Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows7 Home Premium Update Fehler. Error Code: 80070643 und 80071A91; Mic.Answers vermutet Befall

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 12.03.2012, 21:12   #1
RyOMaNiA
 
Windows7 Home Premium Update Fehler. Error Code: 80070643 und 80071A91; Mic.Answers vermutet Befall - Standard

Windows7 Home Premium Update Fehler. Error Code: 80070643 und 80071A91; Mic.Answers vermutet Befall



Hallo,

ich habe seit einiger Zeit (16.01.2012) das Problem, dass keine Updates mehr installiert werden (hauptsächlich Sicherheitsupgrades).
Es erscheinen immer zwei Fehlercodes

80070643 und 80071A91

Nun habe ich bei Microsoft Answers mein Problem dargestellt (Hier :hxxp://answers.microsoft.com/de-de/windows/forum/windows_7-windows_update/windows-7-update-error-code-80070643-and-80071a91/ff8e7273-24a0-44e8-8545-dac1dd05055d (sorry. ich hab das mit dem Link nicht hinbekommen ))
und mir wurde gesagt, dass eine Ursache Malware sein könnten.

Mir wurden Außerdem viele Links zu diversen tools genannt und eben auch ein Link zu diesem Forum.

Ich habe mein System nun mit verschiedenen Programmen (Avira Antivir, Malwarebytes' Anti-Malware, ESES smart security, Windows Defender, Spybot S&D ) überprüft. Bei Keinem Der genannten Programme wurde eine Unerwünschte Software gefunden. Außer bei ESES smart Security (21 Infizierungen ABER nur 11 konnten entfernt werden (Wie kann ich die übrigen 10 auch entfernen?)).

Meine Fragen sind Themenübergreifend: WAS Kann ich machen, dass Windows die Updates installiert (Es sind mitlerweile schon 9 Kritische dabei)
und WAS kann ich gegen die Malware machen ? Soll ich mir eventuell ein Antivirus Programm im Laden kaufen ? (habe bisher nur Avira FreeAntivirus genutzt.)

Da ich neu in diesem Forum bin, bin ich mir nicht sicher, Welche Informationen genau benötigt werden, um mir zu helfen. Sollte noch etwas an Informationen fehlen reiche ich sie gerne nach
Ich werde die dds.txt posten und die attach.txt anhängen. (wie im Anfängerthread erklärt )


Nun bin ich mir nicht sicher, woran es liegen könnte. Liegt es an Malware oder an etwas anderem ?

Ich freue mich über jede Hilfe

Die dds.txt :

.DDS Logfile:
Code:
ATTFilter
DDS (Ver_2011-08-26.01) - NTFSAMD64 
Internet Explorer: 9.0.8112.16421  BrowserJavaVersion: 1.6.0_30
Run by Admin at 22:02:30 on 2012-03-12
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4000.1697 [GMT 1:00]
.
AV: ESET NOD32 Antivirus 5.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: ESET NOD32 Antivirus 5.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\FBAgent.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\AsScrPro.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\Razer\DeathAdder\razerofa.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
D:\scanner\cnet\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
D:\scanner\spybot\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\Ryo\Desktop\Defogger.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://asus.msn.com
uDefault_Page_URL = hxxp://asus.msn.com
mStart Page = hxxp://asus.msn.com
mWinlogon: Userinit=userinit.exe
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - D:\scanner\spybot\SPYBOT~1\SDHelper.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Avira SearchFree Toolbar plus Web Protection: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: Avira SearchFree Toolbar plus Web Protection: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [SpeedUpMyPC] "D:\scanner\free performace scan\SpeedUpMyPC\launcher.exe" -d 20000 
uRun: [SpybotSD TeaTimer] D:\scanner\spybot\Spybot - Search & Destroy\TeaTimer.exe
mRun: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
mRun: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S
mRun: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
mRun: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [<NO NAME>] 
mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [DeathAdder] C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Malwarebytes' Anti-Malware] "D:\scanner\cnet\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRunOnce: [ Malwarebytes Anti-Malware ] D:\scanner\cnet\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\_77B5857C27147149171BE7.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - D:\scanner\spybot\SPYBOT~1\SDHelper.dll
LSP: C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{1196AE0B-1D00-450E-BF72-0B95F7F30B3D} : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{1196AE0B-1D00-450E-BF72-0B95F7F30B3D}\14C4943454D275C414E47373 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{1196AE0B-1D00-450E-BF72-0B95F7F30B3D}\75C414E4D2141303440313 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{1196AE0B-1D00-450E-BF72-0B95F7F30B3D}\B6578627831316 : DhcpNameServer = 192.168.178.1
TCP: Interfaces\{1196AE0B-1D00-450E-BF72-0B95F7F30B3D}\E65727353686275636 : DhcpNameServer = 192.168.178.1
TCP: Interfaces\{C6392523-8166-4F3F-AF41-992B9DA2E780} : DhcpNameServer = 192.168.178.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
{53707962-6F74-2D53-2644-206D7942484F}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{d2ce3e00-f94a-4740-988e-03dc2f38c34f}
{D4027C7F-154A-4066-A1AD-4243D8127440}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{8dcb7100-df86-4384-8842-8fa844297b3f}
{D4027C7F-154A-4066-A1AD-4243D8127440}
mRun-x64: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
mRun-x64: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
mRun-x64: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S
mRun-x64: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun-x64: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
mRun-x64: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun-x64: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun-x64: [(Standard)] 
mRun-x64: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRun-x64: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun-x64: [DeathAdder] C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "D:\scanner\cnet\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRunOnce-x64: [ Malwarebytes Anti-Malware ] D:\scanner\cnet\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5upc95yp.default\
FF - prefs.js: browser.startup.homepage - hxxp://de.ask.com/?l=dis&o=APN10023&gct=hp
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-9-7 17536]
R1 avkmgr;avkmgr;C:\Windows\system32\DRIVERS\avkmgr.sys --> C:\Windows\system32\DRIVERS\avkmgr.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?]
R2 AntiVirSchedulerService;Avira Planer;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-12-24 86224]
R2 AntiVirService;Avira Echtzeit Scanner;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-12-24 110032]
R2 AntiVirWebService;Avira Browser Schutz;C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe [2011-12-24 463824]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-3 15416]
R2 ASUS InstantOn;ASUS InstantOn Service;C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe [2011-8-24 92800]
R2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys --> C:\Windows\system32\DRIVERS\avgntflt.sys [?]
R2 eamonm;eamonm;C:\Windows\system32\DRIVERS\eamonm.sys --> C:\Windows\system32\DRIVERS\eamonm.sys [?]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-9-22 974944]
R2 epfwwfpr;epfwwfpr;C:\Windows\system32\DRIVERS\epfwwfpr.sys --> C:\Windows\system32\DRIVERS\epfwwfpr.sys [?]
R2 MBAMService;MBAMService;D:\scanner\cnet\Malwarebytes' Anti-Malware\mbamservice.exe [2012-3-12 652360]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-11-1 2656280]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\system32\DRIVERS\asmthub3.sys --> C:\Windows\system32\DRIVERS\asmthub3.sys [?]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\system32\DRIVERS\asmtxhci.sys --> C:\Windows\system32\DRIVERS\asmtxhci.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SBSDWSCService;SBSD Security Center Service;D:\scanner\spybot\Spybot - Search & Destroy\SDWinSec.exe [2012-3-12 1153368]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-2 183560]
S3 danewFltr;NewDeathAdder Mouse;C:\Windows\system32\drivers\danew.sys --> C:\Windows\system32\drivers\danew.sys [?]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2012-03-12 20:06:51	--------	d-----w-	C:\ProgramData\Spybot - Search & Destroy
2012-03-12 18:43:46	--------	d-----w-	C:\Program Files\ESET
2012-03-12 16:35:08	--------	d-----w-	C:\Users\Admin\AppData\Roaming\Malwarebytes
2012-03-12 16:35:00	--------	d-----w-	C:\ProgramData\Malwarebytes
2012-03-12 16:34:59	23152	----a-w-	C:\Windows\System32\drivers\mbam.sys
2012-03-12 15:49:26	--------	d-----w-	C:\Users\Admin\AppData\Roaming\Uniblue
2012-03-12 15:46:53	69000	----a-w-	C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{09DF0A53-6C75-46B1-86BD-EE8A3B3C2BAA}\offreg.dll
2012-03-12 15:39:48	--------	d-----w-	C:\ProgramData\2DBoy
2012-03-09 19:26:32	8643640	----a-w-	C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{09DF0A53-6C75-46B1-86BD-EE8A3B3C2BAA}\mpengine.dll
2012-03-09 19:24:29	98304	----a-w-	C:\Windows\SysWow64\CmdLineExt.dll
2012-03-09 17:15:57	5632	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2012-03-09 17:12:56	749568	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2012-03-09 17:12:56	69715	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2012-03-09 17:12:56	274432	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2012-03-09 17:12:56	180224	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2012-03-09 17:12:54	192644	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2012-03-09 17:12:53	323716	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2012-02-27 20:45:04	--------	d-----w-	C:\Program Files (x86)\OpenOffice.org 3
2012-02-27 17:34:17	--------	d-----w-	C:\ProgramData\Oberon Media
2012-02-27 17:31:49	--------	d-----w-	C:\Users\Admin\AppData\Roaming\SoftGrid Client
2012-02-15 14:49:19	--------	d-----w-	C:\Users\Admin\AppData\Local\CCP
.
==================== Find3M  ====================
.
2012-02-25 12:21:51	414368	----a-w-	C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-23 08:18:36	279656	------w-	C:\Windows\System32\MpSigStub.exe
2012-02-11 10:11:39	45056	----a-w-	C:\Windows\SysWow64\acovcnt.exe
2012-01-18 15:58:29	472808	----a-w-	C:\Windows\SysWow64\deployJava1.dll
2012-01-02 19:51:22	525544	----a-w-	C:\Windows\System32\deployJava1.dll
2011-12-15 14:00:00	27760	----a-w-	C:\Windows\System32\drivers\avkmgr.sys
2011-12-15 13:59:59	97312	----a-w-	C:\Windows\System32\drivers\avgntflt.sys
.
============= FINISH: 22:03:14,48 ===============
         
--- --- ---

außerdem habe ich noch OTL durchlaufen lassen und ebenfalls das Ergebnis angehängt.

Ich hoffe, dass das genug Informationen waren
Ich bedanke mich im Vorraus und freue mich auf eine Lösung.

LG RyOMaNiA
Angehängte Dateien
Dateityp: txt attach.txt (5,3 KB, 207x aufgerufen)

Geändert von RyOMaNiA (12.03.2012 um 21:18 Uhr) Grund: Link funktioniert nicht

Alt 13.03.2012, 08:52   #2
kira
/// Helfer-Team
 
Windows7 Home Premium Update Fehler. Error Code: 80070643 und 80071A91; Mic.Answers vermutet Befall - Standard

Windows7 Home Premium Update Fehler. Error Code: 80070643 und 80071A91; Mic.Answers vermutet Befall



Hallo und Herzlich Willkommen!

Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]:
Zitat:
  • "Fernbehandlungen/Fernhilfe" und die damit verbundenen Haftungsrisken:
    - da die Fehlerprüfung und Handlung werden über große Entfernungen durchgeführt, besteht keine Haftung unsererseits für die daraus entstehenden Folgen.
    - also, jede Haftung für die daraus entstandene Schäden wird ausgeschlossen, ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!
  • Charakteristische Merkmale/Profilinformationen:
    - aus der verwendeten Loglisten oder Logdateien - wie z.B. deinen Realnamen, Seriennummer in Programm etc)- kannst Du herauslöschen oder durch [X] oder Sternchen (*) ersetzen
  • Die Systemprüfung und Bereinigung:
    - kann einige Zeit in Anspruch nehmen (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst
  • Ich empfehle Dir die Anweisungen erst einmal komplett durchzulesen, bevor du es anwendest, weil wenn du etwas falsch machst, kann es wirklich gefährlich werden. Wenn du meinen Anweisungen Schritt für Schritt folgst, kann eigentlich nichts schief gehen.
  • Innerhalb der Betreuungszeit:
    - ohne Abspräche bitte nicht auf eigene Faust handeln!- bei Problemen nachfragen.
  • Die Reihenfolge:
    - genau so wie beschrieben bitte einhalten, nicht selbst die Reihenfolge wählen!
  • GECRACKTE SOFTWARE werden hier nicht geduldet!!!!
  • Ansonsten unsere Forumsregeln:
    - Bitte erst lesen, dann posten!-> Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?
  • Alle Logfile mit einem vBCode Tag eingefügen, das bietet hier eine gute Übersicht, erleichtert mir die Arbeit! Falls das Logfile zu groß, teile es in mehrere Teile auf.

Sobald Du diesen Einführungstext gelesen hast, kannst Du beginnen
Zitat:
Wenn ein System kompromittiert wurde, ist das System nicht mehr vertrauenswürdig
Eine Neuinstallation garantiert die rückstandsfreie Entfernung der Infektion - Lesestoff: "Hilfe: Ich wurde das Opfer eines Hackerangriffs. Was soll ich tun?" - Säubern eines gefährdeten Systems
Falls du doch für die Systemreinigung entscheidest - Ein System zu bereinigen kann ein paar Tage dauern (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst::

Für Vista und Win7:
Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen
Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen!

1.
Falls unter Systemsteuerung-> "Programme und Funktionen" existiert...
Hast Du aus Unwissenheit zugestimmt? Brauchst den Webguard nicht? dann Deinstalliere:
Zitat:
Avira SearchFree Toolbar plus WebGuard Ask.com
Info
Hinweise zum Einsatz von Freeware-Version Avira AntiVir Personal:
Hier klicken zum Weiterlesen:
-> http://www.chip.de/news/AntiVir-Serv..._45444953.html
► Wer möchte diese Adware auf seinen Rechner haben?!

2.
Zitat:
Achtung wichtig!:
Falls Du selber im Logfile Änderungen vorgenommen hast, musst Du durch die Originalbezeichnung ersetzen und so in Script einfügen! sonst funktioniert nicht!
(Benutzerordner, dein Name oder sonstige Änderungen durch X, Stern oder andere Namen ersetzt)
Fixen mit OTL
  • Starte die OTL.exe.
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Kopiere folgendes Skript:
Code:
ATTFilter
:OTL
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-1508095816-2471438030-3903347632-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-1508095816-2471438030-3903347632-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1508095816-2471438030-3903347632-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-1508095816-2471438030-3903347632-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKU\S-1-5-21-1508095816-2471438030-3903347632-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
O2:64bit: - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:D20FFA63
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:5D458568

:Files
ipconfig /flushdns /c

:Commands
[purity]
[emptytemp]
         
  • und füge es hier ein:
  • Schließe alle Programme.
  • Klicke auf den Fix Button.
  • Klick auf .
  • OTL verlangt einen Neustart. Bitte zulassen.
  • Nach dem Neustart findest Du ein Textdokument.
    Kopiere den Inhalt hier in Code-Tags in Deinen Thread.

3.
Hast du den Rechner bereits auf Viren überprüft? Folgende Ergebnisse möchte ich noch sehen:
Code:
ATTFilter
Malwarebytes
(alle vorhandenen Protokolle!)
         
4.
Um festzustellen, ob veraltete oder schädliche Software unter Programme installiert sind, ich würde gerne noch all deine installierten Programme sehen:
  • Download den CCleaner - Installer herunter
  • Software-Lizenzvereinbarung lesen, falls irgendeine Toolbar angeboten wird, bitte abwählen!-> starten -> Falls nötig, auf "Deutsch" einstellen.
  • starten-> klick auf `Extras` (um auf deinem System installierte Software zu anzeigen)-> dann auf `Als Textdatei speichern...`
  • ein Textdatei wird automatisch erstellt, poste auch dieses Logfile (also die Liste alle installierten Programme...eine Textdatei)

5.
erneut einen Scan mit OTL:
  • Doppelklick auf die OTL.exe
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Oben findest Du ein Kästchen mit Ausgabe.
    Wähle bitte Standard-Ausgabe
  • Unter Extra-Registrierung wähle bitte Benutze SafeList.
  • Mache Häckchen bei LOP- und Purity-Prüfung.
  • Klicke nun auf Scan links oben.
  • Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
    Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.

