Hallo Cosinus!
Ich habe anscheinend beim Log-Post ziemlichen Mist gemacht.
Ich entschuldige mich in erster Linie dafür und werde sofort eine richtiges Log-Fenster bereitstellen. :)
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-09-2014 01
Ran by Leon Schmitz (administrator) on SIMON-PC on 23-09-2014 17:18:48
Running from C:\Users\Leon Schmitz\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\NDP45-KB2894854-v2-x64.exe
(Microsoft Corporation) C:\518dfa915505ecea5399\Setup.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1743088 2014-05-21] (Bitdefender)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: []
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2014-05-20] (Bitdefender)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-04-09] (Bitdefender)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614744 2014-04-09] (Bitdefender)
HKU\S-1-5-21-3580360345-1033416650-946905049-1003\...\MountPoints2: {031c1590-a9d0-11e2-892f-e840f29e4ad5} - H:\Autorun.exe
HKU\S-1-5-21-3580360345-1033416650-946905049-1003\...\MountPoints2: {058de79b-e73e-11e1-929b-e840f29e4ad5} - F:\Autorun.exe
HKU\S-1-5-21-3580360345-1033416650-946905049-1003\...\MountPoints2: {afdf5fc3-13bb-11e2-b456-e840f29e4ad5} - F:\Setup.exe
HKU\S-1-5-21-3580360345-1033416650-946905049-1003\...\MountPoints2: {d0807eac-e72d-11e1-9838-e840f29e4ad5} - F:\Autorun.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {EAED6539-8912-4290-BCBC-A4DBA73627E9} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {016059BA-5727-49B5-8BB4-49C8B0B69FC2} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {0E308348-874A-4EEF-A6F7-ABD92236A901} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {30B5E71C-950E-4397-B307-FBB744FC0C89} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {720A1B44-55F3-4E91-B6D8-E92C90D94268} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {8ED3A752-F4C7-41FC-B278-207466701E7C} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {EAED6539-8912-4290-BCBC-A4DBA73627E9} URL = https://www.google.com/search?q={searchTerms}
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.13.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Leon Schmitz\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-06-20]
FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman [2014-06-20]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=MDNE&bmod=MDNE
CHR RestoreOnStartup: Default -> "hxxp://www.google.com/ig/redirectdomain?brand=MDNE&bmod=MDNE"
CHR NewTab: Default -> "chrome-extension://eooncjejnppfjjklapaamhcdmjbilmde/redirect.html",
"chrome-extension://dcillohgikpecbmgioknapdpcjofaafl/redirect.html"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll No File
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\Leon Schmitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll No File
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\Leon Schmitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin/npVKPlugin.dll No File
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\Leon Schmitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U2) - C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Leon Schmitz\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
CHR Profile: C:\Users\Leon Schmitz\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx [2014-06-20]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [77632 2013-11-21] (Bitdefender)
S4 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-12-12] (Ellora Assets Corp.) [File not signed]
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
S4 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-07-16] (LogMeIn, Inc.)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S4 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2013-10-07] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1526800 2014-05-21] (Bitdefender)
S4 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [893440 2013-12-02] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [635392 2013-12-02] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-11-13] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-05-27] (Disc Soft Ltd)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-08-07] (BitDefender S.R.L.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115488 2014-05-16] (Oracle Corporation)
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
S3 MFE_RR; \??\C:\Windows\TEMP\mfe_rr.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
========================== Drivers MD5 =======================
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\System32\DRIVERS\AMPPAL.sys 449D90F1FB6402773C2F1ECCEAE15F74
C:\Windows\System32\DRIVERS\amppal.sys 449D90F1FB6402773C2F1ECCEAE15F74
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\system32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\avc3.sys 636B15879AE62E47444F99C60C900AA6
C:\Windows\System32\DRIVERS\avchv.sys 3B9549FEF98AB1768A1D6A919F355B70
C:\Windows\System32\DRIVERS\avckf.sys 14023A39BC91AC5A2077766D28EBA7C5
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys 3533B749563E89EFAC7290A2BA3B4097
C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys 4CE4B0098FC315C237FA8867F07886C4
C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys C0247341C1BCD7FF2742821D0AD7AFBC
