| |
| |||||||
Alles rund um Windows: Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701Windows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows. |
 |
01.04.2014, 09:22
| #1 |
 |  Problem: Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 Hallo! Ich versuche jetzt seit einiger Zeit das Update SP1 zu installieren. Ich bin darauf gestoßen, da mein Explorer(8) veraltet ist. Die Installattion hat wohl seit 2012 nicht funktioniert. Da ich absoluter Laie auf diesem gebiet bin und mein Laptop trotzdem funktioniert, hat es mich nicht weiter gestört. Ich habe in den letzten Tagen mehrere Scaner durchlaufen lassen. Unter anderem adwcleaner und TDSSKiller von denen ich die Logdateien noch habe und mit den anderen gewünschten Logdateien beifüge. (es sind noch weitere TDDS. Logdateien vorhanden. Konnte diese aber nicht mehr anhängen) Das Programm GMER konnte nicht ausgeführt werden. Ich bin sehr froh über die Möglichkeit, die mir dieses Forum bietet, bin mir dabei völlig im Klaren, dass jegliche Hilfe alles andere als eine Selbstverständlichkeit ist und danke Euch deshalb schon im Voraus für Eure Mühe. Adw R0 # AdwCleaner v3.022 - Bericht erstellt am 30/03/2014 um 19:52:37 # Aktualisiert 13/03/2014 von Xplode # Betriebssystem : Windows 7 Home Premium (64 bits) # Benutzername : MediMax - MEDIMAX-PC # Gestartet von : C:\Users\MediMax\AppData\Local\Temp\Temporary Internet Files\Content.IE5\AWIE8IZH\2-adwcleaner[1].exe # Option : Suchen ***** [ Dienste ] ***** ***** [ Dateien / Ordner ] ***** Datei Gefunden : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar Ordner Gefunden : C:\Users\MediMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabfjnbeinlpljodiajipidiompfl Ordner Gefunden C:\Program Files (x86)\Ask.com Ordner Gefunden C:\ProgramData\Partner Ordner Gefunden C:\Users\MediMax\AppData\Local\apn Ordner Gefunden C:\Users\MediMax\AppData\Local\AskToolbar Ordner Gefunden C:\Users\MediMax\AppData\Local\Temp\AskSearch Ordner Gefunden C:\Users\MediMax\AppData\LocalLow\AskToolbar Ordner Gefunden C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe} ***** [ Verknüpfungen ] ***** ***** [ Registrierungsdatenbank ] ***** Schlüssel Gefunden : HKCU\Software\APN Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\AskToolbar Schlüssel Gefunden : HKCU\Software\Ask.com Schlüssel Gefunden : HKCU\Software\AskToolbar Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0} Schlüssel Gefunden : [x64] HKCU\Software\APN Schlüssel Gefunden : [x64] HKCU\Software\Ask.com Schlüssel Gefunden : [x64] HKCU\Software\AskToolbar Schlüssel Gefunden : HKLM\Software\APN Schlüssel Gefunden : HKLM\Software\AskToolbar Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{05366194-3126-4601-AC1A-DDE573E093DC} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{061F450C-37B9-4330-9235-0F25D9F75B33} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{26249267-15F4-4DA3-8247-C5A78E4FA918} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{39B217B4-8C69-4E45-A8DC-8CC4DAD3CF0A} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3CB4CE45-8849-4638-9226-D6B615A15827} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{43AB7B5D-4C40-4103-A549-7002A116A7D5} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{996ED20F-A740-47A2-A7EF-9620D422BB4E} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd Schlüssel Gefunden : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1 Schlüssel Gefunden : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF Schlüssel Gefunden : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{061F450C-37B9-4330-9235-0F25D9F75B33} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\protector_dll.protectorbho Schlüssel Gefunden : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\ScriptHost.Tool Schlüssel Gefunden : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1 Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{1D55DAA5-04AC-4036-B0BE-DA81EE9676CD} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{58CBF821-A0C7-4AE8-9430-77DD1AF38E99} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{72BCBFF7-2837-4CA0-B3B5-3DAED7F54601} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{824125FD-7732-4DA2-9277-3A7D0A0A0813} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96} Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaabfjnbeinlpljodiajipidiompfl Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B} Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231} Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40} Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F994E0D9-8335-48F1-99C2-A712C21F8D5F} Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}] Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}] Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}] Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater] ***** [ Browser ] ***** -\\ Internet Explorer v8.0.7600.17267 -\\ Google Chrome v33.0.1750.154 [ Datei : C:\Users\MediMax\AppData\Local\Google\Chrome\User Data\Default\preferences ] Gefunden : icon_url Gefunden : search_url Gefunden : suggest_url Gefunden : keyword Gefunden : homepage Gefunden : search_url Gefunden : suggest_url ************************* AdwCleaner[R0].txt - [8973 octets] - [30/03/2014 19:52:37] ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [9033 octets] ########## |
|
01.04.2014, 10:05
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 Anleitung / Hilfe Hi,
__________________Logs bitte nicht anhängen, auch wenn das Board das manchmal meldet  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
01.04.2014, 13:23
| #3 |
| | Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 Details Hallo "Cosinus"!
__________________Hier die Logdateien. Die TDSS Dateien habe ich nicht eingefügt. Die hätten die 120.000 Zeichen gesprengt. defogger Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 08:27 on 01/04/2014 (MediMax)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by MediMax (administrator) on MEDIMAX-PC on 01-04-2014 08:33:58
Running from C:\Users\MediMax\Desktop
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Windows\system32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(syncables, LLC) C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(TomTom) C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(AVM Berlin) C:\Users\MediMax\AppData\Local\Apps\2.0\VN87KBH0.Z1C\1GWNEOP3.BQ2\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
() C:\Program Files (x86)\ASUS\ASUS WebStorage\EeeStorageUploader.exe
(asus) C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(syncables, LLC) C:\Program Files (x86)\syncables\syncables desktop\syncablesMAPI.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_12_0_0_77_ActiveX.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-04-13] (ELAN Microelectronic Corp.)
HKLM\...\Run: [ASUS WebStorage] - C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [1754448 2010-03-16] ()
HKLM\...\Run: [Setwallpaper] - c:\programdata\SetWallpaper.cmd
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [RemoteControl9] - C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-02-24] (cyberlink)
HKLM-x32\...\Run: [UpdatePSTShortCut] - C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2010-06-25] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateLBPShortCut] - C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [7350912 2010-02-04] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-01-05] (ASUS)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1597440 2010-07-02] ()
HKLM-x32\...\Run: [SessionLogon] - C:\ExpressGateUtil\SessionLogon.exe
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Avira Systray] - C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [173136 2014-03-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-25] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-497900869-4280295134-4125289220-1000\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-08-12] (Google Inc.)
HKU\S-1-5-21-497900869-4280295134-4125289220-1001\...\Run: [Syncables] - C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe [370480 2010-04-05] (syncables, LLC)
HKU\S-1-5-21-497900869-4280295134-4125289220-1001\...\Run: [AVMUSBFernanschluss] - C:\Users\MediMax\AppData\Local\Apps\2.0\VN87KBH0.Z1C\1GWNEOP3.BQ2\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\AVMAutoStart.exe [139264 2012-12-30] (AVM Berlin)
HKU\S-1-5-21-497900869-4280295134-4125289220-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] - C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-497900869-4280295134-4125289220-1001\...\Run: [MyDriveConnect.exe] - C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe [473496 2013-11-29] (TomTom)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {98A15D92-B500-4FEF-974D-6DA29E41E391} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=59f220f0-6d4e-4a16-a2fa-57c45078aede&apn_sauid=403A9B47-F330-4FC1-8391-94065915ECAD
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO-x32: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Users\MediMax\AppData\Local\Programs\ANDI 2013\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
DPF: HKLM-x32 {B479199A-1242-4E3C-AD81-7F0DF801B4AE} hxxp://download.microsoft.com/download/C/9/C/C9C3D86D-84AC-4AF0-8584-842756A66467/MicrosoftDownloadManager.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - No File
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\syswow64\urlmon.dll (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchKeyword: ask.com
CHR DefaultSearchProvider: Ask
CHR DefaultSearchURL: hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=AVR-4&o=APN10261&locale=de_DE&apn_uid=59f220f0-6d4e-4a16-a2fa-57c45078aede&apn_ptnrs=%5EAGS&apn_sauid=403A9B47-F330-4FC1-8391-94065915ECAD&apn_dtid=%5EYYYYYY%5EYY%5EDE&q={searchTerms}
CHR DefaultNewTabURL:
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\Users\MediMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-04-24]
CHR Extension: (Google-Suche) - C:\Users\MediMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-04-24]
CHR Extension: (Avira Browser Safety Beta) - C:\Users\MediMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-03-30]
CHR Extension: (Google Wallet) - C:\Users\MediMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Charlotte Ronson) - C:\Users\MediMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\obakimnhgahiedhcjlcnohielmendpen [2012-04-24]
CHR Extension: (Google Mail) - C:\Users\MediMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-04-24]
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [121424 2014-03-25] (Avira Operations GmbH & Co. KG)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R3 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2010-04-06] ()
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [116096 2012-04-25] (AVM Berlin)
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2012-12-30] (AVM Berlin)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-03-30] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800192 2009-08-20] ()
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-08-06] ()
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files (x86)\Cyberlink\PowerDVD9\000.fcl [146928 2010-02-24] (CyberLink Corp.)
U3 tmlwf;
U3 tmwfp;
S1 wdiasxsq; \??\C:\Windows\system32\drivers\wdiasxsq.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-01 08:33 - 2014-04-01 08:34 - 00018606 _____ () C:\Users\MediMax\Desktop\FRST.txt
2014-04-01 08:33 - 2014-04-01 08:33 - 02157056 _____ (Farbar) C:\Users\MediMax\Desktop\FRST64.exe
2014-04-01 08:33 - 2014-04-01 08:33 - 00000000 ____D () C:\FRST
2014-04-01 08:27 - 2014-04-01 08:27 - 00000476 _____ () C:\Users\MediMax\Desktop\defogger_disable.log
2014-04-01 08:27 - 2014-04-01 08:27 - 00000000 _____ () C:\Users\MediMax\defogger_reenable
2014-04-01 08:24 - 2014-04-01 08:24 - 00014889 _____ () C:\Users\MediMax\Desktop\download-defogger.htm
2014-03-31 07:36 - 2014-03-31 07:36 - 00000000 ____D () C:\Windows\CheckSur
2014-03-31 07:07 - 2014-03-31 07:07 - 00000000 ____D () C:\Windows\system32\EventProviders
2014-03-31 07:02 - 2014-03-31 07:01 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-03-30 22:36 - 2014-03-30 22:36 - 00000000 ____D () C:\Users\MediMax\AppData\Roaming\Avira
2014-03-30 22:34 - 2014-03-30 22:34 - 00000000 ____D () C:\Users\Public\CyberLink
2014-03-30 22:30 - 2014-02-25 11:41 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-03-30 22:30 - 2014-02-25 11:41 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-03-30 22:30 - 2014-02-25 11:41 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-03-30 22:22 - 2014-03-30 22:30 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-03-30 22:22 - 2014-03-30 22:26 - 00001147 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-03-30 22:22 - 2014-03-30 22:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-30 19:52 - 2014-03-30 19:54 - 00000000 ____D () C:\AdwCleaner
2014-03-30 11:01 - 2014-03-30 11:13 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-30 11:00 - 2014-03-30 11:00 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-29 19:41 - 2014-03-29 19:41 - 00208216 _____ (Kaspersky Lab, GERT) C:\Windows\system32\Drivers\90336673.sys
2014-03-29 19:39 - 2014-03-29 19:39 - 00208216 _____ (Kaspersky Lab, GERT) C:\Windows\system32\Drivers\66244616.sys
2014-03-28 20:27 - 2014-03-28 20:27 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-26 19:29 - 2014-03-26 19:29 - 00002525 _____ () C:\Users\Public\Desktop\Microsoft Download Manager.lnk
2014-03-26 19:29 - 2014-03-26 19:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft Download Manager
2014-03-23 22:14 - 2014-02-26 20:35 - 00000426 _____ () C:\AVScanner.ini
2014-03-16 22:04 - 2014-03-23 22:56 - 00002566 _____ () C:\Windows\IE10_main.log
2014-03-15 09:30 - 2014-03-15 09:30 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-03-15 09:30 - 2014-03-15 09:30 - 00000000 ____D () C:\Windows\system32\NV
2014-03-15 09:30 - 2014-03-15 09:30 - 00000000 ____D () C:\ProgramData\Intel
2014-03-15 09:16 - 2013-09-05 03:37 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-03-15 09:16 - 2013-09-05 03:37 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-03-15 09:15 - 2014-03-15 09:18 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-15 09:15 - 2014-03-15 09:15 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
==================== One Month Modified Files and Folders =======
2014-04-01 08:34 - 2014-04-01 08:33 - 00018606 _____ () C:\Users\MediMax\Desktop\FRST.txt
2014-04-01 08:33 - 2014-04-01 08:33 - 02157056 _____ (Farbar) C:\Users\MediMax\Desktop\FRST64.exe
2014-04-01 08:33 - 2014-04-01 08:33 - 00000000 ____D () C:\FRST
2014-04-01 08:32 - 2010-08-12 02:20 - 01822000 _____ () C:\Windows\WindowsUpdate.log
2014-04-01 08:27 - 2014-04-01 08:27 - 00000476 _____ () C:\Users\MediMax\Desktop\defogger_disable.log
2014-04-01 08:27 - 2014-04-01 08:27 - 00000000 _____ () C:\Users\MediMax\defogger_reenable
2014-04-01 08:27 - 2012-01-26 01:32 - 00000000 ____D () C:\Users\MediMax
2014-04-01 08:24 - 2014-04-01 08:24 - 00014889 _____ () C:\Users\MediMax\Desktop\download-defogger.htm
2014-04-01 08:16 - 2009-07-14 09:44 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-04-01 08:06 - 2010-08-12 02:53 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-01 08:00 - 2012-06-29 13:48 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-31 22:36 - 2009-07-14 06:45 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-31 22:36 - 2009-07-14 06:45 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-31 22:34 - 2009-08-04 12:40 - 00353756 _____ () C:\Windows\system32\perfh00D.dat
2014-03-31 22:34 - 2009-08-04 12:40 - 00069328 _____ () C:\Windows\system32\perfc00D.dat
2014-03-31 22:34 - 2009-08-04 12:34 - 00552004 _____ () C:\Windows\system32\perfh008.dat
2014-03-31 22:34 - 2009-08-04 12:34 - 00089670 _____ () C:\Windows\system32\perfc008.dat
2014-03-31 22:34 - 2009-08-04 12:28 - 00679576 _____ () C:\Windows\system32\prfh0816.dat
2014-03-31 22:34 - 2009-08-04 12:28 - 00133986 _____ () C:\Windows\system32\prfc0816.dat
2014-03-31 22:34 - 2009-08-04 12:15 - 00691426 _____ () C:\Windows\system32\perfh013.dat
2014-03-31 22:34 - 2009-08-04 12:15 - 00133174 _____ () C:\Windows\system32\perfc013.dat
2014-03-31 22:34 - 2009-08-04 12:09 - 00689342 _____ () C:\Windows\system32\perfh010.dat
2014-03-31 22:34 - 2009-08-04 12:09 - 00127378 _____ () C:\Windows\system32\perfc010.dat
2014-03-31 22:34 - 2009-08-04 11:57 - 00693688 _____ () C:\Windows\system32\perfh00A.dat
2014-03-31 22:34 - 2009-08-04 11:57 - 00137296 _____ () C:\Windows\system32\perfc00A.dat
2014-03-31 22:34 - 2009-08-04 11:51 - 00654400 _____ () C:\Windows\system32\perfh007.dat
2014-03-31 22:34 - 2009-08-04 11:51 - 00130240 _____ () C:\Windows\system32\perfc007.dat
2014-03-31 22:34 - 2009-07-14 07:13 - 05835700 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-31 22:26 - 2012-05-08 19:02 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-03-31 22:26 - 2010-08-12 03:12 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-31 22:26 - 2010-08-12 02:53 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-31 22:26 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-31 22:26 - 2009-07-14 06:51 - 00092801 _____ () C:\Windows\setupact.log
2014-03-31 22:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-31 07:36 - 2014-03-31 07:36 - 00000000 ____D () C:\Windows\CheckSur
2014-03-31 07:07 - 2014-03-31 07:07 - 00000000 ____D () C:\Windows\system32\EventProviders
2014-03-31 07:01 - 2014-03-31 07:02 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-03-30 23:25 - 2010-08-12 03:17 - 00002116 _____ () C:\Windows\system32\AutoRunFilter.ini
2014-03-30 23:24 - 2010-08-12 03:17 - 00001324 _____ () C:\Windows\system32\ServiceFilter.ini
2014-03-30 23:24 - 2010-08-12 03:01 - 00216038 _____ () C:\Windows\PFRO.log
2014-03-30 22:36 - 2014-03-30 22:36 - 00000000 ____D () C:\Users\MediMax\AppData\Roaming\Avira
2014-03-30 22:34 - 2014-03-30 22:34 - 00000000 ____D () C:\Users\Public\CyberLink
2014-03-30 22:33 - 2010-08-12 02:35 - 00000000 ____D () C:\ProgramData\CyberLink
2014-03-30 22:30 - 2014-03-30 22:22 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-03-30 22:30 - 2012-10-17 14:15 - 00000000 ____D () C:\ProgramData\Avira
2014-03-30 22:26 - 2014-03-30 22:22 - 00001147 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-03-30 22:22 - 2014-03-30 22:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-30 19:54 - 2014-03-30 19:52 - 00000000 ____D () C:\AdwCleaner
