppData\Roaming\Nitro PDF
2015-01-05 23:01 - 2014-01-07 18:01 - 00000000 ____D () C:\Users\Carolin\AppData\Roaming\Mozilla
2015-01-05 22:56 - 2014-01-13 20:40 - 00000000 ____D () C:\Users\Carolin\AppData\Local\Google
2015-01-05 22:56 - 2014-01-13 20:40 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-05 21:30 - 2014-05-08 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-01-05 21:30 - 2014-05-08 19:49 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-05 21:16 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-01-05 21:11 - 2014-04-27 21:00 - 00000000 ____D () C:\Users\Carolin\AppData\Temp
2015-01-05 21:11 - 2014-02-02 17:23 - 00000000 ____D () C:\Users\Carolin\AppData\Roaming\vlc
2015-01-05 20:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\registration
2015-01-03 16:10 - 2014-01-05 17:52 - 00000000 ___RD () C:\Users\Carolin\Dropbox
2015-01-03 16:10 - 2014-01-05 17:49 - 00000000 ____D () C:\Users\Carolin\AppData\Roaming\Dropbox
2015-01-02 17:07 - 2014-08-13 19:08 - 00012795 _____ () C:\Users\Carolin\Documents\Übersicht Planung MM.xlsx
2015-01-02 13:01 - 2014-01-04 15:14 - 00000000 ____D () C:\Users\Carolin\AppData\Local\Apple Computer
2014-12-26 22:02 - 2014-01-04 11:46 - 00000000 ____D () C:\Users\Carolin\AppData\Local\Packages
2014-12-23 12:16 - 2014-01-04 11:57 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-12-22 07:19 - 2013-11-14 08:27 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-22 07:19 - 2013-11-14 08:11 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2014-12-22 07:19 - 2013-11-14 08:11 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2014-12-20 20:03 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-19 17:59 - 2014-01-05 17:51 - 00000000 ____D () C:\Users\Carolin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-16 19:43 - 2014-01-04 17:09 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-16 19:40 - 2014-01-04 17:09 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
Files to move or delete:
====================
C:\Users\Carolin\WDMyCloud_win.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-08 08:19
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-01-2015
Ran by Carolin at 2015-01-10 13:45:27
Running from C:\Users\Carolin\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3013 - Acer Incorporated)
Acer Games (HKU\S-1-5-21-4293654675-2556177190-2138456915-1002\...\Pokki_03d432a7e610c3e908213e7689d4342ce2111caf) (Version: 1.1.7.42206 - Pokki)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.3005 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3013 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
Acer USB Charge Manager (HKLM\...\{07E867C5-0C48-40FF-A013-DDAF4565AD47}) (Version: 2.00.3004 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2022 - Acer Incorporated)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bitdefender Internet Security (HKLM\...\Bitdefender) (Version: 17.25.0.1074 - Bitdefender)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bonjour-Druckdienste (HKLM\...\{0DA20600-6130-443B-9D4B-F30520315FA6}) (Version: 2.0.2.0 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-4293654675-2556177190-2138456915-1002\...\CopyTrans Suite) (Version: 3.003 - WindSolutions)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-4293654675-2556177190-2138456915-1002\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
EaseUS Partition Master 9.3.0 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
FormatFactory 3.2.1.0 (HKLM-x32\...\FormatFactory) (Version: 3.2.1.0 - Free Time)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3379 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kochbuch 2.4.1 (HKLM\...\Kochbuch_is1) (Version: 2.4.1 - Flo & Seb Engineering)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
MAGIX Video easy TERRATEC Edition (HKLM-x32\...\MAGIX_{2FA06473-23F0-4372-8DD5-1EAE42503D93}) (Version: 3.0.1.50 - MAGIX AG)
MAGIX Video easy TERRATEC Edition (Version: 3.0.1.50 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MergeModule_x64 (Version: 9.0.01 - Sony Corporation) Hidden
MergeModule_x86 (x32 Version: 9.0.01 - Sony Corporation) Hidden
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4293654675-2556177190-2138456915-1002\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
Nitro Reader 3 (HKLM\...\{4756C731-B54E-451A-9AF1-86E8AB1BEBBB}) (Version: 3.5.6.5 - Nitro)
NTI Backup Now EZ (HKLM-x32\...\InstallShield_{B9ECA41B-55CC-4654-B6B5-6731D009EC69}) (Version: 3.0.2.32c - NTI Corporation)
NTI Backup Now EZ (x32 Version: 3.0.2.32c - NTI Corporation) Hidden
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.02.2008 - Acer)
Photo Collage 3.0 (HKLM-x32\...\{8D42CBBC-2089-44AB-8021-369DDB962816}) (Version: - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Picture Collage Maker Pro 4.1.2 (HKLM-x32\...\{6D308A90-6C14-4A02-9B04-CB0EF17894A9}_is1) (Version: 4.1.2 - PearlMountain Technology Co., Ltd)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayMemories Home (HKLM-x32\...\{93AA5B49-0994-4EF6-80F3-868C9CEA88ED}) (Version: 4.0.02.10030 - Sony Corporation)
PMB_ModeEditor_ACMC (x32 Version: 9.0.02 - Sony Corporation) Hidden
PMB_ServiceUploader (x32 Version: 9.0.02 - Sony Corporation) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.220 - Qualcomm Atheros Communications)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.39 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6865 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C9661090-C134-46E8-90B2-76D72355C2A6}) (Version: 6.2.9200.28140 - Realtek Semiconductor Corp.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SOHLib for PlayMemories Home (Version: 1.0.3.02170 - Sony Corporation) Hidden
Spielkanäle (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 8.1.0.17 - WildTangent, Inc.)