C:\Windows\system32\drivers\bdsandbox.sys B9ECE7FD9F58DAF19450C88338DC5267
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\system32\drivers\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\BthEnum.sys CF98190A94F62E405C8CB255018B2315
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF
C:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4
C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37
C:\Windows\System32\DRIVERS\btmaux.sys 988CC6CC49303665D3B2435C51505C3F
C:\Windows\System32\DRIVERS\btmhsf.sys 2B4B508AFAC2A563931AF1FE875A5B16
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\System32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\dtsoftbus01.sys 33F90B202E9DD9B7D489EB59310FDC34
C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\System32\DRIVERS\gzflt.sys 0A9D58AABD01DA97B1D101473EFA7659
C:\Windows\System32\DRIVERS\hamachi.sys 1E6438D4EA6E1174A3B3B1EDC4DE660B
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\drivers\iaStor.sys C224331A54571C8C9162F7714400BBBD
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\iBtFltCoex.sys 9E3D44CE737388F6BBBB6DD4A1C1847C
C:\Windows\System32\DRIVERS\igdkmd64.sys 8C44E6B688790E2AD3846C97661C54F1
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\intelaud.sys CADDF0927DAC63EDAE48F5C35A61D87D
C:\Windows\System32\drivers\RTKVHD64.sys F242E36CDA231701CFA702641C20FAEC
C:\Windows\System32\DRIVERS\IntcDAud.sys 6C9FFFECA9FED31347D211C5D1FFBD2D
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\drivers\iusb3hcs.sys 8E4577C6E0D3114170509159DE658907
C:\Windows\system32\drivers\iusb3hub.sys FE76346E9B57DA575BD1B3BD0CCAD7FF
C:\Windows\system32\drivers\iusb3xhc.sys 1008CD90DA2198FFD250298DEB9DF160
C:\Windows\system32\drivers\iwdbus.sys 716F66336F10885D935B08174DC54242
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 353009DEDF918B2A51414F330CF72DEC
C:\Windows\System32\Drivers\ksecpkg.sys 1C2D8E18AA8FD50CD04C15CC27F7F5AB
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ladfGSCamd64.sys CE4347E2D90DB2E5517B6F2BC720A862
C:\Windows\System32\DRIVERS\ladfGSRamd64.sys 85A9D21D3AE2EA963E111CB150895877
C:\Windows\System32\drivers\LGBusEnum.sys FA529FB35694C24BF98A9EF67C1CD9D0
C:\Windows\System32\drivers\LGVirHid.sys 94B29CE153765E768F004FB3440BE2B0
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mbam.sys 0BB97D43299910CBFBA59C461B99B910
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys 772A1DEEDFDBC244183B5C805D1B7D85
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Netwsw00.sys 98CF53F7B23F77D082805D5DBBD99A4E
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\drivers\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RtsUStor.sys 135A64530D7699AD48F29D73A658DD11
C:\Windows\System32\DRIVERS\Rt64win7.sys 9140DB0911DE035FED0A9A77A2D156EA
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\trufos.sys 325A512F98BEB97B1FFBE88927B8090D
C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09
C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
C:\Windows\system32\drivers\TsUsbGD.sys AD64450A4ABE076F5CB34CC08EEACB07
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl64.sys C9E9D59C0099A9FF51697E9306A44240
C:\Windows\System32\drivers\usbaudio.sys B0435098C81D04CAFFF80DDB746CD3A2
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\system32\drivers\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\DRIVERS\usb8023x.sys 7B28E2FBE75115660FAB31079C0A9F29
C:\Windows\System32\DRIVERS\VBoxDrv.sys CDA796F41C2B64CEEC143B3A86904CFB
C:\Windows\System32\DRIVERS\VBoxNetAdp.sys 8CD776EB77695524CCE594AAC3A71569
C:\Windows\System32\DRIVERS\VBoxNetFlt.sys 39D80811EB7E87CD7F682A3124693CBA
C:\Windows\System32\Drivers\VBoxUSB.sys 3447B8DC38D7E53E8C4BBA8270B5B9E8
C:\Windows\System32\DRIVERS\VBoxUSBMon.sys 248C6ADD9467AF319D1882A5E8B12966
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-23 17:20 - 2014-09-23 17:20 - 00000000 ____D () C:\58af87c05d4a4ae984
2014-09-23 17:18 - 2014-09-23 17:20 - 00031240 _____ () C:\Users\Leon Schmitz\Desktop\FRST.txt
2014-09-23 17:18 - 2014-09-23 17:20 - 00000000 ____D () C:\518dfa915505ecea5399
2014-09-21 17:46 - 2014-09-23 17:18 - 00000000 ____D () C:\FRST
2014-09-21 17:45 - 2014-09-21 17:45 - 02105856 _____ (Farbar) C:\Users\Leon Schmitz\Desktop\FRST64.exe
2014-09-21 02:34 - 2014-09-21 02:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hex-Editor MX
2014-09-21 02:34 - 2014-09-21 02:34 - 00000000 ____D () C:\Program Files (x86)\Hex-Editor MX
2014-09-21 00:56 - 2014-09-21 00:56 - 00303104 _____ () C:\Users\Leon Schmitz\Desktop\Ping Kontrolle.exe
2014-09-21 00:52 - 2014-09-23 17:13 - 00000168 _____ () C:\Windows\setupact.log
2014-09-21 00:52 - 2014-09-21 00:52 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-21 00:51 - 2014-09-21 00:52 - 00290664 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-19 10:11 - 2014-09-19 10:11 - 00000000 ____D () C:\Aerosoft
2014-09-17 01:16 - 2014-09-17 01:16 - 00000000 __SHD () C:\Users\Leon Schmitz\AppData\Roaming\{82941-19404-52605-20439-40143}
2014-09-15 18:05 - 2014-09-15 18:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-15 01:58 - 2014-09-15 01:58 - 00985600 ____H () C:\Users\Leon Schmitz\Desktop\MicrosoftFixit50123.msi
2014-09-14 23:05 - 2014-09-20 23:20 - 00000000 ____D () C:\AdwCleaner
2014-09-14 19:35 - 2014-09-14 19:35 - 00000090 _____ () C:\Users\Leon Schmitz\Desktop\Maus.txt