2014-03-30 11:13 - 2014-03-30 11:01 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-30 11:00 - 2014-03-30 11:00 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-30 01:30 - 2012-10-17 14:17 - 00000000 ____D () C:\Users\MediMax\AppData\Local\DoNotTrackPlus
2014-03-29 19:41 - 2014-03-29 19:41 - 00208216 _____ (Kaspersky Lab, GERT) C:\Windows\system32\Drivers\90336673.sys
2014-03-29 19:39 - 2014-03-29 19:39 - 00208216 _____ (Kaspersky Lab, GERT) C:\Windows\system32\Drivers\66244616.sys
2014-03-28 20:27 - 2014-03-28 20:27 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-28 20:27 - 2012-09-14 11:15 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-28 20:27 - 2010-08-12 02:56 - 00000000 ____D () C:\ProgramData\Skype
2014-03-28 18:11 - 2012-04-26 03:34 - 02349309 _____ () C:\Windows\IE9_main.log
2014-03-26 19:29 - 2014-03-26 19:29 - 00002525 _____ () C:\Users\Public\Desktop\Microsoft Download Manager.lnk
2014-03-26 19:29 - 2014-03-26 19:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft Download Manager
2014-03-26 19:24 - 2012-04-24 19:22 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-03-26 19:23 - 2012-04-24 19:19 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-03-26 19:23 - 2012-04-24 19:19 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-03-26 12:01 - 2010-08-12 02:53 - 00004120 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-26 12:01 - 2010-08-12 02:53 - 00003868 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-25 18:46 - 2013-01-13 23:19 - 00001233 _____ () C:\Users\Public\Desktop\Rossmann Fotowelt Software.lnk
2014-03-25 18:46 - 2013-01-13 23:14 - 00000000 ____D () C:\Program Files (x86)\Rossmann Fotowelt Software
2014-03-23 23:01 - 2012-05-08 09:37 - 00000134 _____ () C:\Users\MediMax\Desktop\Internet Explorer-Problembehebung.url
2014-03-23 22:56 - 2014-03-16 22:04 - 00002566 _____ () C:\Windows\IE10_main.log
2014-03-23 22:49 - 2014-01-03 11:10 - 00007373 _____ () C:\Windows\IE11_main.log
2014-03-21 21:10 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-03-15 09:30 - 2014-03-15 09:30 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-03-15 09:30 - 2014-03-15 09:30 - 00000000 ____D () C:\Windows\system32\NV
2014-03-15 09:30 - 2014-03-15 09:30 - 00000000 ____D () C:\ProgramData\Intel
2014-03-15 09:29 - 2013-03-15 17:22 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-15 09:29 - 2013-03-15 17:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-15 09:20 - 2010-08-12 03:04 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-03-15 09:18 - 2014-03-15 09:15 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-15 09:18 - 2010-08-12 03:12 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-15 09:15 - 2014-03-15 09:15 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-03-15 01:49 - 2013-07-14 09:47 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-15 01:47 - 2012-05-08 09:33 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-15 01:47 - 2012-03-28 21:05 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-13 21:47 - 2012-06-29 13:48 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-13 21:47 - 2012-06-04 21:54 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-13 21:47 - 2012-06-01 10:38 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-11 11:41 - 2012-01-26 01:40 - 00000000 ____D () C:\Users\MediMax\AppData\Roaming\Asus WebStorage
2014-03-11 10:52 - 2011-04-27 15:25 - 00133928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NisDrvWFP.sys
Some content of TEMP:
====================
C:\Users\MediMax\AppData\Local\Temp\atl80.dll
C:\Users\MediMax\AppData\Local\Temp\atlcgk6r.dll
C:\Users\MediMax\AppData\Local\Temp\avgnt.exe
C:\Users\MediMax\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\MediMax\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\MediMax\AppData\Local\Temp\mdm_z4_ext_89194568_6680.dll
C:\Users\MediMax\AppData\Local\Temp\mdm_z4_ext_89849928_2364.dll
C:\Users\MediMax\AppData\Local\Temp\mdm_z4_ext_90636360_6760.dll
C:\Users\MediMax\AppData\Local\Temp\mfc80.dll
C:\Users\MediMax\AppData\Local\Temp\mfc80u.dll
C:\Users\MediMax\AppData\Local\Temp\mfcm80.dll
C:\Users\MediMax\AppData\Local\Temp\mfcm80u.dll
C:\Users\MediMax\AppData\Local\Temp\msvcm80.dll
C:\Users\MediMax\AppData\Local\Temp\msvcp80.dll
C:\Users\MediMax\AppData\Local\Temp\msvcr80.dll
C:\Users\MediMax\AppData\Local\Temp\Quarantine.exe
C:\Users\MediMax\AppData\Local\Temp\setup.exe
C:\Users\MediMax\AppData\Local\Temp\TmDbg32.dll
C:\Users\MediMax\AppData\Local\Temp\TmDbg64.dll
C:\Users\MediMax\AppData\Local\Temp\uwpfc50p.dll
C:\Users\MediMax\AppData\Local\Temp\VisusClient.dll
C:\Users\MediMax\AppData\Local\Temp\yk1dz7uh.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-30 01:54
==================== End Of Log ============================
--- --- --- Addition Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by MediMax at 2014-04-01 08:34:57
Running from C:\Users\MediMax\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Alice Greenfingers (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version: - Oberon Media)
ANDI 2013 (HKLM-x32\...\{21E3464C-EE59-4EA2-B3E1-4FCE000B8722}) (Version: 5.0.5 - LGLN Hannover)
ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.10 - ASUS)
ASUS AP Bank (HKLM-x32\...\ASUS AP Bank_is1) (Version: 1.0.0.0 - ASUSTEK)
ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.0.8 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}) (Version: 1.1.37 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0008 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS)
ASUS Video Magic (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.4015 - CyberLink Corp.)
ASUS Video Magic (x32 Version: 6.0.4015 - CyberLink Corp.) Hidden
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.19 - asus)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 2.0.46.1429 - eCareme Technologies, Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0003 - ASUS)
Avira (HKLM-x32\...\{8f29d204-f85e-4d8d-87b0-7ba66bffc1aa}) (Version: 1.0.5197.30752 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.0.5197.30752 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version: - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version: - AVM Berlin)
Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version: - Oberon Media)
Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden
ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.7 - ASUS)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1908 - CyberLink Corp.) Hidden
CyberLink MediaShow Espresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 5.0.1606_25588 - CyberLink Corp.)
CyberLink MediaShow Espresso (x32 Version: 5.0.1606_25588 - CyberLink Corp.) Hidden
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
CyberLink PhotoNow (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.1.3602c - CyberLink Corp.) Hidden
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2609a - CyberLink Corp.)
CyberLink PowerDirector (x32 Version: 8.0.2609a - CyberLink Corp.) Hidden
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.3009.50 - CyberLink Corp.)
CyberLink PowerDVD 9 (x32 Version: 9.0.3009.50 - CyberLink Corp.) Hidden
ETDWare PS/2-x64 7.0.5.11_WHQL (HKLM\...\Elantech) (Version: 7.0.5.11 - ELAN Microelectronics Corp.)
everpixx 6.7 (HKLM-x32\...\{592ED299-14EF-4C0F-92B4-B62E7CD5A2BE}_is1) (Version: - everpixx)
ExpressGate Cloud (HKLM-x32\...\InstallShield_{499DED08-6FA8-4749-8E94-8526CC9D1CA8}) (Version: 2.1.62.301 - Asus)
ExpressGate Cloud (x32 Version: 2.1.62.301 - Asus) Hidden
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.5 - ASUS)
fotokasten comfort 5.0 (HKLM-x32\...\fotokasten comfort_is1) (Version: - )
FotoQuelle Fotosoftware 4.11.0 (HKLM-x32\...\FotoQuelle Fotosoftware) (Version: 4.11.0 - ORWO Net)
Fresco Logic USB3.0 Host Controller (HKLM\...\{506B5C23-16B3-459D-9877-915004C248D6}) (Version: 3.0.89.14 - Fresco Logic Inc.)
FRITZ!Box USB-Fernanschluss (HKCU\...\f018cf21c0452c64) (Version: 2.3.0.2 - AVM Berlin)
Game Park Console (HKLM-x32\...\{C9991C9B-0783-452E-8954-AB93E2AB3B80}_is1) (Version: 6.2.0.2 - Oberon Media, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
HP Deskjet 3050A J611 series - Grundlegende Software für das Gerät (HKLM\...\{61ADDE9C-3AE6-46FC-9127-DFFF637AED03}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Hilfe (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2131 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.115.11 - Intel)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Lidl-Fotos (HKLM-x32\...\Lidl-Fotos_is1) (Version: - )
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Download Manager (HKLM-x32\...\{654977DB-0001-0002-0001-EABD228DDE8B}) (Version: 1.2.1 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{0E8D886F-3205-4472-848E-990F400FF218}) (Version: 7601 - Microsoft)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{46EA439E-2D16-49B6-AA80-00DE992FE7CE}) (Version: 7601 - Microsoft)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{5CBDF0C2-6FD1-4A32-9A0A-143D9AB91CCE}) (Version: 7601 - Microsoft)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{68ADAEAA-DABD-45C1-9CC2-F995407549CD}) (Version: 7601 - Microsoft)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{8DD62FB6-083D-40B9-9D7D-48449FDDDED5}) (Version: 7601 - Microsoft)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MyDriveConnect 3.3.0.1342 (HKLM-x32\...\MyDriveConnect) (Version: 3.3.0.1342 - TomTom)
NVIDIA 3D Vision Treiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.14.17 (Version: 1.14.17 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2702 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.14.17 - NVIDIA Corporation) Hidden
NVIDIA Updatus (x32 Version: 1.0.3 - NVIDIA Corporation) Hidden
Piggly FREE (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-1173957}) (Version: - Oberon Media)
Ravensburger tiptoi (HKLM-x32\...\Ravensburger tiptoi) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6122 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.00049 - Realtek Semiconductor Corp.)
Rossmann Fotowelt Software 4.13 (HKLM-x32\...\Rossmann Fotowelt Software) (Version: 4.13 - ORWO Net)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Smileyville FREE (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117396510}) (Version: - Oberon Media)
syncables desktop SE (HKLM-x32\...\{BBED4F90-7AE5-40BF-AFB7-1B495692F4AB}) (Version: 5.5.615.9518 - syncables)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878234) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{EC1934B0-AE0F-4BBD-8955-54BB3247ED9E}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
USB2.0 UVC 2M WebCam (HKLM\...\USB2.0 UVC 2M WebCam) (Version: 5.8.54000.204 - Sonix)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Windows Live Anmelde-Assistent (HKLM-x32\...\{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}) (Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 14.0.8052.1208 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8051.1204 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{8C1E2925-14F8-45AA-B999-1E2A74BF5607}) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.30.1 - ASUS)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.17 - ASUS)
==================== Restore Points =========================
30-03-2014 18:52:56 Sprachpaketdeinstallation
30-03-2014 20:51:31 Installed Microsoft Windows Debugging Symbols
30-03-2014 21:08:10 Installed Microsoft Windows Debugging Symbols
30-03-2014 21:11:21 Installed Microsoft Windows Debugging Symbols
30-03-2014 21:16:29 Installed Microsoft Windows Debugging Symbols
31-03-2014 05:16:45 Installed Microsoft Windows Debugging Symbols
31-03-2014 05:36:13 Windows Update
31-03-2014 06:57:44 Sprachpaketdeinstallation
31-03-2014 20:00:56 Windows Update
31-03-2014 20:55:45 Sprachpaketdeinstallation
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0108D889-0F11-4861-98CE-497428B643E4} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-07-31] (ASUS)
Task: {27924240-4D7D-4141-8B06-8564817B9232} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK)
Task: {7B6E6FE0-1956-4C40-A8F6-B9E56CA71D2B} - \Scheduled Update for Ask Toolbar No Task File
Task: {7FD6C534-7194-4970-A929-C6063B5692B0} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-05-28] (ATK)
Task: {811A4837-2DB3-4F0B-B94A-1E7B5E30C2A0} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {91CA6E11-BC78-450A-9588-17128503C099} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe [2010-05-17] (asus)
Task: {D34EEA53-B5B7-438B-B01F-52690B83A6B4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-12] (Google Inc.)
Task: {DC2B33DB-1D41-4FBB-A5DB-EA2207F48D0C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-13] (Adobe Systems Incorporated)
Task: {EA1A419D-F120-4437-A6D3-3A11D27485B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-12] (Google Inc.)
Task: {F708ED90-CCBC-4800-BBE5-A9FD7C1814B2} - System32\Tasks\P4G Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-03-15 09:17 - 2013-08-30 00:43 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-05 03:36 - 2013-09-05 03:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2010-03-16 03:48 - 2010-03-16 03:48 - 00148816 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\EcaremeDLL.dll
2010-08-12 02:54 - 2010-08-12 02:54 - 00030032 _____ () C:\Windows\assembly\GAC_MSIL\SqliteShared\1.0.3726.20828__0d0f4b69e50e559b\SqliteShared.dll
2010-08-12 02:54 - 2010-08-12 02:54 - 00931840 _____ () C:\Windows\assembly\GAC_64\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll
2008-10-01 08:02 - 2008-10-01 08:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2010-01-11 19:27 - 2010-01-11 19:27 - 00017920 _____ () C:\Program Files\P4G\DevMng.dll
2010-05-06 03:22 - 2010-05-06 03:22 - 00108544 _____ () C:\Program Files\P4G\OvrClk.dll
2010-08-12 03:17 - 2007-11-30 20:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
2010-03-16 03:48 - 2010-03-16 03:48 - 01754448 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
2011-04-10 18:40 - 2011-04-10 18:40 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-07-02 22:36 - 2010-07-02 22:36 - 01597440 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2010-03-16 03:48 - 2010-03-16 03:48 - 00079184 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\EeeStorageUploader.exe
2010-08-12 02:37 - 2010-04-06 08:29 - 00244904 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-03-30 22:30 - 2014-02-25 11:41 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2009-11-02 23:20 - 2009-11-02 23:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 23:23 - 2009-11-02 23:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2013-11-29 11:29 - 2013-11-29 11:29 - 00026520 _____ () C:\Program Files (x86)\MyDrive Connect\DeviceDetection.dll
2013-11-29 11:28 - 2013-11-29 11:28 - 00082840 _____ () C:\Program Files (x86)\MyDrive Connect\TomTomSupporterBase.dll
2013-11-29 11:28 - 2013-11-29 11:28 - 00344984 _____ () C:\Program Files (x86)\MyDrive Connect\TomTomSupporterProxy.dll
2014-03-25 17:07 - 2014-03-25 17:07 - 00137808 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-03-25 17:07 - 2014-03-25 17:07 - 00063568 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-03-30 22:31 - 2014-03-25 17:07 - 00049744 _____ () C:\Users\MediMax\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2010-02-24 00:14 - 2010-02-24 00:14 - 00071680 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Brightness.dll
2010-02-24 00:11 - 2010-02-24 00:11 - 00076288 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Volume.dll
2010-02-24 00:12 - 2010-02-24 00:12 - 00186880 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Resolution.dll
2010-02-24 00:14 - 2010-02-24 00:14 - 00050688 _____ () C:\Program Files (x86)\ASUS\ControlDeck\P4GControl.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:115CEE00
AlternateDataStreams: C:\ProgramData\Temp:2F370DA6
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/01/2014 07:20:42 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (04/01/2014 07:18:31 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (03/31/2014 10:29:27 PM) (Source: Outlook) (User: )
Description: Fehler beim Abrufen des Crawlbereichs-Managers. Fehler=0x8001010d.
Error: (03/31/2014 09:40:48 PM) (Source: Outlook) (User: )
Description: Fehler beim Abrufen des Crawlbereichs-Managers. Fehler=0x8001010d.
Error: (03/31/2014 09:35:55 PM) (Source: Microsoft-Windows-RestartManager) (User: MediMax-PC)
Description: Die Anwendung oder der Dienst "Avira Planer" konnte nicht heruntergefahren werden.
Error: (03/31/2014 09:35:55 PM) (Source: Microsoft-Windows-RestartManager) (User: MediMax-PC)
Description: Die Anwendung oder der Dienst "Avira Echtzeit-Scanner" konnte nicht heruntergefahren werden.
Error: (03/31/2014 08:56:50 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (03/31/2014 08:54:33 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (03/31/2014 07:58:51 AM) (Source: Outlook) (User: )
Description: Fehler beim Abrufen des Crawlbereichs-Managers. Fehler=0x8001010d.
Error: (03/30/2014 07:57:15 PM) (Source: Outlook) (User: )
Description: Fehler beim Abrufen des Crawlbereichs-Managers. Fehler=0x8001010d.
System errors:
=============
Error: (04/01/2014 08:00:54 AM) (Source: ACPI) (User: )
Description: ACPI: ACPI-BIOS versucht, in einen ungültigen PCI-Operationsbereich (0x4) zu schreiben. Wenden Sie sich an den Systemhersteller, um technische Unterstützung zu erhalten.
Error: (04/01/2014 08:00:54 AM) (Source: ACPI) (User: )
Description: ACPI: ACPI-BIOS versucht, in einen ungültigen PCI-Operationsbereich (0x4) zu schreiben. Wenden Sie sich an den Systemhersteller, um technische Unterstützung zu erhalten.
Error: (03/31/2014 11:02:44 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: Das Sprachpaket für es-ES kann von CBS nicht entfernt werden. Zurückgegebener CBS-Fehlercode: 0x80073701.
Error: (03/31/2014 11:02:44 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: CBS-Fehler 0x80073701 '' bei Verwendung des Benutzeroberflächen-Sprachpakets für es-ES.
Error: (03/31/2014 11:01:25 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: Das Sprachpaket für pt-PT kann von CBS nicht entfernt werden. Zurückgegebener CBS-Fehlercode: 0x80073701.
Error: (03/31/2014 11:01:25 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: CBS-Fehler 0x80073701 '' bei Verwendung des Benutzeroberflächen-Sprachpakets für pt-PT.