Zitat:
Damit dein Thread übersichtlicher und schön lesbar bleibt, am besten nutze den Code-Tags für deinen Post:
→ vor dein Log schreibst Du (also am Anfang des Logfiles):[code]
hier kommt dein Logfile rein - z.B OTL-Logfile o. sonstiges
→ dahinter - also am Ende der Logdatei: [/code]
** Möglichst nicht ins internet gehen, kein Online-Banking, File-sharing, Chatprogramme usw
gruß
kira
__________________

__________________

Alt 13.03.2012, 17:19   #3
RyOMaNiA
 
Windows7 Home Premium Update Fehler. Error Code: 80070643 und 80071A91; Mic.Answers vermutet Befall - Standard

Windows7 Home Premium Update Fehler. Error Code: 80070643 und 80071A91; Mic.Answers vermutet Befall



Okay, danke schonmal

zu 1. Die Toolbar habe ich schon nichtmehr ... ich habe sie (soweit ich weiß) gelöscht, wegen ask.com

zu 2. Hier ist das Ergebnis :

Code:
ATTFilter
All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
HKU\S-1-5-21-1508095816-2471438030-3903347632-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKEY_USERS\S-1-5-21-1508095816-2471438030-3903347632-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKU\S-1-5-21-1508095816-2471438030-3903347632-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-1508095816-2471438030-3903347632-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_USERS\S-1-5-21-1508095816-2471438030-3903347632-1004\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ deleted successfully.
C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}\ deleted successfully.
File C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
ADS C:\ProgramData\Temp:D20FFA63 deleted successfully.
ADS C:\ProgramData\Temp:5D458568 deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
D:\scanner\OLT by Oldtimers\cmd.bat deleted successfully.
D:\scanner\OLT by Oldtimers\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Admin
->Temp folder emptied: 1271381 bytes
->Temporary Internet Files folder emptied: 1808012 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 14950704 bytes
->Flash cache emptied: 661 bytes
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
 
User: Ryo
->Temp folder emptied: 26228401 bytes
->Temporary Internet Files folder emptied: 20750799 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 87672886 bytes
->Google Chrome cache emptied: 177303338 bytes
->Flash cache emptied: 8141998 bytes
 
User: User
->Temp folder emptied: 58593 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 9320355 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 749 bytes
RecycleBin emptied: 3860224 bytes
 
Total Files Cleaned = 335,00 mb
 
 
OTL by OldTimer - Version 3.2.36.3 log created on 03132012_173544

Files\Folders moved on Reboot...
File move failed. C:\Users\Ryo\AppData\Local\Temp\FXSAPIDebugLogFile.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...
         
zu 3. ja habe ich ...
hier das Ergebnis von mbam:
Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.60.1.1000
www.malwarebytes.org

Datenbank Version: v2012.03.13.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Admin :: RYOS-PC [Administrator]

Schutz: Aktiviert

13.03.2012 18:00:15
mbam-log-2012-03-13 (18-00-15).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 226122
Laufzeit: 3 Minute(n), 48 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         

zu 4. Ich habe die Textdatei 'install' angehängt.

zu 5. Hier die OTL.txt :
Code:
ATTFilter
OTL logfile created on: 13.03.2012 18:12:52 - Run 2
OTL by OldTimer - Version 3.2.36.3     Folder = D:\scanner\OLT by Oldtimers
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,91 Gb Total Physical Memory | 2,19 Gb Available Physical Memory | 56,03% Memory free
7,81 Gb Paging File | 5,75 Gb Available in Paging File | 73,65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,24 Gb Total Space | 63,08 Gb Free Space | 52,91% Space Free | Partition Type: NTFS
Drive D: | 153,85 Gb Total Space | 138,29 Gb Free Space | 89,88% Space Free | Partition Type: NTFS
 
Computer Name: RYOS-PC | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.03.12 16:58:21 | 000,594,944 | ---- | M] (OldTimer Tools) -- D:\scanner\OLT by Oldtimers\OTL.exe
PRC - [2012.02.02 13:26:38 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- D:\scanner\malwarebytes\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.01.13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- D:\scanner\malwarebytes\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.12.15 14:59:48 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011.12.15 14:59:40 | 000,463,824 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
PRC - [2011.12.15 14:59:38 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.12.15 14:59:37 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.11.01 09:59:22 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2011.09.22 12:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2011.09.09 06:10:06 | 002,317,312 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2011.08.24 22:53:24 | 000,100,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe
PRC - [2011.08.24 22:53:22 | 000,092,800 | ---- | M] (ASUS) -- C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe
PRC - [2011.07.21 23:49:10 | 005,716,608 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2011.07.18 23:11:42 | 000,166,528 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2011.02.25 18:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011.01.17 18:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2011.01.17 18:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2010.12.21 02:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.12.21 02:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.10.07 22:05:14 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2010.07.19 20:26:00 | 000,370,480 | ---- | M] (syncables, LLC) -- C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
PRC - [2010.07.19 20:26:00 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
PRC - [2010.07.10 06:45:00 | 000,984,400 | ---- | M] (Virage Logic Corporation / Sonic Focus) -- C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
PRC - [2009.12.15 18:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009.11.02 22:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009.09.22 15:57:50 | 000,163,840 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
PRC - [2009.06.19 18:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009.06.19 18:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009.06.16 01:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
PRC - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- D:\scanner\spybot\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008.12.23 01:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008.08.14 05:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2007.12.19 11:58:24 | 000,163,840 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\DeathAdder\razerofa.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.02.27 21:46:03 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2012.02.27 21:46:03 | 000,170,496 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxslt.dll
MOD - [2012.02.02 13:26:37 | 001,911,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011.09.09 06:10:06 | 001,163,264 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
MOD - [2009.11.02 22:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009.11.02 22:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2009.09.22 15:57:50 | 000,163,840 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011.09.22 12:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2011.01.25 22:11:56 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2010.09.23 02:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\scanner\malwarebytes\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.12.15 14:59:48 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.12.15 14:59:40 | 000,463,824 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2011.12.15 14:59:38 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.08.24 22:53:22 | 000,092,800 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe -- (ASUS InstantOn)
SRV - [2011.03.02 05:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.02.25 18:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010.12.21 02:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010.12.21 02:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.12.15 18:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009.06.16 01:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- D:\scanner\spybot\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.02.15 20:55:13 | 000,132,320 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011.12.15 15:00:00 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.12.15 14:59:59 | 000,097,312 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011.12.10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.08.31 19:53:22 | 012,306,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.08.09 14:24:52 | 000,202,576 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2011.08.04 09:20:38 | 000,146,432 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2011.08.04 09:20:38 | 000,137,144 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2011.06.27 01:37:00 | 002,753,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011.06.02 18:32:50 | 000,401,896 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011.06.02 18:32:50 | 000,128,488 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011.05.05 13:32:56 | 001,439,792 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 12:07:06 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.05 16:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.10.20 00:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010.10.14 18:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2010.09.23 08:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010.08.24 10:55:44 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009.07.20 10:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.04.21 18:08:10 | 000,012,800 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\danew.sys -- (danewFltr)
DRV:64bit: - [2008.05.24 01:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2011.09.07 17:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.03 01:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKLM\..\SearchScopes,DefaultScope = 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKCU\..\SearchScopes,DefaultScope = 
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://de.ask.com/?l=dis&o=APN10023&gct=hp"
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD [2012.03.12 19:43:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.02.02 13:26:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012.03.12 19:43:47 | 000,000,000 | ---D | M]
 
[2012.01.24 18:08:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Extensions
[2012.02.27 21:44:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.02.27 21:44:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2012.02.02 13:26:38 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.12.21 06:08:50 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.12.21 06:02:40 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.12.21 06:08:50 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.12.21 06:08:50 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.12.21 06:08:50 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.12.21 06:08:50 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - D:\scanner\spybot\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll File not found
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll File not found
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4:64bit: - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)
O4 - HKLM..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" File not found
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe (ecareme)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DeathAdder] C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe ()
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] D:\scanner\malwarebytes\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUS)
O4 - HKCU..\Run: [SpeedUpMyPC] "D:\scanner\free performace scan\SpeedUpMyPC\launcher.exe" -d 20000  File not found
O4 - HKCU..\Run: [SpybotSD TeaTimer] D:\scanner\spybot\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4:64bit: - HKLM..\RunOnce: [*WerKernelReporting] C:\Windows\SysNative\WerFault.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] D:\scanner\malwarebytes\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\scanner\spybot\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000016 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1196AE0B-1D00-450E-BF72-0B95F7F30B3D}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C6392523-8166-4F3F-AF41-992B9DA2E780}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.03.13 18:07:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.03.13 18:07:15 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.03.12 22:37:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.03.12 22:37:26 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.03.12 21:07:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012.03.12 21:06:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012.03.12 19:43:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2012.03.12 19:43:46 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2012.03.12 19:43:46 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.03.12 17:35:08 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Malwarebytes
[2012.03.12 17:35:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.03.12 16:49:26 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Uniblue
[2012.03.12 16:49:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
[2012.03.12 16:39:48 | 000,000,000 | ---D | C] -- C:\ProgramData\2DBoy
[2012.03.09 20:25:03 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Stronghold 2
[2012.03.09 20:24:29 | 000,098,304 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt.dll
[2012.03.09 18:19:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefly Studios
[2012.02.27 21:45:52 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3
[2012.02.27 21:45:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3
[2012.02.27 18:34:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Oberon Media
[2012.02.27 18:31:49 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\SoftGrid Client
[2012.02.15 15:49:19 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\CCP
 
========== Files - Modified Within 30 Days ==========
 
[2012.03.13 18:07:17 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.03.13 17:59:58 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.03.13 17:59:58 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.03.13 17:52:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.03.13 17:52:12 | 3145,826,304 | -HS- | M] () -- C:\hiberfil.sys
[2012.03.12 22:44:30 | 000,001,196 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2012.03.12 22:44:23 | 000,002,122 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2012.03.12 22:40:22 | 562,990,807 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.03.12 21:07:15 | 000,000,972 | ---- | M] () -- C:\Users\Admin\Desktop\Spybot - Search & Destroy.lnk
[2012.03.10 10:36:11 | 001,529,266 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.03.10 10:36:11 | 000,665,578 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.03.10 10:36:11 | 000,627,420 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.03.10 10:36:11 | 000,133,758 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.03.10 10:36:11 | 000,110,140 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.03.09 20:24:29 | 000,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt.dll
[2012.02.28 17:48:24 | 000,296,672 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.02.25 13:21:51 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.02.19 19:24:40 | 001,557,708 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.02.15 20:55:13 | 000,132,320 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
 
========== Files Created - No Company Name ==========
 
[2012.03.13 18:07:17 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.03.12 21:07:15 | 000,000,972 | ---- | C] () -- C:\Users\Admin\Desktop\Spybot - Search & Destroy.lnk
[2012.01.30 20:44:09 | 000,007,604 | ---- | C] () -- C:\Users\Admin\AppData\Local\Resmon.ResmonCfg
[2012.01.11 19:11:28 | 001,557,708 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.12.24 19:17:00 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\acovcnt.exe
[2011.09.16 09:21:16 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2011.09.16 09:20:27 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.09.16 09:20:13 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.08.31 19:51:16 | 000,216,000 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.08.31 19:46:00 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011.08.31 19:26:20 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011.04.13 03:48:48 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe
 
========== LOP Check ==========
 
[2012.01.24 18:07:20 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\ASUS WebStorage
[2012.01.24 18:07:13 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Razer
[2012.02.27 18:32:57 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\SoftGrid Client
[2012.01.11 19:12:08 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\TP
[2012.03.12 16:49:26 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Uniblue
[2009.07.14 06:08:49 | 000,026,368 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
         
und hier die Extras.txt :
Code:
ATTFilter
OTL Extras logfile created on: 13.03.2012 18:12:52 - Run 2
OTL by OldTimer - Version 3.2.36.3     Folder = D:\scanner\OLT by Oldtimers
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,91 Gb Total Physical Memory | 2,19 Gb Available Physical Memory | 56,03% Memory free
7,81 Gb Paging File | 5,75 Gb Available in Paging File | 73,65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,24 Gb Total Space | 63,08 Gb Free Space | 52,91% Space Free | Partition Type: NTFS
Drive D: | 153,85 Gb Total Space | 138,29 Gb Free Space | 89,88% Space Free | Partition Type: NTFS
 
Computer Name: RYOS-PC | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0F696557-180C-4813-A754-5D43969B0691}" = Windows Live Family Safety
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{169C77B7-69C9-4648-9DD0-72B152AF269F}" = Windows Live Family Safety
"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1C55470A-7C9E-4C63-B466-6AFFC69E94E9}" = Windows Live Family Safety
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{289809B1-078A-49F3-83D0-7E51715B3915}" = Windows Live Family Safety
"{33B98264-A889-4913-A0CA-C364A75032B3}" = ASUS Power4Gear Hybrid
"{3946328A-5B3A-434C-A22B-64CF6652FBAD}" = Windows Live Family Safety
"{401C50F6-B443-43EE-8F27-A80DB19B03FD}" = Windows Live Family Safety
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{61A177CE-86A3-433F-BFE2-41AB9123A268}" = ESET NOD32 Antivirus
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7734509D-A1F7-4A5E-AF9D-77CD17AE41AF}" = Windows Live Family Safety
"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{9210D7A2-DC28-43F6-92F9-E6CD4C729F7B}" = Windows Live Family Safety
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources
"{B22C8566-D522-4B40-A7AF-525F5A70D832}" = Windows Live Family Safety
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{CB7935EF-43EE-4C0F-AC02-B0E4DD5DAC17}" = Windows Live Family Safety
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources
"{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources
"{FE4BE0BD-1EDB-4D24-9614-847B3C472887}" = Windows Live Family Safety
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.01 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}" = Sonic Focus
"{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live
"{0A9256E0-C924-46DE-921B-F6C4548A1C64}" = Windows Live Messenger
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{16D2C649-CBA8-44EE-B730-12584667D487}" = Stronghold 2 Deluxe
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}" = Bing Bar
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger
"{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack
"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{341697D8-9923-445E-B42A-529E5A99CB7A}" = syncables desktop SE
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}" = Windows Live Messenger
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4555BB9E-E715-4260-A178-E8EFD2B653E3}" = Alcor Micro USB Card Reader
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A275FD1-2F24-4274-8C01-813F5AD1A92D}" = Windows Live Messenger
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5F6E678A-7E61-448A-86CB-BC2AD1E04138}" = Windows Live Messenger
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{622DE1BE-9EDE-49D3-B349-29D64760342A}" = 適用遠端連線的 Windows Live Mesh ActiveX 控制項
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{63AE67AA-1AB1-4565-B4EF-ABBC5C841E8D}" = Windows Live Messenger
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6986737B-F286-40D1-87AF-938339DCF6AB}" = Windows Live Messenger
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{709E38A9-7F80-4598-96CC-44B0D553FECE}" = Windows Live Messenger
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{749F674B-2674-47E8-879C-5626A06B2A91}" = InstantOn for NB
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}" = פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}" = Элемент управления Windows Live Mesh ActiveX для удаленных подключений
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C4BC5A5F-4A97-47CC-99C3-AB8E10572AFE}" = Wireless Console 3
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}" = ASUS FancyStart
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack
"{D39F0676-163E-4595-A917-E28F99BBD4D2}" = ASUS AI Recovery
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E18B30AA-6E2D-480C-B918-AF61009F4010}" = عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1" = Uniblue SpeedUpMyPC
"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer
"{E71E60C1-533E-45A5-8D80-E475E88D2B17}_is1" = Game Park Console
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{EB1B8449-CD8F-485B-ADB6-02FBCFE180D3}" = Razer DeathAdder(TM) Mouse
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心
"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources
"{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}" = Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις
"{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update
"{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AmUStor" = Alcor Micro USB Card Reader
"Asus Vibe2.0" = AsusVibe2.0
"ASUS WebStorage" = ASUS WebStorage
"ASUS_Screensaver" = ASUS_Screensaver
"Avira AntiVir Desktop" = Avira Free Antivirus
"Bookworm Deluxe" = Bookworm Deluxe
"Cooking Dash" = Cooking Dash
"Governor of Poker" = Governor of Poker
"Hotel Dash Suite Success" = Hotel Dash Suite Success
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"Jewel Quest 3" = Jewel Quest 3
"Luxor 3" = Luxor 3
"Mahjongg dimensions" = Mahjongg dimensions
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Maschinenschreiben Deluxe_is1" = Maschinenschreiben Deluxe 1.2.40
"Mozilla Firefox 10.0 (x86 de)" = Mozilla Firefox 10.0 (x86 de)
"Plants vs Zombies" = Plants vs Zombies
"SpellForce" = SpellForce
"StarCraft II" = StarCraft II
"VLC media player" = VLC media player 1.1.11
"WinLiveSuite" = Windows Live Essentials
"World of Goo" = World of Goo
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 05.02.2012 06:07:09 | Computer Name = Ryos-PC | Source = System Restore | ID = 8193
Description = 
 
Error - 05.02.2012 14:00:02 | Computer Name = Ryos-PC | Source = Windows Backup | ID = 4103
Description = 
 
Error - 12.02.2012 15:13:04 | Computer Name = Ryos-PC | Source = CVHSVC | ID = 100
Description = 
 
Error - 12.02.2012 15:13:07 | Computer Name = Ryos-PC | Source = Windows Backup | ID = 4103
Description = 
 
Error - 19.02.2012 14:19:12 | Computer Name = Ryos-PC | Source = Windows Backup | ID = 4103
Description = 
 
Error - 23.02.2012 09:15:18 | Computer Name = Ryos-PC | Source = CVHSVC | ID = 100
Description = 
 
Error - 26.02.2012 14:00:01 | Computer Name = Ryos-PC | Source = Windows Backup | ID = 4103
Description = 
 
Error - 27.02.2012 13:23:33 | Computer Name = Ryos-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: WINWORDC.EXE, Version: 0.0.0.0, Zeitstempel:
 0x4bae2819  Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.4940, Zeitstempel:
 0x4ca2ef57  Ausnahmecode: 0xc0000417  Fehleroffset: 0x000320f0  ID des fehlerhaften Prozesses:
 0x2bc0  Startzeit der fehlerhaften Anwendung: 0x01ccf5743088f7e9  Pfad der fehlerhaften
 Anwendung: Q:\140066.deu\Office14\WINWORDC.EXE  Pfad des fehlerhaften Moduls: C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\MSVCR90.dll
Berichtskennung:
 c5a9c8f3-6167-11e1-90b9-5404a630fa0d
 
Error - 27.02.2012 16:43:15 | Computer Name = Ryos-PC | Source = MsiInstaller | ID = 11935
Description = 
 
Error - 27.02.2012 16:43:33 | Computer Name = Ryos-PC | Source = MsiInstaller | ID = 11935
Description = 
 
[ Media Center Events ]
Error - 29.01.2012 18:37:19 | Computer Name = Ryos-PC | Source = MCUpdate | ID = 0
Description = 23:37:19 - Fehler beim Herstellen der Internetverbindung.  23:37:19 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 30.01.2012 05:39:25 | Computer Name = Ryos-PC | Source = MCUpdate | ID = 0
Description = 10:39:25 - Fehler beim Herstellen der Internetverbindung.  10:39:25 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 06.03.2012 13:03:14 | Computer Name = Ryos-PC | Source = MCUpdate | ID = 0
Description = 18:03:14 - Fehler beim Herstellen der Internetverbindung.  18:03:14 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 07.03.2012 15:50:28 | Computer Name = Ryos-PC | Source = MCUpdate | ID = 0
Description = 20:50:28 - Fehler beim Herstellen der Internetverbindung.  20:50:28 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 09.03.2012 10:35:58 | Computer Name = Ryos-PC | Source = MCUpdate | ID = 0
Description = 15:35:58 - Fehler beim Herstellen der Internetverbindung.  15:35:58 
-     Serververbindung konnte nicht hergestellt werden..  
 