2014-09-14 18:25 - 2014-09-14 18:25 - 00000426 _____ () C:\Users\Leon Schmitz\Desktop\Test.bat
2014-09-11 23:10 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-11 23:10 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-11 23:10 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-11 23:10 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-11 23:10 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-11 23:10 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-11 23:10 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-11 23:10 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-11 23:10 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-11 23:10 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-11 23:10 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-11 23:10 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-11 23:10 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-11 23:10 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-11 23:10 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-11 23:10 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-11 23:10 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-11 23:10 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-11 23:10 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-11 23:10 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-11 23:10 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-11 23:10 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-11 23:10 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-11 23:10 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-11 23:10 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-11 23:10 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-11 23:10 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-11 23:10 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-11 23:10 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-11 23:10 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-11 23:10 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-11 23:10 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-11 23:10 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-11 23:10 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-11 23:10 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-11 23:10 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-11 23:10 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-11 23:10 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-11 23:10 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-11 23:10 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-11 23:10 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-11 23:10 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-11 23:10 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-11 23:10 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-11 23:10 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-11 23:10 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-11 23:10 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-11 23:10 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-11 23:10 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-11 23:10 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-11 23:10 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-11 23:10 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-11 23:10 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-11 23:10 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-11 23:10 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-11 23:10 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-11 22:54 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-11 22:54 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-11 22:47 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-11 22:47 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-11 22:47 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-11 22:47 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-11 22:47 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-11 22:47 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-11 22:47 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-11 22:47 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-11 22:47 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-11 22:47 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-11 22:47 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-07 18:34 - 2014-09-07 18:36 - 00000242 _____ () C:\Windows\system32\Nextron.bat
2014-08-29 20:59 - 2014-08-29 20:59 - 00000000 ____D () C:\Users\Leon Schmitz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Third Age - Total War 3.0 (Part 1of2)
2014-08-29 20:26 - 2014-08-29 20:26 - 00000000 ____D () C:\Program Files (x86)\SEGA
2014-08-29 01:39 - 2014-08-29 01:39 - 00000000 ____D () C:\Users\Leon Schmitz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Third Age - Total War 3.0 (Part 2of2)
2014-08-28 22:29 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 22:29 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 22:29 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-25 16:37 - 2014-08-25 16:35 - 00017408 ___SH () C:\Users\simon\Downloads\Thumbs.db