Error: (03/31/2014 11:00:14 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: Das Sprachpaket für nl-NL kann von CBS nicht entfernt werden. Zurückgegebener CBS-Fehlercode: 0x80073701.
Error: (03/31/2014 11:00:14 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: CBS-Fehler 0x80073701 '' bei Verwendung des Benutzeroberflächen-Sprachpakets für nl-NL.
Error: (03/31/2014 10:59:00 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: Das Sprachpaket für it-IT kann von CBS nicht entfernt werden. Zurückgegebener CBS-Fehlercode: 0x80073701.
Error: (03/31/2014 10:59:00 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: CBS-Fehler 0x80073701 '' bei Verwendung des Benutzeroberflächen-Sprachpakets für it-IT.
Microsoft Office Sessions:
=========================
Error: (08/08/2012 08:22:39 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2078 seconds with 180 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Percentage of memory in use: 40%
Total physical RAM: 5932.49 MB
Available physical RAM: 3502.47 MB
Total Pagefile: 11863.11 MB
Available Pagefile: 8886.28 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (Laufwerk C) (Fixed) (Total:149.05 GB) (Free:77.9 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:427.59 GB) (Free:371.72 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 9D8E95DE)
Partition 1: (Not Active) - (Size=20 GB) - (Type=1C)
Partition 2: (Active) - (Size=149 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=428 GB) - (Type=OF Extended)
==================== End Of Log ============================
|
|
01.04.2014, 23:18
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Lösung: Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten! Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
02.04.2014, 07:21
| #5 |
| | Wie Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 Guten Morgen! Ich habe in den letzten Tagen einige Scans gemacht. Soviel ich noch weiß alle ohne Fund. Ich hatte sonst Avira installiert. Dieses Programm habe ich aber deinstaliert, weil Antivierenprogramme das Update stören sollen. Ich weiß nicht, ob davon noch Logs vorhanden sind und wo ich diese finden könnte. Die letzte TDSS Logdatei füge ich an. Unter ADW cleaner besteht die Datei "Quarantine" wäre das eine Hilfe? Schöne Grüße Code:
ATTFilter 16:10:35.0543 4472 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
16:10:40.0426 4472 ============================================================
16:10:40.0426 4472 Current date / time: 2014/03/30 16:10:40.0426
16:10:40.0426 4472 SystemInfo:
16:10:40.0426 4472
16:10:40.0426 4472 OS Version: 6.1.7600 ServicePack: 0.0
16:10:40.0426 4472 Product type: Workstation
16:10:40.0426 4472 ComputerName: MEDIMAX-PC
16:10:40.0426 4472 UserName: MediMax
16:10:40.0426 4472 Windows directory: C:\Windows
16:10:40.0426 4472 System windows directory: C:\Windows
16:10:40.0426 4472 Running under WOW64
16:10:40.0426 4472 Processor architecture: Intel x64
16:10:40.0426 4472 Number of processors: 4
16:10:40.0426 4472 Page size: 0x1000
16:10:40.0426 4472 Boot type: Normal boot
16:10:40.0426 4472 ============================================================
16:10:41.0378 4472 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:10:41.0378 4472 ============================================================
16:10:41.0378 4472 \Device\Harddisk0\DR0:
16:10:41.0378 4472 MBR partitions:
16:10:41.0378 4472 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2711676, BlocksNum 0x12A18AC1
16:10:41.0393 4472 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1512B000, BlocksNum 0x3572C800
16:10:41.0393 4472 ============================================================
16:10:41.0409 4472 C: <-> \Device\Harddisk0\DR0\Partition1
16:10:41.0503 4472 D: <-> \Device\Harddisk0\DR0\Partition2
16:10:41.0503 4472 ============================================================
16:10:41.0503 4472 Initialize success
16:10:41.0503 4472 ============================================================
16:10:43.0905 2740 ============================================================
16:10:43.0905 2740 Scan started
16:10:43.0905 2740 Mode: Manual;
16:10:43.0905 2740 ============================================================
16:10:44.0966 2740 ================ Scan system memory ========================
16:10:44.0966 2740 System memory - ok
16:10:44.0966 2740 ================ Scan services =============================
16:10:45.0153 2740 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
16:10:45.0153 2740 1394ohci - ok
16:10:45.0184 2740 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
16:10:45.0200 2740 ACPI - ok
16:10:45.0231 2740 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
16:10:45.0231 2740 AcpiPmi - ok
16:10:45.0356 2740 [ B362181ED3771DC03B4141927C80F801 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:10:45.0356 2740 AdobeARMservice - ok
16:10:45.0496 2740 [ 9D96B0D5855FD1B98023B3EEC9F06786 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:10:45.0590 2740 AdobeFlashPlayerUpdateSvc - ok
16:10:45.0637 2740 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
16:10:45.0652 2740 adp94xx - ok
16:10:45.0668 2740 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
16:10:45.0683 2740 adpahci - ok
16:10:45.0699 2740 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
16:10:45.0699 2740 adpu320 - ok
16:10:45.0715 2740 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:10:45.0730 2740 AeLookupSvc - ok
16:10:45.0761 2740 [ 2D00D3DADC1D3326BA788EB071F2726E ] AFBAgent C:\Windows\system32\FBAgent.exe
16:10:45.0761 2740 AFBAgent - ok
16:10:45.0808 2740 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
16:10:45.0824 2740 AFD - ok
16:10:45.0855 2740 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
16:10:45.0855 2740 agp440 - ok
16:10:45.0871 2740 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
16:10:45.0871 2740 ALG - ok
16:10:45.0902 2740 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
16:10:45.0902 2740 aliide - ok
16:10:45.0917 2740 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
16:10:45.0917 2740 amdide - ok
16:10:45.0949 2740 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
16:10:45.0949 2740 AmdK8 - ok
16:10:45.0949 2740 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
16:10:45.0964 2740 AmdPPM - ok
16:10:45.0980 2740 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:10:45.0995 2740 amdsata - ok
16:10:46.0027 2740 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
16:10:46.0042 2740 amdsbs - ok
16:10:46.0042 2740 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:10:46.0042 2740 amdxata - ok
16:10:46.0089 2740 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
16:10:46.0089 2740 AppID - ok
16:10:46.0120 2740 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:10:46.0120 2740 AppIDSvc - ok
16:10:46.0120 2740 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
16:10:46.0136 2740 Appinfo - ok
16:10:46.0151 2740 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
16:10:46.0167 2740 arc - ok
16:10:46.0167 2740 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
16:10:46.0183 2740 arcsas - ok
16:10:46.0229 2740 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
16:10:46.0245 2740 ASLDRService - ok
16:10:46.0276 2740 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
16:10:46.0276 2740 ASMMAP64 - ok
16:10:46.0307 2740 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:10:46.0307 2740 AsyncMac - ok
16:10:46.0339 2740 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
16:10:46.0339 2740 atapi - ok
16:10:46.0432 2740 [ A5E770426D18F8EF332A593F3289DA91 ] athr C:\Windows\system32\DRIVERS\athrx.sys
16:10:46.0557 2740 athr - ok
16:10:46.0573 2740 [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
16:10:46.0573 2740 ATKGFNEXSrv - ok
16:10:46.0619 2740 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:10:46.0635 2740 AudioEndpointBuilder - ok
16:10:46.0666 2740 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:10:46.0682 2740 AudioSrv - ok
16:10:46.0713 2740 [ BD39D7CFD9D6A73396B618113A8E8D57 ] avmaudio C:\Windows\system32\DRIVERS\avmaudio.sys
16:10:46.0713 2740 avmaudio - ok
16:10:46.0760 2740 [ 6A300AD0E23A155B2C3A7FAB0D4AABD1 ] avmaura C:\Windows\system32\DRIVERS\avmaura.sys
16:10:46.0760 2740 avmaura - ok
16:10:46.0822 2740 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:10:46.0822 2740 AxInstSV - ok
16:10:46.0869 2740 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
16:10:46.0869 2740 b06bdrv - ok
16:10:46.0916 2740 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:10:46.0916 2740 b57nd60a - ok
16:10:46.0994 2740 [ 01A24B415926BB5F772DBE12459D97DE ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
16:10:46.0994 2740 BBSvc - ok
16:10:47.0056 2740 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
16:10:47.0072 2740 BBUpdate - ok
16:10:47.0103 2740 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
16:10:47.0103 2740 BDESVC - ok
16:10:47.0134 2740 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
16:10:47.0134 2740 Beep - ok
16:10:47.0181 2740 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
16:10:47.0197 2740 BFE - ok
16:10:47.0243 2740 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
16:10:47.0275 2740 BITS - ok
16:10:47.0306 2740 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:10:47.0306 2740 blbdrive - ok
16:10:47.0337 2740 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:10:47.0353 2740 bowser - ok
16:10:47.0368 2740 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:10:47.0384 2740 BrFiltLo - ok
16:10:47.0384 2740 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:10:47.0384 2740 BrFiltUp - ok
16:10:47.0431 2740 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll
16:10:47.0431 2740 Browser - ok
16:10:47.0462 2740 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:10:47.0477 2740 Brserid - ok
16:10:47.0477 2740 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:10:47.0493 2740 BrSerWdm - ok
16:10:47.0493 2740 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:10:47.0509 2740 BrUsbMdm - ok
16:10:47.0524 2740 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:10:47.0524 2740 BrUsbSer - ok
16:10:47.0571 2740 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
16:10:47.0571 2740 BthEnum - ok
16:10:47.0602 2740 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
16:10:47.0602 2740 BTHMODEM - ok
16:10:47.0618 2740 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
16:10:47.0633 2740 BthPan - ok
16:10:47.0665 2740 [ D59773C7FDD3D795D6FE402EEEA8D71E ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
16:10:47.0680 2740 BTHPORT - ok
16:10:47.0711 2740 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
16:10:47.0727 2740 bthserv - ok
16:10:47.0743 2740 [ 8504842634DD144C075B6B0C982CCEC4 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
16:10:47.0743 2740 BTHUSB - ok
16:10:47.0774 2740 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:10:47.0774 2740 cdfs - ok
16:10:47.0821 2740 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:10:47.0821 2740 cdrom - ok
16:10:47.0852 2740 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
16:10:47.0852 2740 CertPropSvc - ok
16:10:47.0883 2740 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:10:47.0883 2740 circlass - ok
16:10:47.0899 2740 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
16:10:47.0914 2740 CLFS - ok
16:10:48.0008 2740 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:10:48.0023 2740 clr_optimization_v2.0.50727_32 - ok
16:10:48.0070 2740 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:10:48.0070 2740 clr_optimization_v2.0.50727_64 - ok
16:10:48.0257 2740 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:10:48.0538 2740 clr_optimization_v4.0.30319_32 - ok
16:10:48.0679 2740 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:10:48.0679 2740 clr_optimization_v4.0.30319_64 - ok
16:10:48.0725 2740 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:10:48.0725 2740 CmBatt - ok
16:10:48.0741 2740 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
16:10:48.0741 2740 cmdide - ok
16:10:48.0788 2740 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
16:10:48.0788 2740 CNG - ok
16:10:48.0835 2740 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:10:48.0835 2740 Compbatt - ok
16:10:48.0866 2740 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
16:10:48.0866 2740 CompositeBus - ok
16:10:48.0881 2740 COMSysApp - ok
16:10:48.0897 2740 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
16:10:48.0897 2740 crcdisk - ok
16:10:48.0944 2740 [ BAF19B633933A9FB4883D27D66C39E9A ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:10:48.0944 2740 CryptSvc - ok
16:10:48.0991 2740 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:10:49.0006 2740 DcomLaunch - ok
16:10:49.0022 2740 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
16:10:49.0037 2740 defragsvc - ok
16:10:49.0053 2740 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:10:49.0069 2740 DfsC - ok
16:10:49.0100 2740 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
16:10:49.0100 2740 Dhcp - ok
16:10:49.0115 2740 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
16:10:49.0115 2740 discache - ok
16:10:49.0162 2740 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
16:10:49.0162 2740 Disk - ok
16:10:49.0193 2740 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:10:49.0193 2740 Dnscache - ok
16:10:49.0225 2740 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
16:10:49.0225 2740 dot3svc - ok
16:10:49.0240 2740 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
16:10:49.0240 2740 DPS - ok
16:10:49.0287 2740 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:10:49.0287 2740 drmkaud - ok
16:10:49.0334 2740 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:10:49.0334 2740 DXGKrnl - ok
16:10:49.0365 2740 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
16:10:49.0365 2740 EapHost - ok
16:10:49.0459 2740 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
16:10:49.0552 2740 ebdrv - ok
16:10:49.0583 2740 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
16:10:49.0583 2740 EFS - ok
16:10:49.0646 2740 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:10:49.0661 2740 ehRecvr - ok
16:10:49.0693 2740 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
16:10:49.0708 2740 ehSched - ok
16:10:49.0771 2740 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
16:10:49.0786 2740 elxstor - ok
16:10:49.0802 2740 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
16:10:49.0802 2740 ErrDev - ok
16:10:49.0849 2740 [ 0975BF32399A24117E317B5BF1D5D0AA ] ETD C:\Windows\system32\DRIVERS\ETD.sys
16:10:49.0849 2740 ETD - ok
16:10:49.0895 2740 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
16:10:49.0895 2740 EventSystem - ok
16:10:49.0942 2740 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
16:10:49.0958 2740 exfat - ok
16:10:49.0973 2740 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:10:49.0989 2740 fastfat - ok
16:10:50.0036 2740 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
16:10:50.0051 2740 Fax - ok
16:10:50.0083 2740 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:10:50.0083 2740 fdc - ok
16:10:50.0098 2740 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
16:10:50.0098 2740 fdPHost - ok
16:10:50.0114 2740 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
16:10:50.0114 2740 FDResPub - ok
16:10:50.0161 2740 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:10:50.0161 2740 FileInfo - ok
16:10:50.0161 2740 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:10:50.0161 2740 Filetrace - ok
16:10:50.0192 2740 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:10:50.0207 2740 flpydisk - ok
16:10:50.0239 2740 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:10:50.0239 2740 FltMgr - ok
16:10:50.0270 2740 [ E546FB34A4986316AFC4DBACB32AE80E ] FLxHCIc C:\Windows\system32\DRIVERS\FLxHCIc.sys
16:10:50.0270 2740 FLxHCIc - ok
16:10:50.0348 2740 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\Windows\system32\FntCache.dll
16:10:50.0379 2740 FontCache - ok
16:10:50.0441 2740 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:10:50.0441 2740 FontCache3.0.0.0 - ok
16:10:50.0473 2740 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:10:50.0473 2740 FsDepends - ok
16:10:50.0519 2740 [ 5814011B2F6E088E29D689B5FCD49B8F ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
16:10:50.0519 2740 fssfltr - ok
16:10:50.0566 2740 [ F6717211C1EC2CDDAA81B97B0727C2E9 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
16:10:50.0582 2740 fsssvc - ok
16:10:50.0613 2740 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:10:50.0613 2740 Fs_Rec - ok
16:10:50.0660 2740 [ 1F44F8559E61A8306ECC67BB1E168B7C ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:10:50.0660 2740 fvevol - ok
16:10:50.0691 2740 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
16:10:50.0691 2740 gagp30kx - ok
16:10:50.0738 2740 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
16:10:50.0753 2740 gpsvc - ok
16:10:50.0816 2740 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:10:50.0831 2740 gupdate - ok
16:10:50.0847 2740 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:10:50.0863 2740 gupdatem - ok
16:10:50.0878 2740 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:10:50.0878 2740 gusvc - ok
16:10:50.0909 2740 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:10:50.0909 2740 hcw85cir - ok
16:10:50.0941 2740 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:10:50.0956 2740 HdAudAddService - ok
16:10:50.0987 2740 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:10:50.0987 2740 HDAudBus - ok
16:10:51.0019 2740 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
16:10:51.0019 2740 HECIx64 - ok
16:10:51.0034 2740 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
16:10:51.0034 2740 HidBatt - ok
16:10:51.0065 2740 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
16:10:51.0065 2740 HidBth - ok
16:10:51.0081 2740 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:10:51.0081 2740 HidIr - ok
16:10:51.0112 2740 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
16:10:51.0112 2740 hidserv - ok
16:10:51.0143 2740 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:10:51.0143 2740 HidUsb - ok
16:10:51.0159 2740 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:10:51.0159 2740 hkmsvc - ok
16:10:51.0190 2740 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:10:51.0190 2740 HomeGroupListener - ok
16:10:51.0237 2740 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:10:51.0237 2740 HomeGroupProvider - ok
16:10:51.0268 2740 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
16:10:51.0268 2740 HpSAMD - ok
16:10:51.0299 2740 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:10:51.0331 2740 HTTP - ok
16:10:51.0346 2740 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:10:51.0346 2740 hwpolicy - ok
16:10:51.0377 2740 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:10:51.0377 2740 i8042prt - ok
16:10:51.0440 2740 [ 42E00996DFC13C46366689C0EA8ABC5E ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
16:10:51.0455 2740 iaStor - ok
16:10:51.0487 2740 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:10:51.0502 2740 iaStorV - ok
16:10:51.0565 2740 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:10:51.0596 2740 idsvc - ok
16:10:51.0830 2740 [ 174BCAC474DE13B2650E444CF124828E ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
16:10:52.0126 2740 igfx - ok
16:10:52.0157 2740 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
16:10:52.0173 2740 iirsp - ok
16:10:52.0204 2740 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
16:10:52.0220 2740 IKEEXT - ok
16:10:52.0267 2740 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
16:10:52.0267 2740 Impcd - ok
16:10:52.0360 2740 [ B88E24BD77A0CE2CFFEE2FACF1151BE0 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:10:52.0376 2740 IntcAzAudAddService - ok