[ System Events ]
Error - 13.03.2012 13:17:20 | Computer Name = Ryos-PC | Source = Ntfs | ID = 262281
Description = Auf dem Volume "C:" konnte der Transaktionsressourcen-Manager aufgrund
 eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in
 den Daten enthalten.
 
Error - 13.03.2012 13:17:25 | Computer Name = Ryos-PC | Source = Ntfs | ID = 262281
Description = Auf dem Volume "C:" konnte der Transaktionsressourcen-Manager aufgrund
 eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in
 den Daten enthalten.
 
Error - 13.03.2012 13:17:30 | Computer Name = Ryos-PC | Source = Ntfs | ID = 262281
Description = Auf dem Volume "C:" konnte der Transaktionsressourcen-Manager aufgrund
 eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in
 den Daten enthalten.
 
Error - 13.03.2012 13:17:36 | Computer Name = Ryos-PC | Source = Ntfs | ID = 262281
Description = Auf dem Volume "C:" konnte der Transaktionsressourcen-Manager aufgrund
 eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in
 den Daten enthalten.
 
Error - 13.03.2012 13:17:41 | Computer Name = Ryos-PC | Source = Ntfs | ID = 262281
Description = Auf dem Volume "OS" konnte der Transaktionsressourcen-Manager aufgrund
 eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in
 den Daten enthalten.
 
Error - 13.03.2012 13:17:46 | Computer Name = Ryos-PC | Source = Ntfs | ID = 262281
Description = Auf dem Volume "OS" konnte der Transaktionsressourcen-Manager aufgrund
 eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in
 den Daten enthalten.
 
Error - 13.03.2012 13:17:51 | Computer Name = Ryos-PC | Source = Ntfs | ID = 262281
Description = Auf dem Volume "C:" konnte der Transaktionsressourcen-Manager aufgrund
 eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in
 den Daten enthalten.
 
Error - 13.03.2012 13:17:56 | Computer Name = Ryos-PC | Source = Ntfs | ID = 262281
Description = Auf dem Volume "OS" konnte der Transaktionsressourcen-Manager aufgrund
 eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in
 den Daten enthalten.
 
Error - 13.03.2012 13:18:01 | Computer Name = Ryos-PC | Source = Ntfs | ID = 262281
Description = Auf dem Volume "C:" konnte der Transaktionsressourcen-Manager aufgrund
 eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in
 den Daten enthalten.
 
Error - 13.03.2012 13:18:06 | Computer Name = Ryos-PC | Source = Ntfs | ID = 262281
Description = Auf dem Volume "C:" konnte der Transaktionsressourcen-Manager aufgrund
 eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in
 den Daten enthalten.
 
 
< End of report >
         
LG Ryo
__________________
Angehängte Dateien
Dateityp: txt install.txt (11,4 KB, 180x aufgerufen)

Alt 14.03.2012, 07:32   #4
kira
/// Helfer-Team
 
Windows7 Home Premium Update Fehler. Error Code: 80070643 und 80071A91; Mic.Answers vermutet Befall - Standard

Windows7 Home Premium Update Fehler. Error Code: 80070643 und 80071A91; Mic.Answers vermutet Befall



1.
Du hast deinen Rechner mit zwei Anti-Viren-Programmen generell `geschwächt`:
Code:
ATTFilter
Avira und ESET NOD32 Antivirus
         
Wichtig:
Nur eine Firewall sowie ein Antiviren Programm verwenden, welche sich immer auf dem aktuellsten Stand befinden sollten!
Mehr AV Programme bedeutet nicht mehr Sicherheit!Die Scanner behindern sich gegenseitig (bei beiden den On-Access Scan aktiviert bzw laufen ständig im Hintergrund) und ein Systemcrash kann die Folge sein oder im schlechtesten fall, kannst Du über eine komplette Neuinstallation freuen! Deinstalliere also eines der AV-Programme und lass nur noch eins auf deinem PC laufen.
Zitat:
►Bevor du ein anderes Antivirenprogramm installierst solltest du auf jeden Fall das vorherige vollständig deinstallieren!
Je nachdem, wie Du Dich entscheidest:

Removal Tools oder Deinstallationsanleitungen für diverse Antiviren Software :
-> Removal Tools oder Deinstallationsanleitungen für diverse Antiviren Software
AV Deinstallations Hinweise
also Entscheide Dich für NUR einen Virenscanner und benutze diesen regelmäßig!

2.
Zitat:
Spybot
- würde ich nicht mehr empfehlen, da erfüllt nicht die neue Schutzanforderungen und Lösungen Schutz vor Malware bzw gegenüber ganz neuen Herausforderungen arbeitet nicht zufriedenstellend
meiner Meinung nach bietet nicht mehr ausreichenden Schutz gegen "moderne Malwarearten"...
► Falls Du doch ihn behalten möchtest:
Stelle bitte den TeaTimer ab:
Gehe bei Spybot-S&D in den Erweiterten Modus und wähle dort Werkzeuge -> Resident.
Deaktiviere hier den "Resident TeaTimer aktiv".
(Tea Timer versucht positive änderungen auch zu blockieren) - soll für immer deaktiviert bleiben!

3.
unter Systemsteuerung-> Software/Programme auch deinstalliert? nämlich in deinem geposteten Log existiert noch!
bitte deinstalliere:
Zitat:
Avira SearchFree Toolbar
4.
Wenn nicht bewusst installiert hast bzw nicht benötigst, kannst deinstallieren (unter Software):
Code:
ATTFilter
Bing Bar 
-> Bing Bar aus Firefox und Internet Explorer entfernen
         
Immer mehr Programme bringen eine Toolbar mit.(wie z.B. Google, Yaho,Messenger, Winamp, ICQ usw). Manche Zustimmung der User installiert, manche wieder ohne Wissen des Benutzers Viele davon sehr fehleranfällig und fressen eine Menge an Systemressourcen. Zur funktionstüchtigen Installation der jeweiligen Software ist Toolbar aber nicht notwendig, zudem die meisten modernen Browser mit vielen zusätzlichen Funktionen ausgestattet sind. Ausserdem die dazugehörigen Programme, funktionieren auch ohne...
- meiste Toolbars bzw Browserhelper wollen sich doch nur wichtig machen

5.
Aktualiseren:
Zitat:
OpenOffice.org 2.3
6.
Java aktualisieren- über Systemsteuerung-> Nach Update suchen...
oder:
Downloade nun die Offline-Version von Java "Empfohlen Version 6 Update 31 " von Oracle und installiere sie. Achte darauf, eventuell angebotene Toolbars nicht mitzuinstallieren, also während der Installation den Haken bei der Toolbar entfernen.

7.
Adobe Reader aktualisieren :
- Bei Installation aufpassen/mitlesen!: Wenn irgendeine Software, Toolbar etc angeboten wird, bitte abwählen! - (z.B "McAfee Security Scan Plus")
Adobe Reader
Oder: Adobe starten-> gehe auf "Hilfe"-> "Nach Update suchen..."

8.
reinige dein System mit CCleaner:
  • "CCleaner"→ "Analysieren"→ Klick auf den Button "Start CCleaner"
  • "Registry""Fehler suchen"→ "Fehler beheben"→ "Alle beheben"
  • Starte dein System neu auf

9.
erneut einen Scan mit OTL:
  • Doppelklick auf die OTL.exe
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Oben findest Du ein Kästchen mit Ausgabe.
    Wähle bitte Standard-Ausgabe
  • Unter Extra-Registrierung wähle bitte Benutze SafeList.
  • Mache Häckchen bei LOP- und Purity-Prüfung.
  • Klicke nun auf Scan links oben.
  • Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
    Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.

10.
Neue Liste erstellen:
  • CCleaner starten-> klick auf `Extras` (um auf deinem System installierte Software zu anzeigen)-> dann auf `Als Textdatei speichern...`
  • ein Textdatei wird automatisch erstellt, poste auch dieses Logfile (also die Liste alle installierten Programme...eine Textdatei)

Zitat:
► Berichte mir kurz über alle Umsetzungsschritte, die Du erledigt hast!
__________________

Warnung!:
Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein!
Anhang nicht öffnen, in unserem Forum erst nachfragen!

Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten!
Bitte diese Warnung weitergeben, wo Du nur kannst!

Alt 14.03.2012, 19:20   #5
RyOMaNiA
 
Windows7 Home Premium Update Fehler. Error Code: 80070643 und 80071A91; Mic.Answers vermutet Befall - Standard

Windows7 Home Premium Update Fehler. Error Code: 80070643 und 80071A91; Mic.Answers vermutet Befall



zu 1.
Gut, das wusste ich nicht. Ich habe ESET deinstalliert (war eh nur ne Testversion )

zu 2.
Spybot ist auch deinstalliert.

zu 3.
Oh! Okay, auch das ist deinstalliert.

zu 4.
Deinstalliert

zu 5.
Bei mir wird Open Office 3.3 angezeigt ...

zu 6.
Erledigt!

zu 7.
Ich hab es gesucht, aber ich habe garkein Adobe Reader. Ich benutze den auf meinem System vorinstallierten 'Nuance PDF Reader'. Oder habe ich doch Adobe Reader und weiß es nur nicht (wie bei Ask-Toolbar :-)).

zu 8.
Hier die OLT.txt:
Code:
ATTFilter
OTL logfile created on: 14.03.2012 20:08:57 - Run 3
OTL by OldTimer - Version 3.2.36.3     Folder = D:\scanner\OLT by Oldtimers
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,91 Gb Total Physical Memory | 2,09 Gb Available Physical Memory | 53,42% Memory free
7,81 Gb Paging File | 5,73 Gb Available in Paging File | 73,38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,24 Gb Total Space | 63,65 Gb Free Space | 53,38% Space Free | Partition Type: NTFS
Drive D: | 153,85 Gb Total Space | 138,39 Gb Free Space | 89,95% Space Free | Partition Type: NTFS
 
Computer Name: RYOS-PC | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.03.12 16:58:21 | 000,594,944 | ---- | M] (OldTimer Tools) -- D:\scanner\OLT by Oldtimers\OTL.exe
PRC - [2012.02.02 13:26:38 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- D:\scanner\malwarebytes\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.01.13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- D:\scanner\malwarebytes\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.12.15 14:59:48 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011.12.15 14:59:38 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.12.15 14:59:37 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.11.01 09:59:22 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2011.09.09 06:10:06 | 002,317,312 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2011.08.24 22:53:24 | 000,100,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe
PRC - [2011.08.24 22:53:22 | 000,092,800 | ---- | M] (ASUS) -- C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe
PRC - [2011.07.21 23:49:10 | 005,716,608 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2011.07.18 23:11:42 | 000,166,528 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2011.01.17 18:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2011.01.17 18:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2010.12.21 02:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.12.21 02:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.10.07 22:05:14 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2010.07.19 20:26:00 | 000,370,480 | ---- | M] (syncables, LLC) -- C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
PRC - [2010.07.19 20:26:00 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
PRC - [2010.07.10 06:45:00 | 000,984,400 | ---- | M] (Virage Logic Corporation / Sonic Focus) -- C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
PRC - [2009.12.15 18:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009.11.02 22:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009.09.22 15:57:50 | 000,163,840 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
PRC - [2009.06.19 18:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009.06.19 18:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009.06.16 01:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
PRC - [2008.12.23 01:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008.08.14 05:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2007.12.19 11:58:24 | 000,163,840 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\DeathAdder\razerofa.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.02.27 21:46:03 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2012.02.25 13:21:51 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2012.02.02 13:26:37 | 001,911,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011.09.09 06:10:06 | 001,163,264 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
MOD - [2009.11.02 22:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009.11.02 22:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2009.09.22 15:57:50 | 000,163,840 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011.01.25 22:11:56 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2010.09.23 02:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\scanner\malwarebytes\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.12.15 14:59:48 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.12.15 14:59:38 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.08.24 22:53:22 | 000,092,800 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe -- (ASUS InstantOn)
SRV - [2010.12.21 02:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010.12.21 02:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.12.15 18:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009.06.16 01:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.02.15 20:55:13 | 000,132,320 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011.12.15 15:00:00 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.12.15 14:59:59 | 000,097,312 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011.12.10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.08.31 19:53:22 | 012,306,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.06.27 01:37:00 | 002,753,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011.06.02 18:32:50 | 000,401,896 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011.06.02 18:32:50 | 000,128,488 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011.05.05 13:32:56 | 001,439,792 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 12:07:06 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.05 16:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.10.20 00:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010.10.14 18:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2010.09.23 08:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010.08.24 10:55:44 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009.07.20 10:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.04.21 18:08:10 | 000,012,800 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\danew.sys -- (danewFltr)
DRV:64bit: - [2008.05.24 01:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2011.09.07 17:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.03 01:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKLM\..\SearchScopes,DefaultScope = 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKCU\..\SearchScopes,DefaultScope = 
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://de.ask.com/?l=dis&o=APN10023&gct=hp"
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.02.02 13:26:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
 
[2012.01.24 18:08:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Extensions
[2012.03.14 20:02:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.03.14 20:02:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012.02.02 13:26:38 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.12.21 06:08:50 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.12.21 06:02:40 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.12.21 06:08:50 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.12.21 06:08:50 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.12.21 06:08:50 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.12.21 06:08:50 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4:64bit: - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe (ecareme)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DeathAdder] C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe ()
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] D:\scanner\malwarebytes\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUS)
O4 - HKCU..\Run: [SpeedUpMyPC] "D:\scanner\free performace scan\SpeedUpMyPC\launcher.exe" -d 20000  File not found
O4:64bit: - HKLM..\RunOnce: [*WerKernelReporting] C:\Windows\SysNative\WerFault.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] D:\scanner\malwarebytes\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1196AE0B-1D00-450E-BF72-0B95F7F30B3D}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C6392523-8166-4F3F-AF41-992B9DA2E780}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.03.14 20:03:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.03.14 20:02:49 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012.03.14 20:02:49 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012.03.14 20:02:49 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012.03.14 20:02:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012.03.14 19:54:18 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.03.13 18:07:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.03.13 18:07:15 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.03.12 22:37:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.03.12 22:37:26 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.03.12 21:06:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012.03.12 17:35:08 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Malwarebytes
[2012.03.12 17:35:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.03.12 16:49:26 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Uniblue
[2012.03.12 16:39:48 | 000,000,000 | ---D | C] -- C:\ProgramData\2DBoy
[2012.03.09 20:25:03 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Stronghold 2
[2012.03.09 20:24:29 | 000,098,304 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt.dll
[2012.03.09 18:19:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefly Studios
[2012.02.27 21:45:52 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3
[2012.02.27 21:45:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3
[2012.02.27 18:34:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Oberon Media
[2012.02.27 18:31:49 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\SoftGrid Client
[2012.02.15 15:49:19 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\CCP
 
========== Files - Modified Within 30 Days ==========
 
[2012.03.14 20:12:43 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.03.14 20:12:43 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.03.14 20:05:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.03.14 20:05:06 | 3145,826,304 | -HS- | M] () -- C:\hiberfil.sys
[2012.03.14 20:02:40 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2012.03.14 20:02:40 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012.03.14 20:02:40 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012.03.14 20:02:40 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012.03.13 18:07:17 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.03.12 22:44:30 | 000,001,196 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2012.03.12 22:44:23 | 000,002,122 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2012.03.12 22:40:22 | 562,990,807 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.03.10 10:36:11 | 001,529,266 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.03.10 10:36:11 | 000,665,578 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.03.10 10:36:11 | 000,627,420 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.03.10 10:36:11 | 000,133,758 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.03.10 10:36:11 | 000,110,140 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.03.09 20:24:29 | 000,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt.dll
[2012.02.28 17:48:24 | 000,296,672 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.02.25 13:21:51 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.02.19 19:24:40 | 001,557,708 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.02.15 20:55:13 | 000,132,320 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
 
========== Files Created - No Company Name ==========
 
[2012.03.13 18:07:17 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.01.30 20:44:09 | 000,007,604 | ---- | C] () -- C:\Users\Admin\AppData\Local\Resmon.ResmonCfg
[2012.01.11 19:11:28 | 001,557,708 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.12.24 19:17:00 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\acovcnt.exe
[2011.09.16 09:21:16 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2011.09.16 09:20:27 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.09.16 09:20:13 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.08.31 19:51:16 | 000,216,000 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.08.31 19:46:00 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011.08.31 19:26:20 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011.04.13 03:48:48 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe
 
========== LOP Check ==========
 
[2012.01.24 18:07:20 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\ASUS WebStorage
[2012.01.24 18:07:13 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Razer
[2012.02.27 18:32:57 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\SoftGrid Client
[2012.01.11 19:12:08 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\TP
[2012.03.12 16:49:26 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Uniblue
[2009.07.14 06:08:49 | 000,026,872 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
         
und hier die Extras.txt:
Code:
ATTFilter
OTL Extras logfile created on: 14.03.2012 20:08:57 - Run 3
OTL by OldTimer - Version 3.2.36.3     Folder = D:\scanner\OLT by Oldtimers
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,91 Gb Total Physical Memory | 2,09 Gb Available Physical Memory | 53,42% Memory free
7,81 Gb Paging File | 5,73 Gb Available in Paging File | 73,38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,24 Gb Total Space | 63,65 Gb Free Space | 53,38% Space Free | Partition Type: NTFS
Drive D: | 153,85 Gb Total Space | 138,39 Gb Free Space | 89,95% Space Free | Partition Type: NTFS
 