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-23 17:20 - 2014-09-23 17:20 - 00000000 ____D () C:\58af87c05d4a4ae984
2014-09-23 17:20 - 2014-09-23 17:18 - 00031240 _____ () C:\Users\Leon Schmitz\Desktop\FRST.txt
2014-09-23 17:20 - 2014-09-23 17:18 - 00000000 ____D () C:\518dfa915505ecea5399
2014-09-23 17:20 - 2014-05-12 16:43 - 01064789 _____ () C:\Windows\WindowsUpdate.log
2014-09-23 17:18 - 2014-09-21 17:46 - 00000000 ____D () C:\FRST
2014-09-23 17:13 - 2014-09-21 00:52 - 00000168 _____ () C:\Windows\setupact.log
2014-09-23 17:13 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-21 19:18 - 2012-10-01 18:21 - 00000000 ____D () C:\Users\Leon Schmitz\AppData\Roaming\Skype
2014-09-21 17:45 - 2014-09-21 17:45 - 02105856 _____ (Farbar) C:\Users\Leon Schmitz\Desktop\FRST64.exe
2014-09-21 16:55 - 2009-07-14 06:45 - 00024912 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-21 16:55 - 2009-07-14 06:45 - 00024912 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-21 16:52 - 2012-02-21 20:50 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2014-09-21 16:52 - 2012-02-21 20:50 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2014-09-21 16:52 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-21 02:34 - 2014-09-21 02:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hex-Editor MX
2014-09-21 02:34 - 2014-09-21 02:34 - 00000000 ____D () C:\Program Files (x86)\Hex-Editor MX
2014-09-21 02:22 - 2014-08-08 17:21 - 00000407 _____ () C:\Windows\system32\checkdnsid.xml
2014-09-21 01:12 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-21 00:56 - 2014-09-21 00:56 - 00303104 _____ () C:\Users\Leon Schmitz\Desktop\Ping Kontrolle.exe
2014-09-21 00:52 - 2014-09-21 00:52 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-21 00:52 - 2014-09-21 00:51 - 00290664 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-21 00:33 - 2014-03-18 22:49 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-21 00:33 - 2012-09-02 16:03 - 00000000 ____D () C:\Users\Leon Schmitz\AppData\Roaming\DAEMON Tools Lite
2014-09-21 00:28 - 2012-10-07 20:34 - 00000000 ____D () C:\Users\Leon Schmitz\Desktop\Spiele
2014-09-20 23:20 - 2014-09-14 23:05 - 00000000 ____D () C:\AdwCleaner
2014-09-20 14:24 - 2012-08-28 20:49 - 00000000 ____D () C:\Users\Leon Schmitz
2014-09-19 22:31 - 2014-02-11 17:27 - 00000000 ____D () C:\Users\simon\AppData\Roaming\.minecraft
2014-09-19 10:11 - 2014-09-19 10:11 - 00000000 ____D () C:\Aerosoft
2014-09-19 10:11 - 2014-06-23 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aerosoft
2014-09-19 10:11 - 2012-02-22 00:35 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-19 09:15 - 2014-08-23 19:35 - 00000000 ____D () C:\Kaspersky Rescue Disk 10.0
2014-09-18 21:59 - 2014-05-27 22:34 - 00000000 ____D () C:\Users\Leon Schmitz\.VirtualBox
2014-09-17 01:16 - 2014-09-17 01:16 - 00000000 __SHD () C:\Users\Leon Schmitz\AppData\Roaming\{82941-19404-52605-20439-40143}
2014-09-15 18:05 - 2014-09-15 18:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-15 18:05 - 2012-10-01 18:20 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-15 18:05 - 2012-10-01 18:20 - 00000000 ____D () C:\ProgramData\Skype
2014-09-15 18:01 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-15 01:58 - 2014-09-15 01:58 - 00985600 ____H () C:\Users\Leon Schmitz\Desktop\MicrosoftFixit50123.msi
2014-09-14 19:35 - 2014-09-14 19:35 - 00000090 _____ () C:\Users\Leon Schmitz\Desktop\Maus.txt
2014-09-14 18:25 - 2014-09-14 18:25 - 00000426 _____ () C:\Users\Leon Schmitz\Desktop\Test.bat
2014-09-14 14:03 - 2013-02-13 19:45 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-09-14 13:53 - 2013-02-13 19:45 - 00001903 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2014-09-12 19:47 - 2012-10-03 13:02 - 00000000 ____D () C:\Users\simon\AppData\Roaming\Skype
2014-09-11 23:09 - 2013-07-19 13:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-11 22:54 - 2012-02-21 21:44 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-11 22:53 - 2014-05-05 15:55 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-11 00:48 - 2009-07-14 06:57 - 00001716 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-09-11 00:39 - 2012-09-13 18:59 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-11 00:39 - 2012-02-21 23:31 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-07 18:36 - 2014-09-07 18:34 - 00000242 _____ () C:\Windows\system32\Nextron.bat
2014-09-05 04:10 - 2014-09-11 22:47 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-05 04:05 - 2014-09-11 22:47 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-31 14:26 - 2013-12-21 21:20 - 00000000 ____D () C:\Users\Leon Schmitz\AppData\Roaming\.minecraft
2014-08-29 20:59 - 2014-08-29 20:59 - 00000000 ____D () C:\Users\Leon Schmitz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Third Age - Total War 3.0 (Part 1of2)
2014-08-29 20:26 - 2014-08-29 20:26 - 00000000 ____D () C:\Program Files (x86)\SEGA
2014-08-29 01:39 - 2014-08-29 01:39 - 00000000 ____D () C:\Users\Leon Schmitz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Third Age - Total War 3.0 (Part 2of2)
2014-08-29 01:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-08-29 00:57 - 2014-05-09 15:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEGA
2014-08-28 17:42 - 2014-08-17 14:20 - 00000000 ____D () C:\Users\Leon Schmitz\VirtualBox VMs