16:10:52.0407 2740 [ 58CF58DEE26C909BD6F977B61D246295 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
16:10:52.0423 2740 IntcDAud - ok
16:10:52.0438 2740 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
16:10:52.0438 2740 intelide - ok
16:10:52.0469 2740 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:10:52.0469 2740 intelppm - ok
16:10:52.0501 2740 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:10:52.0501 2740 IPBusEnum - ok
16:10:52.0532 2740 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:10:52.0532 2740 IpFilterDriver - ok
16:10:52.0547 2740 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:10:52.0579 2740 iphlpsvc - ok
16:10:52.0594 2740 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
16:10:52.0594 2740 IPMIDRV - ok
16:10:52.0625 2740 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:10:52.0625 2740 IPNAT - ok
16:10:52.0641 2740 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:10:52.0641 2740 IRENUM - ok
16:10:52.0672 2740 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
16:10:52.0672 2740 isapnp - ok
16:10:52.0688 2740 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
16:10:52.0688 2740 iScsiPrt - ok
16:10:52.0719 2740 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:10:52.0719 2740 kbdclass - ok
16:10:52.0735 2740 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:10:52.0750 2740 kbdhid - ok
16:10:52.0766 2740 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
16:10:52.0766 2740 kbfiltr - ok
16:10:52.0797 2740 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
16:10:52.0797 2740 KeyIso - ok
16:10:52.0828 2740 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:10:52.0828 2740 KSecDD - ok
16:10:52.0844 2740 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:10:52.0844 2740 KSecPkg - ok
16:10:52.0875 2740 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:10:52.0875 2740 ksthunk - ok
16:10:52.0906 2740 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
16:10:52.0922 2740 KtmRm - ok
16:10:52.0953 2740 [ 48686C29856F46443952A831424F8D6F ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
16:10:52.0953 2740 L1C - ok
16:10:53.0000 2740 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:10:53.0000 2740 LanmanServer - ok
16:10:53.0031 2740 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:10:53.0031 2740 LanmanWorkstation - ok
16:10:53.0093 2740 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:10:53.0093 2740 lltdio - ok
16:10:53.0171 2740 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:10:53.0187 2740 lltdsvc - ok
16:10:53.0218 2740 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:10:53.0218 2740 lmhosts - ok
16:10:53.0359 2740 [ A1C148801B4AF64847AEB9F3AD9594EF ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:10:53.0437 2740 LMS - ok
16:10:53.0499 2740 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
16:10:53.0499 2740 LSI_FC - ok
16:10:53.0515 2740 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
16:10:53.0515 2740 LSI_SAS - ok
16:10:53.0530 2740 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:10:53.0530 2740 LSI_SAS2 - ok
16:10:53.0546 2740 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:10:53.0561 2740 LSI_SCSI - ok
16:10:53.0577 2740 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
16:10:53.0593 2740 luafv - ok
16:10:53.0655 2740 [ 6140163BFE9D8F2DFDBA088ED5521C13 ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
16:10:53.0671 2740 MBAMSwissArmy - ok
16:10:53.0717 2740 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:10:53.0717 2740 Mcx2Svc - ok
16:10:53.0733 2740 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
16:10:53.0749 2740 megasas - ok
16:10:53.0764 2740 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
16:10:53.0764 2740 MegaSR - ok
16:10:53.0858 2740 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
16:10:53.0858 2740 Microsoft Office Groove Audit Service - ok
16:10:53.0889 2740 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
16:10:53.0889 2740 MMCSS - ok
16:10:53.0920 2740 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
16:10:53.0920 2740 Modem - ok
16:10:53.0936 2740 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:10:53.0936 2740 monitor - ok
16:10:53.0967 2740 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:10:53.0967 2740 mouclass - ok
16:10:53.0983 2740 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:10:53.0998 2740 mouhid - ok
16:10:54.0014 2740 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:10:54.0014 2740 mountmgr - ok
16:10:54.0092 2740 [ 9EB89625A82AC961F25E7C865947BF9A ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
16:10:54.0107 2740 MpFilter - ok
16:10:54.0123 2740 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
16:10:54.0139 2740 mpio - ok
16:10:54.0154 2740 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:10:54.0170 2740 mpsdrv - ok
16:10:54.0201 2740 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:10:54.0217 2740 MpsSvc - ok
16:10:54.0232 2740 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:10:54.0248 2740 MRxDAV - ok
16:10:54.0263 2740 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:10:54.0279 2740 mrxsmb - ok
16:10:54.0295 2740 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:10:54.0295 2740 mrxsmb10 - ok
16:10:54.0326 2740 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:10:54.0326 2740 mrxsmb20 - ok
16:10:54.0341 2740 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
16:10:54.0341 2740 msahci - ok
16:10:54.0357 2740 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
16:10:54.0373 2740 msdsm - ok
16:10:54.0388 2740 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
16:10:54.0404 2740 MSDTC - ok
16:10:54.0419 2740 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:10:54.0419 2740 Msfs - ok
16:10:54.0435 2740 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:10:54.0435 2740 mshidkmdf - ok
16:10:54.0451 2740 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
16:10:54.0451 2740 msisadrv - ok
16:10:54.0482 2740 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:10:54.0497 2740 MSiSCSI - ok
16:10:54.0497 2740 msiserver - ok
16:10:54.0529 2740 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:10:54.0529 2740 MSKSSRV - ok
16:10:54.0622 2740 [ 89F2AEDC2788696702141AB82C3E7866 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
16:10:54.0622 2740 MsMpSvc - ok
16:10:54.0653 2740 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:10:54.0669 2740 MSPCLOCK - ok
16:10:54.0669 2740 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:10:54.0685 2740 MSPQM - ok
16:10:54.0700 2740 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:10:54.0716 2740 MsRPC - ok
16:10:54.0731 2740 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:10:54.0731 2740 mssmbios - ok
16:10:54.0747 2740 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:10:54.0747 2740 MSTEE - ok
16:10:54.0747 2740 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
16:10:54.0763 2740 MTConfig - ok
16:10:54.0778 2740 [ 032D35C996F21D19A205A7C8F0B76F3C ] MTsensor C:\Windows\system32\DRIVERS\ATK64AMD.sys
16:10:54.0778 2740 MTsensor - ok
16:10:54.0794 2740 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
16:10:54.0794 2740 Mup - ok
16:10:54.0841 2740 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
16:10:54.0856 2740 napagent - ok
16:10:54.0887 2740 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:10:54.0903 2740 NativeWifiP - ok
16:10:54.0934 2740 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
16:10:54.0950 2740 NDIS - ok
16:10:54.0981 2740 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:10:54.0981 2740 NdisCap - ok
16:10:55.0012 2740 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:10:55.0012 2740 NdisTapi - ok
16:10:55.0043 2740 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:10:55.0043 2740 Ndisuio - ok
16:10:55.0059 2740 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:10:55.0059 2740 NdisWan - ok
16:10:55.0090 2740 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:10:55.0090 2740 NDProxy - ok
16:10:55.0106 2740 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:10:55.0106 2740 NetBIOS - ok
16:10:55.0121 2740 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:10:55.0121 2740 NetBT - ok
16:10:55.0137 2740 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
16:10:55.0137 2740 Netlogon - ok
16:10:55.0184 2740 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
16:10:55.0184 2740 Netman - ok
16:10:55.0215 2740 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
16:10:55.0231 2740 netprofm - ok
16:10:55.0262 2740 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:10:55.0262 2740 NetTcpPortSharing - ok
16:10:55.0309 2740 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
16:10:55.0309 2740 nfrd960 - ok
16:10:55.0371 2740 [ C3E0696C3B42F694C5822776AA6FFFDF ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:10:55.0371 2740 NisDrv - ok
16:10:55.0418 2740 [ DCEE3592299B2229A0DB98CB415059A2 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
16:10:55.0433 2740 NisSrv - ok
16:10:55.0465 2740 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:10:55.0480 2740 NlaSvc - ok
16:10:55.0511 2740 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:10:55.0511 2740 Npfs - ok
16:10:55.0527 2740 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
16:10:55.0527 2740 nsi - ok
16:10:55.0543 2740 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:10:55.0543 2740 nsiproxy - ok
16:10:55.0621 2740 [ 9A6089B056EA1B83B36424FC9D0A300E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:10:55.0667 2740 Ntfs - ok
16:10:55.0683 2740 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
16:10:55.0683 2740 Null - ok
16:10:55.0917 2740 [ 9B93CC9C70EDE60A9C486E7719DB9E8D ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:10:55.0979 2740 nvlddmkm - ok
16:10:56.0026 2740 [ F76296368BB813E0C6996501A3271C7C ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
16:10:56.0026 2740 nvpciflt - ok
16:10:56.0057 2740 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:10:56.0057 2740 nvraid - ok
16:10:56.0089 2740 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:10:56.0104 2740 nvstor - ok
16:10:56.0151 2740 [ FB50E60564ED30DDC855F0CE435C8467 ] nvsvc C:\Windows\system32\nvvsvc.exe
16:10:56.0182 2740 nvsvc - ok
16:10:56.0260 2740 [ C63E582366EAD77978BFFD959A66DBB8 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
16:10:56.0291 2740 nvUpdatusService - ok
16:10:56.0323 2740 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
16:10:56.0323 2740 nv_agp - ok
16:10:56.0385 2740 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:10:56.0401 2740 odserv - ok
16:10:56.0416 2740 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
16:10:56.0432 2740 ohci1394 - ok
16:10:56.0463 2740 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:10:56.0479 2740 ose - ok
16:10:56.0510 2740 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:10:56.0510 2740 p2pimsvc - ok
16:10:56.0525 2740 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
16:10:56.0541 2740 p2psvc - ok
16:10:56.0557 2740 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
16:10:56.0572 2740 Parport - ok
16:10:56.0603 2740 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:10:56.0603 2740 partmgr - ok
16:10:56.0619 2740 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:10:56.0619 2740 PcaSvc - ok
16:10:56.0650 2740 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
16:10:56.0650 2740 pci - ok
16:10:56.0666 2740 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
16:10:56.0666 2740 pciide - ok
16:10:56.0697 2740 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
16:10:56.0697 2740 pcmcia - ok
16:10:56.0713 2740 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
16:10:56.0713 2740 pcw - ok
16:10:56.0728 2740 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:10:56.0759 2740 PEAUTH - ok
16:10:56.0853 2740 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:10:56.0869 2740 PerfHost - ok
16:10:56.0915 2740 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
16:10:56.0947 2740 pla - ok
16:10:56.0993 2740 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:10:56.0993 2740 PlugPlay - ok
16:10:57.0009 2740 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:10:57.0009 2740 PNRPAutoReg - ok
16:10:57.0056 2740 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:10:57.0056 2740 PNRPsvc - ok
16:10:57.0087 2740 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:10:57.0087 2740 PolicyAgent - ok
16:10:57.0118 2740 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
16:10:57.0134 2740 Power - ok
16:10:57.0165 2740 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:10:57.0165 2740 PptpMiniport - ok
16:10:57.0196 2740 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
16:10:57.0196 2740 Processor - ok
16:10:57.0243 2740 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\Windows\system32\profsvc.dll
16:10:57.0243 2740 ProfSvc - ok
16:10:57.0259 2740 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:10:57.0259 2740 ProtectedStorage - ok
16:10:57.0274 2740 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:10:57.0290 2740 Psched - ok
16:10:57.0337 2740 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
16:10:57.0368 2740 ql2300 - ok
16:10:57.0399 2740 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
16:10:57.0399 2740 ql40xx - ok
16:10:57.0430 2740 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
16:10:57.0446 2740 QWAVE - ok
16:10:57.0461 2740 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:10:57.0461 2740 QWAVEdrv - ok
16:10:57.0477 2740 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:10:57.0477 2740 RasAcd - ok
16:10:57.0508 2740 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:10:57.0508 2740 RasAgileVpn - ok
16:10:57.0524 2740 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
16:10:57.0524 2740 RasAuto - ok
16:10:57.0539 2740 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:10:57.0539 2740 Rasl2tp - ok
16:10:57.0571 2740 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
16:10:57.0571 2740 RasMan - ok
16:10:57.0586 2740 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:10:57.0586 2740 RasPppoe - ok
16:10:57.0602 2740 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:10:57.0602 2740 RasSstp - ok
16:10:57.0633 2740 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:10:57.0633 2740 rdbss - ok
16:10:57.0649 2740 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:10:57.0649 2740 rdpbus - ok
16:10:57.0664 2740 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:10:57.0664 2740 RDPCDD - ok
16:10:57.0695 2740 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:10:57.0695 2740 RDPENCDD - ok
16:10:57.0711 2740 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:10:57.0711 2740 RDPREFMP - ok
16:10:57.0742 2740 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:10:57.0742 2740 RDPWD - ok
16:10:57.0773 2740 [ E5DC9BA9E439D6DBDD79F8CAACB5BF01 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:10:57.0773 2740 rdyboost - ok
16:10:57.0805 2740 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:10:57.0805 2740 RemoteAccess - ok
16:10:57.0836 2740 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:10:57.0836 2740 RemoteRegistry - ok
16:10:57.0883 2740 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
16:10:57.0898 2740 RFCOMM - ok
16:10:57.0961 2740 [ F12A68ED55053940CADD59CA5E3468DD ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
16:10:58.0007 2740 RichVideo - ok
16:10:58.0039 2740 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:10:58.0054 2740 RpcEptMapper - ok
16:10:58.0070 2740 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
16:10:58.0070 2740 RpcLocator - ok
16:10:58.0101 2740 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
16:10:58.0101 2740 RpcSs - ok
16:10:58.0148 2740 [ 0103AA79589FCA09DF1DF9B31273B16D ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
16:10:58.0148 2740 RSPCIESTOR - ok
16:10:58.0179 2740 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:10:58.0179 2740 rspndr - ok
16:10:58.0195 2740 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
16:10:58.0195 2740 SamSs - ok
16:10:58.0210 2740 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
16:10:58.0210 2740 sbp2port - ok
16:10:58.0226 2740 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:10:58.0241 2740 SCardSvr - ok
16:10:58.0257 2740 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:10:58.0257 2740 scfilter - ok
16:10:58.0304 2740 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
16:10:58.0335 2740 Schedule - ok
16:10:58.0366 2740 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
16:10:58.0366 2740 SCPolicySvc - ok
16:10:58.0413 2740 [ 84E00908975FAF79E91282ED8FB88C2F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
16:10:58.0413 2740 sdbus - ok
16:10:58.0444 2740 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:10:58.0444 2740 SDRSVC - ok
16:10:58.0475 2740 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:10:58.0475 2740 secdrv - ok
16:10:58.0475 2740 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
16:10:58.0491 2740 seclogon - ok
16:10:58.0491 2740 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
16:10:58.0491 2740 SENS - ok
16:10:58.0522 2740 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:10:58.0522 2740 SensrSvc - ok
16:10:58.0538 2740 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:10:58.0538 2740 Serenum - ok
16:10:58.0569 2740 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:10:58.0569 2740 Serial - ok
16:10:58.0600 2740 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
16:10:58.0616 2740 sermouse - ok
16:10:58.0631 2740 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
16:10:58.0647 2740 SessionEnv - ok
16:10:58.0663 2740 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
16:10:58.0663 2740 sffdisk - ok
16:10:58.0678 2740 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
16:10:58.0678 2740 sffp_mmc - ok
16:10:58.0694 2740 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
16:10:58.0694 2740 sffp_sd - ok
16:10:58.0709 2740 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
16:10:58.0709 2740 sfloppy - ok
16:10:58.0741 2740 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:10:58.0741 2740 SharedAccess - ok
16:10:58.0772 2740 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:10:58.0772 2740 ShellHWDetection - ok
16:10:58.0803 2740 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
16:10:58.0819 2740 SiSGbeLH - ok
16:10:58.0834 2740 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:10:58.0834 2740 SiSRaid2 - ok
16:10:58.0850 2740 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
16:10:58.0850 2740 SiSRaid4 - ok
16:10:58.0928 2740 [ 50D9949020E02B847CD48F1243FCB895 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:10:58.0928 2740 SkypeUpdate - ok
16:10:58.0959 2740 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:10:58.0959 2740 Smb - ok
16:10:58.0990 2740 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:10:59.0006 2740 SNMPTRAP - ok
16:10:59.0068 2740 [ 2114518E55B380A3ACC28B2C27FD499A ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
16:10:59.0115 2740 SNP2UVC - ok
16:10:59.0131 2740 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
16:10:59.0146 2740 spldr - ok
16:10:59.0177 2740 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\Windows\System32\spoolsv.exe
16:10:59.0193 2740 Spooler - ok
16:10:59.0287 2740 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
16:10:59.0365 2740 sppsvc - ok
16:10:59.0380 2740 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:10:59.0380 2740 sppuinotify - ok
16:10:59.0411 2740 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:10:59.0427 2740 srv - ok
16:10:59.0443 2740 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:10:59.0443 2740 srv2 - ok
16:10:59.0474 2740 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:10:59.0474 2740 srvnet - ok