Spielkanäle (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 8.1.0.17 - WildTangent, Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.4.5 - Synaptics Incorporated)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
TERRATEC GRABBY (64 Bit) (HKLM-x32\...\{17CC47BB-ADA7-4EB3-B3D0-FFE461E0CEBE}) (Version: 5.201.1823.0 - TERRATEC)
TERRATEC GRABBY (HKLM-x32\...\{BD1F3804-4AB5-42A7-AF41-EACDB3498E21}) (Version: 5.201.1823.0 - )
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WD My Cloud (HKLM\...\{432F3CFC-ED41-4CDC-9D8F-6643C8A71CEA}) (Version: 1.0.6.13 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{C58994CF-D15D-41E3-A03B-587B39EAA903}) (Version: 2.4.6.3 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{142D42E3-07A9-4AAC-BD3B-636392891706}) (Version: 2.4.6.3 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{1891b882-48f7-442d-98d0-c1ce533f25bd}) (Version: 2.4.6.3 - Western Digital Technologies, Inc.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.2 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows-Treiberpaket - TERRATEC (USB28xxBGA) Media (05/16/2013 5.2011.823.0) (HKLM\...\2752F9F448205AF04D07DBF6BD4573D7F4AC1CC6) (Version: 05/16/2013 5.2011.823.0 - TERRATEC )
WISO Mein Geld 2014 Professional (HKLM-x32\...\WISO Mein Geld 2014 Professional) (Version: - Buhl Data Service GmbH)
WISO Mein Geld 2014 Professional (x32 Version: 16.0.1.0 - Buhl Data Service GmbH) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-4293654675-2556177190-2138456915-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Carolin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4293654675-2556177190-2138456915-1002_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Carolin\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-4293654675-2556177190-2138456915-1002_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Carolin\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-4293654675-2556177190-2138456915-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Carolin\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4293654675-2556177190-2138456915-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carolin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4293654675-2556177190-2138456915-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carolin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4293654675-2556177190-2138456915-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carolin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4293654675-2556177190-2138456915-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carolin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4293654675-2556177190-2138456915-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carolin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4293654675-2556177190-2138456915-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carolin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4293654675-2556177190-2138456915-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carolin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4293654675-2556177190-2138456915-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carolin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {21D54023-FCA0-4F2A-B012-C7D5AC96B135} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-16] (Microsoft Corporation)
Task: {32DD49E9-F389-4E91-8ABF-8546D1C8A93C} - System32\Tasks\Dolby Selector => C:\Dolby PCEE4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {6B7DDCCB-393E-42C7-A338-0912726B1BEA} - System32\Tasks\Microsoft Office 15 Sync Maintenance for CAROLIN-Carolin Carolin => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-11-04] (Microsoft Corporation)
Task: {89098DFA-1AF8-4278-ABD8-9DE3D201B9DB} - System32\Tasks\START SKYDRIVE => C:\WINDOWS\System32\SkyDrive.exe [2014-08-16] (Microsoft Corporation)
Task: {8F2B5D50-FC49-4F37-99F2-E4CA803398A2} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {90FA9D9F-99B5-4AAB-B09B-B44065352E8E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {93DA4D11-A582-426E-84A2-F5F452DEFA63} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-03-15] (Acer Incorporated)