2014-08-25 16:35 - 2014-08-25 16:37 - 00017408 ___SH () C:\Users\simon\Downloads\Thumbs.db
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
==================== BCD ================================
Windows-Start-Manager
---------------------
Bezeichner {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale de-DE
inherit {globalsettings}
default {current}
resumeobject {a2e5f469-9869-11da-a7b2-cfb066e58301}
displayorder {current}
toolsdisplayorder {bdbdbd00-6057-11e0-a7f3-ce9adfd72001}
{memdiag}
timeout 8
Windows-Startladeprogramm
-------------------------
Bezeichner {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale de-DE
inherit {bootloadersettings}
recoverysequence {a2e5f46b-9869-11da-a7b2-cfb066e58301}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {a2e5f469-9869-11da-a7b2-cfb066e58301}
nx OptIn
Windows-Startladeprogramm
-------------------------
Bezeichner {a2e5f46b-9869-11da-a7b2-cfb066e58301}
device ramdisk=[C:]\Recovery\a2e5f46b-9869-11da-a7b2-cfb066e58301\Winre.wim,{a2e5f46c-9869-11da-a7b2-cfb066e58301}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\a2e5f46b-9869-11da-a7b2-cfb066e58301\Winre.wim,{a2e5f46c-9869-11da-a7b2-cfb066e58301}
systemroot \windows
nx OptIn
winpe Yes
Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner {a2e5f469-9869-11da-a7b2-cfb066e58301}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale de-DE
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No
Windows-Speichertestprogramm
----------------------------
Bezeichner {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Windows Memory Diagnostic
locale de-DE
inherit {globalsettings}
badmemoryaccess Yes
Echtmodus-Startabschnitt
------------------------
Bezeichner {bdbdbd00-6057-11e0-a7f3-ce9adfd72001}
device partition=C:
path \bdr-ld01.mbr
description Bitdefender-Rettungsmodus - Windows 7 Home Premium SP 1 (x64)
EMS-Einstellungen
-----------------
Bezeichner {emssettings}
bootems Yes
Debuggereinstellungen
---------------------
Bezeichner {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
RAM-Defekte
-----------
Bezeichner {badmemory}
Globale Einstellungen
---------------------
Bezeichner {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Startladeprogramm-Einstellungen
-------------------------------
Bezeichner {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Hypervisoreinstellungen
-------------------
Bezeichner {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Einstellungen zur Ladeprogrammfortsetzung
-----------------------------------------
Bezeichner {resumeloadersettings}
inherit {globalsettings}
Ger„teoptionen
--------------
Bezeichner {a2e5f46c-9869-11da-a7b2-cfb066e58301}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\a2e5f46b-9869-11da-a7b2-cfb066e58301\boot.sdi
LastRegBack: 2014-09-16 22:15
==================== End Of Log ============================
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-09-2014 01
Ran by Leon Schmitz at 2014-09-23 17:21:22
Running from C:\Users\Leon Schmitz\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Aerosoft's - Aerosoft Launcher (HKLM-x32\...\{EE11CFFC-898C-4875-8A63-8B732A9AD43B}) (Version: 1.2.0.3 - Aerosoft)
aerosoft's - OMSI 2 - Hamburg (HKLM-x32\...\{5BF6B590-F7F5-46B5-B5F4-B0CA93423AD6}) (Version: 2.01 - aerosoft)
AirMech (HKLM-x32\...\Steam App 206500) (Version: - Carbon Games)
AnyToISO (HKLM-x32\...\AnyToISO_is1) (Version: 3.5.2 - CrystalIdea Software, Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Aufstieg des Hexenkönigs™ (HKLM-x32\...\{B931FB80-537A-4600-00AD-AC5DEDB6C25B}) (Version: - )
Bitdefender Internet Security (HKLM\...\Bitdefender) (Version: 17.28.0.1191 - Bitdefender)
Brick-Force (HKLM-x32\...\{9853ABB2-6416-4C87-8650-DD8E528FF564}}_is1) (Version: 3.13.294.84.14 - Infernum Productions AG)
Camtasia Studio 8 (HKLM-x32\...\{F5C9BE9A-04C3-4A72-8CD0-BB67C722D608}) (Version: 8.1.2.1344 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5000 - CDBurnerXP)
Craften Terminal 3.4.5 (HKLM-x32\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 3.4.5 - Craften.de)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Die Schlacht um Mittelerde(tm) (HKLM-x32\...\{3F290582-3F4E-4B96-009C-E0BABAA40C42}) (Version: - )
Die Schlacht um Mittelerde™ II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version: - )
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.11 - Dolby Laboratories Inc)
Electronic Arts Product Registration (HKLM-x32\...\InstallShield_{D7D50E0C-27DD-4999-BC05-E026B580F93A}) (Version: 1.01.0000 - Electronic Arts)
Electronic Arts Product Registration (x32 Version: 1.01.0000 - Electronic Arts) Hidden
Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.1.1 - SCS Software)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Freemake Audio Converter Version 1.1.0 (HKLM-x32\...\Freemake Audio Converter_is1) (Version: 1.1.0 - Ellora Assets Corporation)
Freemake Video Converter Version 4.0.1 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.0.1 - Ellora Assets Corporation)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.6.2 - Ellora Assets Corporation)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version: - Coffee Stain Studios)