Computer Name: RYOS-PC | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0F696557-180C-4813-A754-5D43969B0691}" = Windows Live Family Safety
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{169C77B7-69C9-4648-9DD0-72B152AF269F}" = Windows Live Family Safety
"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1C55470A-7C9E-4C63-B466-6AFFC69E94E9}" = Windows Live Family Safety
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{289809B1-078A-49F3-83D0-7E51715B3915}" = Windows Live Family Safety
"{33B98264-A889-4913-A0CA-C364A75032B3}" = ASUS Power4Gear Hybrid
"{3946328A-5B3A-434C-A22B-64CF6652FBAD}" = Windows Live Family Safety
"{401C50F6-B443-43EE-8F27-A80DB19B03FD}" = Windows Live Family Safety
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7734509D-A1F7-4A5E-AF9D-77CD17AE41AF}" = Windows Live Family Safety
"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{9210D7A2-DC28-43F6-92F9-E6CD4C729F7B}" = Windows Live Family Safety
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources
"{B22C8566-D522-4B40-A7AF-525F5A70D832}" = Windows Live Family Safety
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{CB7935EF-43EE-4C0F-AC02-B0E4DD5DAC17}" = Windows Live Family Safety
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources
"{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources
"{FE4BE0BD-1EDB-4D24-9614-847B3C472887}" = Windows Live Family Safety
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.01 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}" = Sonic Focus
"{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live
"{0A9256E0-C924-46DE-921B-F6C4548A1C64}" = Windows Live Messenger
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{16D2C649-CBA8-44EE-B730-12584667D487}" = Stronghold 2 Deluxe
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger
"{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack
"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{341697D8-9923-445E-B42A-529E5A99CB7A}" = syncables desktop SE
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}" = Windows Live Messenger
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4555BB9E-E715-4260-A178-E8EFD2B653E3}" = Alcor Micro USB Card Reader
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A275FD1-2F24-4274-8C01-813F5AD1A92D}" = Windows Live Messenger
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5F6E678A-7E61-448A-86CB-BC2AD1E04138}" = Windows Live Messenger
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{622DE1BE-9EDE-49D3-B349-29D64760342A}" = 適用遠端連線的 Windows Live Mesh ActiveX 控制項
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{63AE67AA-1AB1-4565-B4EF-ABBC5C841E8D}" = Windows Live Messenger
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6986737B-F286-40D1-87AF-938339DCF6AB}" = Windows Live Messenger
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{709E38A9-7F80-4598-96CC-44B0D553FECE}" = Windows Live Messenger
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{749F674B-2674-47E8-879C-5626A06B2A91}" = InstantOn for NB
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}" = פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common
"{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}" = Элемент управления Windows Live Mesh ActiveX для удаленных подключений
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C4BC5A5F-4A97-47CC-99C3-AB8E10572AFE}" = Wireless Console 3
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}" = ASUS FancyStart
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack
"{D39F0676-163E-4595-A917-E28F99BBD4D2}" = ASUS AI Recovery
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E18B30AA-6E2D-480C-B918-AF61009F4010}" = عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1" = Uniblue SpeedUpMyPC
"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer
"{E71E60C1-533E-45A5-8D80-E475E88D2B17}_is1" = Game Park Console
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{EB1B8449-CD8F-485B-ADB6-02FBCFE180D3}" = Razer DeathAdder(TM) Mouse
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心
"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources
"{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}" = Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις
"{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update
"{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AmUStor" = Alcor Micro USB Card Reader
"Asus Vibe2.0" = AsusVibe2.0
"ASUS WebStorage" = ASUS WebStorage
"ASUS_Screensaver" = ASUS_Screensaver
"Avira AntiVir Desktop" = Avira Free Antivirus
"Bookworm Deluxe" = Bookworm Deluxe
"Cooking Dash" = Cooking Dash
"Governor of Poker" = Governor of Poker
"Hotel Dash Suite Success" = Hotel Dash Suite Success
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"Jewel Quest 3" = Jewel Quest 3
"Luxor 3" = Luxor 3
"Mahjongg dimensions" = Mahjongg dimensions
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Maschinenschreiben Deluxe_is1" = Maschinenschreiben Deluxe 1.2.40
"Mozilla Firefox 10.0 (x86 de)" = Mozilla Firefox 10.0 (x86 de)
"Plants vs Zombies" = Plants vs Zombies
"SpellForce" = SpellForce
"StarCraft II" = StarCraft II
"VLC media player" = VLC media player 1.1.11
"WinLiveSuite" = Windows Live Essentials
"World of Goo" = World of Goo
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 05.02.2012 06:07:09 | Computer Name = Ryos-PC | Source = System Restore | ID = 8193
Description = 
 
Error - 05.02.2012 14:00:02 | Computer Name = Ryos-PC | Source = Windows Backup | ID = 4103
Description = 
 
Error - 12.02.2012 15:13:04 | Computer Name = Ryos-PC | Source = CVHSVC | ID = 100
Description = 
 
Error - 12.02.2012 15:13:07 | Computer Name = Ryos-PC | Source = Windows Backup | ID = 4103
Description = 
 
Error - 19.02.2012 14:19:12 | Computer Name = Ryos-PC | Source = Windows Backup | ID = 4103
Description = 
 
Error - 23.02.2012 09:15:18 | Computer Name = Ryos-PC | Source = CVHSVC | ID = 100
Description = 
 
Error - 26.02.2012 14:00:01 | Computer Name = Ryos-PC | Source = Windows Backup | ID = 4103
Description = 
 
Error - 27.02.2012 13:23:33 | Computer Name = Ryos-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: WINWORDC.EXE, Version: 0.0.0.0, Zeitstempel:
 0x4bae2819  Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.4940, Zeitstempel:
 0x4ca2ef57  Ausnahmecode: 0xc0000417  Fehleroffset: 0x000320f0  ID des fehlerhaften Prozesses:
 0x2bc0  Startzeit der fehlerhaften Anwendung: 0x01ccf5743088f7e9  Pfad der fehlerhaften
 Anwendung: Q:\140066.deu\Office14\WINWORDC.EXE  Pfad des fehlerhaften Moduls: C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\MSVCR90.dll
Berichtskennung:
 c5a9c8f3-6167-11e1-90b9-5404a630fa0d
 
Error - 27.02.2012 16:43:15 | Computer Name = Ryos-PC | Source = MsiInstaller | ID = 11935
Description = 
 
Error - 27.02.2012 16:43:33 | Computer Name = Ryos-PC | Source = MsiInstaller | ID = 11935
Description = 
 
[ Media Center Events ]
Error - 29.01.2012 18:37:19 | Computer Name = Ryos-PC | Source = MCUpdate | ID = 0
Description = 23:37:19 - Fehler beim Herstellen der Internetverbindung.  23:37:19 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 30.01.2012 05:39:25 | Computer Name = Ryos-PC | Source = MCUpdate | ID = 0
Description = 10:39:25 - Fehler beim Herstellen der Internetverbindung.  10:39:25 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 06.03.2012 13:03:14 | Computer Name = Ryos-PC | Source = MCUpdate | ID = 0
Description = 18:03:14 - Fehler beim Herstellen der Internetverbindung.  18:03:14 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 07.03.2012 15:50:28 | Computer Name = Ryos-PC | Source = MCUpdate | ID = 0
Description = 20:50:28 - Fehler beim Herstellen der Internetverbindung.  20:50:28 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 09.03.2012 10:35:58 | Computer Name = Ryos-PC | Source = MCUpdate | ID = 0
Description = 15:35:58 - Fehler beim Herstellen der Internetverbindung.  15:35:58 
-     Serververbindung konnte nicht hergestellt werden..  
 
[ System Events ]
Error - 14.03.2012 15:13:14 | Computer Name = Ryos-PC | Source = Ntfs | ID = 262281
Description = Auf dem Volume "C:" konnte der Transaktionsressourcen-Manager aufgrund
 eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in
 den Daten enthalten.
 
Error - 14.03.2012 15:13:19 | Computer Name = Ryos-PC | Source = Ntfs | ID = 262281
Description = Auf dem Volume "OS" konnte der Transaktionsressourcen-Manager aufgrund
 eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in
 den Daten enthalten.
 
Error - 14.03.2012 15:13:24 | Computer Name = Ryos-PC | Source = Ntfs | ID = 262281
Description = Auf dem Volume "C:" konnte der Transaktionsressourcen-Manager aufgrund
 eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in
 den Daten enthalten.
 
Error - 14.03.2012 15:13:29 | Computer Name = Ryos-PC | Source = Ntfs | ID = 262281
Description = Auf dem Volume "C:" konnte der Transaktionsressourcen-Manager aufgrund
 eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in
 den Daten enthalten.
 
Error - 14.03.2012 15:13:34 | Computer Name = Ryos-PC | Source = Ntfs | ID = 262281
Description = Auf dem Volume "OS" konnte der Transaktionsressourcen-Manager aufgrund
 eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in
 den Daten enthalten.
 
Error - 14.03.2012 15:13:39 | Computer Name = Ryos-PC | Source = Ntfs | ID = 262281
Description = Auf dem Volume "OS" konnte der Transaktionsressourcen-Manager aufgrund
 eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in
 den Daten enthalten.
 
Error - 14.03.2012 15:13:44 | Computer Name = Ryos-PC | Source = Ntfs | ID = 262281
Description = Auf dem Volume "C:" konnte der Transaktionsressourcen-Manager aufgrund
 eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in
 den Daten enthalten.
 
Error - 14.03.2012 15:13:49 | Computer Name = Ryos-PC | Source = Ntfs | ID = 262281
Description = Auf dem Volume "OS" konnte der Transaktionsressourcen-Manager aufgrund
 eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in
 den Daten enthalten.
 
Error - 14.03.2012 15:13:55 | Computer Name = Ryos-PC | Source = Ntfs | ID = 262281
Description = Auf dem Volume "C:" konnte der Transaktionsressourcen-Manager aufgrund
 eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in
 den Daten enthalten.
 
Error - 14.03.2012 15:14:00 | Computer Name = Ryos-PC | Source = Ntfs | ID = 262281
Description = Auf dem Volume "OS" konnte der Transaktionsressourcen-Manager aufgrund
 eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in
 den Daten enthalten.
 
 
< End of report >
         
und 10. hab ich angehängt


Grüße, Ryo

Angehängte Dateien
Dateityp: txt install.txt (10,8 KB, 239x aufgerufen)

Alt 14.03.2012, 20:46   #6
kira
/// Helfer-Team
 
Windows7 Home Premium Update Fehler. Error Code: 80070643 und 80071A91; Mic.Answers vermutet Befall - Standard

Windows7 Home Premium Update Fehler. Error Code: 80070643 und 80071A91; Mic.Answers vermutet Befall



1.
Zitat:
Achtung wichtig!:
Falls Du selber im Logfile Änderungen vorgenommen hast, musst Du durch die Originalbezeichnung ersetzen und so in Script einfügen! sonst funktioniert nicht!
(Benutzerordner, dein Name oder sonstige Änderungen durch X, Stern oder andere Namen ersetzt)
Fixen mit OTL
  • Starte die OTL.exe.
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Kopiere folgendes Skript:
Code:
ATTFilter
:OTL
FF - prefs.js..browser.startup.homepage: "hxxp://de.ask.com/?l=dis&o=APN10023&gct=hp"
[2011.12.21 06:02:40 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.12.21 06:08:50 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
[2012.03.12 21:06:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy

:Commands
[purity]
[emptytemp]
         
  • und füge es hier ein:
  • Schließe alle Programme.
  • Klicke auf den Fix Button.
  • Klick auf .
  • OTL verlangt einen Neustart. Bitte zulassen.
  • Nach dem Neustart findest Du ein Textdokument.
    Kopiere den Inhalt hier in Deinen Thread.

2.
reinige dein System mit CCleaner:
  • "CCleaner"→ "Analysieren"→ Klick auf den Button "Start CCleaner"
  • "Registry""Fehler suchen"→ "Fehler beheben"→ "Alle beheben"
  • Starte dein System neu auf

3.
  • lade Dir SUPERAntiSpyware FREE Edition herunter.
    Achte darauf, eventuell angebotene Toolbar nicht mitzuinstallieren, also während der Installation den Haken bei der Toolbar (falls nötig), entfernen.
  • installiere das Programm und update online.
  • starte SUPERAntiSpyware und klicke auf "Ihren Computer durchsuchen"
  • setze ein Häkchen bei "Kompletter Scan" und klicke auf "Weiter"
  • anschließend alle gefundenen Schadprogramme werden aufgelistet, bei alle Funde Häkchen setzen und mit "OK" bestätigen
  • auf "Weiter" klicken dann "OK" und auf "Fertig stellen"
  • um die Ergebnisse anzuzeigen: auf "Präferenzen" dann auf den "Statistiken und Protokolle" klicken
  • drücke auf "Protokoll anzeigen" - anschließend diesen Bericht bitte speichern und hier posten

4.
Auch auf USB-Sticks, selbstgebrannten Datenträgern, externen Festplatten und anderen Datenträgern können Viren transportiert werden. Man muss daher durch regelmäßige Prüfungen auf Schäden, die durch Malware ("Worm.Win32.Autorun") verursacht worden sein können, überwacht werden. Hierfür sind ser gut geegnet und empfohlen, die auf dem Speichermedium gesicherten Daten, mit Hilfe des kostenlosen Online Scanners zu prüfen.
Schließe jetzt alle externe Datenträgeran (USB Sticks etc) Deinen Rechner an, dabei die Hochstell-Taste [Shift-Taste] gedrückt halten, damit die Autorun-Funktion nicht ausgeführt wird. (So verhindest Du die Ausführung der AUTORUN-Funktion) - Man kann die AUTORUN-Funktion aber auch generell abschalten.►Anleitung

5.
-> Führe dann einen Komplett-Systemcheck mit Eset Online Scanner (NOD32)Kostenlose Online Scanner durch
Achtung!: >>Du sollst nicht die Antivirus-Sicherheitssoftware installieren, sondern dein System nur online scannen<<

► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?
__________________
--> Windows7 Home Premium Update Fehler. Error Code: 80070643 und 80071A91; Mic.Answers vermutet Befall

Alt 15.03.2012, 18:31   #7
RyOMaNiA
 
Windows7 Home Premium Update Fehler. Error Code: 80070643 und 80071A91; Mic.Answers vermutet Befall - Standard

Windows7 Home Premium Update Fehler. Error Code: 80070643 und 80071A91; Mic.Answers vermutet Befall



Okay.

Das hier kam bei OLT zum Vorschein:

Code:
ATTFilter
All processes killed
========== OTL ==========
Prefs.js: "hxxp://de.ask.com/?l=dis&o=APN10023&gct=hp" removed from browser.startup.homepage
C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml moved successfully.
C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
C:\ProgramData\Spybot - Search & Destroy\Recovery folder moved successfully.
C:\ProgramData\Spybot - Search & Destroy\Logs folder moved successfully.
C:\ProgramData\Spybot - Search & Destroy folder moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Admin
->Temp folder emptied: 36278 bytes
->Temporary Internet Files folder emptied: 53002 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
 
User: Ryo
->Temp folder emptied: 2032203 bytes
->Temporary Internet Files folder emptied: 66088 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 141124693 bytes
->Google Chrome cache emptied: 9635397 bytes
->Flash cache emptied: 1363 bytes
 
User: User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
         
bei SUPERAntiSpyware Free Edition :

Code:
ATTFilter
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 03/15/2012 at 06:09 AM

Application Version : 5.0.1146

Core Rules Database Version : 8336
Trace Rules Database Version: 6148

Scan type       : Complete Scan
Total Scan Time : 07:21:59

Operating System Information
Windows Vista Home Premium 64-bit (Build 6.00.6000)
UAC Off - Limited User

Memory items scanned      : 595
Memory threats detected   : 0
Registry items scanned    : 68294
Registry threats detected : 0
File items scanned        : 65614
File threats detected     : 9

Adware.Tracking Cookie
	.webmasterplan.com [ C:\USERS\RYO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YTP65EM2.DEFAULT\COOKIES.SQLITE ]
	.webmasterplan.com [ C:\USERS\RYO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YTP65EM2.DEFAULT\COOKIES.SQLITE ]
	.solvemedia.com [ C:\USERS\RYO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YTP65EM2.DEFAULT\COOKIES.SQLITE ]
	.solvemedia.com [ C:\USERS\RYO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YTP65EM2.DEFAULT\COOKIES.SQLITE ]
	accounts.youtube.com [ C:\USERS\RYO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YTP65EM2.DEFAULT\COOKIES.SQLITE ]
	.accounts.google.com [ C:\USERS\RYO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YTP65EM2.DEFAULT\COOKIES.SQLITE ]
	.accounts.google.com [ C:\USERS\RYO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YTP65EM2.DEFAULT\COOKIES.SQLITE ]
	.accounts.google.com [ C:\USERS\RYO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YTP65EM2.DEFAULT\COOKIES.SQLITE ]
	accounts.google.com [ C:\USERS\RYO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YTP65EM2.DEFAULT\COOKIES.SQLITE ]
         
und EsetOnlinescanner hat nichts gefunden.

Leider installiert mein Rechner nach wie vor keine Windows updates
dann waren es wohl doch keine Viren, wie vermutet.
(selber Fehlercode).

Trotzdem vielen Dank für deine Mühe

Grüße, Ryo

Alt 16.03.2012, 07:05   #8
kira
/// Helfer-Team
 
Windows7 Home Premium Update Fehler. Error Code: 80070643 und 80071A91; Mic.Answers vermutet Befall - Standard

Windows7 Home Premium Update Fehler. Error Code: 80070643 und 80071A91; Mic.Answers vermutet Befall



TDSSKiller von Kaspersky
  • Lade den TDSSKiller und entpacke das Archiv auf Deinen Desktop.
  • Vergewissere Dich, dass die TDSSKiller.exe direkt auf dem Desktop liegt (nicht in einem Ordner auf dem Desktop).
  • deaktiviere vorübergehend dein AntiVirus-Programm
  • Starte die TDSSKiller.exe durch Doppelklick.
  • Nach Beendigung der Arbeit schlägt das Tool vor, das System neu zu starten.
    Bestätige das ggfs. mit Y(es).
    Beim Hochfahren des Systems führt der Treiber alle geplanten Operationen aus löscht sich danach.
  • Poste mir den Inhalt von C:\TDSSKiller<random>.txt hier in den Thread.
Hier findest Du eine ausführlichere Anleitung.
__________________

Warnung!:
Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein!
Anhang nicht öffnen, in unserem Forum erst nachfragen!

Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten!
Bitte diese Warnung weitergeben, wo Du nur kannst!