Task: {A3AC7B94-31D0-4362-A615-AD69C4DD02F9} - System32\Tasks\Bitdefender Auto-Scan => C:\Program Files\Bitdefender\Bitdefender\mtasklaunch.exe [2014-11-14] (Bitdefender)
Task: {A94EBFDB-8ADB-497F-A272-26C68D1DFCF0} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2014-01-16] (Sony Corporation)
Task: {E0016269-49ED-4B59-9C2E-237CEE23361A} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: {E67671C1-2FC7-47FA-A5D0-A7A7D7F6B946} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-4293654675-2556177190-2138456915-1002 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe
Task: {E74F1321-91CB-4D6B-AAF4-8050A540DD42} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F4AD76AD-5039-4D0A-A97D-963EC5FD610F} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-06-17] (Acer Incorporate)
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Loaded Modules (whitelisted) =============
2013-09-05 02:36 - 2013-09-05 02:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-11-14 09:02 - 2014-11-14 09:02 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender\txmlutil.dll
2014-11-14 09:02 - 2014-11-14 09:02 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\accessl.ui
2014-02-26 09:52 - 2011-11-14 19:17 - 00153680 _____ () C:\Program Files\Bitdefender\Bitdefender\bdfwcore.dll
2014-11-14 09:02 - 2014-11-14 09:02 - 00005120 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\IMSecurityAL.ui
2014-07-24 08:57 - 2014-07-24 08:57 - 00780592 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00047_011\ashttpbr.mdl
2014-07-24 08:57 - 2014-07-24 08:57 - 00568400 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00047_011\ashttpdsp.mdl
2014-07-24 08:57 - 2014-07-24 08:57 - 02602680 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00047_011\ashttpph.mdl
2014-07-24 08:57 - 2014-07-24 08:57 - 01323408 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00047_011\ashttprbl.mdl
2014-08-04 08:33 - 2014-08-04 08:33 - 00034304 _____ () C:\WINDOWS\System32\ssj1mlm.dll
2014-03-28 06:17 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-01-24 23:09 - 2013-01-24 23:09 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-01-24 23:05 - 2013-01-24 23:05 - 00084992 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-01-24 23:12 - 2013-01-24 23:12 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2014-12-12 23:24 - 2014-12-12 23:24 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-02-05 13:29 - 2013-02-05 13:29 - 00465824 _____ () C:\Program Files (x86)\NTI\NTI Backup Now EZ\sqlite3.dll
2014-11-16 08:57 - 2014-11-16 08:57 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2014-11-16 08:57 - 2014-11-16 08:57 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll
2014-11-16 08:58 - 2014-11-16 08:58 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2013-10-23 03:02 - 2013-01-23 08:57 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Carolin\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Carolin\Desktop\FRST64.exe:BDU
AlternateDataStreams: C:\Users\Carolin\Downloads\ACMC_4001DL (1).exe:BDU
AlternateDataStreams: C:\Users\Carolin\Downloads\ACMC_4001DL (2).exe:BDU
AlternateDataStreams: C:\Users\Carolin\Downloads\ACMC_4001DL.exe:BDU
AlternateDataStreams: C:\Users\Carolin\Downloads\adwcleaner_3.2.0.7.exe:BDU
AlternateDataStreams: C:\Users\Carolin\Downloads\ccsetup413_slim.exe:BDU
AlternateDataStreams: C:\Users\Carolin\Downloads\ccsetup501.exe:BDU
AlternateDataStreams: C:\Users\Carolin\Downloads\chromeinstall-7u51.exe:BDU
AlternateDataStreams: C:\Users\Carolin\Downloads\chromeinstall-7u65.exe:BDU
AlternateDataStreams: C:\Users\Carolin\Downloads\COMPUTER_BILD-Download-Manager_fuer_adwcleaner.exe:BDU
AlternateDataStreams: C:\Users\Carolin\Downloads\ElsterFormular-15.0.20140212p.exe:BDU
AlternateDataStreams: C:\Users\Carolin\Downloads\epson378345eu.exe:BDU
AlternateDataStreams: C:\Users\Carolin\Downloads\Fotowall_0.9_WinXP_Vista_7.exe:BDU