Hex-Editor MX (HKLM-x32\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2618 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed (HKLM\...\{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}) (Version: 15.0.0.0059 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{F0932859-AA60-459E-B843-0BDECA34E2C7}) (Version: 2.0.0.0086 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) WiDi (HKLM-x32\...\{93F34C5C-ACAA-48F3-9B26-70359A117F12}) (Version: 3.0.12.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0642 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 13 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417013FF}) (Version: 7.0.130 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Logitech Gaming Software (Version: 8.35.18 - Logitech Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.227 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.188 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (x32 Version: 2.2.0.227 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
mediAvatar DPG Converter (HKLM-x32\...\mediAvatar DPG Converter) (Version: 7.7.3.20131014 - mediAvatar)
Medieval II Total War (HKLM-x32\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.03.000 - SEGA)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nullsoft Install System (HKLM-x32\...\NSIS) (Version: 2.46 - )
OMSI 2 (HKLM-x32\...\Steam App 252530) (Version: - MR-Software GbR)
Oracle VM VirtualBox 4.3.12 (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 8.4.1.210 - Electronic Arts, Inc.)
phase-6 2.3.2 (HKLM-x32\...\phase-6) (Version: 2.3.2 - phase-6)
Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version: - Ndemic Creations)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Project 64 version 2.1.0.1 (HKLM-x32\...\Project 64_is1) (Version: 2.1.0.1 - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6559 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.50 - Piriform)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Shrek 2 (HKLM-x32\...\InstallShield_{7774A6A9-CE0D-4544-9A29-84351BAE184A}) (Version: 1.00.0000 - Activision)
Shrek 2 (x32 Version: 1.00.0000 - Activision) Hidden
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
SpongeBob Schwammkopf - Der Film (HKLM-x32\...\{E81A7285-8CA6-4430-B6C0-5F719E4D40D9}) (Version: 1.0 - )
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
SupraSavings (Version: 1.0.0.0 - SupraSavings) Hidden <==== ATTENTION
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
Third Age - Total War 3.0 (Part 1of2) (HKCU\...\Third Age - Total War 3.0 (Part 1of2)) (Version: - )
Third Age - Total War 3.0 (Part 2of2) (HKCU\...\Third Age - Total War 3.0 (Part 2of2)) (Version: - )
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.1f3 - Unity Technologies ApS)
VLC media player 2.0.6 (HKLM-x32\...\VLC media player) (Version: 2.0.6 - VideoLAN)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
18-09-2014 14:38:45 Installed BlueJ
18-09-2014 14:41:26 Windows Update
18-09-2014 16:39:35 Installed BlueJ
19-09-2014 08:07:47 Windows Update
19-09-2014 08:11:00 Installiert Aerosoft Launcher
19-09-2014 08:12:59 Installiert Aerosoft Launcher
19-09-2014 21:35:57 Windows Update
20-09-2014 09:36:59 Windows Update
20-09-2014 16:34:40 Windows Update
20-09-2014 22:49:30 Windows Update
21-09-2014 01:00:14 Windows Update
23-09-2014 15:17:23 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
==================== Loaded Modules (whitelisted) =============
2014-06-20 15:25 - 2013-06-19 12:45 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender\txmlutil.dll
2014-06-20 15:25 - 2014-05-26 19:03 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\accessl.ui
2014-06-20 15:25 - 2011-11-14 20:17 - 00153680 _____ () C:\Program Files\Bitdefender\Bitdefender\bdfwcore.dll
2014-06-20 15:25 - 2014-05-26 19:03 - 00005120 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\IMSecurityAL.ui
2014-07-24 11:59 - 2014-07-24 11:59 - 00780592 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00047_003\ashttpbr.mdl
2014-07-24 11:59 - 2014-07-24 11:59 - 00568400 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00047_003\ashttpdsp.mdl
2014-07-24 11:59 - 2014-07-24 11:59 - 02602680 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00047_003\ashttpph.mdl
2014-07-24 11:59 - 2014-07-24 11:59 - 01323408 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00047_003\ashttprbl.mdl
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\Users\Leon Schmitz\Desktop\FRST64.exe:BDU
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SecureAssist => ""="service"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AMPPALR3 => 2
MSCONFIG\Services: Bluetooth Device Monitor => 2
MSCONFIG\Services: Bluetooth Media Service => 3
MSCONFIG\Services: Bluetooth OBEX Service => 2
MSCONFIG\Services: BTHSSecurityMgr => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: EvtEng => 2
MSCONFIG\Services: FreemakeVideoCapture => 2
MSCONFIG\Services: Hamachi2Svc => 3
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MyWiFiDHCPDNS => 3
MSCONFIG\Services: RegSrvc => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: TuneUp.UtilitiesSvc => 2
MSCONFIG\Services: UNS => 2
MSCONFIG\Services: ZeroConfigService => 2
==================== Faulty Device Manager Devices =============
Name: Hamachi Network Interface
Description: Hamachi Network Interface
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn, Inc.