Alt 20.03.2012, 18:51   #9
RyOMaNiA
 
Windows7 Home Premium Update Fehler. Error Code: 80070643 und 80071A91; Mic.Answers vermutet Befall - Standard

Windows7 Home Premium Update Fehler. Error Code: 80070643 und 80071A91; Mic.Answers vermutet Befall



soo hier der report
Code:
ATTFilter
19:44:53.0635 1708	TDSS rootkit removing tool 2.7.20.0 Mar  9 2012 17:10:43
19:44:54.0508 1708	============================================================
19:44:54.0508 1708	Current date / time: 2012/03/20 19:44:54.0508
19:44:54.0508 1708	SystemInfo:
19:44:54.0508 1708	
19:44:54.0508 1708	OS Version: 6.1.7601 ServicePack: 1.0
19:44:54.0508 1708	Product type: Workstation
19:44:54.0509 1708	ComputerName: RYOS-PC
19:44:54.0509 1708	UserName: Admin
19:44:54.0509 1708	Windows directory: C:\Windows
19:44:54.0509 1708	System windows directory: C:\Windows
19:44:54.0509 1708	Running under WOW64
19:44:54.0509 1708	Processor architecture: Intel x64
19:44:54.0509 1708	Number of processors: 4
19:44:54.0509 1708	Page size: 0x1000
19:44:54.0509 1708	Boot type: Normal boot
19:44:54.0509 1708	============================================================
19:44:55.0009 1708	Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:44:55.0014 1708	\Device\Harddisk0\DR0:
19:44:55.0015 1708	MBR used
19:44:55.0015 1708	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0xEE79000
19:44:55.0015 1708	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x12079800, BlocksNum 0x133B4800
19:44:55.0100 1708	Initialize success
19:44:55.0100 1708	============================================================
19:45:03.0010 11292	============================================================
19:45:03.0010 11292	Scan started
19:45:03.0010 11292	Mode: Manual; 
19:45:03.0010 11292	============================================================
19:45:05.0459 11292	1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:45:05.0464 11292	1394ohci - ok
19:45:05.0499 11292	ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:45:05.0504 11292	ACPI - ok
19:45:05.0608 11292	AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:45:05.0611 11292	AcpiPmi - ok
19:45:05.0670 11292	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
19:45:05.0679 11292	adp94xx - ok
19:45:05.0799 11292	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
19:45:05.0807 11292	adpahci - ok
19:45:05.0868 11292	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
19:45:05.0890 11292	adpu320 - ok
19:45:06.0029 11292	AFD             (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
19:45:06.0051 11292	AFD - ok
19:45:06.0125 11292	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:45:06.0135 11292	agp440 - ok
19:45:06.0279 11292	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:45:06.0281 11292	aliide - ok
19:45:06.0412 11292	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:45:06.0414 11292	amdide - ok
19:45:06.0585 11292	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
19:45:06.0589 11292	AmdK8 - ok
19:45:06.0625 11292	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
19:45:06.0628 11292	AmdPPM - ok
19:45:06.0691 11292	amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:45:06.0695 11292	amdsata - ok
19:45:06.0733 11292	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
19:45:06.0738 11292	amdsbs - ok
19:45:06.0760 11292	amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:45:06.0763 11292	amdxata - ok
19:45:06.0934 11292	AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:45:06.0937 11292	AppID - ok
19:45:06.0980 11292	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
19:45:06.0984 11292	arc - ok
19:45:07.0005 11292	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
19:45:07.0009 11292	arcsas - ok
19:45:07.0090 11292	ASMMAP64        (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
19:45:07.0091 11292	ASMMAP64 - ok
19:45:07.0184 11292	asmthub3        (0aa7a996792fb0287b33a57a8093ae44) C:\Windows\system32\DRIVERS\asmthub3.sys
19:45:07.0188 11292	asmthub3 - ok
19:45:07.0266 11292	asmtxhci        (125dc3abf5bfccfe82ad17d078e0b9ec) C:\Windows\system32\DRIVERS\asmtxhci.sys
19:45:07.0273 11292	asmtxhci - ok
19:45:07.0379 11292	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:45:07.0382 11292	AsyncMac - ok
19:45:07.0423 11292	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:45:07.0429 11292	atapi - ok
19:45:07.0570 11292	athr            (a5e770426d18f8ef332a593f3289da91) C:\Windows\system32\DRIVERS\athrx.sys
19:45:07.0664 11292	athr - ok
19:45:07.0786 11292	ATKWMIACPIIO    (41ceaffcf3550785e59e3ec9bee8d97a) C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
19:45:07.0789 11292	ATKWMIACPIIO - ok
19:45:07.0916 11292	avgntflt        (aa8f79a1bdfc03b3bc70c44ab00589b4) C:\Windows\system32\DRIVERS\avgntflt.sys
19:45:07.0920 11292	avgntflt - ok
19:45:08.0047 11292	avipbb          (852e3c0a60d368c487949e55ad52a47f) C:\Windows\system32\DRIVERS\avipbb.sys
19:45:08.0050 11292	avipbb - ok
19:45:08.0388 11292	avkmgr          (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
19:45:08.0389 11292	avkmgr - ok
19:45:08.0494 11292	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
19:45:08.0505 11292	b06bdrv - ok
19:45:08.0546 11292	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:45:08.0551 11292	b57nd60a - ok
19:45:08.0581 11292	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:45:08.0583 11292	Beep - ok
19:45:08.0635 11292	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
19:45:08.0637 11292	blbdrive - ok
19:45:08.0673 11292	bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:45:08.0676 11292	bowser - ok
19:45:08.0714 11292	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
19:45:08.0716 11292	BrFiltLo - ok
19:45:08.0727 11292	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
19:45:08.0729 11292	BrFiltUp - ok
19:45:08.0750 11292	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:45:08.0755 11292	Brserid - ok
19:45:08.0766 11292	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:45:08.0769 11292	BrSerWdm - ok
19:45:08.0779 11292	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:45:08.0781 11292	BrUsbMdm - ok
19:45:08.0791 11292	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:45:08.0792 11292	BrUsbSer - ok
19:45:08.0913 11292	BthEnum         (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
19:45:08.0916 11292	BthEnum - ok
19:45:08.0973 11292	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
19:45:08.0977 11292	BTHMODEM - ok
19:45:09.0065 11292	BthPan          (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
19:45:09.0071 11292	BthPan - ok
19:45:09.0141 11292	BTHPORT         (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
19:45:09.0180 11292	BTHPORT - ok
19:45:09.0278 11292	BTHUSB          (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
19:45:09.0281 11292	BTHUSB - ok
19:45:09.0386 11292	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:45:09.0390 11292	cdfs - ok
19:45:09.0442 11292	cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
19:45:09.0447 11292	cdrom - ok
19:45:09.0520 11292	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
19:45:09.0523 11292	circlass - ok
19:45:09.0559 11292	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:45:09.0565 11292	CLFS - ok
19:45:09.0637 11292	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
19:45:09.0638 11292	CmBatt - ok
19:45:09.0657 11292	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:45:09.0658 11292	cmdide - ok
19:45:09.0694 11292	CNG             (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
19:45:09.0700 11292	CNG - ok
19:45:09.0742 11292	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
19:45:09.0743 11292	Compbatt - ok
19:45:09.0775 11292	CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
19:45:09.0776 11292	CompositeBus - ok
19:45:09.0881 11292	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
19:45:09.0883 11292	crcdisk - ok
19:45:10.0042 11292	danewFltr       (329bc03a1ccd45941df52dc021d27ac5) C:\Windows\system32\drivers\danew.sys
19:45:10.0043 11292	danewFltr - ok
19:45:10.0113 11292	DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:45:10.0115 11292	DfsC - ok
19:45:10.0131 11292	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:45:10.0132 11292	discache - ok
19:45:10.0235 11292	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
19:45:10.0236 11292	Disk - ok
19:45:10.0431 11292	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:45:10.0432 11292	drmkaud - ok
19:45:10.0578 11292	DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:45:10.0611 11292	DXGKrnl - ok
19:45:10.0734 11292	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
19:45:10.0814 11292	ebdrv - ok
19:45:10.0960 11292	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
19:45:10.0969 11292	elxstor - ok
19:45:10.0985 11292	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:45:10.0986 11292	ErrDev - ok
19:45:11.0038 11292	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:45:11.0042 11292	exfat - ok
19:45:11.0061 11292	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:45:11.0065 11292	fastfat - ok
19:45:11.0099 11292	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
19:45:11.0101 11292	fdc - ok
19:45:11.0117 11292	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:45:11.0118 11292	FileInfo - ok
19:45:11.0129 11292	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:45:11.0130 11292	Filetrace - ok
19:45:11.0201 11292	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
19:45:11.0203 11292	flpydisk - ok
19:45:11.0233 11292	FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:45:11.0237 11292	FltMgr - ok
19:45:11.0267 11292	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:45:11.0270 11292	FsDepends - ok
19:45:11.0388 11292	fssfltr         (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
19:45:11.0392 11292	fssfltr - ok
19:45:11.0420 11292	Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
19:45:11.0421 11292	Fs_Rec - ok
19:45:11.0468 11292	fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:45:11.0471 11292	fvevol - ok
19:45:11.0510 11292	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
19:45:11.0516 11292	gagp30kx - ok
19:45:11.0551 11292	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:45:11.0553 11292	hcw85cir - ok
19:45:11.0609 11292	HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:45:11.0615 11292	HdAudAddService - ok
19:45:11.0648 11292	HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:45:11.0651 11292	HDAudBus - ok
19:45:11.0660 11292	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
19:45:11.0661 11292	HidBatt - ok
19:45:11.0700 11292	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
19:45:11.0702 11292	HidBth - ok
19:45:11.0713 11292	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
19:45:11.0716 11292	HidIr - ok
19:45:11.0761 11292	HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
19:45:11.0763 11292	HidUsb - ok
19:45:11.0796 11292	HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:45:11.0798 11292	HpSAMD - ok
19:45:11.0828 11292	HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:45:11.0839 11292	HTTP - ok
19:45:11.0852 11292	hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:45:11.0852 11292	hwpolicy - ok
19:45:11.0876 11292	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
19:45:11.0878 11292	i8042prt - ok
19:45:11.0936 11292	iaStor          (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\DRIVERS\iaStor.sys
19:45:11.0939 11292	iaStor - ok
19:45:12.0021 11292	iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:45:12.0027 11292	iaStorV - ok
19:45:12.0378 11292	igfx            (0d1b8c64bdf0e5cdc523a1409ffb5ef0) C:\Windows\system32\DRIVERS\igdkmd64.sys
19:45:12.0656 11292	igfx - ok
19:45:12.0790 11292	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
19:45:12.0792 11292	iirsp - ok
19:45:12.0919 11292	IntcAzAudAddService (cb7dadef3d83fe2c12655a0bdcba99f2) C:\Windows\system32\drivers\RTKVHD64.sys
19:45:12.0989 11292	IntcAzAudAddService - ok
19:45:13.0125 11292	IntcDAud        (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
19:45:13.0135 11292	IntcDAud - ok
19:45:13.0220 11292	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:45:13.0221 11292	intelide - ok
19:45:13.0259 11292	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:45:13.0262 11292	intelppm - ok
19:45:13.0300 11292	IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:45:13.0302 11292	IpFilterDriver - ok
19:45:13.0347 11292	IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:45:13.0349 11292	IPMIDRV - ok
19:45:13.0377 11292	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:45:13.0379 11292	IPNAT - ok
19:45:13.0398 11292	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:45:13.0399 11292	IRENUM - ok
19:45:13.0417 11292	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:45:13.0418 11292	isapnp - ok
19:45:13.0453 11292	iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:45:13.0458 11292	iScsiPrt - ok
19:45:13.0482 11292	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
19:45:13.0484 11292	kbdclass - ok
19:45:13.0511 11292	kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
19:45:13.0513 11292	kbdhid - ok
19:45:13.0562 11292	kbfiltr         (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
19:45:13.0564 11292	kbfiltr - ok
19:45:13.0596 11292	KSecDD          (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
19:45:13.0606 11292	KSecDD - ok
19:45:13.0641 11292	KSecPkg         (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
19:45:13.0644 11292	KSecPkg - ok
19:45:13.0704 11292	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:45:13.0706 11292	ksthunk - ok
19:45:13.0759 11292	L1C             (a4a9ca24e54e81c6c3e469eaeb4b3f42) C:\Windows\system32\DRIVERS\L1C62x64.sys
19:45:13.0761 11292	L1C - ok
19:45:13.0830 11292	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:45:13.0836 11292	lltdio - ok
19:45:13.0991 11292	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
19:45:13.0995 11292	LSI_FC - ok
19:45:14.0015 11292	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
19:45:14.0018 11292	LSI_SAS - ok
19:45:14.0050 11292	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
19:45:14.0052 11292	LSI_SAS2 - ok
19:45:14.0075 11292	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
19:45:14.0079 11292	LSI_SCSI - ok
19:45:14.0106 11292	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:45:14.0111 11292	luafv - ok
19:45:14.0240 11292	MBAMProtector   (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
19:45:14.0242 11292	MBAMProtector - ok
19:45:14.0278 11292	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
19:45:14.0280 11292	megasas - ok
19:45:14.0298 11292	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
19:45:14.0303 11292	MegaSR - ok
19:45:14.0342 11292	MEIx64          (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
19:45:14.0344 11292	MEIx64 - ok
19:45:14.0368 11292	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:45:14.0370 11292	Modem - ok
19:45:14.0414 11292	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:45:14.0421 11292	monitor - ok
19:45:14.0501 11292	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:45:14.0504 11292	mouclass - ok
19:45:14.0563 11292	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:45:14.0564 11292	mouhid - ok
19:45:14.0609 11292	mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:45:14.0611 11292	mountmgr - ok
19:45:14.0650 11292	mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:45:14.0653 11292	mpio - ok
19:45:14.0665 11292	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:45:14.0667 11292	mpsdrv - ok
19:45:14.0698 11292	MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:45:14.0701 11292	MRxDAV - ok
19:45:14.0739 11292	mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:45:14.0742 11292	mrxsmb - ok
19:45:14.0769 11292	mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:45:14.0774 11292	mrxsmb10 - ok
19:45:14.0800 11292	mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:45:14.0803 11292	mrxsmb20 - ok
19:45:14.0827 11292	msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:45:14.0829 11292	msahci - ok
19:45:14.0853 11292	msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:45:14.0856 11292	msdsm - ok
19:45:14.0879 11292	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:45:14.0880 11292	Msfs - ok
19:45:14.0912 11292	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:45:14.0914 11292	mshidkmdf - ok
19:45:14.0929 11292	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:45:14.0931 11292	msisadrv - ok
19:45:14.0994 11292	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:45:14.0997 11292	MSKSSRV - ok
19:45:15.0035 11292	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:45:15.0036 11292	MSPCLOCK - ok
19:45:15.0069 11292	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:45:15.0070 11292	MSPQM - ok
19:45:15.0120 11292	MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:45:15.0128 11292	MsRPC - ok
19:45:15.0157 11292	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
19:45:15.0160 11292	mssmbios - ok
19:45:15.0237 11292	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:45:15.0239 11292	MSTEE - ok
19:45:15.0280 11292	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
19:45:15.0281 11292	MTConfig - ok
19:45:15.0350 11292	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:45:15.0351 11292	Mup - ok
19:45:15.0484 11292	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:45:15.0490 11292	NativeWifiP - ok
19:45:15.0563 11292	NDIS            (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
19:45:15.0597 11292	NDIS - ok
19:45:15.0683 11292	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:45:15.0686 11292	NdisCap - ok
19:45:15.0746 11292	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:45:15.0756 11292	NdisTapi - ok
19:45:15.0818 11292	Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:45:15.0819 11292	Ndisuio - ok
19:45:15.0846 11292	NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:45:15.0849 11292	NdisWan - ok
19:45:15.0873 11292	NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:45:15.0874 11292	NDProxy - ok
19:45:15.0924 11292	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:45:15.0926 11292	NetBIOS - ok
19:45:15.0968 11292	NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:45:15.0973 11292	NetBT - ok
19:45:16.0021 11292	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
19:45:16.0022 11292	nfrd960 - ok
19:45:16.0049 11292	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:45:16.0051 11292	Npfs - ok
19:45:16.0064 11292	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:45:16.0065 11292	nsiproxy - ok
19:45:16.0165 11292	Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:45:16.0210 11292	Ntfs - ok
19:45:16.0299 11292	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:45:16.0300 11292	Null - ok
19:45:16.0359 11292	nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:45:16.0363 11292	nvraid - ok
19:45:16.0448 11292	nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:45:16.0452 11292	nvstor - ok
19:45:16.0499 11292	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:45:16.0502 11292	nv_agp - ok
19:45:16.0517 11292	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:45:16.0520 11292	ohci1394 - ok
19:45:16.0578 11292	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
19:45:16.0585 11292	Parport - ok
19:45:16.0693 11292	partmgr         (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
19:45:16.0696 11292	partmgr - ok
19:45:16.0719 11292	pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:45:16.0723 11292	pci - ok
19:45:16.0738 11292	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:45:16.0739 11292	pciide - ok
19:45:16.0770 11292	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
19:45:16.0774 11292	pcmcia - ok
19:45:16.0795 11292	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:45:16.0799 11292	pcw - ok
19:45:16.0829 11292	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:45:16.0840 11292	PEAUTH - ok
19:45:16.0968 11292	PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:45:16.0970 11292	PptpMiniport - ok
19:45:16.0996 11292	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
19:45:16.0999 11292	Processor - ok
19:45:17.0032 11292	Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:45:17.0035 11292	Psched - ok
19:45:17.0102 11292	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
19:45:17.0147 11292	ql2300 - ok
19:45:17.0240 11292	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
19:45:17.0243 11292	ql40xx - ok
19:45:17.0270 11292	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:45:17.0272 11292	QWAVEdrv - ok
19:45:17.0296 11292	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:45:17.0302 11292	RasAcd - ok
19:45:17.0394 11292	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:45:17.0400 11292	RasAgileVpn - ok
19:45:17.0552 11292	Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:45:17.0555 11292	Rasl2tp - ok
19:45:17.0570 11292	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:45:17.0572 11292	RasPppoe - ok
19:45:17.0588 11292	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:45:17.0591 11292	RasSstp - ok
19:45:17.0624 11292	rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:45:17.0629 11292	rdbss - ok
19:45:17.0646 11292	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
19:45:17.0649 11292	rdpbus - ok
19:45:17.0666 11292	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:45:17.0667 11292	RDPCDD - ok
19:45:17.0711 11292	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:45:17.0711 11292	RDPENCDD - ok
19:45:17.0739 11292	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:45:17.0739 11292	RDPREFMP - ok
19:45:17.0771 11292	RDPWD           (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
19:45:17.0775 11292	RDPWD - ok
19:45:17.0812 11292	rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:45:17.0816 11292	rdyboost - ok
19:45:17.0878 11292	RFCOMM          (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
19:45:17.0882 11292	RFCOMM - ok
19:45:17.0913 11292	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:45:17.0915 11292	rspndr - ok
19:45:17.0999 11292	SASDIFSV        (3289766038db2cb14d07dc84392138d5) D:\scanner\superantispyware\SASDIFSV64.SYS
19:45:18.0000 11292	SASDIFSV - ok
19:45:18.0066 11292	SASKUTIL        (58a38e75f3316a83c23df6173d41f2b5) D:\scanner\superantispyware\SASKUTIL64.SYS
19:45:18.0067 11292	SASKUTIL - ok
19:45:18.0172 11292	sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:45:18.0174 11292	sbp2port - ok
19:45:18.0199 11292	scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:45:18.0201 11292	scfilter - ok
19:45:18.0245 11292	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
19:45:18.0246 11292	Serenum - ok
19:45:18.0292 11292	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
19:45:18.0294 11292	Serial - ok
19:45:18.0314 11292	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
19:45:18.0315 11292	sermouse - ok
19:45:18.0334 11292	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:45:18.0336 11292	sffdisk - ok
19:45:18.0381 11292	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:45:18.0383 11292	sffp_mmc - ok
19:45:18.0426 11292	sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:45:18.0427 11292	sffp_sd - ok
19:45:18.0447 11292	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
19:45:18.0449 11292	sfloppy - ok
19:45:18.0527 11292	SiSGbeLH        (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
19:45:18.0530 11292	SiSGbeLH - ok
19:45:18.0573 11292	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
19:45:18.0575 11292	SiSRaid2 - ok
19:45:18.0597 11292	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
19:45:18.0600 11292	SiSRaid4 - ok
19:45:18.0622 11292	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:45:18.0624 11292	Smb - ok
19:45:18.0662 11292	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:45:18.0663 11292	spldr - ok
19:45:18.0709 11292	srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:45:18.0716 11292	srv - ok
19:45:18.0742 11292	srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:45:18.0748 11292	srv2 - ok
19:45:18.0768 11292	srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:45:18.0772 11292	srvnet - ok
19:45:18.0814 11292	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
19:45:18.0816 11292	stexstor - ok
19:45:18.0843 11292	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
19:45:18.0845 11292	swenum - ok
19:45:18.0970 11292	SynTP           (7e8902f9929a5d9ffd0f545332ce0f10) C:\Windows\system32\DRIVERS\SynTP.sys
19:45:19.0015 11292	SynTP - ok
19:45:19.0144 11292	Tcpip           (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
19:45:19.0190 11292	Tcpip - ok
19:45:19.0341 11292	TCPIP6          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
19:45:19.0353 11292	TCPIP6 - ok
19:45:19.0405 11292	tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:45:19.0407 11292	tcpipreg - ok
19:45:19.0446 11292	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:45:19.0447 11292	TDPIPE - ok
19:45:19.0459 11292	TDTCP           (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
19:45:19.0460 11292	TDTCP - ok
19:45:19.0517 11292	tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:45:19.0520 11292	tdx - ok
19:45:19.0532 11292	TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
19:45:19.0534 11292	TermDD - ok
19:45:19.0579 11292	tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:45:19.0581 11292	tssecsrv - ok
19:45:19.0619 11292	TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:45:19.0621 11292	TsUsbFlt - ok
19:45:19.0632 11292	TsUsbGD         (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
19:45:19.0634 11292	TsUsbGD - ok
19:45:19.0680 11292	tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:45:19.0683 11292	tunnel - ok
19:45:19.0701 11292	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
19:45:19.0704 11292	uagp35 - ok
19:45:19.0731 11292	udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:45:19.0737 11292	udfs - ok
19:45:19.0767 11292	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:45:19.0769 11292	uliagpkx - ok
19:45:19.0801 11292	umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
19:45:19.0803 11292	umbus - ok
19:45:19.0823 11292	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
19:45:19.0825 11292	UmPass - ok
19:45:19.0858 11292	usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:45:19.0860 11292	usbccgp - ok
19:45:19.0909 11292	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:45:19.0911 11292	usbcir - ok
19:45:19.0939 11292	usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
19:45:19.0944 11292	usbehci - ok
19:45:19.0998 11292	usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:45:20.0005 11292	usbhub - ok
19:45:20.0029 11292	usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
19:45:20.0031 11292	usbohci - ok
19:45:20.0066 11292	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
19:45:20.0068 11292	usbprint - ok
19:45:20.0094 11292	USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:45:20.0096 11292	USBSTOR - ok
19:45:20.0129 11292	usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
19:45:20.0131 11292	usbuhci - ok
19:45:20.0212 11292	usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
19:45:20.0216 11292	usbvideo - ok
19:45:20.0332 11292	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:45:20.0336 11292	vdrvroot - ok
19:45:20.0441 11292	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:45:20.0443 11292	vga - ok
19:45:20.0464 11292	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:45:20.0466 11292	VgaSave - ok
19:45:20.0493 11292	vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:45:20.0497 11292	vhdmp - ok
19:45:20.0535 11292	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:45:20.0536 11292	viaide - ok
19:45:20.0567 11292	volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:45:20.0570 11292	volmgr - ok
19:45:20.0595 11292	volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:45:20.0600 11292	volmgrx - ok
19:45:20.0621 11292	volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:45:20.0643 11292	volsnap - ok
19:45:20.0763 11292	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
19:45:20.0768 11292	vsmraid - ok
19:45:20.0817 11292	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:45:20.0819 11292	vwifibus - ok
19:45:20.0829 11292	vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:45:20.0831 11292	vwififlt - ok
19:45:20.0863 11292	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
19:45:20.0865 11292	WacomPen - ok
19:45:20.0985 11292	WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:45:20.0990 11292	WANARP - ok
19:45:21.0005 11292	Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:45:21.0007 11292	Wanarpv6 - ok
19:45:21.0087 11292	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
19:45:21.0089 11292	Wd - ok
19:45:21.0123 11292	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:45:21.0148 11292	Wdf01000 - ok
19:45:21.0231 11292	Scan interrupted by user!
19:45:21.0231 11292	Scan interrupted by user!
19:45:21.0231 11292	Scan interrupted by user!
19:45:21.0231 11292	============================================================