16:10:59.0489 2740 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:10:59.0505 2740 SSDPSRV - ok
16:10:59.0521 2740 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:10:59.0521 2740 SstpSvc - ok
16:10:59.0567 2740 [ 7FCE08C739136C9C64107A8814EF854C ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:10:59.0567 2740 Stereo Service - ok
16:10:59.0599 2740 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
16:10:59.0599 2740 stexstor - ok
16:10:59.0645 2740 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
16:10:59.0645 2740 StillCam - ok
16:10:59.0677 2740 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
16:10:59.0692 2740 stisvc - ok
16:10:59.0708 2740 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:10:59.0708 2740 swenum - ok
16:10:59.0755 2740 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
16:10:59.0770 2740 swprv - ok
16:10:59.0817 2740 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
16:10:59.0879 2740 SysMain - ok
16:10:59.0895 2740 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:10:59.0895 2740 TabletInputService - ok
16:10:59.0911 2740 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
16:10:59.0926 2740 TapiSrv - ok
16:10:59.0942 2740 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
16:10:59.0942 2740 TBS - ok
16:11:00.0020 2740 [ 5CFB7AB8F9524D1A1E14369DE63B83CC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:11:00.0067 2740 Tcpip - ok
16:11:00.0129 2740 [ 5CFB7AB8F9524D1A1E14369DE63B83CC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:11:00.0145 2740 TCPIP6 - ok
16:11:00.0191 2740 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:11:00.0191 2740 tcpipreg - ok
16:11:00.0207 2740 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:11:00.0207 2740 TDPIPE - ok
16:11:00.0238 2740 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:11:00.0238 2740 TDTCP - ok
16:11:00.0269 2740 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:11:00.0269 2740 tdx - ok
16:11:00.0285 2740 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:11:00.0285 2740 TermDD - ok
16:11:00.0316 2740 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
16:11:00.0347 2740 TermService - ok
16:11:00.0363 2740 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
16:11:00.0363 2740 Themes - ok
16:11:00.0379 2740 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
16:11:00.0379 2740 THREADORDER - ok
16:11:00.0410 2740 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
16:11:00.0425 2740 TrkWks - ok
16:11:00.0441 2740 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:11:00.0457 2740 TrustedInstaller - ok
16:11:00.0472 2740 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:11:00.0472 2740 tssecsrv - ok
16:11:00.0519 2740 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:11:00.0519 2740 tunnel - ok
16:11:00.0550 2740 [ C45A3E051C65106A28982CAED125F855 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
16:11:00.0566 2740 TurboB - ok
16:11:00.0581 2740 [ BAEF86EBEAECE76573FA822DEA256F6C ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
16:11:00.0597 2740 TurboBoost - ok
16:11:00.0613 2740 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
16:11:00.0628 2740 uagp35 - ok
16:11:00.0644 2740 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:11:00.0659 2740 udfs - ok
16:11:00.0675 2740 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:11:00.0675 2740 UI0Detect - ok
16:11:00.0706 2740 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
16:11:00.0722 2740 uliagpkx - ok
16:11:00.0737 2740 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:11:00.0737 2740 umbus - ok
16:11:00.0769 2740 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
16:11:00.0769 2740 UmPass - ok
16:11:00.0847 2740 [ 41118D920B2B268C0ADC36421248CDCF ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
16:11:00.0909 2740 UNS - ok
16:11:00.0940 2740 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
16:11:00.0940 2740 upnphost - ok
16:11:00.0971 2740 [ 7B6A127C93EE590E4D79A5F2A76FE46F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:11:00.0987 2740 usbccgp - ok
16:11:01.0018 2740 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
16:11:01.0018 2740 usbcir - ok
16:11:01.0034 2740 [ 92969BA5AC44E229C55A332864F79677 ] usbehci C:\Windows\system32\drivers\usbehci.sys
16:11:01.0049 2740 usbehci - ok
16:11:01.0081 2740 [ E7DF1CFD28CA86B35EF5ADD0735CEEF3 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:11:01.0081 2740 usbhub - ok
16:11:01.0112 2740 [ F1BB1E55F1E7A65C5839CCC7B36D773E ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:11:01.0112 2740 usbohci - ok
16:11:01.0127 2740 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:11:01.0127 2740 usbprint - ok
16:11:01.0159 2740 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:11:01.0174 2740 USBSTOR - ok
16:11:01.0205 2740 [ BC3070350A491D84B518D7CCA9ABD36F ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:11:01.0205 2740 usbuhci - ok
16:11:01.0252 2740 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
16:11:01.0252 2740 usbvideo - ok
16:11:01.0299 2740 [ E388D1507E779D0B499A1D87476E4230 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
16:11:01.0299 2740 usb_rndisx - ok
16:11:01.0330 2740 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
16:11:01.0330 2740 UxSms - ok
16:11:01.0346 2740 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
16:11:01.0346 2740 VaultSvc - ok
16:11:01.0393 2740 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
16:11:01.0393 2740 vdrvroot - ok
16:11:01.0424 2740 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
16:11:01.0455 2740 vds - ok
16:11:01.0471 2740 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:11:01.0471 2740 vga - ok
16:11:01.0486 2740 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
16:11:01.0486 2740 VgaSave - ok
16:11:01.0517 2740 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
16:11:01.0517 2740 vhdmp - ok
16:11:01.0533 2740 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
16:11:01.0533 2740 viaide - ok
16:11:01.0549 2740 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
16:11:01.0564 2740 volmgr - ok
16:11:01.0580 2740 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:11:01.0580 2740 volmgrx - ok
16:11:01.0627 2740 [ 9E425AC5C9A5A973273D169F43B4F5E1 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:11:01.0627 2740 volsnap - ok
16:11:01.0658 2740 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
16:11:01.0658 2740 vsmraid - ok
16:11:01.0720 2740 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
16:11:01.0767 2740 VSS - ok
16:11:01.0783 2740 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:11:01.0783 2740 vwifibus - ok
16:11:01.0798 2740 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:11:01.0798 2740 vwififlt - ok
16:11:01.0829 2740 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
16:11:01.0829 2740 vwifimp - ok
16:11:01.0861 2740 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
16:11:01.0861 2740 W32Time - ok
16:11:01.0892 2740 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
16:11:01.0892 2740 WacomPen - ok
16:11:01.0907 2740 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:11:01.0907 2740 WANARP - ok
16:11:01.0923 2740 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:11:01.0939 2740 Wanarpv6 - ok
16:11:01.0970 2740 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
16:11:02.0017 2740 wbengine - ok
16:11:02.0048 2740 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:11:02.0048 2740 WbioSrvc - ok
16:11:02.0079 2740 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:11:02.0095 2740 wcncsvc - ok
16:11:02.0110 2740 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:11:02.0110 2740 WcsPlugInService - ok
16:11:02.0126 2740 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
16:11:02.0126 2740 Wd - ok
16:11:02.0157 2740 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:11:02.0188 2740 Wdf01000 - ok
16:11:02.0219 2740 wdiasxsq - ok
16:11:02.0251 2740 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:11:02.0251 2740 WdiServiceHost - ok
16:11:02.0251 2740 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:11:02.0266 2740 WdiSystemHost - ok
16:11:02.0297 2740 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
16:11:02.0297 2740 WebClient - ok
16:11:02.0313 2740 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:11:02.0329 2740 Wecsvc - ok
16:11:02.0344 2740 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:11:02.0344 2740 wercplsupport - ok
16:11:02.0375 2740 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
16:11:02.0375 2740 WerSvc - ok
16:11:02.0407 2740 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:11:02.0407 2740 WfpLwf - ok
16:11:02.0438 2740 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
16:11:02.0453 2740 WimFltr - ok
16:11:02.0453 2740 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:11:02.0453 2740 WIMMount - ok
16:11:02.0485 2740 WinDefend - ok
16:11:02.0485 2740 WinHttpAutoProxySvc - ok
16:11:02.0547 2740 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:11:02.0547 2740 Winmgmt - ok
16:11:02.0609 2740 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
16:11:02.0687 2740 WinRM - ok
16:11:02.0750 2740 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:11:02.0750 2740 WinUsb - ok
16:11:02.0812 2740 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
16:11:02.0843 2740 Wlansvc - ok
16:11:02.0875 2740 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
16:11:02.0875 2740 WmiAcpi - ok
16:11:02.0890 2740 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:11:02.0890 2740 wmiApSrv - ok
16:11:02.0937 2740 WMPNetworkSvc - ok
16:11:02.0953 2740 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:11:02.0953 2740 WPCSvc - ok
16:11:02.0968 2740 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:11:02.0968 2740 WPDBusEnum - ok
16:11:02.0999 2740 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:11:02.0999 2740 ws2ifsl - ok
16:11:03.0031 2740 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\Windows\System32\wscsvc.dll
16:11:03.0031 2740 wscsvc - ok
16:11:03.0046 2740 WSearch - ok
16:11:03.0124 2740 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
16:11:03.0202 2740 wuauserv - ok
16:11:03.0233 2740 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:11:03.0233 2740 WudfPf - ok
16:11:03.0265 2740 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:11:03.0280 2740 WUDFRd - ok
16:11:03.0296 2740 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:11:03.0296 2740 wudfsvc - ok
16:11:03.0327 2740 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
16:11:03.0327 2740 WwanSvc - ok
16:11:03.0405 2740 [ 74983ADDCA2D9618512C088D856D6615 ] {B154377D-700F-42cc-9474-23858FBDF4BD} C:\Program Files (x86)\Cyberlink\PowerDVD9\000.fcl
16:11:03.0405 2740 {B154377D-700F-42cc-9474-23858FBDF4BD} - ok
16:11:03.0436 2740 ================ Scan global ===============================
16:11:03.0452 2740 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:11:03.0499 2740 [ 3FB74FF230B5D240A57AE1C4A3D0459D ] C:\Windows\system32\winsrv.dll
16:11:03.0514 2740 [ 3FB74FF230B5D240A57AE1C4A3D0459D ] C:\Windows\system32\winsrv.dll
16:11:03.0545 2740 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:11:03.0561 2740 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:11:03.0561 2740 [Global] - ok
16:11:03.0577 2740 ================ Scan MBR ==================================
16:11:03.0577 2740 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:11:03.0982 2740 \Device\Harddisk0\DR0 - ok
16:11:03.0982 2740 ================ Scan VBR ==================================
16:11:03.0982 2740 [ 4CA9FCEE8C8310B79D08700CE7EF184C ] \Device\Harddisk0\DR0\Partition1
16:11:03.0982 2740 \Device\Harddisk0\DR0\Partition1 - ok
16:11:04.0029 2740 [ 12305AB3574952956499B9E4BAA91FF9 ] \Device\Harddisk0\DR0\Partition2
16:11:04.0029 2740 \Device\Harddisk0\DR0\Partition2 - ok
16:11:04.0029 2740 ============================================================
16:11:04.0029 2740 Scan finished
16:11:04.0029 2740 ============================================================
16:11:04.0045 5308 Detected object count: 0
16:11:04.0045 5308 Actual detected object count: 0
16:11:08.0678 5332 Deinitialize success
|
|
02.04.2014, 08:35
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Wo Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 Lösung! Bitte ein Log mit CF machen: Scan mit Combofix
__________________ --> Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 |
|
02.04.2014, 19:36
| #7 |
| | Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 Hallo! Combo installiert. Er meckerte, dass Mircosoft Security Essential antivierus und -spyware aktiv seien. Waren aber deaktiviert. Hier der Log: Code:
ATTFilter ComboFix 14-03-24.01 - MediMax 02.04.2014 19:52:31.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.49.1031.18.5932.3809 [GMT 2:00]
ausgeführt von:: c:\users\MediMax\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\msvcr71.dll
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-03-02 bis 2014-04-02 ))))))))))))))))))))))))))))))
.
.
2014-04-02 18:01 . 2014-04-02 18:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-04-02 18:01 . 2014-04-02 18:01 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-04-01 20:38 . 2014-02-21 07:02 1031560 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3FFD6BD5-024B-4873-859A-D1CCBE4011EF}\gapaengine.dll
2014-04-01 20:38 . 2014-03-07 04:43 10521840 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{873AE9BC-B487-4055-8A46-1900B5032A3E}\mpengine.dll
2014-04-01 06:33 . 2014-04-01 06:35 -------- d-----w- C:\FRST
2014-03-31 19:51 . 2014-03-07 04:43 10521840 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-03-31 05:36 . 2014-03-31 05:36 -------- d-----w- c:\windows\CheckSur
2014-03-31 05:07 . 2014-03-31 05:07 -------- d-----w- c:\windows\system32\EventProviders
2014-03-30 20:34 . 2014-03-30 20:34 -------- d-----w- c:\users\Public\CyberLink
2014-03-30 17:52 . 2014-03-30 17:54 -------- d-----w- C:\AdwCleaner
2014-03-30 09:01 . 2014-03-30 09:13 119512 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-03-30 09:00 . 2014-03-30 09:00 -------- d-----w- c:\programdata\Malwarebytes
2014-03-29 17:41 . 2014-03-29 17:41 208216 ----a-w- c:\windows\system32\drivers\90336673.sys
2014-03-29 17:39 . 2014-03-29 17:39 208216 ----a-w- c:\windows\system32\drivers\66244616.sys
2014-03-28 18:27 . 2014-03-28 18:27 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-03-28 18:27 . 2014-03-28 18:27 -------- d-----r- c:\program files (x86)\Skype
2014-03-28 18:24 . 2014-03-29 17:48 -------- d-----w- C:\history
2014-03-26 17:29 . 2014-03-26 17:29 -------- d-----w- c:\program files (x86)\Microsoft Download Manager
2014-03-15 07:30 . 2014-03-15 07:30 -------- d-----w- c:\programdata\Intel
2014-03-15 07:30 . 2014-03-15 07:30 -------- d-----w- c:\windows\SysWow64\NV
2014-03-15 07:30 . 2014-03-15 07:30 -------- d-----w- c:\windows\system32\NV
2014-03-15 07:16 . 2013-09-05 01:37 61216 ----a-w- c:\windows\system32\OpenCL.dll
2014-03-15 07:16 . 2013-09-05 01:37 53024 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-03-15 07:15 . 2014-03-15 07:15 -------- d-----w- c:\programdata\NVIDIA Corporation
2014-03-15 07:15 . 2014-03-15 07:18 -------- d-----w- c:\program files\NVIDIA Corporation
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-31 20:26 . 2012-05-08 17:02 45056 ----a-w- c:\windows\system32\acovcnt.exe
2014-03-14 23:47 . 2012-05-08 07:33 90015360 ----a-w- c:\windows\system32\MRT.exe
2014-03-13 19:47 . 2012-06-04 19:54 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-03-13 19:47 . 2012-06-01 08:38 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-11 08:52 . 2011-04-27 13:25 133928 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2014-02-21 07:02 . 2012-06-13 10:03 1031560 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-01-25 00:19 . 2014-01-25 00:19 268512 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2014-01-19 07:33 . 2012-04-24 17:29 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-01-16 00:42 . 2014-01-16 00:42 608032 ----a-w- C:\SecurityScanner.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Syncables"="c:\program files (x86)\syncables\syncables desktop\Syncables.exe" [2010-04-05 370480]
"AVMUSBFernanschluss"="c:\users\MediMax\AppData\Local\Apps\2.0\VN87KBH0.Z1C\1GWNEOP3.BQ2\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\AVMAutoStart.exe" [2012-12-30 139264]
"HP Deskjet 3050A J611 series (NET)"="c:\program files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" [2012-10-17 2573416]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"MyDriveConnect.exe"="c:\program files (x86)\MyDrive Connect\MyDriveConnect.exe" [2013-11-29 473496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl9"="c:\program files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2010-02-24 75048]
"UpdatePSTShortCut"="c:\program files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2010-06-24 210216]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-02-04 7350912]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-01-05 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-07-02 1597440]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe -d [2012-7-2 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 wdiasxsq;wdiasxsq;c:\windows\system32\drivers\wdiasxsq.sys;c:\windows\SYSNATIVE\drivers\wdiasxsq.sys [x]
R2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/08/11 17:41];c:\program files (x86)\Cyberlink\PowerDVD9\000.fcl;c:\program files (x86)\Cyberlink\PowerDVD9\000.fcl [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 avmaudio;AVM Audio;c:\windows\system32\DRIVERS\avmaudio.sys;c:\windows\SYSNATIVE\DRIVERS\avmaudio.sys [x]
S3 avmaura;AVM USB-Fernanschluss;c:\windows\system32\DRIVERS\avmaura.sys;c:\windows\SYSNATIVE\DRIVERS\avmaura.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys;c:\windows\SYSNATIVE\DRIVERS\FLxHCIc.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-15 19:02 1150280 ----a-w- c:\program files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-04-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-04 19:47]
.
2014-04-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-12 00:53]
.
2014-04-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-12 00:53]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 1271072]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-10 167256]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-10 391512]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-10 415064]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-SessionLogon - c:\expressgateutil\SessionLogon.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Toolbar-Locked - (no file)
HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe
HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\c:\program files (x86)\Cyberlink\PowerDVD9\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-04-02 20:13:40
ComboFix-quarantined-files.txt 2014-04-02 18:13
.
Vor Suchlauf: 13 Verzeichnis(se), 93.412.433.920 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 95.082.561.536 Bytes frei
.
- - End Of File - - F95F2A3DAF6C6F8436226A9971EF8667
|
|
02.04.2014, 21:15
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 Combofix-Skript
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.04.2014, 09:20
| #9 |
| | Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 Hallo! Combo neu erstellt. suspect oder collect nicht vorhanden. comboFix: Code:
ATTFilter ComboFix 14-03-24.01 - MediMax 03.04.2014 8:31.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.49.1031.18.5932.4034 [GMT 2:00]
ausgeführt von:: c:\users\MediMax\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\MediMax\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\drivers\wdiasxsq.sys"
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_wdiasxsq
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-03-03 bis 2014-04-03 ))))))))))))))))))))))))))))))
.
.