Service: hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Microsoft Virtual WiFi Miniport Adapter #2
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Microsoft-Adapter für Miniports virtueller WiFis
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/23/2014 05:20:28 PM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft .NET Framework 4.5.1 - Update "KB2972216" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\Windows\TEMP\KB2972216_20140923_172015766-Microsoft .NET Framework 4.5.1-MSP0.txt enthalten.
Error: (09/23/2014 05:20:27 PM) (Source: MsiInstaller) (EventID: 11723) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft .NET Framework 4.5.1 -- Fehler 1723. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Eine für den Abschluss der Installation erforderliche DLL konnte nicht ausgeführt werden. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: SchedSecureObjectsRollback_x64, Eintrag: SchedSecureObjectsRollback, Bibliothek: C:\Windows\Installer\MSID16F.tmp
Error: (09/23/2014 05:20:02 PM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft .NET Framework 4.5.1 - Update "KB2894854v2" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\Windows\TEMP\KB2894854_20140923_171929372-Microsoft .NET Framework 4.5.1-MSP0.txt enthalten.
Error: (09/23/2014 05:20:02 PM) (Source: MsiInstaller) (EventID: 11723) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft .NET Framework 4.5.1 -- Fehler 1723. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Eine für den Abschluss der Installation erforderliche DLL konnte nicht ausgeführt werden. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: SchedSecureObjectsRollback_x64, Eintrag: SchedSecureObjectsRollback, Bibliothek: C:\Windows\Installer\MSI6C8D.tmp
Error: (09/23/2014 05:14:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/21/2014 04:48:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/21/2014 03:01:41 AM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft .NET Framework 4.5.1 - Update "KB2972216" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\Windows\TEMP\KB2972216_20140921_030131667-Microsoft .NET Framework 4.5.1-MSP0.txt enthalten.
Error: (09/21/2014 03:01:41 AM) (Source: MsiInstaller) (EventID: 11723) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft .NET Framework 4.5.1 -- Fehler 1723. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Eine für den Abschluss der Installation erforderliche DLL konnte nicht ausgeführt werden. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: SchedSecureObjectsRollback_x64, Eintrag: SchedSecureObjectsRollback, Bibliothek: C:\Windows\Installer\MSIA1D.tmp
Error: (09/21/2014 03:01:23 AM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft .NET Framework 4.5.1 - Update "KB2894854v2" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\Windows\TEMP\KB2894854_20140921_030046507-Microsoft .NET Framework 4.5.1-MSP0.txt enthalten.
Error: (09/21/2014 03:01:22 AM) (Source: MsiInstaller) (EventID: 11723) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft .NET Framework 4.5.1 -- Fehler 1723. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Eine für den Abschluss der Installation erforderliche DLL konnte nicht ausgeführt werden. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: SchedSecureObjectsRollback_x64, Eintrag: SchedSecureObjectsRollback, Bibliothek: C:\Windows\Installer\MSIC0E6.tmp
System errors:
=============
Error: (09/23/2014 05:21:05 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 4.5, 4.5.1 und 4.5.2 unter Windows 7, Vista, Server 2008 und Server 2008 R2 x64 (KB2972216)
Error: (09/23/2014 05:20:11 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 4.5 und 4.5.1 unter Windows 7, Vista, Server 2008, Server 2008 R2 x64 (KB2894854)
Error: (09/23/2014 05:13:02 PM) (Source: Application Popup) (EventID: 56) (User: )
Description: Treiber ACPI hat eine ungültige ID für das untergeordnete Gerät (1) zurückgegeben.
