Zurück   Trojaner-Board > Web/PC > Alles rund um Windows

Alles rund um Windows: Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701

Windows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 - als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows.

Antwort
Alt 01.04.2014, 09:22   #1
Nobbes03
 
Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 - Standard

Problem: Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701



Hallo!
Ich versuche jetzt seit einiger Zeit das Update SP1 zu installieren. Ich bin darauf gestoßen, da mein Explorer(8) veraltet ist. Die Installattion hat wohl seit 2012 nicht funktioniert. Da ich absoluter Laie auf diesem gebiet bin und mein Laptop trotzdem funktioniert, hat es mich nicht weiter gestört.
Ich habe in den letzten Tagen mehrere Scaner durchlaufen lassen. Unter anderem adwcleaner und TDSSKiller von denen ich die Logdateien noch habe und mit den anderen gewünschten Logdateien beifüge. (es sind noch weitere TDDS. Logdateien vorhanden. Konnte diese aber nicht mehr anhängen)

Das Programm GMER konnte nicht ausgeführt werden.

Ich bin sehr froh über die Möglichkeit, die mir dieses Forum bietet, bin mir dabei völlig im Klaren, dass jegliche Hilfe alles andere als eine Selbstverständlichkeit ist und danke Euch deshalb schon im Voraus für Eure Mühe.

Adw R0
# AdwCleaner v3.022 - Bericht erstellt am 30/03/2014 um 19:52:37
# Aktualisiert 13/03/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium (64 bits)
# Benutzername : MediMax - MEDIMAX-PC
# Gestartet von : C:\Users\MediMax\AppData\Local\Temp\Temporary Internet Files\Content.IE5\AWIE8IZH\2-adwcleaner[1].exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
Ordner Gefunden : C:\Users\MediMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabfjnbeinlpljodiajipidiompfl
Ordner Gefunden C:\Program Files (x86)\Ask.com
Ordner Gefunden C:\ProgramData\Partner
Ordner Gefunden C:\Users\MediMax\AppData\Local\apn
Ordner Gefunden C:\Users\MediMax\AppData\Local\AskToolbar
Ordner Gefunden C:\Users\MediMax\AppData\Local\Temp\AskSearch
Ordner Gefunden C:\Users\MediMax\AppData\LocalLow\AskToolbar
Ordner Gefunden C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\APN
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gefunden : HKCU\Software\Ask.com
Schlüssel Gefunden : HKCU\Software\AskToolbar
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gefunden : [x64] HKCU\Software\APN
Schlüssel Gefunden : [x64] HKCU\Software\Ask.com
Schlüssel Gefunden : [x64] HKCU\Software\AskToolbar
Schlüssel Gefunden : HKLM\Software\APN
Schlüssel Gefunden : HKLM\Software\AskToolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{05366194-3126-4601-AC1A-DDE573E093DC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{061F450C-37B9-4330-9235-0F25D9F75B33}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{26249267-15F4-4DA3-8247-C5A78E4FA918}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{39B217B4-8C69-4E45-A8DC-8CC4DAD3CF0A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3CB4CE45-8849-4638-9226-D6B615A15827}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{43AB7B5D-4C40-4103-A549-7002A116A7D5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{996ED20F-A740-47A2-A7EF-9620D422BB4E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Schlüssel Gefunden : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gefunden : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{061F450C-37B9-4330-9235-0F25D9F75B33}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{1D55DAA5-04AC-4036-B0BE-DA81EE9676CD}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{58CBF821-A0C7-4AE8-9430-77DD1AF38E99}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{72BCBFF7-2837-4CA0-B3B5-3DAED7F54601}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{824125FD-7732-4DA2-9277-3A7D0A0A0813}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaabfjnbeinlpljodiajipidiompfl
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F994E0D9-8335-48F1-99C2-A712C21F8D5F}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]

***** [ Browser ] *****

-\\ Internet Explorer v8.0.7600.17267


-\\ Google Chrome v33.0.1750.154

[ Datei : C:\Users\MediMax\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gefunden : icon_url
Gefunden : search_url
Gefunden : suggest_url
Gefunden : keyword
Gefunden : homepage
Gefunden : search_url
Gefunden : suggest_url

*************************

AdwCleaner[R0].txt - [8973 octets] - [30/03/2014 19:52:37]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [9033 octets] ##########
Angehängte Dateien
Dateityp: log defogger_disable.log (476 Bytes, 129x aufgerufen)
Dateityp: txt FRST.txt (31,6 KB, 140x aufgerufen)
Dateityp: txt Addition.txt (32,1 KB, 162x aufgerufen)

Alt 01.04.2014, 10:05   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 - Standard

Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 Anleitung / Hilfe



Hi,

Logs bitte nicht anhängen, auch wenn das Board das manchmal meldet

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 01.04.2014, 13:23   #3
Nobbes03
 
Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 - Standard

Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 Details



Hallo "Cosinus"!
Hier die Logdateien. Die TDSS Dateien habe ich nicht eingefügt. Die hätten die 120.000 Zeichen gesprengt.

defogger

Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 08:27 on 01/04/2014 (MediMax)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         
FRST


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by MediMax (administrator) on MEDIMAX-PC on 01-04-2014 08:33:58
Running from C:\Users\MediMax\Desktop
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Windows\system32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(syncables, LLC) C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(TomTom) C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(AVM Berlin) C:\Users\MediMax\AppData\Local\Apps\2.0\VN87KBH0.Z1C\1GWNEOP3.BQ2\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
() C:\Program Files (x86)\ASUS\ASUS WebStorage\EeeStorageUploader.exe
(asus) C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(syncables, LLC) C:\Program Files (x86)\syncables\syncables desktop\syncablesMAPI.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_12_0_0_77_ActiveX.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-04-13] (ELAN Microelectronic Corp.)
HKLM\...\Run: [ASUS WebStorage] - C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [1754448 2010-03-16] ()
HKLM\...\Run: [Setwallpaper] - c:\programdata\SetWallpaper.cmd
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [RemoteControl9] - C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-02-24] (cyberlink)
HKLM-x32\...\Run: [UpdatePSTShortCut] - C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2010-06-25] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateLBPShortCut] - C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [7350912 2010-02-04] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-01-05] (ASUS)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1597440 2010-07-02] ()
HKLM-x32\...\Run: [SessionLogon] - C:\ExpressGateUtil\SessionLogon.exe
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Avira Systray] - C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [173136 2014-03-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-25] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-497900869-4280295134-4125289220-1000\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-08-12] (Google Inc.)
HKU\S-1-5-21-497900869-4280295134-4125289220-1001\...\Run: [Syncables] - C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe [370480 2010-04-05] (syncables, LLC)
HKU\S-1-5-21-497900869-4280295134-4125289220-1001\...\Run: [AVMUSBFernanschluss] - C:\Users\MediMax\AppData\Local\Apps\2.0\VN87KBH0.Z1C\1GWNEOP3.BQ2\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\AVMAutoStart.exe [139264 2012-12-30] (AVM Berlin)
HKU\S-1-5-21-497900869-4280295134-4125289220-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] - C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-497900869-4280295134-4125289220-1001\...\Run: [MyDriveConnect.exe] - C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe [473496 2013-11-29] (TomTom)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {98A15D92-B500-4FEF-974D-6DA29E41E391} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=59f220f0-6d4e-4a16-a2fa-57c45078aede&apn_sauid=403A9B47-F330-4FC1-8391-94065915ECAD
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO-x32: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Users\MediMax\AppData\Local\Programs\ANDI 2013\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
DPF: HKLM-x32 {B479199A-1242-4E3C-AD81-7F0DF801B4AE} hxxp://download.microsoft.com/download/C/9/C/C9C3D86D-84AC-4AF0-8584-842756A66467/MicrosoftDownloadManager.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\syswow64\urlmon.dll (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchKeyword: ask.com
CHR DefaultSearchProvider: Ask
CHR DefaultSearchURL: hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=AVR-4&o=APN10261&locale=de_DE&apn_uid=59f220f0-6d4e-4a16-a2fa-57c45078aede&apn_ptnrs=%5EAGS&apn_sauid=403A9B47-F330-4FC1-8391-94065915ECAD&apn_dtid=%5EYYYYYY%5EYY%5EDE&q={searchTerms}
CHR DefaultNewTabURL: 
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\Users\MediMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-04-24]
CHR Extension: (Google-Suche) - C:\Users\MediMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-04-24]
CHR Extension: (Avira Browser Safety Beta) - C:\Users\MediMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-03-30]
CHR Extension: (Google Wallet) - C:\Users\MediMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Charlotte Ronson) - C:\Users\MediMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\obakimnhgahiedhcjlcnohielmendpen [2012-04-24]
CHR Extension: (Google Mail) - C:\Users\MediMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-04-24]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [121424 2014-03-25] (Avira Operations GmbH & Co. KG)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R3 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2010-04-06] ()

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [116096 2012-04-25] (AVM Berlin)
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2012-12-30] (AVM Berlin)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-03-30] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800192 2009-08-20] ()
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-08-06] ()
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files (x86)\Cyberlink\PowerDVD9\000.fcl [146928 2010-02-24] (CyberLink Corp.)
U3 tmlwf; 
U3 tmwfp; 
S1 wdiasxsq; \??\C:\Windows\system32\drivers\wdiasxsq.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-01 08:33 - 2014-04-01 08:34 - 00018606 _____ () C:\Users\MediMax\Desktop\FRST.txt
2014-04-01 08:33 - 2014-04-01 08:33 - 02157056 _____ (Farbar) C:\Users\MediMax\Desktop\FRST64.exe
2014-04-01 08:33 - 2014-04-01 08:33 - 00000000 ____D () C:\FRST
2014-04-01 08:27 - 2014-04-01 08:27 - 00000476 _____ () C:\Users\MediMax\Desktop\defogger_disable.log
2014-04-01 08:27 - 2014-04-01 08:27 - 00000000 _____ () C:\Users\MediMax\defogger_reenable
2014-04-01 08:24 - 2014-04-01 08:24 - 00014889 _____ () C:\Users\MediMax\Desktop\download-defogger.htm
2014-03-31 07:36 - 2014-03-31 07:36 - 00000000 ____D () C:\Windows\CheckSur
2014-03-31 07:07 - 2014-03-31 07:07 - 00000000 ____D () C:\Windows\system32\EventProviders
2014-03-31 07:02 - 2014-03-31 07:01 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-03-30 22:36 - 2014-03-30 22:36 - 00000000 ____D () C:\Users\MediMax\AppData\Roaming\Avira
2014-03-30 22:34 - 2014-03-30 22:34 - 00000000 ____D () C:\Users\Public\CyberLink
2014-03-30 22:30 - 2014-02-25 11:41 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-03-30 22:30 - 2014-02-25 11:41 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-03-30 22:30 - 2014-02-25 11:41 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-03-30 22:22 - 2014-03-30 22:30 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-03-30 22:22 - 2014-03-30 22:26 - 00001147 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-03-30 22:22 - 2014-03-30 22:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-30 19:52 - 2014-03-30 19:54 - 00000000 ____D () C:\AdwCleaner
2014-03-30 11:01 - 2014-03-30 11:13 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-30 11:00 - 2014-03-30 11:00 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-29 19:41 - 2014-03-29 19:41 - 00208216 _____ (Kaspersky Lab, GERT) C:\Windows\system32\Drivers\90336673.sys
2014-03-29 19:39 - 2014-03-29 19:39 - 00208216 _____ (Kaspersky Lab, GERT) C:\Windows\system32\Drivers\66244616.sys
2014-03-28 20:27 - 2014-03-28 20:27 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-26 19:29 - 2014-03-26 19:29 - 00002525 _____ () C:\Users\Public\Desktop\Microsoft Download Manager.lnk
2014-03-26 19:29 - 2014-03-26 19:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft Download Manager
2014-03-23 22:14 - 2014-02-26 20:35 - 00000426 _____ () C:\AVScanner.ini
2014-03-16 22:04 - 2014-03-23 22:56 - 00002566 _____ () C:\Windows\IE10_main.log
2014-03-15 09:30 - 2014-03-15 09:30 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-03-15 09:30 - 2014-03-15 09:30 - 00000000 ____D () C:\Windows\system32\NV
2014-03-15 09:30 - 2014-03-15 09:30 - 00000000 ____D () C:\ProgramData\Intel
2014-03-15 09:16 - 2013-09-05 03:37 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-03-15 09:16 - 2013-09-05 03:37 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-03-15 09:15 - 2014-03-15 09:18 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-15 09:15 - 2014-03-15 09:15 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation

==================== One Month Modified Files and Folders =======

2014-04-01 08:34 - 2014-04-01 08:33 - 00018606 _____ () C:\Users\MediMax\Desktop\FRST.txt
2014-04-01 08:33 - 2014-04-01 08:33 - 02157056 _____ (Farbar) C:\Users\MediMax\Desktop\FRST64.exe
2014-04-01 08:33 - 2014-04-01 08:33 - 00000000 ____D () C:\FRST
2014-04-01 08:32 - 2010-08-12 02:20 - 01822000 _____ () C:\Windows\WindowsUpdate.log
2014-04-01 08:27 - 2014-04-01 08:27 - 00000476 _____ () C:\Users\MediMax\Desktop\defogger_disable.log
2014-04-01 08:27 - 2014-04-01 08:27 - 00000000 _____ () C:\Users\MediMax\defogger_reenable
2014-04-01 08:27 - 2012-01-26 01:32 - 00000000 ____D () C:\Users\MediMax
2014-04-01 08:24 - 2014-04-01 08:24 - 00014889 _____ () C:\Users\MediMax\Desktop\download-defogger.htm
2014-04-01 08:16 - 2009-07-14 09:44 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-04-01 08:06 - 2010-08-12 02:53 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-01 08:00 - 2012-06-29 13:48 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-31 22:36 - 2009-07-14 06:45 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-31 22:36 - 2009-07-14 06:45 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-31 22:34 - 2009-08-04 12:40 - 00353756 _____ () C:\Windows\system32\perfh00D.dat
2014-03-31 22:34 - 2009-08-04 12:40 - 00069328 _____ () C:\Windows\system32\perfc00D.dat
2014-03-31 22:34 - 2009-08-04 12:34 - 00552004 _____ () C:\Windows\system32\perfh008.dat
2014-03-31 22:34 - 2009-08-04 12:34 - 00089670 _____ () C:\Windows\system32\perfc008.dat
2014-03-31 22:34 - 2009-08-04 12:28 - 00679576 _____ () C:\Windows\system32\prfh0816.dat
2014-03-31 22:34 - 2009-08-04 12:28 - 00133986 _____ () C:\Windows\system32\prfc0816.dat
2014-03-31 22:34 - 2009-08-04 12:15 - 00691426 _____ () C:\Windows\system32\perfh013.dat
2014-03-31 22:34 - 2009-08-04 12:15 - 00133174 _____ () C:\Windows\system32\perfc013.dat
2014-03-31 22:34 - 2009-08-04 12:09 - 00689342 _____ () C:\Windows\system32\perfh010.dat
2014-03-31 22:34 - 2009-08-04 12:09 - 00127378 _____ () C:\Windows\system32\perfc010.dat
2014-03-31 22:34 - 2009-08-04 11:57 - 00693688 _____ () C:\Windows\system32\perfh00A.dat
2014-03-31 22:34 - 2009-08-04 11:57 - 00137296 _____ () C:\Windows\system32\perfc00A.dat
2014-03-31 22:34 - 2009-08-04 11:51 - 00654400 _____ () C:\Windows\system32\perfh007.dat
2014-03-31 22:34 - 2009-08-04 11:51 - 00130240 _____ () C:\Windows\system32\perfc007.dat
2014-03-31 22:34 - 2009-07-14 07:13 - 05835700 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-31 22:26 - 2012-05-08 19:02 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-03-31 22:26 - 2010-08-12 03:12 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-31 22:26 - 2010-08-12 02:53 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-31 22:26 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-31 22:26 - 2009-07-14 06:51 - 00092801 _____ () C:\Windows\setupact.log
2014-03-31 22:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-31 07:36 - 2014-03-31 07:36 - 00000000 ____D () C:\Windows\CheckSur
2014-03-31 07:07 - 2014-03-31 07:07 - 00000000 ____D () C:\Windows\system32\EventProviders
2014-03-31 07:01 - 2014-03-31 07:02 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-03-30 23:25 - 2010-08-12 03:17 - 00002116 _____ () C:\Windows\system32\AutoRunFilter.ini
2014-03-30 23:24 - 2010-08-12 03:17 - 00001324 _____ () C:\Windows\system32\ServiceFilter.ini
2014-03-30 23:24 - 2010-08-12 03:01 - 00216038 _____ () C:\Windows\PFRO.log
2014-03-30 22:36 - 2014-03-30 22:36 - 00000000 ____D () C:\Users\MediMax\AppData\Roaming\Avira
2014-03-30 22:34 - 2014-03-30 22:34 - 00000000 ____D () C:\Users\Public\CyberLink
2014-03-30 22:33 - 2010-08-12 02:35 - 00000000 ____D () C:\ProgramData\CyberLink
2014-03-30 22:30 - 2014-03-30 22:22 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-03-30 22:30 - 2012-10-17 14:15 - 00000000 ____D () C:\ProgramData\Avira
2014-03-30 22:26 - 2014-03-30 22:22 - 00001147 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-03-30 22:22 - 2014-03-30 22:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-30 19:54 - 2014-03-30 19:52 - 00000000 ____D () C:\AdwCleaner
2014-03-30 11:13 - 2014-03-30 11:01 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-30 11:00 - 2014-03-30 11:00 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-30 01:30 - 2012-10-17 14:17 - 00000000 ____D () C:\Users\MediMax\AppData\Local\DoNotTrackPlus
2014-03-29 19:41 - 2014-03-29 19:41 - 00208216 _____ (Kaspersky Lab, GERT) C:\Windows\system32\Drivers\90336673.sys
2014-03-29 19:39 - 2014-03-29 19:39 - 00208216 _____ (Kaspersky Lab, GERT) C:\Windows\system32\Drivers\66244616.sys
2014-03-28 20:27 - 2014-03-28 20:27 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-28 20:27 - 2012-09-14 11:15 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-28 20:27 - 2010-08-12 02:56 - 00000000 ____D () C:\ProgramData\Skype
2014-03-28 18:11 - 2012-04-26 03:34 - 02349309 _____ () C:\Windows\IE9_main.log
2014-03-26 19:29 - 2014-03-26 19:29 - 00002525 _____ () C:\Users\Public\Desktop\Microsoft Download Manager.lnk
2014-03-26 19:29 - 2014-03-26 19:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft Download Manager
2014-03-26 19:24 - 2012-04-24 19:22 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-03-26 19:23 - 2012-04-24 19:19 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-03-26 19:23 - 2012-04-24 19:19 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-03-26 12:01 - 2010-08-12 02:53 - 00004120 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-26 12:01 - 2010-08-12 02:53 - 00003868 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-25 18:46 - 2013-01-13 23:19 - 00001233 _____ () C:\Users\Public\Desktop\Rossmann Fotowelt Software.lnk
2014-03-25 18:46 - 2013-01-13 23:14 - 00000000 ____D () C:\Program Files (x86)\Rossmann Fotowelt Software
2014-03-23 23:01 - 2012-05-08 09:37 - 00000134 _____ () C:\Users\MediMax\Desktop\Internet Explorer-Problembehebung.url
2014-03-23 22:56 - 2014-03-16 22:04 - 00002566 _____ () C:\Windows\IE10_main.log
2014-03-23 22:49 - 2014-01-03 11:10 - 00007373 _____ () C:\Windows\IE11_main.log
2014-03-21 21:10 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-03-15 09:30 - 2014-03-15 09:30 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-03-15 09:30 - 2014-03-15 09:30 - 00000000 ____D () C:\Windows\system32\NV
2014-03-15 09:30 - 2014-03-15 09:30 - 00000000 ____D () C:\ProgramData\Intel
2014-03-15 09:29 - 2013-03-15 17:22 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-15 09:29 - 2013-03-15 17:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-15 09:20 - 2010-08-12 03:04 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-03-15 09:18 - 2014-03-15 09:15 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-15 09:18 - 2010-08-12 03:12 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-15 09:15 - 2014-03-15 09:15 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-03-15 01:49 - 2013-07-14 09:47 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-15 01:47 - 2012-05-08 09:33 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-15 01:47 - 2012-03-28 21:05 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-13 21:47 - 2012-06-29 13:48 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-13 21:47 - 2012-06-04 21:54 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-13 21:47 - 2012-06-01 10:38 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-11 11:41 - 2012-01-26 01:40 - 00000000 ____D () C:\Users\MediMax\AppData\Roaming\Asus WebStorage
2014-03-11 10:52 - 2011-04-27 15:25 - 00133928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NisDrvWFP.sys

Some content of TEMP:
====================
C:\Users\MediMax\AppData\Local\Temp\atl80.dll
C:\Users\MediMax\AppData\Local\Temp\atlcgk6r.dll
C:\Users\MediMax\AppData\Local\Temp\avgnt.exe
C:\Users\MediMax\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\MediMax\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\MediMax\AppData\Local\Temp\mdm_z4_ext_89194568_6680.dll
C:\Users\MediMax\AppData\Local\Temp\mdm_z4_ext_89849928_2364.dll
C:\Users\MediMax\AppData\Local\Temp\mdm_z4_ext_90636360_6760.dll
C:\Users\MediMax\AppData\Local\Temp\mfc80.dll
C:\Users\MediMax\AppData\Local\Temp\mfc80u.dll
C:\Users\MediMax\AppData\Local\Temp\mfcm80.dll
C:\Users\MediMax\AppData\Local\Temp\mfcm80u.dll
C:\Users\MediMax\AppData\Local\Temp\msvcm80.dll
C:\Users\MediMax\AppData\Local\Temp\msvcp80.dll
C:\Users\MediMax\AppData\Local\Temp\msvcr80.dll
C:\Users\MediMax\AppData\Local\Temp\Quarantine.exe
C:\Users\MediMax\AppData\Local\Temp\setup.exe
C:\Users\MediMax\AppData\Local\Temp\TmDbg32.dll
C:\Users\MediMax\AppData\Local\Temp\TmDbg64.dll
C:\Users\MediMax\AppData\Local\Temp\uwpfc50p.dll
C:\Users\MediMax\AppData\Local\Temp\VisusClient.dll
C:\Users\MediMax\AppData\Local\Temp\yk1dz7uh.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-30 01:54

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Addition

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by MediMax at 2014-04-01 08:34:57
Running from C:\Users\MediMax\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Alice Greenfingers (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version:  - Oberon Media)
ANDI 2013 (HKLM-x32\...\{21E3464C-EE59-4EA2-B3E1-4FCE000B8722}) (Version: 5.0.5 - LGLN Hannover)
ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.10 - ASUS)
ASUS AP Bank (HKLM-x32\...\ASUS AP Bank_is1) (Version: 1.0.0.0 - ASUSTEK)
ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.0.8 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}) (Version: 1.1.37 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0008 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS)
ASUS Video Magic (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.4015 - CyberLink Corp.)
ASUS Video Magic (x32 Version: 6.0.4015 - CyberLink Corp.) Hidden
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.19 - asus)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 2.0.46.1429 - eCareme Technologies, Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0003 - ASUS)
Avira (HKLM-x32\...\{8f29d204-f85e-4d8d-87b0-7ba66bffc1aa}) (Version: 1.0.5197.30752 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.0.5197.30752 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version:  - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version:  - AVM Berlin)
Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version:  - Oberon Media)
Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden
ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.7 - ASUS)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1908 - CyberLink Corp.) Hidden
CyberLink MediaShow Espresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 5.0.1606_25588 - CyberLink Corp.)
CyberLink MediaShow Espresso (x32 Version: 5.0.1606_25588 - CyberLink Corp.) Hidden
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
CyberLink PhotoNow (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.1.3602c - CyberLink Corp.) Hidden
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2609a - CyberLink Corp.)
CyberLink PowerDirector (x32 Version: 8.0.2609a - CyberLink Corp.) Hidden
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.3009.50 - CyberLink Corp.)
CyberLink PowerDVD 9 (x32 Version: 9.0.3009.50 - CyberLink Corp.) Hidden
ETDWare PS/2-x64 7.0.5.11_WHQL (HKLM\...\Elantech) (Version: 7.0.5.11 - ELAN Microelectronics Corp.)
everpixx 6.7 (HKLM-x32\...\{592ED299-14EF-4C0F-92B4-B62E7CD5A2BE}_is1) (Version:  - everpixx)
ExpressGate Cloud (HKLM-x32\...\InstallShield_{499DED08-6FA8-4749-8E94-8526CC9D1CA8}) (Version: 2.1.62.301 - Asus)
ExpressGate Cloud (x32 Version: 2.1.62.301 - Asus) Hidden
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.5 - ASUS)
fotokasten comfort 5.0 (HKLM-x32\...\fotokasten comfort_is1) (Version:  - )
FotoQuelle Fotosoftware 4.11.0 (HKLM-x32\...\FotoQuelle Fotosoftware) (Version: 4.11.0 - ORWO Net)
Fresco Logic USB3.0 Host Controller (HKLM\...\{506B5C23-16B3-459D-9877-915004C248D6}) (Version: 3.0.89.14 - Fresco Logic Inc.)
FRITZ!Box USB-Fernanschluss (HKCU\...\f018cf21c0452c64) (Version: 2.3.0.2 - AVM Berlin)
Game Park Console (HKLM-x32\...\{C9991C9B-0783-452E-8954-AB93E2AB3B80}_is1) (Version: 6.2.0.2 - Oberon Media, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version:  - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
HP Deskjet 3050A J611 series - Grundlegende Software für das Gerät (HKLM\...\{61ADDE9C-3AE6-46FC-9127-DFFF637AED03}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Hilfe (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2131 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.115.11 - Intel)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Lidl-Fotos (HKLM-x32\...\Lidl-Fotos_is1) (Version:  - )
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Download Manager (HKLM-x32\...\{654977DB-0001-0002-0001-EABD228DDE8B}) (Version: 1.2.1 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{0E8D886F-3205-4472-848E-990F400FF218}) (Version: 7601 - Microsoft)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{46EA439E-2D16-49B6-AA80-00DE992FE7CE}) (Version: 7601 - Microsoft)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{5CBDF0C2-6FD1-4A32-9A0A-143D9AB91CCE}) (Version: 7601 - Microsoft)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{68ADAEAA-DABD-45C1-9CC2-F995407549CD}) (Version: 7601 - Microsoft)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{8DD62FB6-083D-40B9-9D7D-48449FDDDED5}) (Version: 7601 - Microsoft)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MyDriveConnect 3.3.0.1342 (HKLM-x32\...\MyDriveConnect) (Version: 3.3.0.1342 - TomTom)
NVIDIA 3D Vision Treiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.14.17 (Version: 1.14.17 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2702 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.14.17 - NVIDIA Corporation) Hidden
NVIDIA Updatus (x32 Version: 1.0.3 - NVIDIA Corporation) Hidden
Piggly FREE (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-1173957}) (Version:  - Oberon Media)
Ravensburger tiptoi (HKLM-x32\...\Ravensburger tiptoi) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6122 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.00049 - Realtek Semiconductor Corp.)
Rossmann Fotowelt Software 4.13 (HKLM-x32\...\Rossmann Fotowelt Software) (Version: 4.13 - ORWO Net)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Smileyville FREE (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117396510}) (Version:  - Oberon Media)
syncables desktop SE (HKLM-x32\...\{BBED4F90-7AE5-40BF-AFB7-1B495692F4AB}) (Version: 5.5.615.9518 - syncables)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878234) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{EC1934B0-AE0F-4BBD-8955-54BB3247ED9E}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
USB2.0 UVC 2M WebCam (HKLM\...\USB2.0 UVC 2M WebCam) (Version: 5.8.54000.204 - Sonix)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Windows Live Anmelde-Assistent (HKLM-x32\...\{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}) (Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 14.0.8052.1208 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8051.1204 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{8C1E2925-14F8-45AA-B999-1E2A74BF5607}) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.30.1 - ASUS)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.17 - ASUS)

==================== Restore Points  =========================

30-03-2014 18:52:56 Sprachpaketdeinstallation
30-03-2014 20:51:31 Installed Microsoft Windows Debugging Symbols
30-03-2014 21:08:10 Installed Microsoft Windows Debugging Symbols
30-03-2014 21:11:21 Installed Microsoft Windows Debugging Symbols
30-03-2014 21:16:29 Installed Microsoft Windows Debugging Symbols
31-03-2014 05:16:45 Installed Microsoft Windows Debugging Symbols
31-03-2014 05:36:13 Windows Update
31-03-2014 06:57:44 Sprachpaketdeinstallation
31-03-2014 20:00:56 Windows Update
31-03-2014 20:55:45 Sprachpaketdeinstallation

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0108D889-0F11-4861-98CE-497428B643E4} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-07-31] (ASUS)
Task: {27924240-4D7D-4141-8B06-8564817B9232} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK)
Task: {7B6E6FE0-1956-4C40-A8F6-B9E56CA71D2B} - \Scheduled Update for Ask Toolbar No Task File
Task: {7FD6C534-7194-4970-A929-C6063B5692B0} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-05-28] (ATK)
Task: {811A4837-2DB3-4F0B-B94A-1E7B5E30C2A0} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {91CA6E11-BC78-450A-9588-17128503C099} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe [2010-05-17] (asus)
Task: {D34EEA53-B5B7-438B-B01F-52690B83A6B4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-12] (Google Inc.)
Task: {DC2B33DB-1D41-4FBB-A5DB-EA2207F48D0C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-13] (Adobe Systems Incorporated)
Task: {EA1A419D-F120-4437-A6D3-3A11D27485B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-12] (Google Inc.)
Task: {F708ED90-CCBC-4800-BBE5-A9FD7C1814B2} - System32\Tasks\P4G Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-03-15 09:17 - 2013-08-30 00:43 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-05 03:36 - 2013-09-05 03:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2010-03-16 03:48 - 2010-03-16 03:48 - 00148816 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\EcaremeDLL.dll
2010-08-12 02:54 - 2010-08-12 02:54 - 00030032 _____ () C:\Windows\assembly\GAC_MSIL\SqliteShared\1.0.3726.20828__0d0f4b69e50e559b\SqliteShared.dll
2010-08-12 02:54 - 2010-08-12 02:54 - 00931840 _____ () C:\Windows\assembly\GAC_64\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll
2008-10-01 08:02 - 2008-10-01 08:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2010-01-11 19:27 - 2010-01-11 19:27 - 00017920 _____ () C:\Program Files\P4G\DevMng.dll
2010-05-06 03:22 - 2010-05-06 03:22 - 00108544 _____ () C:\Program Files\P4G\OvrClk.dll
2010-08-12 03:17 - 2007-11-30 20:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
2010-03-16 03:48 - 2010-03-16 03:48 - 01754448 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
2011-04-10 18:40 - 2011-04-10 18:40 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-07-02 22:36 - 2010-07-02 22:36 - 01597440 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2010-03-16 03:48 - 2010-03-16 03:48 - 00079184 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\EeeStorageUploader.exe
2010-08-12 02:37 - 2010-04-06 08:29 - 00244904 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-03-30 22:30 - 2014-02-25 11:41 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2009-11-02 23:20 - 2009-11-02 23:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 23:23 - 2009-11-02 23:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2013-11-29 11:29 - 2013-11-29 11:29 - 00026520 _____ () C:\Program Files (x86)\MyDrive Connect\DeviceDetection.dll
2013-11-29 11:28 - 2013-11-29 11:28 - 00082840 _____ () C:\Program Files (x86)\MyDrive Connect\TomTomSupporterBase.dll
2013-11-29 11:28 - 2013-11-29 11:28 - 00344984 _____ () C:\Program Files (x86)\MyDrive Connect\TomTomSupporterProxy.dll
2014-03-25 17:07 - 2014-03-25 17:07 - 00137808 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-03-25 17:07 - 2014-03-25 17:07 - 00063568 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-03-30 22:31 - 2014-03-25 17:07 - 00049744 _____ () C:\Users\MediMax\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2010-02-24 00:14 - 2010-02-24 00:14 - 00071680 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Brightness.dll
2010-02-24 00:11 - 2010-02-24 00:11 - 00076288 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Volume.dll
2010-02-24 00:12 - 2010-02-24 00:12 - 00186880 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Resolution.dll
2010-02-24 00:14 - 2010-02-24 00:14 - 00050688 _____ () C:\Program Files (x86)\ASUS\ControlDeck\P4GControl.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:115CEE00
AlternateDataStreams: C:\ProgramData\Temp:2F370DA6
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/01/2014 07:20:42 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (04/01/2014 07:18:31 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (03/31/2014 10:29:27 PM) (Source: Outlook) (User: )
Description: Fehler beim Abrufen des Crawlbereichs-Managers. Fehler=0x8001010d.