AlternateDataStreams: C:\Users\Carolin\Downloads\FRST64 (1).exe:BDU
AlternateDataStreams: C:\Users\Carolin\Downloads\FRST64.exe:BDU
AlternateDataStreams: C:\Users\Carolin\Downloads\iCloudSetup (1).exe:BDU
AlternateDataStreams: C:\Users\Carolin\Downloads\iCloudSetup (2).exe:BDU
AlternateDataStreams: C:\Users\Carolin\Downloads\iCloudSetup.exe:BDU
AlternateDataStreams: C:\Users\Carolin\Downloads\Install_CopyTransControlCenter.exe:BDU
AlternateDataStreams: C:\Users\Carolin\Downloads\mbam-setup-2.0.1.1004.exe:BDU
AlternateDataStreams: C:\Users\Carolin\Downloads\mbam-setup-2.0.4.1028_CB-DL-Manager.exe:BDU
AlternateDataStreams: C:\Users\Carolin\Downloads\mc_windows_setup.exe:BDU
AlternateDataStreams: C:\Users\Carolin\Downloads\ParetoLogic PC Health Advisor_de(1).exe:BDU
AlternateDataStreams: C:\Users\Carolin\Downloads\ParetoLogic PC Health Advisor_de.exe:BDU
AlternateDataStreams: C:\Users\Carolin\Downloads\picasa39-setup_3.9.137.118.exe:BDU
AlternateDataStreams: C:\Users\Carolin\Downloads\PictureCollageMakerPro_CB-DL-Manager.exe:BDU
AlternateDataStreams: C:\Users\Carolin\Downloads\PMHOME_4001DL.exe:BDU
AlternateDataStreams: C:\Users\Carolin\Downloads\schrankplaner_setup.exe:BDU
AlternateDataStreams: C:\Users\Carolin\Downloads\scribus-1.4.3-windows.exe:BDU
AlternateDataStreams: C:\Users\Carolin\Downloads\ShapeCollage-3.1-Setup (1).exe:BDU
AlternateDataStreams: C:\Users\Carolin\Downloads\Update_HDRAS100VV200.exe:BDU
AlternateDataStreams: C:\Users\Carolin\Downloads\WDMyCloud_win.exe:BDU
AlternateDataStreams: C:\Users\Carolin\Downloads\XMediaRecode3193_setup.exe:BDU
AlternateDataStreams: C:\Users\Stefan\OneDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "BackupNowEZtray"
HKU\S-1-5-21-4293654675-2556177190-2138456915-1002\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-4293654675-2556177190-2138456915-1002\...\StartupApproved\Run: => "SkyDrive"
HKU\S-1-5-21-4293654675-2556177190-2138456915-1002\...\StartupApproved\Run: => "Bitdefender-Geldbörse"
HKU\S-1-5-21-4293654675-2556177190-2138456915-1002\...\StartupApproved\Run: => "Bitdefender-Geldbörse-Agent"
HKU\S-1-5-21-4293654675-2556177190-2138456915-1002\...\StartupApproved\Run: => "Bitdefender-Geldbörse-Anwendungs-Agent"
========================= Accounts: ==========================
Administrator (S-1-5-21-4293654675-2556177190-2138456915-500 - Administrator - Disabled)
Carolin (S-1-5-21-4293654675-2556177190-2138456915-1002 - Administrator - Enabled) => C:\Users\Carolin
Gast (S-1-5-21-4293654675-2556177190-2138456915-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4293654675-2556177190-2138456915-1007 - Limited - Enabled)
Stefan (S-1-5-21-4293654675-2556177190-2138456915-1008 - Limited - Enabled) => C:\Users\Stefan
UpdatusUser (S-1-5-21-4293654675-2556177190-2138456915-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Faulty Device Manager Devices =============
Name: Bluetooth USB Module
Description: Bluetooth USB Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/10/2015 00:57:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wwahost.exe, Version: 6.3.9600.17031, Zeitstempel: 0x53085904
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eeb4a3
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000debd8
ID des fehlerhaften Prozesses: 0x1278
Startzeit der fehlerhaften Anwendung: 0xwwahost.exe0
Pfad der fehlerhaften Anwendung: wwahost.exe1
Pfad des fehlerhaften Moduls: wwahost.exe2
Berichtskennung: wwahost.exe3
Vollständiger Name des fehlerhaften Pakets: wwahost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: wwahost.exe5
Error: (01/10/2015 00:50:31 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (01/10/2015 09:08:53 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
Error: (01/10/2015 09:08:51 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.
Details:
Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an. (HRESULT : 0x80040d06) (0x80040d06)
Error: (01/10/2015 09:08:51 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.