2014-04-03 06:40 . 2014-04-03 06:40 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-04-03 06:40 . 2014-04-03 06:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-04-03 06:17 . 2014-03-07 04:43 10521840 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B34BDF71-5DA5-402C-807C-4D2411A3E4B8}\mpengine.dll
2014-04-01 20:38 . 2014-02-21 07:02 1031560 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3FFD6BD5-024B-4873-859A-D1CCBE4011EF}\gapaengine.dll
2014-04-01 20:38 . 2014-03-07 04:43 10521840 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-04-01 06:33 . 2014-04-01 06:35 -------- d-----w- C:\FRST
2014-03-31 05:36 . 2014-03-31 05:36 -------- d-----w- c:\windows\CheckSur
2014-03-31 05:07 . 2014-03-31 05:07 -------- d-----w- c:\windows\system32\EventProviders
2014-03-30 20:34 . 2014-03-30 20:34 -------- d-----w- c:\users\Public\CyberLink
2014-03-30 17:52 . 2014-03-30 17:54 -------- d-----w- C:\AdwCleaner
2014-03-30 09:01 . 2014-03-30 09:13 119512 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-03-30 09:00 . 2014-03-30 09:00 -------- d-----w- c:\programdata\Malwarebytes
2014-03-29 17:41 . 2014-03-29 17:41 208216 ----a-w- c:\windows\system32\drivers\90336673.sys
2014-03-29 17:39 . 2014-03-29 17:39 208216 ----a-w- c:\windows\system32\drivers\66244616.sys
2014-03-28 18:27 . 2014-03-28 18:27 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-03-28 18:27 . 2014-03-28 18:27 -------- d-----r- c:\program files (x86)\Skype
2014-03-28 18:24 . 2014-03-29 17:48 -------- d-----w- C:\history
2014-03-26 17:29 . 2014-03-26 17:29 -------- d-----w- c:\program files (x86)\Microsoft Download Manager
2014-03-15 07:30 . 2014-03-15 07:30 -------- d-----w- c:\programdata\Intel
2014-03-15 07:30 . 2014-03-15 07:30 -------- d-----w- c:\windows\SysWow64\NV
2014-03-15 07:30 . 2014-03-15 07:30 -------- d-----w- c:\windows\system32\NV
2014-03-15 07:16 . 2013-09-05 01:37 61216 ----a-w- c:\windows\system32\OpenCL.dll
2014-03-15 07:16 . 2013-09-05 01:37 53024 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-03-15 07:15 . 2014-03-15 07:15 -------- d-----w- c:\programdata\NVIDIA Corporation
2014-03-15 07:15 . 2014-03-15 07:18 -------- d-----w- c:\program files\NVIDIA Corporation
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-02 18:28 . 2012-05-08 17:02 45056 ----a-w- c:\windows\system32\acovcnt.exe
2014-03-14 23:47 . 2012-05-08 07:33 90015360 ----a-w- c:\windows\system32\MRT.exe
2014-03-13 19:47 . 2012-06-04 19:54 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-03-13 19:47 . 2012-06-01 08:38 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-11 08:52 . 2011-04-27 13:25 133928 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2014-02-21 07:02 . 2012-06-13 10:03 1031560 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-01-25 00:19 . 2014-01-25 00:19 268512 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2014-01-19 07:33 . 2012-04-24 17:29 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-01-16 00:42 . 2014-01-16 00:42 608032 ----a-w- C:\SecurityScanner.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Syncables"="c:\program files (x86)\syncables\syncables desktop\Syncables.exe" [2010-04-05 370480]
"AVMUSBFernanschluss"="c:\users\MediMax\AppData\Local\Apps\2.0\VN87KBH0.Z1C\1GWNEOP3.BQ2\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\AVMAutoStart.exe" [2012-12-30 139264]
"HP Deskjet 3050A J611 series (NET)"="c:\program files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" [2012-10-17 2573416]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"MyDriveConnect.exe"="c:\program files (x86)\MyDrive Connect\MyDriveConnect.exe" [2013-11-29 473496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl9"="c:\program files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2010-02-24 75048]
"UpdatePSTShortCut"="c:\program files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2010-06-24 210216]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-02-04 7350912]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-01-05 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-07-02 1597440]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe -d [2012-7-2 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/08/11 17:41];c:\program files (x86)\Cyberlink\PowerDVD9\000.fcl;c:\program files (x86)\Cyberlink\PowerDVD9\000.fcl [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 avmaudio;AVM Audio;c:\windows\system32\DRIVERS\avmaudio.sys;c:\windows\SYSNATIVE\DRIVERS\avmaudio.sys [x]
S3 avmaura;AVM USB-Fernanschluss;c:\windows\system32\DRIVERS\avmaura.sys;c:\windows\SYSNATIVE\DRIVERS\avmaura.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys;c:\windows\SYSNATIVE\DRIVERS\FLxHCIc.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-15 19:02 1150280 ----a-w- c:\program files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-04-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-04 19:47]
.
2014-04-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-12 00:53]
.
2014-04-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-12 00:53]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"Setwallpaper"="c:\programdata\SetWallpaper.cmd" [BU]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 1271072]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-10 167256]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-10 391512]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-10 415064]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\c:\program files (x86)\Cyberlink\PowerDVD9\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\ASUS\SmartLogon\smartlogon.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
c:\program files (x86)\Internet Explorer\iexplore.exe
c:\program files (x86)\Internet Explorer\iexplore.exe
c:\program files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeck.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-04-03 08:55:45 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2014-04-03 06:55
.
Vor Suchlauf: 18 Verzeichnis(se), 94.918.807.552 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 95.756.857.344 Bytes frei
.
- - End Of File - - 4AA83FE92C9B384553AD384318E7A43F
|
|
03.04.2014, 09:27
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 [gelöst] Adware/Junkware/Toolbars entfernen 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.04.2014, 22:26
| #11 |
| | Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 [gelöst] Hallo! Die Schritte wie beschrieben ausgeführt. Die Addition.txt wurde nicht erstellt. Liegt es daran, dass FRST noch installiert war? Code:
ATTFilter # AdwCleaner v3.023 - Bericht erstellt am 03/04/2014 um 19:13:24
# Aktualisiert 01/04/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium (64 bits)
# Benutzername : MediMax - MEDIMAX-PC
# Gestartet von : C:\Users\MediMax\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v8.0.7600.17267
-\\ Google Chrome v33.0.1750.154
[ Datei : C:\Users\MediMax\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht : icon_url
Gelöscht : search_url
Gelöscht : suggest_url
Gelöscht : keyword
*************************
AdwCleaner[R0].txt - [9137 octets] - [30/03/2014 19:52:37]
AdwCleaner[R1].txt - [1044 octets] - [03/04/2014 19:11:37]
AdwCleaner[S0].txt - [9016 octets] - [30/03/2014 19:54:25]
AdwCleaner[S1].txt - [920 octets] - [03/04/2014 19:13:24]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [979 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Home Premium x64
Ran by MediMax on 03.04.2014 at 19:25:25,98
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{98A15D92-B500-4FEF-974D-6DA29E41E391}
Successfully deleted: [Registry Key] "hkey_current_user\software\classes\typelib\{006ad7b2-968a-11de-88c9-5bde55d89593}"
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.04.2014 at 19:32:00,87
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by MediMax (administrator) on MEDIMAX-PC on 03-04-2014 21:36:04
Running from C:\Users\MediMax\Desktop
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Windows\system32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(syncables, LLC) C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(syncables, LLC) C:\Program Files (x86)\syncables\syncables desktop\syncablesMAPI.exe
() C:\Program Files (x86)\ASUS\ASUS WebStorage\EeeStorageUploader.exe
(asus) C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\system32\lpremove.exe
(Microsoft Corporation) C:\Windows\system32\lpksetup.exe
(Microsoft Corporation) C:\Windows\system32\lpksetup.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-04-13] (ELAN Microelectronic Corp.)
HKLM\...\Run: [ASUS WebStorage] - C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [1754448 2010-03-16] ()
HKLM\...\Run: [Setwallpaper] - c:\programdata\SetWallpaper.cmd
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [RemoteControl9] - C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-02-24] (cyberlink)
HKLM-x32\...\Run: [UpdatePSTShortCut] - C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2010-06-25] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateLBPShortCut] - C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [7350912 2010-02-04] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-01-05] (ASUS)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1597440 2010-07-02] ()
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-497900869-4280295134-4125289220-1000\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-08-12] (Google Inc.)
HKU\S-1-5-21-497900869-4280295134-4125289220-1001\...\Run: [Syncables] - C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe [370480 2010-04-05] (syncables, LLC)
HKU\S-1-5-21-497900869-4280295134-4125289220-1001\...\Run: [AVMUSBFernanschluss] - C:\Users\MediMax\AppData\Local\Apps\2.0\VN87KBH0.Z1C\1GWNEOP3.BQ2\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\AVMAutoStart.exe [139264 2012-12-30] (AVM Berlin)
HKU\S-1-5-21-497900869-4280295134-4125289220-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] - C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO-x32: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Users\MediMax\AppData\Local\Programs\ANDI 2013\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
DPF: HKLM-x32 {B479199A-1242-4E3C-AD81-7F0DF801B4AE} hxxp://download.microsoft.com/download/C/9/C/C9C3D86D-84AC-4AF0-8584-842756A66467/MicrosoftDownloadManager.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - No File
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\syswow64\urlmon.dll (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchProvider: Ask
CHR DefaultSearchURL: hxxp://www.google.com
CHR DefaultNewTabURL:
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\Users\MediMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-04-24]
CHR Extension: (Google-Suche) - C:\Users\MediMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-04-24]
CHR Extension: (Avira Browser Safety Beta) - C:\Users\MediMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-03-30]
CHR Extension: (Google Wallet) - C:\Users\MediMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Charlotte Ronson) - C:\Users\MediMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\obakimnhgahiedhcjlcnohielmendpen [2012-04-24]
CHR Extension: (Google Mail) - C:\Users\MediMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-04-24]
==================== Services (Whitelisted) =================
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R3 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2010-04-06] ()
==================== Drivers (Whitelisted) ====================
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [116096 2012-04-25] (AVM Berlin)
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2012-12-30] (AVM Berlin)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-03-30] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800192 2009-08-20] ()
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-08-06] ()
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files (x86)\Cyberlink\PowerDVD9\000.fcl [146928 2010-02-24] (CyberLink Corp.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U3 tmlwf;
U3 tmwfp;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-03 21:36 - 2014-04-03 21:36 - 00016115 _____ () C:\Users\MediMax\Desktop\FRST.txt
2014-04-03 19:32 - 2014-04-03 19:32 - 00001187 _____ () C:\Users\MediMax\Desktop\JRT.txt
2014-04-03 19:25 - 2014-04-03 19:25 - 00000000 ____D () C:\Windows\ERUNT
2014-04-03 19:24 - 2014-04-03 19:24 - 01038974 _____ (Thisisu) C:\Users\MediMax\Desktop\JRT.exe
2014-04-03 19:09 - 2014-04-03 19:09 - 01426178 _____ () C:\Users\MediMax\Desktop\adwcleaner.exe
2014-04-03 08:55 - 2014-04-03 08:55 - 00019985 _____ () C:\ComboFix.txt
2014-04-03 08:19 - 2014-04-03 08:20 - 05192353 ____R (Swearware) C:\Users\MediMax\Desktop\ComboFix.exe
2014-04-02 19:51 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-02 19:51 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-02 19:51 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-02 19:51 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-02 19:51 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-02 19:51 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-02 19:51 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-02 19:51 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-02 19:48 - 2014-04-03 08:56 - 00000000 ____D () C:\Qoobox
2014-04-02 19:48 - 2014-04-03 08:40 - 00000000 ____D () C:\Windows\erdnt
2014-04-01 08:47 - 2014-04-01 08:47 - 00380416 _____ () C:\Users\MediMax\Desktop\Gmer-19357.exe
2014-04-01 08:33 - 2014-04-03 21:36 - 00000000 ____D () C:\FRST
2014-04-01 08:33 - 2014-04-03 21:34 - 02157056 _____ (Farbar) C:\Users\MediMax\Desktop\FRST64.exe
2014-04-01 08:27 - 2014-04-01 08:27 - 00000476 _____ () C:\Users\MediMax\Desktop\defogger_disable.log
2014-04-01 08:27 - 2014-04-01 08:27 - 00000000 _____ () C:\Users\MediMax\defogger_reenable
2014-04-01 08:24 - 2014-04-01 08:24 - 00014889 _____ () C:\Users\MediMax\Desktop\download-defogger.htm
2014-03-31 07:36 - 2014-03-31 07:36 - 00000000 ____D () C:\Windows\CheckSur
2014-03-31 07:07 - 2014-03-31 07:07 - 00000000 ____D () C:\Windows\system32\EventProviders
2014-03-30 22:34 - 2014-03-30 22:34 - 00000000 ____D () C:\Users\Public\CyberLink
2014-03-30 19:52 - 2014-04-03 19:13 - 00000000 ____D () C:\AdwCleaner
2014-03-30 11:01 - 2014-03-30 11:13 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-30 11:00 - 2014-03-30 11:00 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-29 19:41 - 2014-03-29 19:41 - 00208216 _____ (Kaspersky Lab, GERT) C:\Windows\system32\Drivers\90336673.sys
2014-03-29 19:39 - 2014-03-29 19:39 - 00208216 _____ (Kaspersky Lab, GERT) C:\Windows\system32\Drivers\66244616.sys
2014-03-28 20:27 - 2014-03-28 20:27 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-26 19:29 - 2014-03-26 19:29 - 00002525 _____ () C:\Users\Public\Desktop\Microsoft Download Manager.lnk
2014-03-26 19:29 - 2014-03-26 19:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft Download Manager
2014-03-23 22:14 - 2014-02-26 20:35 - 00000426 _____ () C:\AVScanner.ini
2014-03-16 22:04 - 2014-03-23 22:56 - 00002566 _____ () C:\Windows\IE10_main.log
2014-03-15 09:30 - 2014-03-15 09:30 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-03-15 09:30 - 2014-03-15 09:30 - 00000000 ____D () C:\Windows\system32\NV
2014-03-15 09:30 - 2014-03-15 09:30 - 00000000 ____D () C:\ProgramData\Intel
2014-03-15 09:16 - 2013-09-05 03:37 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-03-15 09:16 - 2013-09-05 03:37 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-03-15 09:15 - 2014-03-15 09:18 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-15 09:15 - 2014-03-15 09:15 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
==================== One Month Modified Files and Folders =======
2014-04-03 21:39 - 2014-04-03 21:36 - 00016115 _____ () C:\Users\MediMax\Desktop\FRST.txt
2014-04-03 21:36 - 2014-04-01 08:33 - 00000000 ____D () C:\FRST
2014-04-03 21:34 - 2014-04-01 08:33 - 02157056 _____ (Farbar) C:\Users\MediMax\Desktop\FRST64.exe
2014-04-03 21:31 - 2012-06-29 13:48 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-03 21:31 - 2010-08-12 02:53 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-03 21:31 - 2010-08-12 02:20 - 01990629 _____ () C:\Windows\WindowsUpdate.log
2014-04-03 19:32 - 2014-04-03 19:32 - 00001187 _____ () C:\Users\MediMax\Desktop\JRT.txt
2014-04-03 19:25 - 2014-04-03 19:25 - 00000000 ____D () C:\Windows\ERUNT
2014-04-03 19:25 - 2009-07-14 06:45 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-03 19:25 - 2009-07-14 06:45 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-03 19:24 - 2014-04-03 19:24 - 01038974 _____ (Thisisu) C:\Users\MediMax\Desktop\JRT.exe
2014-04-03 19:18 - 2012-04-25 10:05 - 00000000 ____D () C:\Users\MediMax\AppData\Local\Deployment
2014-04-03 19:18 - 2010-08-12 02:53 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-03 19:17 - 2010-08-12 03:12 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-03 19:17 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-03 19:17 - 2009-07-14 06:51 - 00093249 _____ () C:\Windows\setupact.log
2014-04-03 19:13 - 2014-03-30 19:52 - 00000000 ____D () C:\AdwCleaner
2014-04-03 19:09 - 2014-04-03 19:09 - 01426178 _____ () C:\Users\MediMax\Desktop\adwcleaner.exe
2014-04-03 10:23 - 2012-04-25 10:05 - 00000000 ____D () C:\Users\MediMax\AppData\Local\Apps\2.0
2014-04-03 08:56 - 2014-04-02 19:48 - 00000000 ____D () C:\Qoobox
2014-04-03 08:55 - 2014-04-03 08:55 - 00019985 _____ () C:\ComboFix.txt
2014-04-03 08:43 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-04-03 08:41 - 2010-08-12 03:01 - 00217454 _____ () C:\Windows\PFRO.log
2014-04-03 08:41 - 2009-07-14 04:34 - 93585408 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-04-03 08:41 - 2009-07-14 04:34 - 21233664 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-04-03 08:41 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-04-03 08:41 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-04-03 08:41 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-04-03 08:40 - 2014-04-02 19:48 - 00000000 ____D () C:\Windows\erdnt
2014-04-03 08:20 - 2014-04-03 08:19 - 05192353 ____R (Swearware) C:\Users\MediMax\Desktop\ComboFix.exe
2014-04-02 20:28 - 2012-05-08 19:02 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-04-01 09:06 - 2009-08-04 12:40 - 00353756 _____ () C:\Windows\system32\perfh00D.dat
2014-04-01 09:06 - 2009-08-04 12:40 - 00069328 _____ () C:\Windows\system32\perfc00D.dat
2014-04-01 09:06 - 2009-08-04 12:34 - 00552004 _____ () C:\Windows\system32\perfh008.dat
2014-04-01 09:06 - 2009-08-04 12:34 - 00089670 _____ () C:\Windows\system32\perfc008.dat
2014-04-01 09:06 - 2009-08-04 12:28 - 00679576 _____ () C:\Windows\system32\prfh0816.dat
2014-04-01 09:06 - 2009-08-04 12:28 - 00133986 _____ () C:\Windows\system32\prfc0816.dat
2014-04-01 09:06 - 2009-08-04 12:15 - 00691426 _____ () C:\Windows\system32\perfh013.dat
2014-04-01 09:06 - 2009-08-04 12:15 - 00133174 _____ () C:\Windows\system32\perfc013.dat
2014-04-01 09:06 - 2009-08-04 12:09 - 00689342 _____ () C:\Windows\system32\perfh010.dat
2014-04-01 09:06 - 2009-08-04 12:09 - 00127378 _____ () C:\Windows\system32\perfc010.dat
2014-04-01 09:06 - 2009-08-04 11:57 - 00693688 _____ () C:\Windows\system32\perfh00A.dat
2014-04-01 09:06 - 2009-08-04 11:57 - 00137296 _____ () C:\Windows\system32\perfc00A.dat
2014-04-01 09:06 - 2009-08-04 11:51 - 00654400 _____ () C:\Windows\system32\perfh007.dat
2014-04-01 09:06 - 2009-08-04 11:51 - 00130240 _____ () C:\Windows\system32\perfc007.dat
2014-04-01 09:06 - 2009-07-14 07:13 - 05835700 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-01 08:57 - 2012-10-17 14:15 - 00000000 ____D () C:\ProgramData\Avira
2014-04-01 08:47 - 2014-04-01 08:47 - 00380416 _____ () C:\Users\MediMax\Desktop\Gmer-19357.exe
2014-04-01 08:27 - 2014-04-01 08:27 - 00000476 _____ () C:\Users\MediMax\Desktop\defogger_disable.log
2014-04-01 08:27 - 2014-04-01 08:27 - 00000000 _____ () C:\Users\MediMax\defogger_reenable
2014-04-01 08:27 - 2012-01-26 01:32 - 00000000 ____D () C:\Users\MediMax
2014-04-01 08:24 - 2014-04-01 08:24 - 00014889 _____ () C:\Users\MediMax\Desktop\download-defogger.htm
2014-04-01 08:16 - 2009-07-14 09:44 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-03-31 22:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-31 07:36 - 2014-03-31 07:36 - 00000000 ____D () C:\Windows\CheckSur
2014-03-31 07:07 - 2014-03-31 07:07 - 00000000 ____D () C:\Windows\system32\EventProviders
2014-03-30 23:25 - 2010-08-12 03:17 - 00002116 _____ () C:\Windows\system32\AutoRunFilter.ini
2014-03-30 23:24 - 2010-08-12 03:17 - 00001324 _____ () C:\Windows\system32\ServiceFilter.ini
2014-03-30 22:34 - 2014-03-30 22:34 - 00000000 ____D () C:\Users\Public\CyberLink
2014-03-30 22:33 - 2010-08-12 02:35 - 00000000 ____D () C:\ProgramData\CyberLink
2014-03-30 11:13 - 2014-03-30 11:01 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-30 11:00 - 2014-03-30 11:00 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-30 01:30 - 2012-10-17 14:17 - 00000000 ____D () C:\Users\MediMax\AppData\Local\DoNotTrackPlus