Error: (03/31/2014 09:40:48 PM) (Source: Outlook) (User: )
Description: Fehler beim Abrufen des Crawlbereichs-Managers. Fehler=0x8001010d.

Error: (03/31/2014 09:35:55 PM) (Source: Microsoft-Windows-RestartManager) (User: MediMax-PC)
Description: Die Anwendung oder der Dienst "Avira Planer" konnte nicht heruntergefahren werden.

Error: (03/31/2014 09:35:55 PM) (Source: Microsoft-Windows-RestartManager) (User: MediMax-PC)
Description: Die Anwendung oder der Dienst "Avira Echtzeit-Scanner" konnte nicht heruntergefahren werden.

Error: (03/31/2014 08:56:50 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (03/31/2014 08:54:33 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (03/31/2014 07:58:51 AM) (Source: Outlook) (User: )
Description: Fehler beim Abrufen des Crawlbereichs-Managers. Fehler=0x8001010d.

Error: (03/30/2014 07:57:15 PM) (Source: Outlook) (User: )
Description: Fehler beim Abrufen des Crawlbereichs-Managers. Fehler=0x8001010d.


System errors:
=============
Error: (04/01/2014 08:00:54 AM) (Source: ACPI) (User: )
Description: ACPI: ACPI-BIOS versucht, in einen ungültigen PCI-Operationsbereich (0x4) zu schreiben. Wenden Sie sich an den Systemhersteller, um technische Unterstützung zu erhalten.

Error: (04/01/2014 08:00:54 AM) (Source: ACPI) (User: )
Description: ACPI: ACPI-BIOS versucht, in einen ungültigen PCI-Operationsbereich (0x4) zu schreiben. Wenden Sie sich an den Systemhersteller, um technische Unterstützung zu erhalten.

Error: (03/31/2014 11:02:44 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: Das Sprachpaket für es-ES kann von CBS nicht entfernt werden. Zurückgegebener CBS-Fehlercode: 0x80073701.

Error: (03/31/2014 11:02:44 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: CBS-Fehler 0x80073701 '' bei Verwendung des Benutzeroberflächen-Sprachpakets für es-ES.

Error: (03/31/2014 11:01:25 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: Das Sprachpaket für pt-PT kann von CBS nicht entfernt werden. Zurückgegebener CBS-Fehlercode: 0x80073701.

Error: (03/31/2014 11:01:25 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: CBS-Fehler 0x80073701 '' bei Verwendung des Benutzeroberflächen-Sprachpakets für pt-PT.

Error: (03/31/2014 11:00:14 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: Das Sprachpaket für nl-NL kann von CBS nicht entfernt werden. Zurückgegebener CBS-Fehlercode: 0x80073701.

Error: (03/31/2014 11:00:14 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: CBS-Fehler 0x80073701 '' bei Verwendung des Benutzeroberflächen-Sprachpakets für nl-NL.

Error: (03/31/2014 10:59:00 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: Das Sprachpaket für it-IT kann von CBS nicht entfernt werden. Zurückgegebener CBS-Fehlercode: 0x80073701.

Error: (03/31/2014 10:59:00 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: CBS-Fehler 0x80073701 '' bei Verwendung des Benutzeroberflächen-Sprachpakets für it-IT.


Microsoft Office Sessions:
=========================
Error: (08/08/2012 08:22:39 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2078 seconds with 180 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Percentage of memory in use: 40%
Total physical RAM: 5932.49 MB
Available physical RAM: 3502.47 MB
Total Pagefile: 11863.11 MB
Available Pagefile: 8886.28 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Laufwerk C) (Fixed) (Total:149.05 GB) (Free:77.9 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:427.59 GB) (Free:371.72 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 9D8E95DE)
Partition 1: (Not Active) - (Size=20 GB) - (Type=1C)
Partition 2: (Active) - (Size=149 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=428 GB) - (Type=OF Extended)

==================== End Of Log ============================
         
__________________

Alt 01.04.2014, 23:18   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 - Standard

Lösung: Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701



Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 02.04.2014, 07:21   #5
Nobbes03
 
Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 - Standard

Wie Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701



Guten Morgen!

Ich habe in den letzten Tagen einige Scans gemacht. Soviel ich noch weiß alle ohne Fund. Ich hatte sonst Avira installiert. Dieses Programm habe ich aber deinstaliert, weil Antivierenprogramme das Update stören sollen. Ich weiß nicht, ob davon noch Logs vorhanden sind und wo ich diese finden könnte. Die letzte TDSS Logdatei füge ich an.
Unter ADW cleaner besteht die Datei "Quarantine" wäre das eine Hilfe?