19:45:21.0231 11292	Scan finished
19:45:21.0231 11292	============================================================
19:45:21.0240 8556	Detected object count: 0
19:45:21.0240 8556	Actual detected object count: 0
19:46:27.0012 11768	============================================================
19:46:27.0012 11768	Scan started
19:46:27.0012 11768	Mode: Manual; 
19:46:27.0012 11768	============================================================
19:46:27.0228 11768	1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:46:27.0230 11768	1394ohci - ok
19:46:27.0271 11768	ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:46:27.0274 11768	ACPI - ok
19:46:27.0292 11768	AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:46:27.0292 11768	AcpiPmi - ok
19:46:27.0310 11768	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
19:46:27.0313 11768	adp94xx - ok
19:46:27.0330 11768	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
19:46:27.0333 11768	adpahci - ok
19:46:27.0346 11768	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
19:46:27.0347 11768	adpu320 - ok
19:46:27.0401 11768	AFD             (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
19:46:27.0404 11768	AFD - ok
19:46:27.0423 11768	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:46:27.0424 11768	agp440 - ok
19:46:27.0439 11768	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:46:27.0439 11768	aliide - ok
19:46:27.0452 11768	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:46:27.0452 11768	amdide - ok
19:46:27.0463 11768	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
19:46:27.0463 11768	AmdK8 - ok
19:46:27.0479 11768	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
19:46:27.0480 11768	AmdPPM - ok
19:46:27.0526 11768	amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:46:27.0527 11768	amdsata - ok
19:46:27.0558 11768	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
19:46:27.0560 11768	amdsbs - ok
19:46:27.0586 11768	amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:46:27.0586 11768	amdxata - ok
19:46:27.0602 11768	AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:46:27.0603 11768	AppID - ok
19:46:27.0623 11768	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
19:46:27.0624 11768	arc - ok
19:46:27.0641 11768	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
19:46:27.0642 11768	arcsas - ok
19:46:27.0739 11768	ASMMAP64        (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
19:46:27.0739 11768	ASMMAP64 - ok
19:46:27.0833 11768	asmthub3        (0aa7a996792fb0287b33a57a8093ae44) C:\Windows\system32\DRIVERS\asmthub3.sys
19:46:27.0834 11768	asmthub3 - ok
19:46:27.0859 11768	asmtxhci        (125dc3abf5bfccfe82ad17d078e0b9ec) C:\Windows\system32\DRIVERS\asmtxhci.sys
19:46:27.0862 11768	asmtxhci - ok
19:46:27.0940 11768	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:46:27.0941 11768	AsyncMac - ok
19:46:27.0984 11768	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:46:27.0985 11768	atapi - ok
19:46:28.0070 11768	athr            (a5e770426d18f8ef332a593f3289da91) C:\Windows\system32\DRIVERS\athrx.sys
19:46:28.0090 11768	athr - ok
19:46:28.0193 11768	ATKWMIACPIIO    (41ceaffcf3550785e59e3ec9bee8d97a) C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
19:46:28.0194 11768	ATKWMIACPIIO - ok
19:46:28.0333 11768	avgntflt        (aa8f79a1bdfc03b3bc70c44ab00589b4) C:\Windows\system32\DRIVERS\avgntflt.sys
19:46:28.0334 11768	avgntflt - ok
19:46:28.0354 11768	avipbb          (852e3c0a60d368c487949e55ad52a47f) C:\Windows\system32\DRIVERS\avipbb.sys
19:46:28.0355 11768	avipbb - ok
19:46:28.0377 11768	avkmgr          (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
19:46:28.0378 11768	avkmgr - ok
19:46:28.0415 11768	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
19:46:28.0418 11768	b06bdrv - ok
19:46:28.0458 11768	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:46:28.0460 11768	b57nd60a - ok
19:46:28.0482 11768	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:46:28.0483 11768	Beep - ok
19:46:28.0503 11768	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
19:46:28.0504 11768	blbdrive - ok
19:46:28.0541 11768	bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:46:28.0542 11768	bowser - ok
19:46:28.0560 11768	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
19:46:28.0561 11768	BrFiltLo - ok
19:46:28.0573 11768	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
19:46:28.0573 11768	BrFiltUp - ok
19:46:28.0594 11768	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:46:28.0596 11768	Brserid - ok
19:46:28.0607 11768	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:46:28.0608 11768	BrSerWdm - ok
19:46:28.0624 11768	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:46:28.0625 11768	BrUsbMdm - ok
19:46:28.0662 11768	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:46:28.0663 11768	BrUsbSer - ok
19:46:28.0704 11768	BthEnum         (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
19:46:28.0704 11768	BthEnum - ok
19:46:28.0786 11768	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
19:46:28.0789 11768	BTHMODEM - ok
19:46:28.0821 11768	BthPan          (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
19:46:28.0823 11768	BthPan - ok
19:46:28.0896 11768	BTHPORT         (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
19:46:28.0902 11768	BTHPORT - ok
19:46:28.0936 11768	BTHUSB          (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
19:46:28.0939 11768	BTHUSB - ok
19:46:28.0989 11768	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:46:28.0990 11768	cdfs - ok
19:46:29.0012 11768	cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
19:46:29.0013 11768	cdrom - ok
19:46:29.0058 11768	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
19:46:29.0058 11768	circlass - ok
19:46:29.0097 11768	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:46:29.0100 11768	CLFS - ok
19:46:29.0131 11768	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
19:46:29.0132 11768	CmBatt - ok
19:46:29.0150 11768	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:46:29.0151 11768	cmdide - ok
19:46:29.0188 11768	CNG             (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
19:46:29.0191 11768	CNG - ok
19:46:29.0203 11768	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
19:46:29.0204 11768	Compbatt - ok
19:46:29.0216 11768	CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
19:46:29.0216 11768	CompositeBus - ok
19:46:29.0243 11768	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
19:46:29.0244 11768	crcdisk - ok
19:46:29.0283 11768	danewFltr       (329bc03a1ccd45941df52dc021d27ac5) C:\Windows\system32\drivers\danew.sys
19:46:29.0283 11768	danewFltr - ok
19:46:29.0320 11768	DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:46:29.0321 11768	DfsC - ok
19:46:29.0334 11768	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:46:29.0334 11768	discache - ok
19:46:29.0347 11768	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
19:46:29.0348 11768	Disk - ok
19:46:29.0374 11768	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:46:29.0375 11768	drmkaud - ok
19:46:29.0433 11768	DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:46:29.0439 11768	DXGKrnl - ok
19:46:29.0602 11768	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
19:46:29.0625 11768	ebdrv - ok
19:46:29.0671 11768	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
19:46:29.0675 11768	elxstor - ok
19:46:29.0688 11768	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:46:29.0689 11768	ErrDev - ok
19:46:29.0710 11768	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:46:29.0711 11768	exfat - ok
19:46:29.0752 11768	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:46:29.0753 11768	fastfat - ok
19:46:29.0766 11768	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
19:46:29.0767 11768	fdc - ok
19:46:29.0783 11768	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:46:29.0784 11768	FileInfo - ok
19:46:29.0794 11768	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:46:29.0795 11768	Filetrace - ok
19:46:29.0805 11768	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
19:46:29.0806 11768	flpydisk - ok
19:46:29.0823 11768	FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:46:29.0825 11768	FltMgr - ok
19:46:29.0841 11768	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:46:29.0841 11768	FsDepends - ok
19:46:29.0870 11768	fssfltr         (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
19:46:29.0870 11768	fssfltr - ok
19:46:29.0901 11768	Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
19:46:29.0902 11768	Fs_Rec - ok
19:46:29.0916 11768	fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:46:29.0917 11768	fvevol - ok
19:46:29.0937 11768	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
19:46:29.0940 11768	gagp30kx - ok
19:46:29.0966 11768	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:46:29.0967 11768	hcw85cir - ok
19:46:30.0041 11768	HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:46:30.0044 11768	HdAudAddService - ok
19:46:30.0074 11768	HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:46:30.0075 11768	HDAudBus - ok
19:46:30.0101 11768	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
19:46:30.0101 11768	HidBatt - ok
19:46:30.0113 11768	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
19:46:30.0114 11768	HidBth - ok
19:46:30.0124 11768	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
19:46:30.0125 11768	HidIr - ok
19:46:30.0165 11768	HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
19:46:30.0166 11768	HidUsb - ok
19:46:30.0185 11768	HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:46:30.0186 11768	HpSAMD - ok
19:46:30.0211 11768	HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:46:30.0215 11768	HTTP - ok
19:46:30.0245 11768	hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:46:30.0246 11768	hwpolicy - ok
19:46:30.0261 11768	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
19:46:30.0262 11768	i8042prt - ok
19:46:30.0308 11768	iaStor          (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\DRIVERS\iaStor.sys
19:46:30.0311 11768	iaStor - ok
19:46:30.0381 11768	iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:46:30.0384 11768	iaStorV - ok
19:46:30.0779 11768	igfx            (0d1b8c64bdf0e5cdc523a1409ffb5ef0) C:\Windows\system32\DRIVERS\igdkmd64.sys
19:46:30.0854 11768	igfx - ok
19:46:30.0886 11768	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
19:46:30.0887 11768	iirsp - ok
19:46:30.0981 11768	IntcAzAudAddService (cb7dadef3d83fe2c12655a0bdcba99f2) C:\Windows\system32\drivers\RTKVHD64.sys
19:46:31.0001 11768	IntcAzAudAddService - ok
19:46:31.0041 11768	IntcDAud        (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
19:46:31.0044 11768	IntcDAud - ok
19:46:31.0074 11768	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:46:31.0075 11768	intelide - ok
19:46:31.0102 11768	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:46:31.0103 11768	intelppm - ok
19:46:31.0118 11768	IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:46:31.0119 11768	IpFilterDriver - ok
19:46:31.0132 11768	IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:46:31.0133 11768	IPMIDRV - ok
19:46:31.0146 11768	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:46:31.0147 11768	IPNAT - ok
19:46:31.0159 11768	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:46:31.0160 11768	IRENUM - ok
19:46:31.0169 11768	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:46:31.0170 11768	isapnp - ok
19:46:31.0197 11768	iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:46:31.0199 11768	iScsiPrt - ok
19:46:31.0225 11768	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
19:46:31.0226 11768	kbdclass - ok
19:46:31.0255 11768	kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
19:46:31.0255 11768	kbdhid - ok
19:46:31.0294 11768	kbfiltr         (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
19:46:31.0295 11768	kbfiltr - ok
19:46:31.0328 11768	KSecDD          (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
19:46:31.0329 11768	KSecDD - ok
19:46:31.0342 11768	KSecPkg         (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
19:46:31.0344 11768	KSecPkg - ok
19:46:31.0356 11768	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:46:31.0357 11768	ksthunk - ok
19:46:31.0392 11768	L1C             (a4a9ca24e54e81c6c3e469eaeb4b3f42) C:\Windows\system32\DRIVERS\L1C62x64.sys
19:46:31.0393 11768	L1C - ok
19:46:31.0412 11768	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:46:31.0413 11768	lltdio - ok
19:46:31.0481 11768	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
19:46:31.0482 11768	LSI_FC - ok
19:46:31.0494 11768	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
19:46:31.0495 11768	LSI_SAS - ok
19:46:31.0505 11768	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
19:46:31.0506 11768	LSI_SAS2 - ok
19:46:31.0522 11768	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
19:46:31.0523 11768	LSI_SCSI - ok
19:46:31.0541 11768	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:46:31.0543 11768	luafv - ok
19:46:31.0576 11768	MBAMProtector   (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
19:46:31.0577 11768	MBAMProtector - ok
19:46:31.0614 11768	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
19:46:31.0615 11768	megasas - ok
19:46:31.0632 11768	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
19:46:31.0634 11768	MegaSR - ok
19:46:31.0678 11768	MEIx64          (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
19:46:31.0679 11768	MEIx64 - ok
19:46:31.0704 11768	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:46:31.0704 11768	Modem - ok
19:46:31.0728 11768	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:46:31.0729 11768	monitor - ok
19:46:31.0740 11768	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:46:31.0740 11768	mouclass - ok
19:46:31.0754 11768	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:46:31.0754 11768	mouhid - ok
19:46:31.0766 11768	mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:46:31.0767 11768	mountmgr - ok
19:46:31.0799 11768	mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:46:31.0800 11768	mpio - ok
19:46:31.0813 11768	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:46:31.0814 11768	mpsdrv - ok
19:46:31.0833 11768	MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:46:31.0834 11768	MRxDAV - ok
19:46:31.0865 11768	mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:46:31.0866 11768	mrxsmb - ok
19:46:31.0896 11768	mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:46:31.0898 11768	mrxsmb10 - ok
19:46:31.0916 11768	mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:46:31.0917 11768	mrxsmb20 - ok
19:46:31.0942 11768	msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:46:31.0944 11768	msahci - ok
19:46:31.0969 11768	msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:46:31.0970 11768	msdsm - ok
19:46:31.0989 11768	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:46:31.0990 11768	Msfs - ok
19:46:32.0017 11768	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:46:32.0017 11768	mshidkmdf - ok
19:46:32.0045 11768	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:46:32.0046 11768	msisadrv - ok
19:46:32.0063 11768	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:46:32.0064 11768	MSKSSRV - ok
19:46:32.0078 11768	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:46:32.0078 11768	MSPCLOCK - ok
19:46:32.0089 11768	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:46:32.0090 11768	MSPQM - ok
19:46:32.0158 11768	MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:46:32.0161 11768	MsRPC - ok
19:46:32.0174 11768	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
19:46:32.0174 11768	mssmbios - ok
19:46:32.0199 11768	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:46:32.0199 11768	MSTEE - ok
19:46:32.0211 11768	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
19:46:32.0212 11768	MTConfig - ok
19:46:32.0223 11768	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:46:32.0223 11768	Mup - ok
19:46:32.0258 11768	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:46:32.0260 11768	NativeWifiP - ok
19:46:32.0315 11768	NDIS            (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
19:46:32.0321 11768	NDIS - ok
19:46:32.0348 11768	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:46:32.0349 11768	NdisCap - ok
19:46:32.0367 11768	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:46:32.0367 11768	NdisTapi - ok
19:46:32.0383 11768	Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:46:32.0384 11768	Ndisuio - ok
19:46:32.0397 11768	NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:46:32.0398 11768	NdisWan - ok
19:46:32.0409 11768	NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:46:32.0409 11768	NDProxy - ok
19:46:32.0421 11768	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:46:32.0421 11768	NetBIOS - ok
19:46:32.0438 11768	NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:46:32.0440 11768	NetBT - ok
19:46:32.0476 11768	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
19:46:32.0477 11768	nfrd960 - ok
19:46:32.0505 11768	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:46:32.0505 11768	Npfs - ok
19:46:32.0519 11768	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:46:32.0519 11768	nsiproxy - ok
19:46:32.0588 11768	Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:46:32.0599 11768	Ntfs - ok
19:46:32.0644 11768	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:46:32.0644 11768	Null - ok
19:46:32.0682 11768	nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:46:32.0683 11768	nvraid - ok
19:46:32.0728 11768	nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:46:32.0730 11768	nvstor - ok
19:46:32.0757 11768	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:46:32.0759 11768	nv_agp - ok
19:46:32.0771 11768	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:46:32.0772 11768	ohci1394 - ok
19:46:32.0790 11768	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
19:46:32.0791 11768	Parport - ok
19:46:32.0819 11768	partmgr         (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
19:46:32.0820 11768	partmgr - ok
19:46:32.0837 11768	pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:46:32.0838 11768	pci - ok
19:46:32.0852 11768	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:46:32.0853 11768	pciide - ok
19:46:32.0884 11768	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
19:46:32.0886 11768	pcmcia - ok
19:46:32.0910 11768	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:46:32.0910 11768	pcw - ok
19:46:32.0955 11768	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:46:32.0960 11768	PEAUTH - ok
19:46:33.0001 11768	PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:46:33.0002 11768	PptpMiniport - ok
19:46:33.0033 11768	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
19:46:33.0034 11768	Processor - ok
19:46:33.0059 11768	Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:46:33.0060 11768	Psched - ok
19:46:33.0117 11768	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
19:46:33.0127 11768	ql2300 - ok
19:46:33.0140 11768	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
19:46:33.0141 11768	ql40xx - ok
19:46:33.0164 11768	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:46:33.0165 11768	QWAVEdrv - ok
19:46:33.0175 11768	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:46:33.0176 11768	RasAcd - ok
19:46:33.0200 11768	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:46:33.0201 11768	RasAgileVpn - ok
19:46:33.0216 11768	Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:46:33.0217 11768	Rasl2tp - ok
19:46:33.0230 11768	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:46:33.0231 11768	RasPppoe - ok
19:46:33.0286 11768	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:46:33.0287 11768	RasSstp - ok
19:46:33.0316 11768	rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:46:33.0318 11768	rdbss - ok
19:46:33.0354 11768	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
19:46:33.0354 11768	rdpbus - ok
19:46:33.0395 11768	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:46:33.0396 11768	RDPCDD - ok
19:46:33.0428 11768	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:46:33.0428 11768	RDPENCDD - ok
19:46:33.0476 11768	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:46:33.0476 11768	RDPREFMP - ok
19:46:33.0500 11768	RDPWD           (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
19:46:33.0502 11768	RDPWD - ok
19:46:33.0530 11768	rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:46:33.0532 11768	rdyboost - ok
19:46:33.0551 11768	RFCOMM          (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
19:46:33.0552 11768	RFCOMM - ok
19:46:33.0573 11768	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:46:33.0574 11768	rspndr - ok
19:46:33.0641 11768	SASDIFSV        (3289766038db2cb14d07dc84392138d5) D:\scanner\superantispyware\SASDIFSV64.SYS
19:46:33.0641 11768	SASDIFSV - ok
19:46:33.0663 11768	SASKUTIL        (58a38e75f3316a83c23df6173d41f2b5) D:\scanner\superantispyware\SASKUTIL64.SYS
19:46:33.0664 11768	SASKUTIL - ok
19:46:33.0758 11768	sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:46:33.0759 11768	sbp2port - ok
19:46:33.0785 11768	scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:46:33.0786 11768	scfilter - ok
19:46:33.0810 11768	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
19:46:33.0811 11768	Serenum - ok
19:46:33.0823 11768	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
19:46:33.0825 11768	Serial - ok
19:46:33.0835 11768	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
19:46:33.0835 11768	sermouse - ok
19:46:33.0858 11768	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:46:33.0859 11768	sffdisk - ok
19:46:33.0870 11768	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:46:33.0871 11768	sffp_mmc - ok
19:46:33.0881 11768	sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:46:33.0882 11768	sffp_sd - ok
19:46:33.0892 11768	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
19:46:33.0893 11768	sfloppy - ok
19:46:33.0914 11768	SiSGbeLH        (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
19:46:33.0916 11768	SiSGbeLH - ok
19:46:33.0940 11768	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
19:46:33.0940 11768	SiSRaid2 - ok
19:46:33.0954 11768	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
19:46:33.0955 11768	SiSRaid4 - ok
19:46:33.0971 11768	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:46:33.0972 11768	Smb - ok
19:46:34.0006 11768	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:46:34.0006 11768	spldr - ok
19:46:34.0053 11768	srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:46:34.0056 11768	srv - ok
19:46:34.0086 11768	srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:46:34.0089 11768	srv2 - ok
19:46:34.0112 11768	srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:46:34.0113 11768	srvnet - ok
19:46:34.0147 11768	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
19:46:34.0148 11768	stexstor - ok
19:46:34.0176 11768	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
19:46:34.0177 11768	swenum - ok
19:46:34.0246 11768	SynTP           (7e8902f9929a5d9ffd0f545332ce0f10) C:\Windows\system32\DRIVERS\SynTP.sys
19:46:34.0256 11768	SynTP - ok
19:46:34.0355 11768	Tcpip           (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
19:46:34.0367 11768	Tcpip - ok
19:46:34.0421 11768	TCPIP6          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
19:46:34.0434 11768	TCPIP6 - ok
19:46:34.0463 11768	tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:46:34.0463 11768	tcpipreg - ok
19:46:34.0493 11768	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:46:34.0493 11768	TDPIPE - ok
19:46:34.0504 11768	TDTCP           (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
19:46:34.0505 11768	TDTCP - ok
19:46:34.0518 11768	tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:46:34.0519 11768	tdx - ok
19:46:34.0529 11768	TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
19:46:34.0530 11768	TermDD - ok
19:46:34.0555 11768	tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:46:34.0555 11768	tssecsrv - ok
19:46:34.0568 11768	TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:46:34.0569 11768	TsUsbFlt - ok
19:46:34.0579 11768	TsUsbGD         (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
19:46:34.0580 11768	TsUsbGD - ok
19:46:34.0650 11768	tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:46:34.0651 11768	tunnel - ok
19:46:34.0693 11768	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
19:46:34.0694 11768	uagp35 - ok
19:46:34.0745 11768	udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:46:34.0748 11768	udfs - ok
19:46:34.0792 11768	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:46:34.0793 11768	uliagpkx - ok
19:46:34.0826 11768	umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
19:46:34.0827 11768	umbus - ok
19:46:34.0838 11768	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
19:46:34.0838 11768	UmPass - ok
19:46:34.0872 11768	usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:46:34.0873 11768	usbccgp - ok
19:46:34.0911 11768	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:46:34.0912 11768	usbcir - ok
19:46:34.0930 11768	usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
19:46:34.0931 11768	usbehci - ok
19:46:34.0979 11768	usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:46:34.0981 11768	usbhub - ok
19:46:35.0021 11768	usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
19:46:35.0022 11768	usbohci - ok
19:46:35.0058 11768	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
19:46:35.0058 11768	usbprint - ok
19:46:35.0086 11768	USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:46:35.0087 11768	USBSTOR - ok
19:46:35.0110 11768	usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
19:46:35.0110 11768	usbuhci - ok
19:46:35.0159 11768	usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
19:46:35.0161 11768	usbvideo - ok
19:46:35.0181 11768	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:46:35.0182 11768	vdrvroot - ok
19:46:35.0213 11768	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:46:35.0213 11768	vga - ok
19:46:35.0228 11768	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:46:35.0229 11768	VgaSave - ok
19:46:35.0254 11768	vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:46:35.0255 11768	vhdmp - ok
19:46:35.0272 11768	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:46:35.0273 11768	viaide - ok
19:46:35.0285 11768	volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:46:35.0287 11768	volmgr - ok
19:46:35.0312 11768	volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:46:35.0314 11768	volmgrx - ok
19:46:35.0330 11768	volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:46:35.0333 11768	volsnap - ok
19:46:35.0357 11768	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
19:46:35.0359 11768	vsmraid - ok
19:46:35.0373 11768	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:46:35.0373 11768	vwifibus - ok
19:46:35.0389 11768	vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:46:35.0390 11768	vwififlt - ok
19:46:35.0414 11768	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
19:46:35.0414 11768	WacomPen - ok
19:46:35.0427 11768	WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:46:35.0429 11768	WANARP - ok
19:46:35.0432 11768	Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:46:35.0433 11768	Wanarpv6 - ok
19:46:35.0458 11768	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
19:46:35.0458 11768	Wd - ok
19:46:35.0498 11768	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:46:35.0503 11768	Wdf01000 - ok
19:46:35.0542 11768	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:46:35.0544 11768	WfpLwf - ok
19:46:35.0602 11768	WimFltr         (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
19:46:35.0606 11768	WimFltr - ok
19:46:35.0649 11768	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:46:35.0652 11768	WIMMount - ok
19:46:35.0720 11768	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
19:46:35.0723 11768	WmiAcpi - ok
19:46:35.0792 11768	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:46:35.0794 11768	ws2ifsl - ok
19:46:35.0834 11768	WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:46:35.0837 11768	WudfPf - ok
19:46:35.0865 11768	WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:46:35.0868 11768	WUDFRd - ok
19:46:35.0900 11768	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:46:35.0964 11768	\Device\Harddisk0\DR0 - ok
19:46:35.0975 11768	Boot (0x1200)   (beb34928e75ada2c2548ece6c5638061) \Device\Harddisk0\DR0\Partition0
19:46:35.0977 11768	\Device\Harddisk0\DR0\Partition0 - ok
19:46:35.0996 11768	Boot (0x1200)   (2ae6f8f06bd625cad89aec6ba3a6e5dd) \Device\Harddisk0\DR0\Partition1
19:46:36.0000 11768	\Device\Harddisk0\DR0\Partition1 - ok
19:46:36.0000 11768	============================================================
19:46:36.0000 11768	Scan finished
19:46:36.0000 11768	============================================================
19:46:36.0010 11352	Detected object count: 0
19:46:36.0010 11352	Actual detected object count: 0
19:46:57.0145 9888	Deinitialize success
         