2014-03-29 19:41 - 2014-03-29 19:41 - 00208216 _____ (Kaspersky Lab, GERT) C:\Windows\system32\Drivers\90336673.sys
2014-03-29 19:39 - 2014-03-29 19:39 - 00208216 _____ (Kaspersky Lab, GERT) C:\Windows\system32\Drivers\66244616.sys
2014-03-28 20:27 - 2014-03-28 20:27 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-28 20:27 - 2012-09-14 11:15 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-28 20:27 - 2010-08-12 02:56 - 00000000 ____D () C:\ProgramData\Skype
2014-03-28 18:11 - 2012-04-26 03:34 - 02349309 _____ () C:\Windows\IE9_main.log
2014-03-26 19:29 - 2014-03-26 19:29 - 00002525 _____ () C:\Users\Public\Desktop\Microsoft Download Manager.lnk
2014-03-26 19:29 - 2014-03-26 19:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft Download Manager
2014-03-26 19:24 - 2012-04-24 19:22 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-03-26 19:23 - 2012-04-24 19:19 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-03-26 19:23 - 2012-04-24 19:19 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-03-26 12:01 - 2010-08-12 02:53 - 00004120 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-26 12:01 - 2010-08-12 02:53 - 00003868 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-25 18:46 - 2013-01-13 23:19 - 00001233 _____ () C:\Users\Public\Desktop\Rossmann Fotowelt Software.lnk
2014-03-25 18:46 - 2013-01-13 23:14 - 00000000 ____D () C:\Program Files (x86)\Rossmann Fotowelt Software
2014-03-23 23:01 - 2012-05-08 09:37 - 00000134 _____ () C:\Users\MediMax\Desktop\Internet Explorer-Problembehebung.url
2014-03-23 22:56 - 2014-03-16 22:04 - 00002566 _____ () C:\Windows\IE10_main.log
2014-03-23 22:49 - 2014-01-03 11:10 - 00007373 _____ () C:\Windows\IE11_main.log
2014-03-21 21:10 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-03-15 09:30 - 2014-03-15 09:30 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-03-15 09:30 - 2014-03-15 09:30 - 00000000 ____D () C:\Windows\system32\NV
2014-03-15 09:30 - 2014-03-15 09:30 - 00000000 ____D () C:\ProgramData\Intel
2014-03-15 09:29 - 2013-03-15 17:22 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-15 09:29 - 2013-03-15 17:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-15 09:20 - 2010-08-12 03:04 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-03-15 09:18 - 2014-03-15 09:15 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-15 09:18 - 2010-08-12 03:12 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-15 09:15 - 2014-03-15 09:15 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-03-15 01:49 - 2013-07-14 09:47 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-15 01:47 - 2012-05-08 09:33 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-15 01:47 - 2012-03-28 21:05 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-13 21:47 - 2012-06-29 13:48 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-13 21:47 - 2012-06-04 21:54 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-13 21:47 - 2012-06-01 10:38 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-11 11:41 - 2012-01-26 01:40 - 00000000 ____D () C:\Users\MediMax\AppData\Roaming\Asus WebStorage
2014-03-11 10:52 - 2011-04-27 15:25 - 00133928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NisDrvWFP.sys
Some content of TEMP:
====================
C:\Users\MediMax\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-30 01:54
==================== End Of Log ============================
|
|
04.04.2014, 11:04
| #12 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 [gelöst]Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.04.2014, 16:39
| #13 |
| | Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 [gelöst] Ah! Hier die Log vom neuen Durchlauf FRST: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by MediMax (administrator) on MEDIMAX-PC on 04-04-2014 17:34:51
Running from C:\Users\MediMax\Desktop
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Windows\system32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
() C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(syncables, LLC) C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(syncables, LLC) C:\Program Files (x86)\syncables\syncables desktop\syncablesMAPI.exe
() C:\Program Files (x86)\ASUS\ASUS WebStorage\EeeStorageUploader.exe
(asus) C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\system32\wbengine.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-04-13] (ELAN Microelectronic Corp.)
HKLM\...\Run: [ASUS WebStorage] - C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [1754448 2010-03-16] ()
HKLM\...\Run: [Setwallpaper] - c:\programdata\SetWallpaper.cmd
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [RemoteControl9] - C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-02-24] (cyberlink)
HKLM-x32\...\Run: [UpdatePSTShortCut] - C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2010-06-25] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateLBPShortCut] - C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [7350912 2010-02-04] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-01-05] (ASUS)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1597440 2010-07-02] ()
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-497900869-4280295134-4125289220-1000\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-08-12] (Google Inc.)
HKU\S-1-5-21-497900869-4280295134-4125289220-1001\...\Run: [Syncables] - C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe [370480 2010-04-05] (syncables, LLC)
HKU\S-1-5-21-497900869-4280295134-4125289220-1001\...\Run: [AVMUSBFernanschluss] - C:\Users\MediMax\AppData\Local\Apps\2.0\VN87KBH0.Z1C\1GWNEOP3.BQ2\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\AVMAutoStart.exe [139264 2012-12-30] (AVM Berlin)
HKU\S-1-5-21-497900869-4280295134-4125289220-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] - C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO-x32: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Users\MediMax\AppData\Local\Programs\ANDI 2013\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
DPF: HKLM-x32 {B479199A-1242-4E3C-AD81-7F0DF801B4AE} hxxp://download.microsoft.com/download/C/9/C/C9C3D86D-84AC-4AF0-8584-842756A66467/MicrosoftDownloadManager.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - No File
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\syswow64\urlmon.dll (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchProvider: Ask
CHR DefaultSearchURL: hxxp://www.google.com
CHR DefaultNewTabURL:
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\Users\MediMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-04-24]
CHR Extension: (Google-Suche) - C:\Users\MediMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-04-24]
CHR Extension: (Avira Browser Safety Beta) - C:\Users\MediMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-03-30]
CHR Extension: (Google Wallet) - C:\Users\MediMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Charlotte Ronson) - C:\Users\MediMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\obakimnhgahiedhcjlcnohielmendpen [2012-04-24]
CHR Extension: (Google Mail) - C:\Users\MediMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-04-24]
==================== Services (Whitelisted) =================
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R3 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2010-04-06] ()
==================== Drivers (Whitelisted) ====================
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [116096 2012-04-25] (AVM Berlin)
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2012-12-30] (AVM Berlin)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-03-30] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800192 2009-08-20] ()
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-08-06] ()
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files (x86)\Cyberlink\PowerDVD9\000.fcl [146928 2010-02-24] (CyberLink Corp.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U3 tmlwf;
U3 tmwfp;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-04 17:34 - 2014-04-04 17:35 - 00016357 _____ () C:\Users\MediMax\Desktop\FRST.txt
2014-04-03 19:32 - 2014-04-03 19:32 - 00001187 _____ () C:\Users\MediMax\Desktop\JRT.txt
2014-04-03 19:25 - 2014-04-03 19:25 - 00000000 ____D () C:\Windows\ERUNT
2014-04-03 19:24 - 2014-04-03 19:24 - 01038974 _____ (Thisisu) C:\Users\MediMax\Desktop\JRT.exe
2014-04-03 19:09 - 2014-04-03 19:09 - 01426178 _____ () C:\Users\MediMax\Desktop\adwcleaner.exe
2014-04-03 08:55 - 2014-04-03 08:55 - 00019985 _____ () C:\ComboFix.txt
2014-04-03 08:19 - 2014-04-03 08:20 - 05192353 ____R (Swearware) C:\Users\MediMax\Desktop\ComboFix.exe
2014-04-02 19:51 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-02 19:51 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-02 19:51 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-02 19:51 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-02 19:51 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-02 19:51 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-02 19:51 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-02 19:51 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-02 19:48 - 2014-04-03 08:56 - 00000000 ____D () C:\Qoobox
2014-04-02 19:48 - 2014-04-03 08:40 - 00000000 ____D () C:\Windows\erdnt
2014-04-01 08:47 - 2014-04-01 08:47 - 00380416 _____ () C:\Users\MediMax\Desktop\Gmer-19357.exe
2014-04-01 08:33 - 2014-04-04 17:34 - 00000000 ____D () C:\FRST
2014-04-01 08:33 - 2014-04-03 21:34 - 02157056 _____ (Farbar) C:\Users\MediMax\Desktop\FRST64.exe
2014-04-01 08:27 - 2014-04-01 08:27 - 00000476 _____ () C:\Users\MediMax\Desktop\defogger_disable.log
2014-04-01 08:27 - 2014-04-01 08:27 - 00000000 _____ () C:\Users\MediMax\defogger_reenable
2014-04-01 08:24 - 2014-04-01 08:24 - 00014889 _____ () C:\Users\MediMax\Desktop\download-defogger.htm
2014-03-31 07:36 - 2014-03-31 07:36 - 00000000 ____D () C:\Windows\CheckSur
2014-03-31 07:07 - 2014-03-31 07:07 - 00000000 ____D () C:\Windows\system32\EventProviders
2014-03-30 22:34 - 2014-03-30 22:34 - 00000000 ____D () C:\Users\Public\CyberLink
2014-03-30 19:52 - 2014-04-03 19:13 - 00000000 ____D () C:\AdwCleaner
2014-03-30 11:01 - 2014-03-30 11:13 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-30 11:00 - 2014-03-30 11:00 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-29 19:41 - 2014-03-29 19:41 - 00208216 _____ (Kaspersky Lab, GERT) C:\Windows\system32\Drivers\90336673.sys
2014-03-29 19:39 - 2014-03-29 19:39 - 00208216 _____ (Kaspersky Lab, GERT) C:\Windows\system32\Drivers\66244616.sys
2014-03-28 20:27 - 2014-03-28 20:27 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-26 19:29 - 2014-03-26 19:29 - 00002525 _____ () C:\Users\Public\Desktop\Microsoft Download Manager.lnk
2014-03-26 19:29 - 2014-03-26 19:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft Download Manager
2014-03-23 22:14 - 2014-02-26 20:35 - 00000426 _____ () C:\AVScanner.ini
2014-03-16 22:04 - 2014-03-23 22:56 - 00002566 _____ () C:\Windows\IE10_main.log
2014-03-15 09:30 - 2014-03-15 09:30 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-03-15 09:30 - 2014-03-15 09:30 - 00000000 ____D () C:\Windows\system32\NV
2014-03-15 09:30 - 2014-03-15 09:30 - 00000000 ____D () C:\ProgramData\Intel
2014-03-15 09:16 - 2013-09-05 03:37 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-03-15 09:16 - 2013-09-05 03:37 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-03-15 09:15 - 2014-03-15 09:18 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-15 09:15 - 2014-03-15 09:15 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
==================== One Month Modified Files and Folders =======
2014-04-04 17:35 - 2014-04-04 17:34 - 00016357 _____ () C:\Users\MediMax\Desktop\FRST.txt
2014-04-04 17:34 - 2014-04-01 08:33 - 00000000 ____D () C:\FRST
2014-04-04 17:30 - 2009-07-14 06:45 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-04 17:30 - 2009-07-14 06:45 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-04 17:28 - 2010-08-12 02:20 - 02012343 _____ () C:\Windows\WindowsUpdate.log
2014-04-04 17:23 - 2012-04-25 10:05 - 00000000 ____D () C:\Users\MediMax\AppData\Local\Deployment
2014-04-04 17:23 - 2010-08-12 02:53 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-04 17:22 - 2010-08-12 03:12 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-04 17:22 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-04 17:22 - 2009-07-14 06:51 - 00093305 _____ () C:\Windows\setupact.log
2014-04-04 07:52 - 2012-06-29 13:48 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-04 07:52 - 2010-08-12 02:53 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-03 21:34 - 2014-04-01 08:33 - 02157056 _____ (Farbar) C:\Users\MediMax\Desktop\FRST64.exe
2014-04-03 19:32 - 2014-04-03 19:32 - 00001187 _____ () C:\Users\MediMax\Desktop\JRT.txt
2014-04-03 19:25 - 2014-04-03 19:25 - 00000000 ____D () C:\Windows\ERUNT
2014-04-03 19:24 - 2014-04-03 19:24 - 01038974 _____ (Thisisu) C:\Users\MediMax\Desktop\JRT.exe
2014-04-03 19:13 - 2014-03-30 19:52 - 00000000 ____D () C:\AdwCleaner
2014-04-03 19:09 - 2014-04-03 19:09 - 01426178 _____ () C:\Users\MediMax\Desktop\adwcleaner.exe
2014-04-03 10:23 - 2012-04-25 10:05 - 00000000 ____D () C:\Users\MediMax\AppData\Local\Apps\2.0
2014-04-03 08:56 - 2014-04-02 19:48 - 00000000 ____D () C:\Qoobox
2014-04-03 08:55 - 2014-04-03 08:55 - 00019985 _____ () C:\ComboFix.txt
2014-04-03 08:43 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-04-03 08:41 - 2010-08-12 03:01 - 00217454 _____ () C:\Windows\PFRO.log
2014-04-03 08:41 - 2009-07-14 04:34 - 93585408 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-04-03 08:41 - 2009-07-14 04:34 - 21233664 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-04-03 08:41 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-04-03 08:41 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-04-03 08:41 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-04-03 08:40 - 2014-04-02 19:48 - 00000000 ____D () C:\Windows\erdnt
2014-04-03 08:20 - 2014-04-03 08:19 - 05192353 ____R (Swearware) C:\Users\MediMax\Desktop\ComboFix.exe
2014-04-02 20:28 - 2012-05-08 19:02 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-04-01 09:06 - 2009-08-04 12:40 - 00353756 _____ () C:\Windows\system32\perfh00D.dat
2014-04-01 09:06 - 2009-08-04 12:40 - 00069328 _____ () C:\Windows\system32\perfc00D.dat
2014-04-01 09:06 - 2009-08-04 12:34 - 00552004 _____ () C:\Windows\system32\perfh008.dat
2014-04-01 09:06 - 2009-08-04 12:34 - 00089670 _____ () C:\Windows\system32\perfc008.dat
2014-04-01 09:06 - 2009-08-04 12:28 - 00679576 _____ () C:\Windows\system32\prfh0816.dat
2014-04-01 09:06 - 2009-08-04 12:28 - 00133986 _____ () C:\Windows\system32\prfc0816.dat
2014-04-01 09:06 - 2009-08-04 12:15 - 00691426 _____ () C:\Windows\system32\perfh013.dat
2014-04-01 09:06 - 2009-08-04 12:15 - 00133174 _____ () C:\Windows\system32\perfc013.dat
2014-04-01 09:06 - 2009-08-04 12:09 - 00689342 _____ () C:\Windows\system32\perfh010.dat
2014-04-01 09:06 - 2009-08-04 12:09 - 00127378 _____ () C:\Windows\system32\perfc010.dat
2014-04-01 09:06 - 2009-08-04 11:57 - 00693688 _____ () C:\Windows\system32\perfh00A.dat
2014-04-01 09:06 - 2009-08-04 11:57 - 00137296 _____ () C:\Windows\system32\perfc00A.dat
2014-04-01 09:06 - 2009-08-04 11:51 - 00654400 _____ () C:\Windows\system32\perfh007.dat
2014-04-01 09:06 - 2009-08-04 11:51 - 00130240 _____ () C:\Windows\system32\perfc007.dat
2014-04-01 09:06 - 2009-07-14 07:13 - 05835700 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-01 08:57 - 2012-10-17 14:15 - 00000000 ____D () C:\ProgramData\Avira
2014-04-01 08:47 - 2014-04-01 08:47 - 00380416 _____ () C:\Users\MediMax\Desktop\Gmer-19357.exe
2014-04-01 08:27 - 2014-04-01 08:27 - 00000476 _____ () C:\Users\MediMax\Desktop\defogger_disable.log
2014-04-01 08:27 - 2014-04-01 08:27 - 00000000 _____ () C:\Users\MediMax\defogger_reenable
2014-04-01 08:27 - 2012-01-26 01:32 - 00000000 ____D () C:\Users\MediMax
2014-04-01 08:24 - 2014-04-01 08:24 - 00014889 _____ () C:\Users\MediMax\Desktop\download-defogger.htm
2014-04-01 08:16 - 2009-07-14 09:44 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-03-31 22:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-31 07:36 - 2014-03-31 07:36 - 00000000 ____D () C:\Windows\CheckSur
2014-03-31 07:07 - 2014-03-31 07:07 - 00000000 ____D () C:\Windows\system32\EventProviders
2014-03-30 23:25 - 2010-08-12 03:17 - 00002116 _____ () C:\Windows\system32\AutoRunFilter.ini
2014-03-30 23:24 - 2010-08-12 03:17 - 00001324 _____ () C:\Windows\system32\ServiceFilter.ini
2014-03-30 22:34 - 2014-03-30 22:34 - 00000000 ____D () C:\Users\Public\CyberLink
2014-03-30 22:33 - 2010-08-12 02:35 - 00000000 ____D () C:\ProgramData\CyberLink
2014-03-30 11:13 - 2014-03-30 11:01 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-30 11:00 - 2014-03-30 11:00 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-30 01:30 - 2012-10-17 14:17 - 00000000 ____D () C:\Users\MediMax\AppData\Local\DoNotTrackPlus
2014-03-29 19:41 - 2014-03-29 19:41 - 00208216 _____ (Kaspersky Lab, GERT) C:\Windows\system32\Drivers\90336673.sys
2014-03-29 19:39 - 2014-03-29 19:39 - 00208216 _____ (Kaspersky Lab, GERT) C:\Windows\system32\Drivers\66244616.sys
2014-03-28 20:27 - 2014-03-28 20:27 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-28 20:27 - 2012-09-14 11:15 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-28 20:27 - 2010-08-12 02:56 - 00000000 ____D () C:\ProgramData\Skype
2014-03-28 18:11 - 2012-04-26 03:34 - 02349309 _____ () C:\Windows\IE9_main.log
2014-03-26 19:29 - 2014-03-26 19:29 - 00002525 _____ () C:\Users\Public\Desktop\Microsoft Download Manager.lnk
2014-03-26 19:29 - 2014-03-26 19:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft Download Manager
2014-03-26 19:24 - 2012-04-24 19:22 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-03-26 19:23 - 2012-04-24 19:19 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-03-26 19:23 - 2012-04-24 19:19 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-03-26 12:01 - 2010-08-12 02:53 - 00004120 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-26 12:01 - 2010-08-12 02:53 - 00003868 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-25 18:46 - 2013-01-13 23:19 - 00001233 _____ () C:\Users\Public\Desktop\Rossmann Fotowelt Software.lnk
2014-03-25 18:46 - 2013-01-13 23:14 - 00000000 ____D () C:\Program Files (x86)\Rossmann Fotowelt Software
2014-03-23 23:01 - 2012-05-08 09:37 - 00000134 _____ () C:\Users\MediMax\Desktop\Internet Explorer-Problembehebung.url
2014-03-23 22:56 - 2014-03-16 22:04 - 00002566 _____ () C:\Windows\IE10_main.log
2014-03-23 22:49 - 2014-01-03 11:10 - 00007373 _____ () C:\Windows\IE11_main.log
2014-03-21 21:10 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-03-15 09:30 - 2014-03-15 09:30 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-03-15 09:30 - 2014-03-15 09:30 - 00000000 ____D () C:\Windows\system32\NV
2014-03-15 09:30 - 2014-03-15 09:30 - 00000000 ____D () C:\ProgramData\Intel
2014-03-15 09:29 - 2013-03-15 17:22 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-15 09:29 - 2013-03-15 17:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-15 09:20 - 2010-08-12 03:04 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-03-15 09:18 - 2014-03-15 09:15 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-15 09:18 - 2010-08-12 03:12 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-15 09:15 - 2014-03-15 09:15 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-03-15 01:49 - 2013-07-14 09:47 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-15 01:47 - 2012-05-08 09:33 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-15 01:47 - 2012-03-28 21:05 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-13 21:47 - 2012-06-29 13:48 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-13 21:47 - 2012-06-04 21:54 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-13 21:47 - 2012-06-01 10:38 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-11 11:41 - 2012-01-26 01:40 - 00000000 ____D () C:\Users\MediMax\AppData\Roaming\Asus WebStorage
2014-03-11 10:52 - 2011-04-27 15:25 - 00133928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NisDrvWFP.sys
Some content of TEMP:
====================
C:\Users\MediMax\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-30 01:54
==================== End Of Log ============================
Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by MediMax at 2014-04-04 17:35:42
Running from C:\Users\MediMax\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Alice Greenfingers (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version: - Oberon Media)
ANDI 2013 (HKLM-x32\...\{21E3464C-EE59-4EA2-B3E1-4FCE000B8722}) (Version: 5.0.5 - LGLN Hannover)
ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.10 - ASUS)
ASUS AP Bank (HKLM-x32\...\ASUS AP Bank_is1) (Version: 1.0.0.0 - ASUSTEK)
ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.0.8 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}) (Version: 1.1.37 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0008 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS)
ASUS Video Magic (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.4015 - CyberLink Corp.)