Schöne Grüße

Code:
ATTFilter
16:10:35.0543 4472  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
16:10:40.0426 4472  ============================================================
16:10:40.0426 4472  Current date / time: 2014/03/30 16:10:40.0426
16:10:40.0426 4472  SystemInfo:
16:10:40.0426 4472  
16:10:40.0426 4472  OS Version: 6.1.7600 ServicePack: 0.0
16:10:40.0426 4472  Product type: Workstation
16:10:40.0426 4472  ComputerName: MEDIMAX-PC
16:10:40.0426 4472  UserName: MediMax
16:10:40.0426 4472  Windows directory: C:\Windows
16:10:40.0426 4472  System windows directory: C:\Windows
16:10:40.0426 4472  Running under WOW64
16:10:40.0426 4472  Processor architecture: Intel x64
16:10:40.0426 4472  Number of processors: 4
16:10:40.0426 4472  Page size: 0x1000
16:10:40.0426 4472  Boot type: Normal boot
16:10:40.0426 4472  ============================================================
16:10:41.0378 4472  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:10:41.0378 4472  ============================================================
16:10:41.0378 4472  \Device\Harddisk0\DR0:
16:10:41.0378 4472  MBR partitions:
16:10:41.0378 4472  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2711676, BlocksNum 0x12A18AC1
16:10:41.0393 4472  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1512B000, BlocksNum 0x3572C800
16:10:41.0393 4472  ============================================================
16:10:41.0409 4472  C: <-> \Device\Harddisk0\DR0\Partition1
16:10:41.0503 4472  D: <-> \Device\Harddisk0\DR0\Partition2
16:10:41.0503 4472  ============================================================
16:10:41.0503 4472  Initialize success
16:10:41.0503 4472  ============================================================
16:10:43.0905 2740  ============================================================
16:10:43.0905 2740  Scan started
16:10:43.0905 2740  Mode: Manual; 
16:10:43.0905 2740  ============================================================
16:10:44.0966 2740  ================ Scan system memory ========================
16:10:44.0966 2740  System memory - ok
16:10:44.0966 2740  ================ Scan services =============================
16:10:45.0153 2740  [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
16:10:45.0153 2740  1394ohci - ok
16:10:45.0184 2740  [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
16:10:45.0200 2740  ACPI - ok
16:10:45.0231 2740  [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
16:10:45.0231 2740  AcpiPmi - ok
16:10:45.0356 2740  [ B362181ED3771DC03B4141927C80F801 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:10:45.0356 2740  AdobeARMservice - ok
16:10:45.0496 2740  [ 9D96B0D5855FD1B98023B3EEC9F06786 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:10:45.0590 2740  AdobeFlashPlayerUpdateSvc - ok
16:10:45.0637 2740  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
16:10:45.0652 2740  adp94xx - ok
16:10:45.0668 2740  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
16:10:45.0683 2740  adpahci - ok
16:10:45.0699 2740  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
16:10:45.0699 2740  adpu320 - ok
16:10:45.0715 2740  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:10:45.0730 2740  AeLookupSvc - ok
16:10:45.0761 2740  [ 2D00D3DADC1D3326BA788EB071F2726E ] AFBAgent        C:\Windows\system32\FBAgent.exe
16:10:45.0761 2740  AFBAgent - ok
16:10:45.0808 2740  [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD             C:\Windows\system32\drivers\afd.sys
16:10:45.0824 2740  AFD - ok
16:10:45.0855 2740  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
16:10:45.0855 2740  agp440 - ok
16:10:45.0871 2740  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
16:10:45.0871 2740  ALG - ok
16:10:45.0902 2740  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
16:10:45.0902 2740  aliide - ok
16:10:45.0917 2740  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
16:10:45.0917 2740  amdide - ok
16:10:45.0949 2740  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
16:10:45.0949 2740  AmdK8 - ok
16:10:45.0949 2740  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
16:10:45.0964 2740  AmdPPM - ok
16:10:45.0980 2740  [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:10:45.0995 2740  amdsata - ok
16:10:46.0027 2740  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
16:10:46.0042 2740  amdsbs - ok
16:10:46.0042 2740  [ DB27766102C7BF7E95140A2AA81D042E ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:10:46.0042 2740  amdxata - ok
16:10:46.0089 2740  [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID           C:\Windows\system32\drivers\appid.sys
16:10:46.0089 2740  AppID - ok
16:10:46.0120 2740  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:10:46.0120 2740  AppIDSvc - ok
16:10:46.0120 2740  [ D065BE66822847B7F127D1F90158376E ] Appinfo         C:\Windows\System32\appinfo.dll
16:10:46.0136 2740  Appinfo - ok
16:10:46.0151 2740  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
16:10:46.0167 2740  arc - ok
16:10:46.0167 2740  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
16:10:46.0183 2740  arcsas - ok
16:10:46.0229 2740  [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
16:10:46.0245 2740  ASLDRService - ok
16:10:46.0276 2740  [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
16:10:46.0276 2740  ASMMAP64 - ok
16:10:46.0307 2740  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:10:46.0307 2740  AsyncMac - ok
16:10:46.0339 2740  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
16:10:46.0339 2740  atapi - ok
16:10:46.0432 2740  [ A5E770426D18F8EF332A593F3289DA91 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
16:10:46.0557 2740  athr - ok
16:10:46.0573 2740  [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
16:10:46.0573 2740  ATKGFNEXSrv - ok
16:10:46.0619 2740  [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:10:46.0635 2740  AudioEndpointBuilder - ok
16:10:46.0666 2740  [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:10:46.0682 2740  AudioSrv - ok
16:10:46.0713 2740  [ BD39D7CFD9D6A73396B618113A8E8D57 ] avmaudio        C:\Windows\system32\DRIVERS\avmaudio.sys
16:10:46.0713 2740  avmaudio - ok
16:10:46.0760 2740  [ 6A300AD0E23A155B2C3A7FAB0D4AABD1 ] avmaura         C:\Windows\system32\DRIVERS\avmaura.sys
16:10:46.0760 2740  avmaura - ok
16:10:46.0822 2740  [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:10:46.0822 2740  AxInstSV - ok
16:10:46.0869 2740  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
16:10:46.0869 2740  b06bdrv - ok
16:10:46.0916 2740  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:10:46.0916 2740  b57nd60a - ok
16:10:46.0994 2740  [ 01A24B415926BB5F772DBE12459D97DE ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
16:10:46.0994 2740  BBSvc - ok
16:10:47.0056 2740  [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
16:10:47.0072 2740  BBUpdate - ok
16:10:47.0103 2740  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:10:47.0103 2740  BDESVC - ok
16:10:47.0134 2740  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:10:47.0134 2740  Beep - ok
16:10:47.0181 2740  [ 4992C609A6315671463E30F6512BC022 ] BFE             C:\Windows\System32\bfe.dll
16:10:47.0197 2740  BFE - ok
16:10:47.0243 2740  [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS            C:\Windows\System32\qmgr.dll
16:10:47.0275 2740  BITS - ok
16:10:47.0306 2740  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
16:10:47.0306 2740  blbdrive - ok
16:10:47.0337 2740  [ 19D20159708E152267E53B66677A4995 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:10:47.0353 2740  bowser - ok
16:10:47.0368 2740  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:10:47.0384 2740  BrFiltLo - ok
16:10:47.0384 2740  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:10:47.0384 2740  BrFiltUp - ok
16:10:47.0431 2740  [ 6B054C67AAA87843504E8E3C09102009 ] Browser         C:\Windows\System32\browser.dll
16:10:47.0431 2740  Browser - ok
16:10:47.0462 2740  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:10:47.0477 2740  Brserid - ok
16:10:47.0477 2740  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:10:47.0493 2740  BrSerWdm - ok
16:10:47.0493 2740  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:10:47.0509 2740  BrUsbMdm - ok
16:10:47.0524 2740  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:10:47.0524 2740  BrUsbSer - ok
16:10:47.0571 2740  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
16:10:47.0571 2740  BthEnum - ok
16:10:47.0602 2740  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
16:10:47.0602 2740  BTHMODEM - ok
16:10:47.0618 2740  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
16:10:47.0633 2740  BthPan - ok
16:10:47.0665 2740  [ D59773C7FDD3D795D6FE402EEEA8D71E ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
16:10:47.0680 2740  BTHPORT - ok
16:10:47.0711 2740  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
16:10:47.0727 2740  bthserv - ok
16:10:47.0743 2740  [ 8504842634DD144C075B6B0C982CCEC4 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
16:10:47.0743 2740  BTHUSB - ok
16:10:47.0774 2740  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:10:47.0774 2740  cdfs - ok
16:10:47.0821 2740  [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:10:47.0821 2740  cdrom - ok
16:10:47.0852 2740  [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc     C:\Windows\System32\certprop.dll
16:10:47.0852 2740  CertPropSvc - ok
16:10:47.0883 2740  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
16:10:47.0883 2740  circlass - ok
16:10:47.0899 2740  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
16:10:47.0914 2740  CLFS - ok
16:10:48.0008 2740  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:10:48.0023 2740  clr_optimization_v2.0.50727_32 - ok
16:10:48.0070 2740  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:10:48.0070 2740  clr_optimization_v2.0.50727_64 - ok
16:10:48.0257 2740  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:10:48.0538 2740  clr_optimization_v4.0.30319_32 - ok
16:10:48.0679 2740  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:10:48.0679 2740  clr_optimization_v4.0.30319_64 - ok
16:10:48.0725 2740  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
16:10:48.0725 2740  CmBatt - ok
16:10:48.0741 2740  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
16:10:48.0741 2740  cmdide - ok
16:10:48.0788 2740  [ CA7720B73446FDDEC5C69519C1174C98 ] CNG             C:\Windows\system32\Drivers\cng.sys
16:10:48.0788 2740  CNG - ok
16:10:48.0835 2740  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
16:10:48.0835 2740  Compbatt - ok
16:10:48.0866 2740  [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
16:10:48.0866 2740  CompositeBus - ok
16:10:48.0881 2740  COMSysApp - ok
16:10:48.0897 2740  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
16:10:48.0897 2740  crcdisk - ok
16:10:48.0944 2740  [ BAF19B633933A9FB4883D27D66C39E9A ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:10:48.0944 2740  CryptSvc - ok
16:10:48.0991 2740  [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:10:49.0006 2740  DcomLaunch - ok
16:10:49.0022 2740  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
16:10:49.0037 2740  defragsvc - ok
16:10:49.0053 2740  [ 9C253CE7311CA60FC11C774692A13208 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:10:49.0069 2740  DfsC - ok
16:10:49.0100 2740  [ CE3B9562D997F69B330D181A8875960F ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:10:49.0100 2740  Dhcp - ok
16:10:49.0115 2740  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
16:10:49.0115 2740  discache - ok
16:10:49.0162 2740  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
16:10:49.0162 2740  Disk - ok
16:10:49.0193 2740  [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:10:49.0193 2740  Dnscache - ok
16:10:49.0225 2740  [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc         C:\Windows\System32\dot3svc.dll
16:10:49.0225 2740  dot3svc - ok
16:10:49.0240 2740  [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS             C:\Windows\system32\dps.dll
16:10:49.0240 2740  DPS - ok
16:10:49.0287 2740  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:10:49.0287 2740  drmkaud - ok
16:10:49.0334 2740  [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:10:49.0334 2740  DXGKrnl - ok
16:10:49.0365 2740  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
16:10:49.0365 2740  EapHost - ok
16:10:49.0459 2740  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
16:10:49.0552 2740  ebdrv - ok
16:10:49.0583 2740  [ 156F6159457D0AA7E59B62681B56EB90 ] EFS             C:\Windows\System32\lsass.exe
16:10:49.0583 2740  EFS - ok
16:10:49.0646 2740  [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:10:49.0661 2740  ehRecvr - ok
16:10:49.0693 2740  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
16:10:49.0708 2740  ehSched - ok
16:10:49.0771 2740  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
16:10:49.0786 2740  elxstor - ok
16:10:49.0802 2740  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
16:10:49.0802 2740  ErrDev - ok
16:10:49.0849 2740  [ 0975BF32399A24117E317B5BF1D5D0AA ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
16:10:49.0849 2740  ETD - ok
16:10:49.0895 2740  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
16:10:49.0895 2740  EventSystem - ok
16:10:49.0942 2740  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
16:10:49.0958 2740  exfat - ok
16:10:49.0973 2740  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:10:49.0989 2740  fastfat - ok
16:10:50.0036 2740  [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax             C:\Windows\system32\fxssvc.exe
16:10:50.0051 2740  Fax - ok
16:10:50.0083 2740  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
16:10:50.0083 2740  fdc - ok
16:10:50.0098 2740  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
16:10:50.0098 2740  fdPHost - ok
16:10:50.0114 2740  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:10:50.0114 2740  FDResPub - ok
16:10:50.0161 2740  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:10:50.0161 2740  FileInfo - ok
16:10:50.0161 2740  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:10:50.0161 2740  Filetrace - ok
16:10:50.0192 2740  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
16:10:50.0207 2740  flpydisk - ok
16:10:50.0239 2740  [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:10:50.0239 2740  FltMgr - ok
16:10:50.0270 2740  [ E546FB34A4986316AFC4DBACB32AE80E ] FLxHCIc         C:\Windows\system32\DRIVERS\FLxHCIc.sys
16:10:50.0270 2740  FLxHCIc - ok
16:10:50.0348 2740  [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache       C:\Windows\system32\FntCache.dll
16:10:50.0379 2740  FontCache - ok
16:10:50.0441 2740  [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:10:50.0441 2740  FontCache3.0.0.0 - ok
16:10:50.0473 2740  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:10:50.0473 2740  FsDepends - ok
16:10:50.0519 2740  [ 5814011B2F6E088E29D689B5FCD49B8F ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
16:10:50.0519 2740  fssfltr - ok
16:10:50.0566 2740  [ F6717211C1EC2CDDAA81B97B0727C2E9 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
16:10:50.0582 2740  fsssvc - ok
16:10:50.0613 2740  [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:10:50.0613 2740  Fs_Rec - ok
16:10:50.0660 2740  [ 1F44F8559E61A8306ECC67BB1E168B7C ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:10:50.0660 2740  fvevol - ok
16:10:50.0691 2740  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
16:10:50.0691 2740  gagp30kx - ok
16:10:50.0738 2740  [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc           C:\Windows\System32\gpsvc.dll
16:10:50.0753 2740  gpsvc - ok
16:10:50.0816 2740  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:10:50.0831 2740  gupdate - ok
16:10:50.0847 2740  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:10:50.0863 2740  gupdatem - ok
16:10:50.0878 2740  [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:10:50.0878 2740  gusvc - ok
16:10:50.0909 2740  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:10:50.0909 2740  hcw85cir - ok
16:10:50.0941 2740  [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:10:50.0956 2740  HdAudAddService - ok
16:10:50.0987 2740  [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
16:10:50.0987 2740  HDAudBus - ok
16:10:51.0019 2740  [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
16:10:51.0019 2740  HECIx64 - ok
16:10:51.0034 2740  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
16:10:51.0034 2740  HidBatt - ok
16:10:51.0065 2740  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
16:10:51.0065 2740  HidBth - ok
16:10:51.0081 2740  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
16:10:51.0081 2740  HidIr - ok
16:10:51.0112 2740  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
16:10:51.0112 2740  hidserv - ok
16:10:51.0143 2740  [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:10:51.0143 2740  HidUsb - ok
16:10:51.0159 2740  [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:10:51.0159 2740  hkmsvc - ok
16:10:51.0190 2740  [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:10:51.0190 2740  HomeGroupListener - ok
16:10:51.0237 2740  [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:10:51.0237 2740  HomeGroupProvider - ok
16:10:51.0268 2740  [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
16:10:51.0268 2740  HpSAMD - ok
16:10:51.0299 2740  [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:10:51.0331 2740  HTTP - ok
16:10:51.0346 2740  [ F17766A19145F111856378DF337A5D79 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:10:51.0346 2740  hwpolicy - ok
16:10:51.0377 2740  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
16:10:51.0377 2740  i8042prt - ok
16:10:51.0440 2740  [ 42E00996DFC13C46366689C0EA8ABC5E ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
16:10:51.0455 2740  iaStor - ok
16:10:51.0487 2740  [ B75E45C564E944A2657167D197AB29DA ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:10:51.0502 2740  iaStorV - ok
16:10:51.0565 2740  [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:10:51.0596 2740  idsvc - ok
16:10:51.0830 2740  [ 174BCAC474DE13B2650E444CF124828E ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
16:10:52.0126 2740  igfx - ok
16:10:52.0157 2740  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
16:10:52.0173 2740  iirsp - ok
16:10:52.0204 2740  [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT          C:\Windows\System32\ikeext.dll
16:10:52.0220 2740  IKEEXT - ok
16:10:52.0267 2740  [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
16:10:52.0267 2740  Impcd - ok
16:10:52.0360 2740  [ B88E24BD77A0CE2CFFEE2FACF1151BE0 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:10:52.0376 2740  IntcAzAudAddService - ok
16:10:52.0407 2740  [ 58CF58DEE26C909BD6F977B61D246295 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
16:10:52.0423 2740  IntcDAud - ok
16:10:52.0438 2740  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
16:10:52.0438 2740  intelide - ok
16:10:52.0469 2740  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
16:10:52.0469 2740  intelppm - ok
16:10:52.0501 2740  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:10:52.0501 2740  IPBusEnum - ok
16:10:52.0532 2740  [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:10:52.0532 2740  IpFilterDriver - ok
16:10:52.0547 2740  [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:10:52.0579 2740  iphlpsvc - ok
16:10:52.0594 2740  [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
16:10:52.0594 2740  IPMIDRV - ok
16:10:52.0625 2740  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:10:52.0625 2740  IPNAT - ok
16:10:52.0641 2740  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:10:52.0641 2740  IRENUM - ok
16:10:52.0672 2740  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
16:10:52.0672 2740  isapnp - ok
16:10:52.0688 2740  [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
16:10:52.0688 2740  iScsiPrt - ok
16:10:52.0719 2740  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:10:52.0719 2740  kbdclass - ok
16:10:52.0735 2740  [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
16:10:52.0750 2740  kbdhid - ok
16:10:52.0766 2740  [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr         C:\Windows\system32\DRIVERS\kbfiltr.sys
16:10:52.0766 2740  kbfiltr - ok
16:10:52.0797 2740  [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso          C:\Windows\system32\lsass.exe
16:10:52.0797 2740  KeyIso - ok
16:10:52.0828 2740  [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:10:52.0828 2740  KSecDD - ok
16:10:52.0844 2740  [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:10:52.0844 2740  KSecPkg - ok
16:10:52.0875 2740  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:10:52.0875 2740  ksthunk - ok
16:10:52.0906 2740  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:10:52.0922 2740  KtmRm - ok
16:10:52.0953 2740  [ 48686C29856F46443952A831424F8D6F ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
16:10:52.0953 2740  L1C - ok
16:10:53.0000 2740  [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:10:53.0000 2740  LanmanServer - ok
16:10:53.0031 2740  [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:10:53.0031 2740  LanmanWorkstation - ok
16:10:53.0093 2740  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:10:53.0093 2740  lltdio - ok
16:10:53.0171 2740  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:10:53.0187 2740  lltdsvc - ok
16:10:53.0218 2740  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:10:53.0218 2740  lmhosts - ok
16:10:53.0359 2740  [ A1C148801B4AF64847AEB9F3AD9594EF ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:10:53.0437 2740  LMS - ok
16:10:53.0499 2740  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
16:10:53.0499 2740  LSI_FC - ok
16:10:53.0515 2740  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
16:10:53.0515 2740  LSI_SAS - ok
16:10:53.0530 2740  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:10:53.0530 2740  LSI_SAS2 - ok
16:10:53.0546 2740  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:10:53.0561 2740  LSI_SCSI - ok
16:10:53.0577 2740  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
16:10:53.0593 2740  luafv - ok
16:10:53.0655 2740  [ 6140163BFE9D8F2DFDBA088ED5521C13 ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
16:10:53.0671 2740  MBAMSwissArmy - ok
16:10:53.0717 2740  [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:10:53.0717 2740  Mcx2Svc - ok
16:10:53.0733 2740  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
16:10:53.0749 2740  megasas - ok
16:10:53.0764 2740  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
16:10:53.0764 2740  MegaSR - ok
16:10:53.0858 2740  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
16:10:53.0858 2740  Microsoft Office Groove Audit Service - ok
16:10:53.0889 2740  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
16:10:53.0889 2740  MMCSS - ok
16:10:53.0920 2740  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
16:10:53.0920 2740  Modem - ok
16:10:53.0936 2740  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:10:53.0936 2740  monitor - ok
16:10:53.0967 2740  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:10:53.0967 2740  mouclass - ok
16:10:53.0983 2740  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:10:53.0998 2740  mouhid - ok
16:10:54.0014 2740  [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:10:54.0014 2740  mountmgr - ok
16:10:54.0092 2740  [ 9EB89625A82AC961F25E7C865947BF9A ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
16:10:54.0107 2740  MpFilter - ok
16:10:54.0123 2740  [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
16:10:54.0139 2740  mpio - ok
16:10:54.0154 2740  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:10:54.0170 2740  mpsdrv - ok
16:10:54.0201 2740  [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:10:54.0217 2740  MpsSvc - ok
16:10:54.0232 2740  [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:10:54.0248 2740  MRxDAV - ok
16:10:54.0263 2740  [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:10:54.0279 2740  mrxsmb - ok
16:10:54.0295 2740  [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:10:54.0295 2740  mrxsmb10 - ok
16:10:54.0326 2740  [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:10:54.0326 2740  mrxsmb20 - ok
16:10:54.0341 2740  [ 5C37497276E3B3A5488B23A326A754B7 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
16:10:54.0341 2740  msahci - ok
16:10:54.0357 2740  [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
16:10:54.0373 2740  msdsm - ok
16:10:54.0388 2740  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
16:10:54.0404 2740  MSDTC - ok
16:10:54.0419 2740  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:10:54.0419 2740  Msfs - ok
16:10:54.0435 2740  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:10:54.0435 2740  mshidkmdf - ok
16:10:54.0451 2740  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
16:10:54.0451 2740  msisadrv - ok
16:10:54.0482 2740  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:10:54.0497 2740  MSiSCSI - ok
16:10:54.0497 2740  msiserver - ok
16:10:54.0529 2740  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:10:54.0529 2740  MSKSSRV - ok
16:10:54.0622 2740  [ 89F2AEDC2788696702141AB82C3E7866 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
16:10:54.0622 2740  MsMpSvc - ok
16:10:54.0653 2740  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:10:54.0669 2740  MSPCLOCK - ok
16:10:54.0669 2740  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:10:54.0685 2740  MSPQM - ok
16:10:54.0700 2740  [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:10:54.0716 2740  MsRPC - ok
16:10:54.0731 2740  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
16:10:54.0731 2740  mssmbios - ok
16:10:54.0747 2740  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:10:54.0747 2740  MSTEE - ok
16:10:54.0747 2740  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
16:10:54.0763 2740  MTConfig - ok
16:10:54.0778 2740  [ 032D35C996F21D19A205A7C8F0B76F3C ] MTsensor        C:\Windows\system32\DRIVERS\ATK64AMD.sys
16:10:54.0778 2740  MTsensor - ok
16:10:54.0794 2740  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
16:10:54.0794 2740  Mup - ok
16:10:54.0841 2740  [ 4987E079A4530FA737A128BE54B63B12 ] napagent        C:\Windows\system32\qagentRT.dll