Kontext: Windows Anwendung
Details:
Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an. (HRESULT : 0x80040d06) (0x80040d06)
Error: (01/10/2015 09:08:51 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an. (HRESULT : 0x80040d06) (0x80040d06)
Error: (01/10/2015 09:08:51 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an. (HRESULT : 0x80040d06) (0x80040d06)
Error: (01/10/2015 09:08:50 AM) (Source: Windows Search Service) (EventID: 3057) (User: )
Description: Der Plug-In-Manager <Search.TripoliIndexer> kann nicht initialisiert werden.
Kontext: Windows Anwendung
Details:
(HRESULT : 0x8e5e0210) (0x8e5e0210)
Error: (01/10/2015 09:08:50 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. 0xc0041801 (0xc0041801)
Error: (01/10/2015 09:08:50 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=4810 - enduser\mssearch2\search\ytrip\common\util\jetutil.cpp (167)} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.
Details:
0x8e5e0210 (0x8e5e0210)
System errors:
=============
Error: (01/10/2015 01:42:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (01/10/2015 01:42:46 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1326
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (01/10/2015 01:40:14 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Bitdefender Virus Shield" wurde nicht richtig gestartet.
Error: (01/10/2015 01:39:16 PM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "\\?\Volume{f4f5d7be-0927-4065-83f5-97efd7c784ea}" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Error: (01/10/2015 09:10:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (01/10/2015 09:10:31 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1326
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (01/10/2015 09:09:20 AM) (Source: DCOM) (EventID: 10005) (User: CAROLIN)
Description: 1053WSearchNicht verfügbar{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error: (01/10/2015 09:09:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (01/10/2015 09:09:20 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht.
Error: (01/10/2015 09:09:19 AM) (Source: DCOM) (EventID: 10005) (User: CAROLIN)
Description: 1053WSearchNicht verfügbar{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Microsoft Office Sessions:
=========================
Error: (01/10/2015 00:57:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: wwahost.exe6.3.9600.1703153085904ntdll.dll6.3.9600.1727853eeb4a3c0000374000debd8127801d02ccc5b3da48fC:\WINDOWS\syswow64\wwahost.exeC:\WINDOWS\SYSTEM32\ntdll.dllc8ffb229-98bf-11e4-bea9-54bef7820b46Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5cApp
Error: (01/10/2015 00:50:31 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (01/10/2015 09:08:53 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
Error: (01/10/2015 09:08:51 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description:
Details:
Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an. (HRESULT : 0x80040d06) (0x80040d06)
Error: (01/10/2015 09:08:51 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontext: Windows Anwendung
Details:
Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an. (HRESULT : 0x80040d06) (0x80040d06)
Error: (01/10/2015 09:08:51 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an. (HRESULT : 0x80040d06) (0x80040d06)
Error: (01/10/2015 09:08:51 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an. (HRESULT : 0x80040d06) (0x80040d06)
Search.TripoliIndexer
Error: (01/10/2015 09:08:50 AM) (Source: Windows Search Service) (EventID: 3057) (User: )
Description: Kontext: Windows Anwendung
Details:
(HRESULT : 0x8e5e0210) (0x8e5e0210)
Search.TripoliIndexer
Error: (01/10/2015 09:08:50 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description:
Details:
Der Inhaltsindexkatalog ist fehlerhaft. 0xc0041801 (0xc0041801)
The catalog is corrupt
Error: (01/10/2015 09:08:50 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description:
Details:
0x8e5e0210 (0x8e5e0210)
4810 - enduser\mssearch2\search\ytrip\common\util\jetutil.cpp (167)
CodeIntegrity Errors:
===================================
Date: 2014-12-25 13:46:42.710
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Nitro\Reader 3\NitroPDFThumbnailHelper.exe that did not meet the Microsoft signing level requirements.
Date: 2014-04-27 21:44:39.343
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\systemk\x64\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2014-04-27 21:44:39.148
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\systemk\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2014-04-27 21:34:27.345
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\systemk\x64\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2014-04-27 21:34:27.236
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\systemk\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2014-04-27 21:31:22.813
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\systemk\x64\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2014-04-27 21:31:22.719
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\systemk\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2014-04-27 21:28:48.475
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\systemk\x64\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2014-04-27 21:28:48.197
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\systemk\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2014-04-27 21:06:58.680
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\systemk\x64\sysapcrt.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4702MQ CPU @ 2.20GHz
Percentage of memory in use: 25%
Total physical RAM: 8072.27 MB
Available physical RAM: 6014.26 MB
Total Pagefile: 9352.27 MB
Available Pagefile: 7190.5 MB
Total Virtual: 131072 MB
Available Virtual: 131071.82 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:447.61 GB) (Free:311.56 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 4583D9D7)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
Farbar Service Scanner 