Alt 21.03.2012, 07:37   #10
kira
/// Helfer-Team
 
Windows7 Home Premium Update Fehler. Error Code: 80070643 und 80071A91; Mic.Answers vermutet Befall - Standard

Windows7 Home Premium Update Fehler. Error Code: 80070643 und 80071A91; Mic.Answers vermutet Befall



Zitat:
Zitat von RyOMaNiA Beitrag anzeigen
Leider installiert mein Rechner nach wie vor keine Windows updates
dann waren es wohl doch keine Viren, wie vermutet.
(selber Fehlercode).
Ursache kann vielfälltig sein..auch unter enderem doch Malware!
-> wie lang besteht das Problem denn?

1.
Deinstallieren/entfernen:
Zitat:
Eset Online Scanner
Malwarebytes
SUPERAntiSpyware
TDSSKiller von Kaspersky
2.
reinige dein System mit CCleaner:
  • "CCleaner"→ "Analysieren"→ Klick auf den Button "Start CCleaner"
  • "Registry""Fehler suchen"→ "Fehler beheben"→ "Alle beheben"
  • Starte dein System neu auf

3.
Vor dem nächsten Schritt, also bevor wir weitermachen:
Da jederzeit etwas passieren kann, wenn du wichtige Daten hast die Du sichern möchtest, empfehle ich Dir es jetzt machen (wie Bilder, Musik usw)
Achte darauf: Die sicherten Daten sollen keine "Ausführbare Dateien" enthalten! - Dateiendungen - Dies ist eine Liste von Dateiendungen, die Dateien mit ausführbarem Code bezeichnen können.
Unabhängig von einem Befall (weil ja kann eine Festplatte auch kaputt gehen, oder es gibt andere technische Probleme ), sollte man regelmäßig Sicherung machen und an einem sicheren Ort bewahren, wie CD und DVD, externe Festplatten oder/und USB-Sticks
Mache das jetzt bitte!


4.
Lade Combofix von einem der folgenden Download-Spiegel herunter:

BleepingComputer.com - ForoSpyware.com

und speichere das Programm auf den Desktop, nicht woanders hin, das ist wichtig!
Beachte die ausführliche Original-Anleitung.

Zurzeit ist Combofix auf folgenden Windows-Versionen lauffähig:
  • Windows XP (nur 32-bit)
  • Windows 2000 (nur 32-bit)
  • Windows Vista (32-bit/64-bit)
  • Windows 7 (32-bit/64-bit)

Vorbereitung und wichtige Hinweise
  • Bitte während des Scans mit Combofix Antiviren- sowie Antispy-Programme, die Firewall und evtl. vorhandenes Skript-Blocking (Norton) deaktivieren.
  • Liste der zu deaktivierenden Programme.
    Bei Unklarheiten bitte vorher fragen.
  • Bitte während des Laufs von Combofix nicht in das Combofix-Fenster klicken.
  • Das könnte Dein System einfrieren oder hängen bleiben lassen.
  • Es kann circa eine Viertelstunde dauern, bis der Scan fertig ist.
  • ComboFix wird Deine Einstellungen in Bezug auf den Bildschirmschoner zurücksetzen.
  • Diese Einstellungen kannst Du nach Beendigung unserer Bereinigung wieder ändern.
  • Mache nichts anderes, wenn es Dir nicht gelungen ist, Combofix laufen zu lassen.
  • Teile uns das mit und warte auf unsere Anweisungen.

Kurzanleitung zur Installation der Wiederherstellungskonsole unter XP
  • Doppelklicke auf die ComboFix.exe und folge den Anweisungen.
  • Akzeptiere die Bedingungen (Disclaimer) mit "Ja".
  • ComboFix wird schauen, ob die Microsoft-Windows-Wiederherstellungskonsole installiert ist.
    Dies ist Teil des Prozesses. Angesichts der Art von Malware Infizierungen, die es heute gibt, wird dringend empfohlen, diese Wiederherstellungskonsole auf dem PC installiert zu haben, bevor jegliche Reinigung von Malware durchgeführt wird.
  • Folge den Anweisungen, um ComboFix das Herunterladen und Installieren der Wiederherstellungskonsole zu ermöglichen und stimme dem Lizenzvertrag (EULA) zu, sobald Du dazu aufgefordert wirst.
** Zur Information: Sollte die Wiederherstellungskonsole schon installiert sein, so wird ComboFix seine Malware-Entfernungsprozedur normal fortfahren.