16:10:54.0856 2740  napagent - ok
16:10:54.0887 2740  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:10:54.0903 2740  NativeWifiP - ok
16:10:54.0934 2740  [ CAD515DBD07D082BB317D9928CE8962C ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:10:54.0950 2740  NDIS - ok
16:10:54.0981 2740  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:10:54.0981 2740  NdisCap - ok
16:10:55.0012 2740  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:10:55.0012 2740  NdisTapi - ok
16:10:55.0043 2740  [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:10:55.0043 2740  Ndisuio - ok
16:10:55.0059 2740  [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:10:55.0059 2740  NdisWan - ok
16:10:55.0090 2740  [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:10:55.0090 2740  NDProxy - ok
16:10:55.0106 2740  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:10:55.0106 2740  NetBIOS - ok
16:10:55.0121 2740  [ 9162B273A44AB9DCE5B44362731D062A ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:10:55.0121 2740  NetBT - ok
16:10:55.0137 2740  [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon        C:\Windows\system32\lsass.exe
16:10:55.0137 2740  Netlogon - ok
16:10:55.0184 2740  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
16:10:55.0184 2740  Netman - ok
16:10:55.0215 2740  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
16:10:55.0231 2740  netprofm - ok
16:10:55.0262 2740  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:10:55.0262 2740  NetTcpPortSharing - ok
16:10:55.0309 2740  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
16:10:55.0309 2740  nfrd960 - ok
16:10:55.0371 2740  [ C3E0696C3B42F694C5822776AA6FFFDF ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:10:55.0371 2740  NisDrv - ok
16:10:55.0418 2740  [ DCEE3592299B2229A0DB98CB415059A2 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
16:10:55.0433 2740  NisSrv - ok
16:10:55.0465 2740  [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:10:55.0480 2740  NlaSvc - ok
16:10:55.0511 2740  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:10:55.0511 2740  Npfs - ok
16:10:55.0527 2740  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
16:10:55.0527 2740  nsi - ok
16:10:55.0543 2740  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:10:55.0543 2740  nsiproxy - ok
16:10:55.0621 2740  [ 9A6089B056EA1B83B36424FC9D0A300E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:10:55.0667 2740  Ntfs - ok
16:10:55.0683 2740  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
16:10:55.0683 2740  Null - ok
16:10:55.0917 2740  [ 9B93CC9C70EDE60A9C486E7719DB9E8D ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:10:55.0979 2740  nvlddmkm - ok
16:10:56.0026 2740  [ F76296368BB813E0C6996501A3271C7C ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
16:10:56.0026 2740  nvpciflt - ok
16:10:56.0057 2740  [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:10:56.0057 2740  nvraid - ok
16:10:56.0089 2740  [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:10:56.0104 2740  nvstor - ok
16:10:56.0151 2740  [ FB50E60564ED30DDC855F0CE435C8467 ] nvsvc           C:\Windows\system32\nvvsvc.exe
16:10:56.0182 2740  nvsvc - ok
16:10:56.0260 2740  [ C63E582366EAD77978BFFD959A66DBB8 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
16:10:56.0291 2740  nvUpdatusService - ok
16:10:56.0323 2740  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
16:10:56.0323 2740  nv_agp - ok
16:10:56.0385 2740  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:10:56.0401 2740  odserv - ok
16:10:56.0416 2740  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
16:10:56.0432 2740  ohci1394 - ok
16:10:56.0463 2740  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:10:56.0479 2740  ose - ok
16:10:56.0510 2740  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:10:56.0510 2740  p2pimsvc - ok
16:10:56.0525 2740  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
16:10:56.0541 2740  p2psvc - ok
16:10:56.0557 2740  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
16:10:56.0572 2740  Parport - ok
16:10:56.0603 2740  [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:10:56.0603 2740  partmgr - ok
16:10:56.0619 2740  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:10:56.0619 2740  PcaSvc - ok
16:10:56.0650 2740  [ F36F6504009F2FB0DFD1B17A116AD74B ] pci             C:\Windows\system32\DRIVERS\pci.sys
16:10:56.0650 2740  pci - ok
16:10:56.0666 2740  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
16:10:56.0666 2740  pciide - ok
16:10:56.0697 2740  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
16:10:56.0697 2740  pcmcia - ok
16:10:56.0713 2740  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:10:56.0713 2740  pcw - ok
16:10:56.0728 2740  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:10:56.0759 2740  PEAUTH - ok
16:10:56.0853 2740  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:10:56.0869 2740  PerfHost - ok
16:10:56.0915 2740  [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla             C:\Windows\system32\pla.dll
16:10:56.0947 2740  pla - ok
16:10:56.0993 2740  [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:10:56.0993 2740  PlugPlay - ok
16:10:57.0009 2740  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:10:57.0009 2740  PNRPAutoReg - ok
16:10:57.0056 2740  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:10:57.0056 2740  PNRPsvc - ok
16:10:57.0087 2740  [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:10:57.0087 2740  PolicyAgent - ok
16:10:57.0118 2740  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
16:10:57.0134 2740  Power - ok
16:10:57.0165 2740  [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:10:57.0165 2740  PptpMiniport - ok
16:10:57.0196 2740  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
16:10:57.0196 2740  Processor - ok
16:10:57.0243 2740  [ 97293447431311C06703368AD0F6C4BE ] ProfSvc         C:\Windows\system32\profsvc.dll
16:10:57.0243 2740  ProfSvc - ok
16:10:57.0259 2740  [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:10:57.0259 2740  ProtectedStorage - ok
16:10:57.0274 2740  [ EE992183BD8EAEFD9973F352E587A299 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:10:57.0290 2740  Psched - ok
16:10:57.0337 2740  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
16:10:57.0368 2740  ql2300 - ok
16:10:57.0399 2740  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
16:10:57.0399 2740  ql40xx - ok
16:10:57.0430 2740  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
16:10:57.0446 2740  QWAVE - ok
16:10:57.0461 2740  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:10:57.0461 2740  QWAVEdrv - ok
16:10:57.0477 2740  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:10:57.0477 2740  RasAcd - ok
16:10:57.0508 2740  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:10:57.0508 2740  RasAgileVpn - ok
16:10:57.0524 2740  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
16:10:57.0524 2740  RasAuto - ok
16:10:57.0539 2740  [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:10:57.0539 2740  Rasl2tp - ok
16:10:57.0571 2740  [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan          C:\Windows\System32\rasmans.dll
16:10:57.0571 2740  RasMan - ok
16:10:57.0586 2740  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:10:57.0586 2740  RasPppoe - ok
16:10:57.0602 2740  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:10:57.0602 2740  RasSstp - ok
16:10:57.0633 2740  [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:10:57.0633 2740  rdbss - ok
16:10:57.0649 2740  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
16:10:57.0649 2740  rdpbus - ok
16:10:57.0664 2740  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:10:57.0664 2740  RDPCDD - ok
16:10:57.0695 2740  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:10:57.0695 2740  RDPENCDD - ok
16:10:57.0711 2740  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:10:57.0711 2740  RDPREFMP - ok
16:10:57.0742 2740  [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:10:57.0742 2740  RDPWD - ok
16:10:57.0773 2740  [ E5DC9BA9E439D6DBDD79F8CAACB5BF01 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:10:57.0773 2740  rdyboost - ok
16:10:57.0805 2740  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:10:57.0805 2740  RemoteAccess - ok
16:10:57.0836 2740  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:10:57.0836 2740  RemoteRegistry - ok
16:10:57.0883 2740  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
16:10:57.0898 2740  RFCOMM - ok
16:10:57.0961 2740  [ F12A68ED55053940CADD59CA5E3468DD ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
16:10:58.0007 2740  RichVideo - ok
16:10:58.0039 2740  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:10:58.0054 2740  RpcEptMapper - ok
16:10:58.0070 2740  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
16:10:58.0070 2740  RpcLocator - ok
16:10:58.0101 2740  [ 7266972E86890E2B30C0C322E906B027 ] RpcSs           C:\Windows\system32\rpcss.dll
16:10:58.0101 2740  RpcSs - ok
16:10:58.0148 2740  [ 0103AA79589FCA09DF1DF9B31273B16D ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
16:10:58.0148 2740  RSPCIESTOR - ok
16:10:58.0179 2740  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:10:58.0179 2740  rspndr - ok
16:10:58.0195 2740  [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs           C:\Windows\system32\lsass.exe
16:10:58.0195 2740  SamSs - ok
16:10:58.0210 2740  [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
16:10:58.0210 2740  sbp2port - ok
16:10:58.0226 2740  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:10:58.0241 2740  SCardSvr - ok
16:10:58.0257 2740  [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:10:58.0257 2740  scfilter - ok
16:10:58.0304 2740  [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule        C:\Windows\system32\schedsvc.dll
16:10:58.0335 2740  Schedule - ok
16:10:58.0366 2740  [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:10:58.0366 2740  SCPolicySvc - ok
16:10:58.0413 2740  [ 84E00908975FAF79E91282ED8FB88C2F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
16:10:58.0413 2740  sdbus - ok
16:10:58.0444 2740  [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:10:58.0444 2740  SDRSVC - ok
16:10:58.0475 2740  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:10:58.0475 2740  secdrv - ok
16:10:58.0475 2740  [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon        C:\Windows\system32\seclogon.dll
16:10:58.0491 2740  seclogon - ok
16:10:58.0491 2740  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
16:10:58.0491 2740  SENS - ok
16:10:58.0522 2740  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:10:58.0522 2740  SensrSvc - ok
16:10:58.0538 2740  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
16:10:58.0538 2740  Serenum - ok
16:10:58.0569 2740  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
16:10:58.0569 2740  Serial - ok
16:10:58.0600 2740  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
16:10:58.0616 2740  sermouse - ok
16:10:58.0631 2740  [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv      C:\Windows\system32\sessenv.dll
16:10:58.0647 2740  SessionEnv - ok
16:10:58.0663 2740  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
16:10:58.0663 2740  sffdisk - ok
16:10:58.0678 2740  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
16:10:58.0678 2740  sffp_mmc - ok
16:10:58.0694 2740  [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
16:10:58.0694 2740  sffp_sd - ok
16:10:58.0709 2740  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
16:10:58.0709 2740  sfloppy - ok
16:10:58.0741 2740  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:10:58.0741 2740  SharedAccess - ok
16:10:58.0772 2740  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:10:58.0772 2740  ShellHWDetection - ok
16:10:58.0803 2740  [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH        C:\Windows\system32\DRIVERS\SiSG664.sys
16:10:58.0819 2740  SiSGbeLH - ok
16:10:58.0834 2740  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:10:58.0834 2740  SiSRaid2 - ok
16:10:58.0850 2740  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
16:10:58.0850 2740  SiSRaid4 - ok
16:10:58.0928 2740  [ 50D9949020E02B847CD48F1243FCB895 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
16:10:58.0928 2740  SkypeUpdate - ok
16:10:58.0959 2740  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:10:58.0959 2740  Smb - ok
16:10:58.0990 2740  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:10:59.0006 2740  SNMPTRAP - ok
16:10:59.0068 2740  [ 2114518E55B380A3ACC28B2C27FD499A ] SNP2UVC         C:\Windows\system32\DRIVERS\snp2uvc.sys
16:10:59.0115 2740  SNP2UVC - ok
16:10:59.0131 2740  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:10:59.0146 2740  spldr - ok
16:10:59.0177 2740  [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler         C:\Windows\System32\spoolsv.exe
16:10:59.0193 2740  Spooler - ok
16:10:59.0287 2740  [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc          C:\Windows\system32\sppsvc.exe
16:10:59.0365 2740  sppsvc - ok
16:10:59.0380 2740  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:10:59.0380 2740  sppuinotify - ok
16:10:59.0411 2740  [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:10:59.0427 2740  srv - ok
16:10:59.0443 2740  [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:10:59.0443 2740  srv2 - ok
16:10:59.0474 2740  [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:10:59.0474 2740  srvnet - ok
16:10:59.0489 2740  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:10:59.0505 2740  SSDPSRV - ok
16:10:59.0521 2740  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:10:59.0521 2740  SstpSvc - ok
16:10:59.0567 2740  [ 7FCE08C739136C9C64107A8814EF854C ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:10:59.0567 2740  Stereo Service - ok
16:10:59.0599 2740  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
16:10:59.0599 2740  stexstor - ok
16:10:59.0645 2740  [ DECACB6921DED1A38642642685D77DAC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
16:10:59.0645 2740  StillCam - ok
16:10:59.0677 2740  [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc          C:\Windows\System32\wiaservc.dll
16:10:59.0692 2740  stisvc - ok
16:10:59.0708 2740  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
16:10:59.0708 2740  swenum - ok
16:10:59.0755 2740  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
16:10:59.0770 2740  swprv - ok
16:10:59.0817 2740  [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain         C:\Windows\system32\sysmain.dll
16:10:59.0879 2740  SysMain - ok
16:10:59.0895 2740  [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:10:59.0895 2740  TabletInputService - ok
16:10:59.0911 2740  [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:10:59.0926 2740  TapiSrv - ok
16:10:59.0942 2740  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
16:10:59.0942 2740  TBS - ok
16:11:00.0020 2740  [ 5CFB7AB8F9524D1A1E14369DE63B83CC ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:11:00.0067 2740  Tcpip - ok
16:11:00.0129 2740  [ 5CFB7AB8F9524D1A1E14369DE63B83CC ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:11:00.0145 2740  TCPIP6 - ok
16:11:00.0191 2740  [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:11:00.0191 2740  tcpipreg - ok
16:11:00.0207 2740  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:11:00.0207 2740  TDPIPE - ok
16:11:00.0238 2740  [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:11:00.0238 2740  TDTCP - ok
16:11:00.0269 2740  [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:11:00.0269 2740  tdx - ok
16:11:00.0285 2740  [ C448651339196C0E869A355171875522 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
16:11:00.0285 2740  TermDD - ok
16:11:00.0316 2740  [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService     C:\Windows\System32\termsrv.dll
16:11:00.0347 2740  TermService - ok
16:11:00.0363 2740  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
16:11:00.0363 2740  Themes - ok
16:11:00.0379 2740  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
16:11:00.0379 2740  THREADORDER - ok
16:11:00.0410 2740  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
16:11:00.0425 2740  TrkWks - ok
16:11:00.0441 2740  [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:11:00.0457 2740  TrustedInstaller - ok
16:11:00.0472 2740  [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:11:00.0472 2740  tssecsrv - ok
16:11:00.0519 2740  [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:11:00.0519 2740  tunnel - ok
16:11:00.0550 2740  [ C45A3E051C65106A28982CAED125F855 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
16:11:00.0566 2740  TurboB - ok
16:11:00.0581 2740  [ BAEF86EBEAECE76573FA822DEA256F6C ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
16:11:00.0597 2740  TurboBoost - ok
16:11:00.0613 2740  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
16:11:00.0628 2740  uagp35 - ok
16:11:00.0644 2740  [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:11:00.0659 2740  udfs - ok
16:11:00.0675 2740  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:11:00.0675 2740  UI0Detect - ok
16:11:00.0706 2740  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
16:11:00.0722 2740  uliagpkx - ok
16:11:00.0737 2740  [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:11:00.0737 2740  umbus - ok
16:11:00.0769 2740  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
16:11:00.0769 2740  UmPass - ok
16:11:00.0847 2740  [ 41118D920B2B268C0ADC36421248CDCF ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
16:11:00.0909 2740  UNS - ok
16:11:00.0940 2740  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
16:11:00.0940 2740  upnphost - ok
16:11:00.0971 2740  [ 7B6A127C93EE590E4D79A5F2A76FE46F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:11:00.0987 2740  usbccgp - ok
16:11:01.0018 2740  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
16:11:01.0018 2740  usbcir - ok
16:11:01.0034 2740  [ 92969BA5AC44E229C55A332864F79677 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
16:11:01.0049 2740  usbehci - ok
16:11:01.0081 2740  [ E7DF1CFD28CA86B35EF5ADD0735CEEF3 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:11:01.0081 2740  usbhub - ok
16:11:01.0112 2740  [ F1BB1E55F1E7A65C5839CCC7B36D773E ] usbohci         C:\Windows\system32\drivers\usbohci.sys
16:11:01.0112 2740  usbohci - ok
16:11:01.0127 2740  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
16:11:01.0127 2740  usbprint - ok
16:11:01.0159 2740  [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:11:01.0174 2740  USBSTOR - ok
16:11:01.0205 2740  [ BC3070350A491D84B518D7CCA9ABD36F ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
16:11:01.0205 2740  usbuhci - ok
16:11:01.0252 2740  [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
16:11:01.0252 2740  usbvideo - ok
16:11:01.0299 2740  [ E388D1507E779D0B499A1D87476E4230 ] usb_rndisx      C:\Windows\system32\drivers\usb8023x.sys
16:11:01.0299 2740  usb_rndisx - ok
16:11:01.0330 2740  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
16:11:01.0330 2740  UxSms - ok
16:11:01.0346 2740  [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc        C:\Windows\system32\lsass.exe
16:11:01.0346 2740  VaultSvc - ok
16:11:01.0393 2740  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
16:11:01.0393 2740  vdrvroot - ok
16:11:01.0424 2740  [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds             C:\Windows\System32\vds.exe
16:11:01.0455 2740  vds - ok
16:11:01.0471 2740  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:11:01.0471 2740  vga - ok
16:11:01.0486 2740  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:11:01.0486 2740  VgaSave - ok
16:11:01.0517 2740  [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
16:11:01.0517 2740  vhdmp - ok
16:11:01.0533 2740  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
16:11:01.0533 2740  viaide - ok
16:11:01.0549 2740  [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
16:11:01.0564 2740  volmgr - ok
16:11:01.0580 2740  [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:11:01.0580 2740  volmgrx - ok
16:11:01.0627 2740  [ 9E425AC5C9A5A973273D169F43B4F5E1 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:11:01.0627 2740  volsnap - ok
16:11:01.0658 2740  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
16:11:01.0658 2740  vsmraid - ok
16:11:01.0720 2740  [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS             C:\Windows\system32\vssvc.exe
16:11:01.0767 2740  VSS - ok
16:11:01.0783 2740  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
16:11:01.0783 2740  vwifibus - ok
16:11:01.0798 2740  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
16:11:01.0798 2740  vwififlt - ok
16:11:01.0829 2740  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
16:11:01.0829 2740  vwifimp - ok
16:11:01.0861 2740  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
16:11:01.0861 2740  W32Time - ok
16:11:01.0892 2740  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
16:11:01.0892 2740  WacomPen - ok
16:11:01.0907 2740  [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:11:01.0907 2740  WANARP - ok
16:11:01.0923 2740  [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:11:01.0939 2740  Wanarpv6 - ok
16:11:01.0970 2740  [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine        C:\Windows\system32\wbengine.exe
16:11:02.0017 2740  wbengine - ok
16:11:02.0048 2740  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:11:02.0048 2740  WbioSrvc - ok
16:11:02.0079 2740  [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:11:02.0095 2740  wcncsvc - ok
16:11:02.0110 2740  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:11:02.0110 2740  WcsPlugInService - ok
16:11:02.0126 2740  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
16:11:02.0126 2740  Wd - ok
16:11:02.0157 2740  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:11:02.0188 2740  Wdf01000 - ok
16:11:02.0219 2740  wdiasxsq - ok
16:11:02.0251 2740  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:11:02.0251 2740  WdiServiceHost - ok
16:11:02.0251 2740  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:11:02.0266 2740  WdiSystemHost - ok
16:11:02.0297 2740  [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient       C:\Windows\System32\webclnt.dll
16:11:02.0297 2740  WebClient - ok
16:11:02.0313 2740  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:11:02.0329 2740  Wecsvc - ok
16:11:02.0344 2740  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:11:02.0344 2740  wercplsupport - ok
16:11:02.0375 2740  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:11:02.0375 2740  WerSvc - ok
16:11:02.0407 2740  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:11:02.0407 2740  WfpLwf - ok
16:11:02.0438 2740  [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
16:11:02.0453 2740  WimFltr - ok
16:11:02.0453 2740  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:11:02.0453 2740  WIMMount - ok
16:11:02.0485 2740  WinDefend - ok
16:11:02.0485 2740  WinHttpAutoProxySvc - ok
16:11:02.0547 2740  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:11:02.0547 2740  Winmgmt - ok
16:11:02.0609 2740  [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM           C:\Windows\system32\WsmSvc.dll
16:11:02.0687 2740  WinRM - ok
16:11:02.0750 2740  [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
16:11:02.0750 2740  WinUsb - ok
16:11:02.0812 2740  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:11:02.0843 2740  Wlansvc - ok
16:11:02.0875 2740  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
16:11:02.0875 2740  WmiAcpi - ok
16:11:02.0890 2740  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:11:02.0890 2740  wmiApSrv - ok
16:11:02.0937 2740  WMPNetworkSvc - ok
16:11:02.0953 2740  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:11:02.0953 2740  WPCSvc - ok
16:11:02.0968 2740  [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:11:02.0968 2740  WPDBusEnum - ok
16:11:02.0999 2740  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:11:02.0999 2740  ws2ifsl - ok
16:11:03.0031 2740  [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc          C:\Windows\System32\wscsvc.dll
16:11:03.0031 2740  wscsvc - ok
16:11:03.0046 2740  WSearch - ok
16:11:03.0124 2740  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:11:03.0202 2740  wuauserv - ok
16:11:03.0233 2740  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:11:03.0233 2740  WudfPf - ok
16:11:03.0265 2740  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:11:03.0280 2740  WUDFRd - ok
16:11:03.0296 2740  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:11:03.0296 2740  wudfsvc - ok
16:11:03.0327 2740  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:11:03.0327 2740  WwanSvc - ok
16:11:03.0405 2740  [ 74983ADDCA2D9618512C088D856D6615 ] {B154377D-700F-42cc-9474-23858FBDF4BD} C:\Program Files (x86)\Cyberlink\PowerDVD9\000.fcl
16:11:03.0405 2740  {B154377D-700F-42cc-9474-23858FBDF4BD} - ok
16:11:03.0436 2740  ================ Scan global ===============================
16:11:03.0452 2740  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:11:03.0499 2740  [ 3FB74FF230B5D240A57AE1C4A3D0459D ] C:\Windows\system32\winsrv.dll
16:11:03.0514 2740  [ 3FB74FF230B5D240A57AE1C4A3D0459D ] C:\Windows\system32\winsrv.dll
16:11:03.0545 2740  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:11:03.0561 2740  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:11:03.0561 2740  [Global] - ok
16:11:03.0577 2740  ================ Scan MBR ==================================
16:11:03.0577 2740  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:11:03.0982 2740  \Device\Harddisk0\DR0 - ok
16:11:03.0982 2740  ================ Scan VBR ==================================
16:11:03.0982 2740  [ 4CA9FCEE8C8310B79D08700CE7EF184C ] \Device\Harddisk0\DR0\Partition1
16:11:03.0982 2740  \Device\Harddisk0\DR0\Partition1 - ok
16:11:04.0029 2740  [ 12305AB3574952956499B9E4BAA91FF9 ] \Device\Harddisk0\DR0\Partition2
16:11:04.0029 2740  \Device\Harddisk0\DR0\Partition2 - ok
16:11:04.0029 2740  ============================================================
16:11:04.0029 2740  Scan finished
16:11:04.0029 2740  ============================================================
16:11:04.0045 5308  Detected object count: 0
16:11:04.0045 5308  Actual detected object count: 0
16:11:08.0678 5332  Deinitialize success
         