Error: (09/21/2014 04:47:13 PM) (Source: Application Popup) (EventID: 56) (User: )
Description: Treiber ACPI hat eine ungültige ID für das untergeordnete Gerät (1) zurückgegeben.
Error: (09/21/2014 03:01:58 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 4.5, 4.5.1 und 4.5.2 unter Windows 7, Vista, Server 2008 und Server 2008 R2 x64 (KB2972216)
Error: (09/21/2014 03:01:32 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 4.5 und 4.5.1 unter Windows 7, Vista, Server 2008, Server 2008 R2 x64 (KB2894854)
Error: (09/21/2014 00:51:41 AM) (Source: Application Popup) (EventID: 56) (User: )
Description: Treiber ACPI hat eine ungültige ID für das untergeordnete Gerät (1) zurückgegeben.
Error: (09/21/2014 00:50:58 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 4.5, 4.5.1 und 4.5.2 unter Windows 7, Vista, Server 2008 und Server 2008 R2 x64 (KB2972216)
Error: (09/21/2014 00:50:41 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 4.5 und 4.5.1 unter Windows 7, Vista, Server 2008, Server 2008 R2 x64 (KB2894854)
Microsoft Office Sessions:
=========================
Error: (09/23/2014 05:20:28 PM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Microsoft .NET Framework 4.5.1KB29722161603C:\Windows\TEMP\KB2972216_20140923_172015766-Microsoft .NET Framework 4.5.1-MSP0.txt(NULL)(NULL)
Error: (09/23/2014 05:20:27 PM) (Source: MsiInstaller) (EventID: 11723) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft .NET Framework 4.5.1 -- Fehler 1723. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Eine für den Abschluss der Installation erforderliche DLL konnte nicht ausgeführt werden. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: SchedSecureObjectsRollback_x64, Eintrag: SchedSecureObjectsRollback, Bibliothek: C:\Windows\Installer\MSID16F.tmp (NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/23/2014 05:20:02 PM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Microsoft .NET Framework 4.5.1KB2894854v21603C:\Windows\TEMP\KB2894854_20140923_171929372-Microsoft .NET Framework 4.5.1-MSP0.txt(NULL)(NULL)
Error: (09/23/2014 05:20:02 PM) (Source: MsiInstaller) (EventID: 11723) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft .NET Framework 4.5.1 -- Fehler 1723. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Eine für den Abschluss der Installation erforderliche DLL konnte nicht ausgeführt werden. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: SchedSecureObjectsRollback_x64, Eintrag: SchedSecureObjectsRollback, Bibliothek: C:\Windows\Installer\MSI6C8D.tmp (NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/23/2014 05:14:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/21/2014 04:48:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/21/2014 03:01:41 AM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Microsoft .NET Framework 4.5.1KB29722161603C:\Windows\TEMP\KB2972216_20140921_030131667-Microsoft .NET Framework 4.5.1-MSP0.txt(NULL)(NULL)
Error: (09/21/2014 03:01:41 AM) (Source: MsiInstaller) (EventID: 11723) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft .NET Framework 4.5.1 -- Fehler 1723. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Eine für den Abschluss der Installation erforderliche DLL konnte nicht ausgeführt werden. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: SchedSecureObjectsRollback_x64, Eintrag: SchedSecureObjectsRollback, Bibliothek: C:\Windows\Installer\MSIA1D.tmp (NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/21/2014 03:01:23 AM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Microsoft .NET Framework 4.5.1KB2894854v21603C:\Windows\TEMP\KB2894854_20140921_030046507-Microsoft .NET Framework 4.5.1-MSP0.txt(NULL)(NULL)
Error: (09/21/2014 03:01:22 AM) (Source: MsiInstaller) (EventID: 11723) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft .NET Framework 4.5.1 -- Fehler 1723. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Eine für den Abschluss der Installation erforderliche DLL konnte nicht ausgeführt werden. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: SchedSecureObjectsRollback_x64, Eintrag: SchedSecureObjectsRollback, Bibliothek: C:\Windows\Installer\MSIC0E6.tmp (NULL)(NULL)(NULL)(NULL)(NULL)
CodeIntegrity Errors:
===================================
Date: 2014-07-22 19:40:38.014
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-07-22 19:40:37.963
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz
Percentage of memory in use: 25%
Total physical RAM: 8086.48 MB
Available physical RAM: 6007.55 MB
Total Pagefile: 16171.15 MB
Available Pagefile: 13991.27 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:414.66 GB) (Free:146.75 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:22.35 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=414.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
==================== End Of Log ============================
Die Shortcut.txt war zu groß und kann daher nicht als Logfile gepostet werden! |
FRST 32-Bit | FRST 64-Bit
Lesestoff:
AdwCleaner auf deinen Desktop.