ASUS Video Magic (x32 Version: 6.0.4015 - CyberLink Corp.) Hidden
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.19 - asus)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 2.0.46.1429 - eCareme Technologies, Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0003 - ASUS)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version: - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version: - AVM Berlin)
Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version: - Oberon Media)
Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden
ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.7 - ASUS)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1908 - CyberLink Corp.) Hidden
CyberLink MediaShow Espresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 5.0.1606_25588 - CyberLink Corp.)
CyberLink MediaShow Espresso (x32 Version: 5.0.1606_25588 - CyberLink Corp.) Hidden
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
CyberLink PhotoNow (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.1.3602c - CyberLink Corp.) Hidden
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2609a - CyberLink Corp.)
CyberLink PowerDirector (x32 Version: 8.0.2609a - CyberLink Corp.) Hidden
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.3009.50 - CyberLink Corp.)
CyberLink PowerDVD 9 (x32 Version: 9.0.3009.50 - CyberLink Corp.) Hidden
ETDWare PS/2-x64 7.0.5.11_WHQL (HKLM\...\Elantech) (Version: 7.0.5.11 - ELAN Microelectronics Corp.)
everpixx 6.7 (HKLM-x32\...\{592ED299-14EF-4C0F-92B4-B62E7CD5A2BE}_is1) (Version: - everpixx)
ExpressGate Cloud (HKLM-x32\...\InstallShield_{499DED08-6FA8-4749-8E94-8526CC9D1CA8}) (Version: 2.1.62.301 - Asus)
ExpressGate Cloud (x32 Version: 2.1.62.301 - Asus) Hidden
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.5 - ASUS)
fotokasten comfort 5.0 (HKLM-x32\...\fotokasten comfort_is1) (Version: - )
FotoQuelle Fotosoftware 4.11.0 (HKLM-x32\...\FotoQuelle Fotosoftware) (Version: 4.11.0 - ORWO Net)
Fresco Logic USB3.0 Host Controller (HKLM\...\{506B5C23-16B3-459D-9877-915004C248D6}) (Version: 3.0.89.14 - Fresco Logic Inc.)
FRITZ!Box USB-Fernanschluss (HKCU\...\f018cf21c0452c64) (Version: 2.3.0.2 - AVM Berlin)
Game Park Console (HKLM-x32\...\{C9991C9B-0783-452E-8954-AB93E2AB3B80}_is1) (Version: 6.2.0.2 - Oberon Media, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
HP Deskjet 3050A J611 series - Grundlegende Software für das Gerät (HKLM\...\{61ADDE9C-3AE6-46FC-9127-DFFF637AED03}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Hilfe (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2131 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.115.11 - Intel)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Lidl-Fotos (HKLM-x32\...\Lidl-Fotos_is1) (Version: - )
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Download Manager (HKLM-x32\...\{654977DB-0001-0002-0001-EABD228DDE8B}) (Version: 1.2.1 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{0E8D886F-3205-4472-848E-990F400FF218}) (Version: 7601 - Microsoft)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{46EA439E-2D16-49B6-AA80-00DE992FE7CE}) (Version: 7601 - Microsoft)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{5CBDF0C2-6FD1-4A32-9A0A-143D9AB91CCE}) (Version: 7601 - Microsoft)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{68ADAEAA-DABD-45C1-9CC2-F995407549CD}) (Version: 7601 - Microsoft)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{8DD62FB6-083D-40B9-9D7D-48449FDDDED5}) (Version: 7601 - Microsoft)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MyDriveConnect 3.3.0.1342 (HKLM-x32\...\MyDriveConnect) (Version: 3.3.0.1342 - TomTom)
NVIDIA 3D Vision Treiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.14.17 (Version: 1.14.17 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2702 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.14.17 - NVIDIA Corporation) Hidden
NVIDIA Updatus (x32 Version: 1.0.3 - NVIDIA Corporation) Hidden
Piggly FREE (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-1173957}) (Version: - Oberon Media)
Ravensburger tiptoi (HKLM-x32\...\Ravensburger tiptoi) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6122 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.00049 - Realtek Semiconductor Corp.)
Rossmann Fotowelt Software 4.13 (HKLM-x32\...\Rossmann Fotowelt Software) (Version: 4.13 - ORWO Net)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Smileyville FREE (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117396510}) (Version: - Oberon Media)
syncables desktop SE (HKLM-x32\...\{BBED4F90-7AE5-40BF-AFB7-1B495692F4AB}) (Version: 5.5.615.9518 - syncables)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878234) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{EC1934B0-AE0F-4BBD-8955-54BB3247ED9E}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
USB2.0 UVC 2M WebCam (HKLM\...\USB2.0 UVC 2M WebCam) (Version: 5.8.54000.204 - Sonix)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Windows Live Anmelde-Assistent (HKLM-x32\...\{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}) (Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 14.0.8052.1208 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8051.1204 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{8C1E2925-14F8-45AA-B999-1E2A74BF5607}) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.30.1 - ASUS)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.17 - ASUS)
==================== Restore Points =========================
02-04-2014 07:01:39 Sprachpaketdeinstallation
02-04-2014 19:19:52 Sprachpaketdeinstallation
03-04-2014 07:20:44 Sprachpaketdeinstallation
03-04-2014 16:54:05 Sprachpaketdeinstallation
03-04-2014 19:31:34 Sprachpaketdeinstallation
==================== Hosts content: ==========================
2009-07-14 04:34 - 2014-04-03 08:42 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {0108D889-0F11-4861-98CE-497428B643E4} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-07-31] (ASUS)
Task: {27924240-4D7D-4141-8B06-8564817B9232} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK)
Task: {7B6E6FE0-1956-4C40-A8F6-B9E56CA71D2B} - \Scheduled Update for Ask Toolbar No Task File
Task: {7FD6C534-7194-4970-A929-C6063B5692B0} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-05-28] (ATK)
Task: {811A4837-2DB3-4F0B-B94A-1E7B5E30C2A0} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {91CA6E11-BC78-450A-9588-17128503C099} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe [2010-05-17] (asus)
Task: {D34EEA53-B5B7-438B-B01F-52690B83A6B4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-12] (Google Inc.)
Task: {DC2B33DB-1D41-4FBB-A5DB-EA2207F48D0C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-13] (Adobe Systems Incorporated)
Task: {EA1A419D-F120-4437-A6D3-3A11D27485B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-12] (Google Inc.)
Task: {F708ED90-CCBC-4800-BBE5-A9FD7C1814B2} - System32\Tasks\P4G Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-03-15 09:17 - 2013-08-30 00:43 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-03-16 03:48 - 2010-03-16 03:48 - 00148816 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\EcaremeDLL.dll
2010-08-12 02:54 - 2010-08-12 02:54 - 00030032 _____ () C:\Windows\assembly\GAC_MSIL\SqliteShared\1.0.3726.20828__0d0f4b69e50e559b\SqliteShared.dll
2010-08-12 02:54 - 2010-08-12 02:54 - 00931840 _____ () C:\Windows\assembly\GAC_64\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll
2010-01-11 19:27 - 2010-01-11 19:27 - 00017920 _____ () C:\Program Files\P4G\DevMng.dll
2010-05-06 03:22 - 2010-05-06 03:22 - 00108544 _____ () C:\Program Files\P4G\OvrClk.dll
2010-03-16 03:48 - 2010-03-16 03:48 - 01754448 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
2008-10-01 08:02 - 2008-10-01 08:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2010-08-12 03:17 - 2007-11-30 20:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
2011-04-10 18:40 - 2011-04-10 18:40 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-07-02 22:36 - 2010-07-02 22:36 - 01597440 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2010-08-12 02:37 - 2010-04-06 08:29 - 00244904 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2010-03-16 03:48 - 2010-03-16 03:48 - 00079184 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\EeeStorageUploader.exe
2009-11-02 23:20 - 2009-11-02 23:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 23:23 - 2009-11-02 23:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2010-02-24 00:14 - 2010-02-24 00:14 - 00071680 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Brightness.dll
2010-02-24 00:11 - 2010-02-24 00:11 - 00076288 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Volume.dll
2010-02-24 00:12 - 2010-02-24 00:12 - 00186880 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Resolution.dll
2010-02-24 00:14 - 2010-02-24 00:14 - 00050688 _____ () C:\Program Files (x86)\ASUS\ControlDeck\P4GControl.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:115CEE00
AlternateDataStreams: C:\ProgramData\Temp:2F370DA6
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/04/2014 05:24:30 PM) (Source: Outlook) (User: )
Description: Fehler beim Abrufen des Crawlbereichs-Managers. Fehler=0x8001010d.
System errors:
=============
Error: (04/03/2014 11:11:55 PM) (Source: ACPI) (User: )
Description: ACPI: ACPI-BIOS versucht, in einen ungültigen PCI-Operationsbereich (0x4) zu schreiben. Wenden Sie sich an den Systemhersteller, um technische Unterstützung zu erhalten.
Error: (04/03/2014 11:11:55 PM) (Source: ACPI) (User: )
Description: ACPI: ACPI-BIOS versucht, in einen ungültigen PCI-Operationsbereich (0x4) zu schreiben. Wenden Sie sich an den Systemhersteller, um technische Unterstützung zu erhalten.
Error: (04/03/2014 09:38:02 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: Das Sprachpaket für es-ES kann von CBS nicht entfernt werden. Zurückgegebener CBS-Fehlercode: 0x80073701.
Error: (04/03/2014 09:38:02 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: CBS-Fehler 0x80073701 '' bei Verwendung des Benutzeroberflächen-Sprachpakets für es-ES.
Error: (04/03/2014 09:37:20 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: Das Sprachpaket für pt-PT kann von CBS nicht entfernt werden. Zurückgegebener CBS-Fehlercode: 0x80073701.
Error: (04/03/2014 09:37:20 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: CBS-Fehler 0x80073701 '' bei Verwendung des Benutzeroberflächen-Sprachpakets für pt-PT.
Error: (04/03/2014 09:36:39 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: Das Sprachpaket für nl-NL kann von CBS nicht entfernt werden. Zurückgegebener CBS-Fehlercode: 0x80073701.
Error: (04/03/2014 09:36:39 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: CBS-Fehler 0x80073701 '' bei Verwendung des Benutzeroberflächen-Sprachpakets für nl-NL.
Error: (04/03/2014 09:35:52 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: Das Sprachpaket für it-IT kann von CBS nicht entfernt werden. Zurückgegebener CBS-Fehlercode: 0x80073701.
Error: (04/03/2014 09:35:52 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: CBS-Fehler 0x80073701 '' bei Verwendung des Benutzeroberflächen-Sprachpakets für it-IT.
Microsoft Office Sessions:
=========================
Error: (08/08/2012 08:22:39 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2078 seconds with 180 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2014-04-02 19:59:21.293
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-04-02 19:59:21.137
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 46%
Total physical RAM: 5932.49 MB
Available physical RAM: 3149.33 MB
Total Pagefile: 11863.11 MB
Available Pagefile: 8857.25 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (Laufwerk C) (Fixed) (Total:149.05 GB) (Free:87.92 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:427.59 GB) (Free:372.03 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 9D8E95DE)
Partition 1: (Not Active) - (Size=20 GB) - (Type=1C)
Partition 2: (Active) - (Size=149 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=428 GB) - (Type=OF Extended)
==================== End Of Log ============================
|
|
04.04.2014, 17:15
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 [gelöst] Ok, Kontrollscans mit MBAM und ESET bitte Downloade Dir bitte  Malwarebytes Anti-Malware
ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
05.04.2014, 12:35
| #15 |
| | Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 [gelöst] Hallo! Hier die gewünschten Log. zuerst Eset Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=9d03a14f6de45545bf6c179ffce8b5d4
# engine=17763
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-05 10:53:33
# local_time=2014-04-05 12:53:33 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=5892 16777213 88 94 840587 47534574 0 0
# scanned=451477
# found=0
# cleaned=0
# scan_time=14232
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 04.04.2014 Suchlauf-Zeit: 18:44:06 Logdatei: mbam.txt Administrator: Ja Version: 2.00.0.1000 Malware Datenbank: v2014.04.04.04 Rootkit Datenbank: v2014.03.27.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Chameleon: Deaktiviert Betriebssystem: Windows 7 CPU: x64 Dateisystem: NTFS Benutzer: MediMax Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 302848 Verstrichene Zeit: 14 Min, 2 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Shuriken: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 0 (No malicious items detected) Physische Sektoren: 0 (No malicious items detected) (end) |
|
| Themen zu Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 |
| appdata, appdatalow, bericht, betriebssystem, bingbar, browser, c:\windows, explorer, forum, gmer, google, helper, home, hängen, icon, internet, internet explorer, laptop, microsoft, nicht mehr, ordner, preferences, programm, registrierungsdatenbank, software, system32, temp, update, windows |
Linear-Darstellung