Alt 02.04.2014, 08:35   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 - Standard

Wo Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 Lösung!



Bitte ein Log mit CF machen:

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
--> Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701

Alt 02.04.2014, 19:36   #7
Nobbes03
 
Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 - Standard

Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701



Hallo!
Combo installiert. Er meckerte, dass Mircosoft Security Essential antivierus und -spyware aktiv seien. Waren aber deaktiviert.
Hier der Log:

Code:
ATTFilter
ComboFix 14-03-24.01 - MediMax 02.04.2014  19:52:31.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.49.1031.18.5932.3809 [GMT 2:00]
ausgeführt von:: c:\users\MediMax\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\msvcr71.dll
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-03-02 bis 2014-04-02  ))))))))))))))))))))))))))))))
.
.
2014-04-02 18:01 . 2014-04-02 18:01	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-04-02 18:01 . 2014-04-02 18:01	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2014-04-01 20:38 . 2014-02-21 07:02	1031560	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3FFD6BD5-024B-4873-859A-D1CCBE4011EF}\gapaengine.dll
2014-04-01 20:38 . 2014-03-07 04:43	10521840	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{873AE9BC-B487-4055-8A46-1900B5032A3E}\mpengine.dll
2014-04-01 06:33 . 2014-04-01 06:35	--------	d-----w-	C:\FRST
2014-03-31 19:51 . 2014-03-07 04:43	10521840	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-03-31 05:36 . 2014-03-31 05:36	--------	d-----w-	c:\windows\CheckSur
2014-03-31 05:07 . 2014-03-31 05:07	--------	d-----w-	c:\windows\system32\EventProviders
2014-03-30 20:34 . 2014-03-30 20:34	--------	d-----w-	c:\users\Public\CyberLink
2014-03-30 17:52 . 2014-03-30 17:54	--------	d-----w-	C:\AdwCleaner
2014-03-30 09:01 . 2014-03-30 09:13	119512	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-03-30 09:00 . 2014-03-30 09:00	--------	d-----w-	c:\programdata\Malwarebytes
2014-03-29 17:41 . 2014-03-29 17:41	208216	----a-w-	c:\windows\system32\drivers\90336673.sys
2014-03-29 17:39 . 2014-03-29 17:39	208216	----a-w-	c:\windows\system32\drivers\66244616.sys
2014-03-28 18:27 . 2014-03-28 18:27	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2014-03-28 18:27 . 2014-03-28 18:27	--------	d-----r-	c:\program files (x86)\Skype
2014-03-28 18:24 . 2014-03-29 17:48	--------	d-----w-	C:\history
2014-03-26 17:29 . 2014-03-26 17:29	--------	d-----w-	c:\program files (x86)\Microsoft Download Manager
2014-03-15 07:30 . 2014-03-15 07:30	--------	d-----w-	c:\programdata\Intel
2014-03-15 07:30 . 2014-03-15 07:30	--------	d-----w-	c:\windows\SysWow64\NV
2014-03-15 07:30 . 2014-03-15 07:30	--------	d-----w-	c:\windows\system32\NV
2014-03-15 07:16 . 2013-09-05 01:37	61216	----a-w-	c:\windows\system32\OpenCL.dll
2014-03-15 07:16 . 2013-09-05 01:37	53024	----a-w-	c:\windows\SysWow64\OpenCL.dll
2014-03-15 07:15 . 2014-03-15 07:15	--------	d-----w-	c:\programdata\NVIDIA Corporation
2014-03-15 07:15 . 2014-03-15 07:18	--------	d-----w-	c:\program files\NVIDIA Corporation
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-31 20:26 . 2012-05-08 17:02	45056	----a-w-	c:\windows\system32\acovcnt.exe
2014-03-14 23:47 . 2012-05-08 07:33	90015360	----a-w-	c:\windows\system32\MRT.exe
2014-03-13 19:47 . 2012-06-04 19:54	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-03-13 19:47 . 2012-06-01 08:38	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-11 08:52 . 2011-04-27 13:25	133928	----a-w-	c:\windows\system32\drivers\NisDrvWFP.sys
2014-02-21 07:02 . 2012-06-13 10:03	1031560	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-01-25 00:19 . 2014-01-25 00:19	268512	----a-w-	c:\windows\system32\drivers\MpFilter.sys
2014-01-19 07:33 . 2012-04-24 17:29	270496	------w-	c:\windows\system32\MpSigStub.exe
2014-01-16 00:42 . 2014-01-16 00:42	608032	----a-w-	C:\SecurityScanner.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Syncables"="c:\program files (x86)\syncables\syncables desktop\Syncables.exe" [2010-04-05 370480]
"AVMUSBFernanschluss"="c:\users\MediMax\AppData\Local\Apps\2.0\VN87KBH0.Z1C\1GWNEOP3.BQ2\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\AVMAutoStart.exe" [2012-12-30 139264]
"HP Deskjet 3050A J611 series (NET)"="c:\program files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" [2012-10-17 2573416]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"MyDriveConnect.exe"="c:\program files (x86)\MyDrive Connect\MyDriveConnect.exe" [2013-11-29 473496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl9"="c:\program files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2010-02-24 75048]
"UpdatePSTShortCut"="c:\program files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2010-06-24 210216]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-02-04 7350912]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-01-05 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-07-02 1597440]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe -d [2012-7-2 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 wdiasxsq;wdiasxsq;c:\windows\system32\drivers\wdiasxsq.sys;c:\windows\SYSNATIVE\drivers\wdiasxsq.sys [x]
R2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/08/11 17:41];c:\program files (x86)\Cyberlink\PowerDVD9\000.fcl;c:\program files (x86)\Cyberlink\PowerDVD9\000.fcl [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 avmaudio;AVM Audio;c:\windows\system32\DRIVERS\avmaudio.sys;c:\windows\SYSNATIVE\DRIVERS\avmaudio.sys [x]
S3 avmaura;AVM USB-Fernanschluss;c:\windows\system32\DRIVERS\avmaura.sys;c:\windows\SYSNATIVE\DRIVERS\avmaura.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys;c:\windows\SYSNATIVE\DRIVERS\FLxHCIc.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-15 19:02	1150280	----a-w-	c:\program files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-04-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-04 19:47]
.
2014-04-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-12 00:53]
.
2014-04-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-12 00:53]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49	70656	----a-w-	c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49	70656	----a-w-	c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 1271072]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-10 167256]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-10 391512]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-10 415064]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-SessionLogon - c:\expressgateutil\SessionLogon.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Toolbar-Locked - (no file)
HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe
HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\c:\program files (x86)\Cyberlink\PowerDVD9\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-04-02  20:13:40
ComboFix-quarantined-files.txt  2014-04-02 18:13
.
Vor Suchlauf: 13 Verzeichnis(se), 93.412.433.920 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 95.082.561.536 Bytes frei
.
- - End Of File - - F95F2A3DAF6C6F8436226A9971EF8667
         

Alt 02.04.2014, 21:15   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 - Standard

Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701



Combofix-Skript
WARNUNG für die MITLESER:
Folgendes ComboFix Skript ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!

  • Lösche die vorhandene Combofix.exe von deinem Desktop und lade das Programm von folgenden Download-Spiegel neu herunter: Link
  • Speichere es erneut auf dem Desktop (nicht woanders hin, das ist wichtig)!
  • Drücke die Windows + R Taste --> notepad (hinein schreiben) --> OK
  • Kopiere nun den Text aus der folgenden Codebox komplett in das leere Textdokument.
    Code:
    ATTFilter
    File::
    c:\windows\system32\drivers\wdiasxsq.sys
    
    Driver::
    wdiasxsq
             
  • Speichere dies als CFScript.txt auf deinem Desktop.
  • Wichtig: Stelle deine Anti Viren Software temporär ab. Dies kann ComboFix nämlich bei der Arbeit behindern.
    Danach wieder anstellen nicht vergessen!
  • Schließe alle laufenden Programme damit ComboFix ungehindert arbeiten kann.
  • Ziehe CFScript.txt in die ComboFix.exe wie in diesem Bild:
  • Mache nichts am Computer, bewege nicht die Maus über das ComboFix-Fenster oder klicke in dieses hinein. Dies kann dazu führen, dass ComboFix sich aufhängt.
  • Wenn ComboFix fertig ist wird es ein Log erstellen: C:\ComboFix.txt
    Bitte füge es hier als Antwort (in CODE-Tags mit dem #-Button des Editors) ein.

Hinweis:
Suspect:: und Collect::
Falls im Skript diese Anweisungen enthalten sind, sollen Dateien zur Analyse eingeschickt werden. Es erscheint eine Message-Box, nachdem Combofix fertig ist. Klicke OK und folge den Aufforderungen/Anweisungen, um die Dateien hochzuladen. Teile mir unbedingt mit, ob der Upload geklappt hat!

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 03.04.2014, 09:20   #9
Nobbes03
 
Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 - Standard

Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701



Hallo!