Sobald die Wiederherstellungskonsole durch ComboFix installiert wurde, solltest Du folgende Nachricht sehen:



Klicke "Ja", um mit dem Suchlauf nach Malware fortzufahren.

Wenn ComboFix fertig ist, wird es ein Log erstellen (bitte warten, das dauert einen Moment).
Unbedingt warten, bis sich das Combofix-Fenster geschlossen hat und das Logfile im Editor erscheint.
Bitte poste die Log-Dateien C:\ComboFix.txt und C:\Qoobox\Add-Remove Programs.txt in Code-Tags hier in den Thread.

Hinweis: Combofix macht aus verschiedenen Gründen den Internet Explorer zum Standard-Browser und erstellt ein IE-Icon auf dem Desktop.
Das IE-Desktop-Icon kannst Du nach der Bereinigung wieder löschen und Deinen bevorzugten Browser wieder als Standard-Browser einstellen.

Combofix nicht auf eigene Faust einsetzen. Wenn keine entsprechende Infektion vorliegt, kann das den Rechner lahmlegen und/oder nachhaltig schädigen!
__________________

Warnung!:
Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein!
Anhang nicht öffnen, in unserem Forum erst nachfragen!

Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten!
Bitte diese Warnung weitergeben, wo Du nur kannst!

Alt 27.03.2012, 15:53   #11
RyOMaNiA
 
Windows7 Home Premium Update Fehler. Error Code: 80070643 und 80071A91; Mic.Answers vermutet Befall - Standard

Windows7 Home Premium Update Fehler. Error Code: 80070643 und 80071A91; Mic.Answers vermutet Befall



Hallo. Entschuldige, dass es etwas länger gedauert hat, aber ich war in letzter Zeit sehr eingespannt wegen Prüfungen ect.

also wie lange GENAU das problem besteht kann ich nicht sagen aber die ersten uninstallierten windows updates sind am 16.01.2012

ich wollte eine Sicherung durchführen, ABER das war nicht möglich ! Selber Fehlercode wie oben 80071A91
Ich habe aber eine etwas ältere Sicherung, die ich verwenden könnte.

Gibt es eine Möglichkeit das System einfach auf den Auslieferungszustand zurückzusstellen ? Währen damit das Problem nicht beseitigt ? (Ich habe nichts auf dem PC, was mir WIRKLICH wichtig ist ...)

hab combofix eingesetzt
Code:
ATTFilter
ComboFix 12-03-27.02 - Admin 27.03.2012  16:57:16.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4000.2313 [GMT 2:00]
ausgeführt von:: c:\users\Ryo\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-02-27 bis 2012-03-27  ))))))))))))))))))))))))))))))
.
.
2012-03-27 12:09 . 2012-03-27 12:09	69000	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{551F4673-8AE3-44FC-A4C4-907B6A6131ED}\offreg.dll
2012-03-24 09:16 . 2012-03-24 20:04	--------	d-----w-	c:\users\Ryo\AppData\Roaming\.minecraft
2012-03-23 12:21 . 2012-03-14 03:27	8669240	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{551F4673-8AE3-44FC-A4C4-907B6A6131ED}\mpengine.dll
2012-03-14 21:45 . 2012-03-14 21:45	--------	d-----w-	c:\users\Ryo\AppData\Roaming\SUPERAntiSpyware.com
2012-03-14 19:03 . 2012-03-14 19:03	--------	d-----w-	c:\program files (x86)\Common Files\Java
2012-03-14 19:02 . 2012-03-14 19:02	--------	d-----w-	c:\program files (x86)\Java
2012-03-13 17:07 . 2012-03-13 17:07	--------	d-----w-	c:\program files\CCleaner
2012-03-12 21:23 . 2012-03-12 21:23	--------	d-----w-	c:\users\Ryo\AppData\Roaming\Malwarebytes
2012-03-12 16:35 . 2012-03-12 16:35	--------	d-----w-	c:\users\Admin\AppData\Roaming\Malwarebytes
2012-03-12 16:35 . 2012-03-12 16:35	--------	d-----w-	c:\programdata\Malwarebytes
2012-03-12 15:49 . 2012-03-12 15:49	--------	d-----w-	c:\users\Admin\AppData\Roaming\Uniblue
2012-03-12 15:39 . 2012-03-12 15:39	--------	d-----w-	c:\users\Ryo\AppData\Local\2DBoy
2012-03-12 15:39 . 2012-03-12 15:39	--------	d-----w-	c:\programdata\2DBoy
2012-03-09 19:24 . 2012-03-09 19:24	98304	----a-w-	c:\windows\SysWow64\CmdLineExt.dll
2012-03-09 17:15 . 2004-10-22 01:16	5632	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2012-03-09 17:12 . 2004-10-22 01:18	749568	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2012-03-09 17:12 . 2004-10-22 01:17	69715	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2012-03-09 17:12 . 2004-10-22 01:17	274432	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2012-03-09 17:12 . 2004-10-22 01:16	180224	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2012-03-09 17:12 . 2012-03-09 17:12	192644	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2012-03-09 17:12 . 2012-03-09 17:12	323716	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2012-02-27 20:47 . 2012-02-27 20:47	--------	d-----w-	c:\users\Ryo\AppData\Roaming\OpenOffice.org
2012-02-27 20:45 . 2012-02-27 20:45	--------	d-----w-	c:\program files (x86)\OpenOffice.org 3
2012-02-27 17:34 . 2012-02-27 17:34	--------	d-----w-	c:\programdata\Oberon Media
2012-02-27 17:31 . 2012-02-27 17:32	--------	d-----w-	c:\users\Admin\AppData\Roaming\SoftGrid Client
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-14 19:02 . 2011-12-24 21:45	472808	----a-w-	c:\windows\SysWow64\deployJava1.dll
2012-02-25 12:21 . 2011-12-26 22:02	414368	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-23 08:18 . 2012-01-02 19:09	279656	------w-	c:\windows\system32\MpSigStub.exe
2012-02-15 19:55 . 2011-12-24 19:38	132320	----a-w-	c:\windows\system32\drivers\avipbb.sys
2012-02-11 10:11 . 2011-12-24 18:17	45056	----a-w-	c:\windows\SysWow64\acovcnt.exe
2012-01-11 14:40 . 2012-01-11 14:40	2300696	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2012-01-11 14:29 . 2012-01-11 14:29	42776	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-01-11 14:29 . 2012-01-11 14:29	1248080	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-01-02 19:51 . 2012-01-02 19:51	525544	----a-w-	c:\windows\system32\deployJava1.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-04-13 2018032]
"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe" [2011-02-23 731472]
"SonicMasterTray"="c:\program files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe" [2010-07-10 984400]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2011-07-21 5716608]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2011-09-09 2317312]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-12-15 258512]
"DeathAdder"="c:\program files (x86)\Razer\DeathAdder\razerhid.exe" [2009-09-22 163840]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\users\Ryo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-4-13 549040]
FancyStart daemon.lnk - c:\windows\Installer\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\_77B5857C27147149171BE7.exe [2011-11-1 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 danewFltr;NewDeathAdder Mouse;c:\windows\system32\drivers\danew.sys [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-12-15 86224]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\Common Files\InstantOn\InsOnSrv.exe [2011-08-24 92800]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2010-09-02 08:41	220160	----a-w-	c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2010-09-02 08:41	220160	----a-w-	c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-03-21 361984]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-08-16 2277480]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-08-31 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-08-31 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-08-31 416024]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"*WerKernelReporting"="c:\windows\SYSTEM32\WerFault.exe" [2009-07-14 415232]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = 
mStart Page = 
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5upc95yp.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-SpeedUpMyPC - d:\scanner\free performace scan\SpeedUpMyPC\launcher.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SynAsusAcpi - c:\program files (x86)\Synaptics\SynTP\SynAsusAcpi.exe
HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd
AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr
AddRemove-{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1 - d:\scanner\free performace scan\SpeedUpMyPC\unins000.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-03-27  17:04:35
ComboFix-quarantined-files.txt  2012-03-27 15:04
.
Vor Suchlauf: 9 Verzeichnis(se), 62.536.462.336 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 62.162.350.080 Bytes frei
.
- - End Of File - - A916CDD238E54C6E855C05B5FBA9F107
         
und hier die add-remove programs.txt:
Code:
ATTFilter
??? ActiveX ?? Windows Live Mesh ???? ??????? ???????
???? ??? Windows Live
???? ???? ActiveX ????? ?? Windows Live Mesh ????????? ???????
???? Windows Live
????? Windows Live
?????? ??????? ?? Windows Live
??????? ?????????? Windows Live Mesh ActiveX ??? ????????? ???????????
??????? Windows Live Mesh ActiveX ???
???????? ?????????? Windows Live
?????????? Windows Live
Adobe Flash Player 10 ActiveX
Alcor Micro USB Card Reader
Asmedia ASM104x USB 3.0 Host Controller Driver
ASUS AI Recovery
ASUS FancyStart
ASUS LifeFrame3
ASUS Live Update
ASUS SmartLogon
ASUS Splendid Video Enhancement Technology
ASUS Virtual Camera
ASUS WebStorage
ASUS_Screensaver
AsusVibe2.0
Atheros Driver Installation Program
ATK Package
Avira Free Antivirus
Bookworm Deluxe
Contrôle ActiveX Windows Live Mesh pour connexions à distance
Control ActiveX de Windows Live Mesh para conexiones remotas
Controlo ActiveX do Windows Live Mesh para Ligações Remotas
Cooking Dash
CyberLink LabelPrint
CyberLink Power2Go
D3DX10
Galeria de Fotografias do Windows Live
Galerie de photos Windows Live
Galería fotográfica de Windows Live
Game Park Console
Governor of Poker
Hotel Dash Suite Success
InstantOn for NB
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Java Auto Updater
Java(TM) 6 Update 31
Jewel Quest 3
Junk Mail filter update
Luxor 3
Mahjongg dimensions
Maschinenschreiben Deluxe 1.2.40
Mesh Runtime
Microsoft Office 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Mozilla Firefox 10.0 (x86 de)
MSVCRT
MSVCRT_amd64
Nuance PDF Reader
OpenOffice.org 3.3
Plants vs Zombies
Raccolta foto di Windows Live
Razer DeathAdder(TM) Mouse
Realtek High Definition Audio Driver
S?????? f?t???af??? t?? Windows Live
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2518870)
Skype™ 5.5
Sonic Focus
SpellForce
St???e?? e?????? ActiveX t?? Windows Live Mesh ??a ap?µa???sµ??e? s??d?se??
StarCraft II
Stronghold 2 Deluxe
syncables desktop SE
Uniblue SpeedUpMyPC
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
VLC media player 1.1.11
Windows Live
Windows Live ???
Windows Live ????
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fotogalerie
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinFlash
Wireless Console 3
World of Goo
         

Geändert von RyOMaNiA (27.03.2012 um 16:15 Uhr) Grund: log editiert

Alt 28.03.2012, 07:15   #12
kira
/// Helfer-Team
 
Windows7 Home Premium Update Fehler. Error Code: 80070643 und 80071A91; Mic.Answers vermutet Befall - Standard

Windows7 Home Premium Update Fehler. Error Code: 80070643 und 80071A91; Mic.Answers vermutet Befall



hast Du Win 7 CD?
__________________

Warnung!:
Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein!
Anhang nicht öffnen, in unserem Forum erst nachfragen!

Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten!
Bitte diese Warnung weitergeben, wo Du nur kannst!

Alt 28.03.2012, 12:56   #13
RyOMaNiA
 
Windows7 Home Premium Update Fehler. Error Code: 80070643 und 80071A91; Mic.Answers vermutet Befall - Standard

Windows7 Home Premium Update Fehler. Error Code: 80070643 und 80071A91; Mic.Answers vermutet Befall



leider nicht ... Win7 war vorinstalliert und es wurde keine CD mitgeliefert

Alt 29.03.2012, 07:18   #14
kira
/// Helfer-Team
 
Windows7 Home Premium Update Fehler. Error Code: 80070643 und 80071A91; Mic.Answers vermutet Befall - Standard

Windows7 Home Premium Update Fehler. Error Code: 80070643 und 80071A91; Mic.Answers vermutet Befall



1.
dies dürfte kein Hindernis sein, da dein Laptop hat eine Recoverfyfunktion (versteckte Partition auf der Platte), mit dem der Auslieferungszustand wiederhergestellt werden kann. Es gibt eine Tastenkombination, die Du beim start des Pc´s drücken musst! Wie Du aus dem Handbuch der Herstellers entnehmen kannst, oder der technischer Support wenden. - (ein Bootmenu aufrufen, dann eine beliebige Taste drücken glaube F9 Taste)

2.
hat ASUS extra ein Programm vorinstalliert (glaube "AL Recovery Burner" heißt), welches die Recovery DVD erstellt. Da wird aber mehrere CD`s benötigt, ist es doof...viel Müll werden auch "mitgesichert"
aber schaue mal hier:-> Windows 7 – Home Premium und Professional Direkt Download Links
__________________

Warnung!:
Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein!
Anhang nicht öffnen, in unserem Forum erst nachfragen!

Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten!
Bitte diese Warnung weitergeben, wo Du nur kannst!

Alt 02.04.2012, 22:19   #15
RyOMaNiA
 
Windows7 Home Premium Update Fehler. Error Code: 80070643 und 80071A91; Mic.Answers vermutet Befall - Standard

Windows7 Home Premium Update Fehler. Error Code: 80070643 und 80071A91; Mic.Answers vermutet Befall



Also ich bin jetzt auf dieser Seite bei ''Methode one'' hängen geblieben und fand, dass dich das ganz gut anhört.

(hxxp://support.asus.com/Troubleshooting/detail.aspx?SLanguage=en&p=3&m=A54H&s=367&hashedid=qRrJv389oYtZGCO1&os=&no=1775)

nun hab ich noch einige Fragen

1. ist es das, was ich suche (mein Englisch ist nicht GANZ so gut)
2. das sollte meinen PC ja in den Zustand der Auslieferung zurücksetzen, richtig ? sind damit auch alle Malware weg, oder bleiben diese ? (währ doof ^^)
3. Ich versteh die Arbeitsschritte noch nicht zu 100%. Kannst du mir Helfen ? (also genau genommen versteh ich nur Arbeitsschritt 5 nicht.)

Antwort

Themen zu Windows7 Home Premium Update Fehler. Error Code: 80070643 und 80071A91; Mic.Answers vermutet Befall
antivir, antivirus, avira, avira searchfree toolbar, bingbar, defender, desktop, entfernen, error, eset nod32, explorer, firefox, focus, frage, home, malware, mozilla, nicht sicher, notification, pdf, problem, realtek, scan, schutz, security, software, speedupmypc, svchost.exe, system, update, updates, usb, virenbefall, windows, windows 7 64bit home, windows 7 home, windows 7 home premium



Ähnliche Themen: Windows7 Home Premium Update Fehler. Error Code: 80070643 und 80071A91; Mic.Answers vermutet Befall


  1. Kernal Data Inpage Error unter Win7 Home Premium
    Alles rund um Windows - 02.03.2015 (4)
  2. Windows 7 Update Code 8008005 Unbekannte Fehler bei Windows Update
    Log-Analyse und Auswertung - 08.02.2015 (15)
  3. Windows Update Fehler Code 9C48
    Alles rund um Windows - 29.01.2015 (45)
  4. Windows 7 Premium 64: Microsoft Fixit Fehlermeldung [Code 8004FE2C] als Hinweis auf Infizierung
    Log-Analyse und Auswertung - 23.03.2014 (13)
  5. Windows7 home premium. Einloggen als Besitzer nicht möglich-password vergessen?
    Alles rund um Windows - 03.03.2014 (3)
  6. win32downloader.gen Befall unter Windows Vista Home Premium
    Log-Analyse und Auswertung - 26.09.2013 (15)
  7. Windows 7 HP: Firewall Fehler Code : 0x6D9 und Rundll Fehler beim Start
    Log-Analyse und Auswertung - 23.09.2013 (22)
  8. Update für Win Service Pack 1 (SP1) für x64-basierte Systeme nicht möglich. Fehler Code 8024200D
    Plagegeister aller Art und deren Bekämpfung - 11.01.2013 (14)
  9. CryEngine Error, Error code 998
    Alles rund um Windows - 22.03.2012 (0)
  10. Code 80072EFE - Unbekannter Fehler bei Windows Update.
    Log-Analyse und Auswertung - 12.09.2010 (0)
  11. nach SP3 update hat Grafikkarte einen code 10 fehler
    Alles rund um Windows - 27.07.2010 (19)
  12. Problem antivir error,fraps error und grafik fehler
    Log-Analyse und Auswertung - 01.07.2010 (1)
  13. Virus oder Trojaner legt das System lahm, Sweet.Home wird vermutet
    Plagegeister aller Art und deren Bekämpfung - 25.05.2010 (3)
  14. Error Code -2147023174
    Log-Analyse und Auswertung - 26.04.2010 (34)
  15. Malewarebytes Error code: 721 (0,14)
    Log-Analyse und Auswertung - 18.11.2009 (3)
  16. Windows Update streikt Fehler code 8000ffff
    Alles rund um Windows - 09.04.2008 (0)
  17. Error Code: c000000c
    Alles rund um Windows - 13.08.2005 (2)

Zum Thema Windows7 Home Premium Update Fehler. Error Code: 80070643 und 80071A91; Mic.Answers vermutet Befall - Hallo, ich habe seit einiger Zeit (16.01.2012) das Problem, dass keine Updates mehr installiert werden (hauptsächlich Sicherheitsupgrades). Es erscheinen immer zwei Fehlercodes 80070643 und 80071A91 Nun habe ich bei Microsoft - Windows7 Home Premium Update Fehler. Error Code: 80070643 und 80071A91; Mic.Answers vermutet Befall...
Archiv
Du betrachtest: Windows7 Home Premium Update Fehler. Error Code: 80070643 und 80071A91; Mic.Answers vermutet Befall auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.