Combo neu erstellt. suspect oder collect nicht vorhanden.

comboFix:
Code:
ATTFilter
ComboFix 14-03-24.01 - MediMax 03.04.2014   8:31.2.4 - x64
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.49.1031.18.5932.4034 [GMT 2:00]
ausgeführt von:: c:\users\MediMax\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\MediMax\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\drivers\wdiasxsq.sys"
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_wdiasxsq
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-03-03 bis 2014-04-03  ))))))))))))))))))))))))))))))
.
.
2014-04-03 06:40 . 2014-04-03 06:40	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2014-04-03 06:40 . 2014-04-03 06:40	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-04-03 06:17 . 2014-03-07 04:43	10521840	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B34BDF71-5DA5-402C-807C-4D2411A3E4B8}\mpengine.dll
2014-04-01 20:38 . 2014-02-21 07:02	1031560	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3FFD6BD5-024B-4873-859A-D1CCBE4011EF}\gapaengine.dll
2014-04-01 20:38 . 2014-03-07 04:43	10521840	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-04-01 06:33 . 2014-04-01 06:35	--------	d-----w-	C:\FRST
2014-03-31 05:36 . 2014-03-31 05:36	--------	d-----w-	c:\windows\CheckSur
2014-03-31 05:07 . 2014-03-31 05:07	--------	d-----w-	c:\windows\system32\EventProviders
2014-03-30 20:34 . 2014-03-30 20:34	--------	d-----w-	c:\users\Public\CyberLink
2014-03-30 17:52 . 2014-03-30 17:54	--------	d-----w-	C:\AdwCleaner
2014-03-30 09:01 . 2014-03-30 09:13	119512	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-03-30 09:00 . 2014-03-30 09:00	--------	d-----w-	c:\programdata\Malwarebytes
2014-03-29 17:41 . 2014-03-29 17:41	208216	----a-w-	c:\windows\system32\drivers\90336673.sys
2014-03-29 17:39 . 2014-03-29 17:39	208216	----a-w-	c:\windows\system32\drivers\66244616.sys
2014-03-28 18:27 . 2014-03-28 18:27	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2014-03-28 18:27 . 2014-03-28 18:27	--------	d-----r-	c:\program files (x86)\Skype
2014-03-28 18:24 . 2014-03-29 17:48	--------	d-----w-	C:\history
2014-03-26 17:29 . 2014-03-26 17:29	--------	d-----w-	c:\program files (x86)\Microsoft Download Manager
2014-03-15 07:30 . 2014-03-15 07:30	--------	d-----w-	c:\programdata\Intel
2014-03-15 07:30 . 2014-03-15 07:30	--------	d-----w-	c:\windows\SysWow64\NV
2014-03-15 07:30 . 2014-03-15 07:30	--------	d-----w-	c:\windows\system32\NV
2014-03-15 07:16 . 2013-09-05 01:37	61216	----a-w-	c:\windows\system32\OpenCL.dll
2014-03-15 07:16 . 2013-09-05 01:37	53024	----a-w-	c:\windows\SysWow64\OpenCL.dll
2014-03-15 07:15 . 2014-03-15 07:15	--------	d-----w-	c:\programdata\NVIDIA Corporation
2014-03-15 07:15 . 2014-03-15 07:18	--------	d-----w-	c:\program files\NVIDIA Corporation
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-02 18:28 . 2012-05-08 17:02	45056	----a-w-	c:\windows\system32\acovcnt.exe
2014-03-14 23:47 . 2012-05-08 07:33	90015360	----a-w-	c:\windows\system32\MRT.exe
2014-03-13 19:47 . 2012-06-04 19:54	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-03-13 19:47 . 2012-06-01 08:38	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-11 08:52 . 2011-04-27 13:25	133928	----a-w-	c:\windows\system32\drivers\NisDrvWFP.sys
2014-02-21 07:02 . 2012-06-13 10:03	1031560	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-01-25 00:19 . 2014-01-25 00:19	268512	----a-w-	c:\windows\system32\drivers\MpFilter.sys
2014-01-19 07:33 . 2012-04-24 17:29	270496	------w-	c:\windows\system32\MpSigStub.exe
2014-01-16 00:42 . 2014-01-16 00:42	608032	----a-w-	C:\SecurityScanner.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Syncables"="c:\program files (x86)\syncables\syncables desktop\Syncables.exe" [2010-04-05 370480]
"AVMUSBFernanschluss"="c:\users\MediMax\AppData\Local\Apps\2.0\VN87KBH0.Z1C\1GWNEOP3.BQ2\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\AVMAutoStart.exe" [2012-12-30 139264]
"HP Deskjet 3050A J611 series (NET)"="c:\program files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" [2012-10-17 2573416]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"MyDriveConnect.exe"="c:\program files (x86)\MyDrive Connect\MyDriveConnect.exe" [2013-11-29 473496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl9"="c:\program files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2010-02-24 75048]
"UpdatePSTShortCut"="c:\program files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2010-06-24 210216]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-02-04 7350912]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-01-05 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-07-02 1597440]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe -d [2012-7-2 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/08/11 17:41];c:\program files (x86)\Cyberlink\PowerDVD9\000.fcl;c:\program files (x86)\Cyberlink\PowerDVD9\000.fcl [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 avmaudio;AVM Audio;c:\windows\system32\DRIVERS\avmaudio.sys;c:\windows\SYSNATIVE\DRIVERS\avmaudio.sys [x]
S3 avmaura;AVM USB-Fernanschluss;c:\windows\system32\DRIVERS\avmaura.sys;c:\windows\SYSNATIVE\DRIVERS\avmaura.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys;c:\windows\SYSNATIVE\DRIVERS\FLxHCIc.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-15 19:02	1150280	----a-w-	c:\program files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-04-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-04 19:47]
.
2014-04-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-12 00:53]
.
2014-04-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-12 00:53]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49	70656	----a-w-	c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49	70656	----a-w-	c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"Setwallpaper"="c:\programdata\SetWallpaper.cmd" [BU]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 1271072]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-10 167256]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-10 391512]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-10 415064]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\c:\program files (x86)\Cyberlink\PowerDVD9\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\ASUS\SmartLogon\smartlogon.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
c:\program files (x86)\Internet Explorer\iexplore.exe
c:\program files (x86)\Internet Explorer\iexplore.exe
c:\program files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeck.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-04-03  08:55:45 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-04-03 06:55
.
Vor Suchlauf: 18 Verzeichnis(se), 94.918.807.552 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 95.756.857.344 Bytes frei
.
- - End Of File - - 4AA83FE92C9B384553AD384318E7A43F
         

Alt 03.04.2014, 09:27   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 - Standard

Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 [gelöst]



Adware/Junkware/Toolbars entfernen


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 03.04.2014, 22:26   #11
Nobbes03
 
Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 - Standard

Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 [gelöst]



Hallo!
Die Schritte wie beschrieben ausgeführt. Die Addition.txt wurde nicht erstellt. Liegt es daran, dass FRST noch installiert war?

Code:
ATTFilter
# AdwCleaner v3.023 - Bericht erstellt am 03/04/2014 um 19:13:24
# Aktualisiert 01/04/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium  (64 bits)
# Benutzername : MediMax - MEDIMAX-PC
# Gestartet von : C:\Users\MediMax\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v8.0.7600.17267


-\\ Google Chrome v33.0.1750.154

[ Datei : C:\Users\MediMax\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht : icon_url
Gelöscht : search_url
Gelöscht : suggest_url
Gelöscht : keyword

*************************

AdwCleaner[R0].txt - [9137 octets] - [30/03/2014 19:52:37]
AdwCleaner[R1].txt - [1044 octets] - [03/04/2014 19:11:37]
AdwCleaner[S0].txt - [9016 octets] - [30/03/2014 19:54:25]
AdwCleaner[S1].txt - [920 octets] - [03/04/2014 19:13:24]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [979 octets] ##########
         
JRT:

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Home Premium x64
Ran by MediMax on 03.04.2014 at 19:25:25,98
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{98A15D92-B500-4FEF-974D-6DA29E41E391}
Successfully deleted: [Registry Key] "hkey_current_user\software\classes\typelib\{006ad7b2-968a-11de-88c9-5bde55d89593}"
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.04.2014 at 19:32:00,87
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
FRST:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by MediMax (administrator) on MEDIMAX-PC on 03-04-2014 21:36:04
Running from C:\Users\MediMax\Desktop
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Windows\system32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(syncables, LLC) C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(syncables, LLC) C:\Program Files (x86)\syncables\syncables desktop\syncablesMAPI.exe
() C:\Program Files (x86)\ASUS\ASUS WebStorage\EeeStorageUploader.exe
(asus) C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\system32\lpremove.exe
(Microsoft Corporation) C:\Windows\system32\lpksetup.exe
(Microsoft Corporation) C:\Windows\system32\lpksetup.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-04-13] (ELAN Microelectronic Corp.)
HKLM\...\Run: [ASUS WebStorage] - C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [1754448 2010-03-16] ()
HKLM\...\Run: [Setwallpaper] - c:\programdata\SetWallpaper.cmd
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [RemoteControl9] - C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-02-24] (cyberlink)
HKLM-x32\...\Run: [UpdatePSTShortCut] - C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2010-06-25] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateLBPShortCut] - C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [7350912 2010-02-04] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-01-05] (ASUS)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1597440 2010-07-02] ()
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-497900869-4280295134-4125289220-1000\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-08-12] (Google Inc.)
HKU\S-1-5-21-497900869-4280295134-4125289220-1001\...\Run: [Syncables] - C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe [370480 2010-04-05] (syncables, LLC)
HKU\S-1-5-21-497900869-4280295134-4125289220-1001\...\Run: [AVMUSBFernanschluss] - C:\Users\MediMax\AppData\Local\Apps\2.0\VN87KBH0.Z1C\1GWNEOP3.BQ2\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\AVMAutoStart.exe [139264 2012-12-30] (AVM Berlin)
HKU\S-1-5-21-497900869-4280295134-4125289220-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] - C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO-x32: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Users\MediMax\AppData\Local\Programs\ANDI 2013\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
DPF: HKLM-x32 {B479199A-1242-4E3C-AD81-7F0DF801B4AE} hxxp://download.microsoft.com/download/C/9/C/C9C3D86D-84AC-4AF0-8584-842756A66467/MicrosoftDownloadManager.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\syswow64\urlmon.dll (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchProvider: Ask
CHR DefaultSearchURL: hxxp://www.google.com
CHR DefaultNewTabURL: 
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\Users\MediMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-04-24]
CHR Extension: (Google-Suche) - C:\Users\MediMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-04-24]
CHR Extension: (Avira Browser Safety Beta) - C:\Users\MediMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-03-30]
CHR Extension: (Google Wallet) - C:\Users\MediMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Charlotte Ronson) - C:\Users\MediMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\obakimnhgahiedhcjlcnohielmendpen [2012-04-24]
CHR Extension: (Google Mail) - C:\Users\MediMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-04-24]

==================== Services (Whitelisted) =================

R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R3 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2010-04-06] ()

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [116096 2012-04-25] (AVM Berlin)
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2012-12-30] (AVM Berlin)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-03-30] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800192 2009-08-20] ()
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-08-06] ()
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files (x86)\Cyberlink\PowerDVD9\000.fcl [146928 2010-02-24] (CyberLink Corp.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U3 tmlwf; 
U3 tmwfp; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-03 21:36 - 2014-04-03 21:36 - 00016115 _____ () C:\Users\MediMax\Desktop\FRST.txt
2014-04-03 19:32 - 2014-04-03 19:32 - 00001187 _____ () C:\Users\MediMax\Desktop\JRT.txt
2014-04-03 19:25 - 2014-04-03 19:25 - 00000000 ____D () C:\Windows\ERUNT
2014-04-03 19:24 - 2014-04-03 19:24 - 01038974 _____ (Thisisu) C:\Users\MediMax\Desktop\JRT.exe
2014-04-03 19:09 - 2014-04-03 19:09 - 01426178 _____ () C:\Users\MediMax\Desktop\adwcleaner.exe
2014-04-03 08:55 - 2014-04-03 08:55 - 00019985 _____ () C:\ComboFix.txt
2014-04-03 08:19 - 2014-04-03 08:20 - 05192353 ____R (Swearware) C:\Users\MediMax\Desktop\ComboFix.exe
2014-04-02 19:51 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-02 19:51 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-02 19:51 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-02 19:51 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-02 19:51 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-02 19:51 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-02 19:51 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-02 19:51 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-02 19:48 - 2014-04-03 08:56 - 00000000 ____D () C:\Qoobox
2014-04-02 19:48 - 2014-04-03 08:40 - 00000000 ____D () C:\Windows\erdnt
2014-04-01 08:47 - 2014-04-01 08:47 - 00380416 _____ () C:\Users\MediMax\Desktop\Gmer-19357.exe
2014-04-01 08:33 - 2014-04-03 21:36 - 00000000 ____D () C:\FRST
2014-04-01 08:33 - 2014-04-03 21:34 - 02157056 _____ (Farbar) C:\Users\MediMax\Desktop\FRST64.exe
2014-04-01 08:27 - 2014-04-01 08:27 - 00000476 _____ () C:\Users\MediMax\Desktop\defogger_disable.log
2014-04-01 08:27 - 2014-04-01 08:27 - 00000000 _____ () C:\Users\MediMax\defogger_reenable
2014-04-01 08:24 - 2014-04-01 08:24 - 00014889 _____ () C:\Users\MediMax\Desktop\download-defogger.htm
2014-03-31 07:36 - 2014-03-31 07:36 - 00000000 ____D () C:\Windows\CheckSur
2014-03-31 07:07 - 2014-03-31 07:07 - 00000000 ____D () C:\Windows\system32\EventProviders
2014-03-30 22:34 - 2014-03-30 22:34 - 00000000 ____D () C:\Users\Public\CyberLink
2014-03-30 19:52 - 2014-04-03 19:13 - 00000000 ____D () C:\AdwCleaner
2014-03-30 11:01 - 2014-03-30 11:13 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-30 11:00 - 2014-03-30 11:00 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-29 19:41 - 2014-03-29 19:41 - 00208216 _____ (Kaspersky Lab, GERT) C:\Windows\system32\Drivers\90336673.sys
2014-03-29 19:39 - 2014-03-29 19:39 - 00208216 _____ (Kaspersky Lab, GERT) C:\Windows\system32\Drivers\66244616.sys
2014-03-28 20:27 - 2014-03-28 20:27 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-26 19:29 - 2014-03-26 19:29 - 00002525 _____ () C:\Users\Public\Desktop\Microsoft Download Manager.lnk
2014-03-26 19:29 - 2014-03-26 19:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft Download Manager
2014-03-23 22:14 - 2014-02-26 20:35 - 00000426 _____ () C:\AVScanner.ini
2014-03-16 22:04 - 2014-03-23 22:56 - 00002566 _____ () C:\Windows\IE10_main.log
2014-03-15 09:30 - 2014-03-15 09:30 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-03-15 09:30 - 2014-03-15 09:30 - 00000000 ____D () C:\Windows\system32\NV
2014-03-15 09:30 - 2014-03-15 09:30 - 00000000 ____D () C:\ProgramData\Intel
2014-03-15 09:16 - 2013-09-05 03:37 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-03-15 09:16 - 2013-09-05 03:37 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-03-15 09:15 - 2014-03-15 09:18 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-15 09:15 - 2014-03-15 09:15 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation

==================== One Month Modified Files and Folders =======

2014-04-03 21:39 - 2014-04-03 21:36 - 00016115 _____ () C:\Users\MediMax\Desktop\FRST.txt
2014-04-03 21:36 - 2014-04-01 08:33 - 00000000 ____D () C:\FRST
2014-04-03 21:34 - 2014-04-01 08:33 - 02157056 _____ (Farbar) C:\Users\MediMax\Desktop\FRST64.exe
2014-04-03 21:31 - 2012-06-29 13:48 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-03 21:31 - 2010-08-12 02:53 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-03 21:31 - 2010-08-12 02:20 - 01990629 _____ () C:\Windows\WindowsUpdate.log
2014-04-03 19:32 - 2014-04-03 19:32 - 00001187 _____ () C:\Users\MediMax\Desktop\JRT.txt
2014-04-03 19:25 - 2014-04-03 19:25 - 00000000 ____D () C:\Windows\ERUNT
2014-04-03 19:25 - 2009-07-14 06:45 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-03 19:25 - 2009-07-14 06:45 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-03 19:24 - 2014-04-03 19:24 - 01038974 _____ (Thisisu) C:\Users\MediMax\Desktop\JRT.exe
2014-04-03 19:18 - 2012-04-25 10:05 - 00000000 ____D () C:\Users\MediMax\AppData\Local\Deployment
2014-04-03 19:18 - 2010-08-12 02:53 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-03 19:17 - 2010-08-12 03:12 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-03 19:17 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-03 19:17 - 2009-07-14 06:51 - 00093249 _____ () C:\Windows\setupact.log
2014-04-03 19:13 - 2014-03-30 19:52 - 00000000 ____D () C:\AdwCleaner
2014-04-03 19:09 - 2014-04-03 19:09 - 01426178 _____ () C:\Users\MediMax\Desktop\adwcleaner.exe
2014-04-03 10:23 - 2012-04-25 10:05 - 00000000 ____D () C:\Users\MediMax\AppData\Local\Apps\2.0
2014-04-03 08:56 - 2014-04-02 19:48 - 00000000 ____D () C:\Qoobox
2014-04-03 08:55 - 2014-04-03 08:55 - 00019985 _____ () C:\ComboFix.txt
2014-04-03 08:43 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-04-03 08:41 - 2010-08-12 03:01 - 00217454 _____ () C:\Windows\PFRO.log
2014-04-03 08:41 - 2009-07-14 04:34 - 93585408 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-04-03 08:41 - 2009-07-14 04:34 - 21233664 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-04-03 08:41 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-04-03 08:41 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-04-03 08:41 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-04-03 08:40 - 2014-04-02 19:48 - 00000000 ____D () C:\Windows\erdnt
2014-04-03 08:20 - 2014-04-03 08:19 - 05192353 ____R (Swearware) C:\Users\MediMax\Desktop\ComboFix.exe
2014-04-02 20:28 - 2012-05-08 19:02 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-04-01 09:06 - 2009-08-04 12:40 - 00353756 _____ () C:\Windows\system32\perfh00D.dat
2014-04-01 09:06 - 2009-08-04 12:40 - 00069328 _____ () C:\Windows\system32\perfc00D.dat
2014-04-01 09:06 - 2009-08-04 12:34 - 00552004 _____ () C:\Windows\system32\perfh008.dat
2014-04-01 09:06 - 2009-08-04 12:34 - 00089670 _____ () C:\Windows\system32\perfc008.dat
2014-04-01 09:06 - 2009-08-04 12:28 - 00679576 _____ () C:\Windows\system32\prfh0816.dat
2014-04-01 09:06 - 2009-08-04 12:28 - 00133986 _____ () C:\Windows\system32\prfc0816.dat
2014-04-01 09:06 - 2009-08-04 12:15 - 00691426 _____ () C:\Windows\system32\perfh013.dat
2014-04-01 09:06 - 2009-08-04 12:15 - 00133174 _____ () C:\Windows\system32\perfc013.dat
2014-04-01 09:06 - 2009-08-04 12:09 - 00689342 _____ () C:\Windows\system32\perfh010.dat
2014-04-01 09:06 - 2009-08-04 12:09 - 00127378 _____ () C:\Windows\system32\perfc010.dat
2014-04-01 09:06 - 2009-08-04 11:57 - 00693688 _____ () C:\Windows\system32\perfh00A.dat
2014-04-01 09:06 - 2009-08-04 11:57 - 00137296 _____ () C:\Windows\system32\perfc00A.dat
2014-04-01 09:06 - 2009-08-04 11:51 - 00654400 _____ () C:\Windows\system32\perfh007.dat
2014-04-01 09:06 - 2009-08-04 11:51 - 00130240 _____ () C:\Windows\system32\perfc007.dat
2014-04-01 09:06 - 2009-07-14 07:13 - 05835700 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-01 08:57 - 2012-10-17 14:15 - 00000000 ____D () C:\ProgramData\Avira
2014-04-01 08:47 - 2014-04-01 08:47 - 00380416 _____ () C:\Users\MediMax\Desktop\Gmer-19357.exe
2014-04-01 08:27 - 2014-04-01 08:27 - 00000476 _____ () C:\Users\MediMax\Desktop\defogger_disable.log
2014-04-01 08:27 - 2014-04-01 08:27 - 00000000 _____ () C:\Users\MediMax\defogger_reenable
2014-04-01 08:27 - 2012-01-26 01:32 - 00000000 ____D () C:\Users\MediMax
2014-04-01 08:24 - 2014-04-01 08:24 - 00014889 _____ () C:\Users\MediMax\Desktop\download-defogger.htm
2014-04-01 08:16 - 2009-07-14 09:44 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-03-31 22:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-31 07:36 - 2014-03-31 07:36 - 00000000 ____D () C:\Windows\CheckSur
2014-03-31 07:07 - 2014-03-31 07:07 - 00000000 ____D () C:\Windows\system32\EventProviders
2014-03-30 23:25 - 2010-08-12 03:17 - 00002116 _____ () C:\Windows\system32\AutoRunFilter.ini
2014-03-30 23:24 - 2010-08-12 03:17 - 00001324 _____ () C:\Windows\system32\ServiceFilter.ini
2014-03-30 22:34 - 2014-03-30 22:34 - 00000000 ____D () C:\Users\Public\CyberLink
2014-03-30 22:33 - 2010-08-12 02:35 - 00000000 ____D () C:\ProgramData\CyberLink
2014-03-30 11:13 - 2014-03-30 11:01 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-30 11:00 - 2014-03-30 11:00 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-30 01:30 - 2012-10-17 14:17 - 00000000 ____D () C:\Users\MediMax\AppData\Local\DoNotTrackPlus
2014-03-29 19:41 - 2014-03-29 19:41 - 00208216 _____ (Kaspersky Lab, GERT) C:\Windows\system32\Drivers\90336673.sys
2014-03-29 19:39 - 2014-03-29 19:39 - 00208216 _____ (Kaspersky Lab, GERT) C:\Windows\system32\Drivers\66244616.sys
2014-03-28 20:27 - 2014-03-28 20:27 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-28 20:27 - 2012-09-14 11:15 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-28 20:27 - 2010-08-12 02:56 - 00000000 ____D () C:\ProgramData\Skype
2014-03-28 18:11 - 2012-04-26 03:34 - 02349309 _____ () C:\Windows\IE9_main.log
2014-03-26 19:29 - 2014-03-26 19:29 - 00002525 _____ () C:\Users\Public\Desktop\Microsoft Download Manager.lnk
2014-03-26 19:29 - 2014-03-26 19:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft Download Manager
2014-03-26 19:24 - 2012-04-24 19:22 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-03-26 19:23 - 2012-04-24 19:19 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-03-26 19:23 - 2012-04-24 19:19 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-03-26 12:01 - 2010-08-12 02:53 - 00004120 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-26 12:01 - 2010-08-12 02:53 - 00003868 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-25 18:46 - 2013-01-13 23:19 - 00001233 _____ () C:\Users\Public\Desktop\Rossmann Fotowelt Software.lnk
2014-03-25 18:46 - 2013-01-13 23:14 - 00000000 ____D () C:\Program Files (x86)\Rossmann Fotowelt Software
2014-03-23 23:01 - 2012-05-08 09:37 - 00000134 _____ () C:\Users\MediMax\Desktop\Internet Explorer-Problembehebung.url
2014-03-23 22:56 - 2014-03-16 22:04 - 00002566 _____ () C:\Windows\IE10_main.log
2014-03-23 22:49 - 2014-01-03 11:10 - 00007373 _____ () C:\Windows\IE11_main.log
2014-03-21 21:10 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-03-15 09:30 - 2014-03-15 09:30 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-03-15 09:30 - 2014-03-15 09:30 - 00000000 ____D () C:\Windows\system32\NV
2014-03-15 09:30 - 2014-03-15 09:30 - 00000000 ____D () C:\ProgramData\Intel
2014-03-15 09:29 - 2013-03-15 17:22 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-15 09:29 - 2013-03-15 17:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-15 09:20 - 2010-08-12 03:04 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-03-15 09:18 - 2014-03-15 09:15 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-15 09:18 - 2010-08-12 03:12 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-15 09:15 - 2014-03-15 09:15 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-03-15 01:49 - 2013-07-14 09:47 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-15 01:47 - 2012-05-08 09:33 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-15 01:47 - 2012-03-28 21:05 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-13 21:47 - 2012-06-29 13:48 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-13 21:47 - 2012-06-04 21:54 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-13 21:47 - 2012-06-01 10:38 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-11 11:41 - 2012-01-26 01:40 - 00000000 ____D () C:\Users\MediMax\AppData\Roaming\Asus WebStorage
2014-03-11 10:52 - 2011-04-27 15:25 - 00133928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NisDrvWFP.sys

Some content of TEMP:
====================
C:\Users\MediMax\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-30 01:54

==================== End Of Log ============================
         
--- --- ---

Alt 04.04.2014, 11:04   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 - Standard

Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 [gelöst]



Zitat:
Liegt es daran, dass FRST noch installiert war
Nö, weil kein Haken gesetzt war. Ab dem 2. Start von FRST ist der nicht mehr automatisch gesetzt.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 04.04.2014, 16:39   #13
Nobbes03
 
Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 - Standard

Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 [gelöst]



Ah! Hier die Log vom neuen Durchlauf

FRST:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by MediMax (administrator) on MEDIMAX-PC on 04-04-2014 17:34:51
Running from C:\Users\MediMax\Desktop
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Windows\system32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
() C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(syncables, LLC) C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(syncables, LLC) C:\Program Files (x86)\syncables\syncables desktop\syncablesMAPI.exe
() C:\Program Files (x86)\ASUS\ASUS WebStorage\EeeStorageUploader.exe
(asus) C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\system32\wbengine.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-04-13] (ELAN Microelectronic Corp.)
HKLM\...\Run: [ASUS WebStorage] - C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [1754448 2010-03-16] ()
HKLM\...\Run: [Setwallpaper] - c:\programdata\SetWallpaper.cmd
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [RemoteControl9] - C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-02-24] (cyberlink)
HKLM-x32\...\Run: [UpdatePSTShortCut] - C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2010-06-25] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateLBPShortCut] - C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [7350912 2010-02-04] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-01-05] (ASUS)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1597440 2010-07-02] ()
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-497900869-4280295134-4125289220-1000\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-08-12] (Google Inc.)
HKU\S-1-5-21-497900869-4280295134-4125289220-1001\...\Run: [Syncables] - C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe [370480 2010-04-05] (syncables, LLC)
HKU\S-1-5-21-497900869-4280295134-4125289220-1001\...\Run: [AVMUSBFernanschluss] - C:\Users\MediMax\AppData\Local\Apps\2.0\VN87KBH0.Z1C\1GWNEOP3.BQ2\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\AVMAutoStart.exe [139264 2012-12-30] (AVM Berlin)
HKU\S-1-5-21-497900869-4280295134-4125289220-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] - C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO-x32: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Users\MediMax\AppData\Local\Programs\ANDI 2013\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
DPF: HKLM-x32 {B479199A-1242-4E3C-AD81-7F0DF801B4AE} hxxp://download.microsoft.com/download/C/9/C/C9C3D86D-84AC-4AF0-8584-842756A66467/MicrosoftDownloadManager.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\syswow64\urlmon.dll (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchProvider: Ask
CHR DefaultSearchURL: hxxp://www.google.com
CHR DefaultNewTabURL: 
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\Users\MediMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-04-24]
CHR Extension: (Google-Suche) - C:\Users\MediMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-04-24]
CHR Extension: (Avira Browser Safety Beta) - C:\Users\MediMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-03-30]
CHR Extension: (Google Wallet) - C:\Users\MediMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Charlotte Ronson) - C:\Users\MediMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\obakimnhgahiedhcjlcnohielmendpen [2012-04-24]
CHR Extension: (Google Mail) - C:\Users\MediMax\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-04-24]

==================== Services (Whitelisted) =================

R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R3 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2010-04-06] ()

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [116096 2012-04-25] (AVM Berlin)
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2012-12-30] (AVM Berlin)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-03-30] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800192 2009-08-20] ()
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-08-06] ()
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files (x86)\Cyberlink\PowerDVD9\000.fcl [146928 2010-02-24] (CyberLink Corp.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U3 tmlwf; 
U3 tmwfp; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-04 17:34 - 2014-04-04 17:35 - 00016357 _____ () C:\Users\MediMax\Desktop\FRST.txt
2014-04-03 19:32 - 2014-04-03 19:32 - 00001187 _____ () C:\Users\MediMax\Desktop\JRT.txt
2014-04-03 19:25 - 2014-04-03 19:25 - 00000000 ____D () C:\Windows\ERUNT
2014-04-03 19:24 - 2014-04-03 19:24 - 01038974 _____ (Thisisu) C:\Users\MediMax\Desktop\JRT.exe
2014-04-03 19:09 - 2014-04-03 19:09 - 01426178 _____ () C:\Users\MediMax\Desktop\adwcleaner.exe
2014-04-03 08:55 - 2014-04-03 08:55 - 00019985 _____ () C:\ComboFix.txt
2014-04-03 08:19 - 2014-04-03 08:20 - 05192353 ____R (Swearware) C:\Users\MediMax\Desktop\ComboFix.exe
2014-04-02 19:51 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-02 19:51 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-02 19:51 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-02 19:51 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-02 19:51 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-02 19:51 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-02 19:51 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-02 19:51 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-02 19:48 - 2014-04-03 08:56 - 00000000 ____D () C:\Qoobox
2014-04-02 19:48 - 2014-04-03 08:40 - 00000000 ____D () C:\Windows\erdnt
2014-04-01 08:47 - 2014-04-01 08:47 - 00380416 _____ () C:\Users\MediMax\Desktop\Gmer-19357.exe
2014-04-01 08:33 - 2014-04-04 17:34 - 00000000 ____D () C:\FRST
2014-04-01 08:33 - 2014-04-03 21:34 - 02157056 _____ (Farbar) C:\Users\MediMax\Desktop\FRST64.exe
2014-04-01 08:27 - 2014-04-01 08:27 - 00000476 _____ () C:\Users\MediMax\Desktop\defogger_disable.log
2014-04-01 08:27 - 2014-04-01 08:27 - 00000000 _____ () C:\Users\MediMax\defogger_reenable
2014-04-01 08:24 - 2014-04-01 08:24 - 00014889 _____ () C:\Users\MediMax\Desktop\download-defogger.htm
2014-03-31 07:36 - 2014-03-31 07:36 - 00000000 ____D () C:\Windows\CheckSur
2014-03-31 07:07 - 2014-03-31 07:07 - 00000000 ____D () C:\Windows\system32\EventProviders
2014-03-30 22:34 - 2014-03-30 22:34 - 00000000 ____D () C:\Users\Public\CyberLink
2014-03-30 19:52 - 2014-04-03 19:13 - 00000000 ____D () C:\AdwCleaner
2014-03-30 11:01 - 2014-03-30 11:13 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-30 11:00 - 2014-03-30 11:00 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-29 19:41 - 2014-03-29 19:41 - 00208216 _____ (Kaspersky Lab, GERT) C:\Windows\system32\Drivers\90336673.sys
2014-03-29 19:39 - 2014-03-29 19:39 - 00208216 _____ (Kaspersky Lab, GERT) C:\Windows\system32\Drivers\66244616.sys
2014-03-28 20:27 - 2014-03-28 20:27 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-26 19:29 - 2014-03-26 19:29 - 00002525 _____ () C:\Users\Public\Desktop\Microsoft Download Manager.lnk
2014-03-26 19:29 - 2014-03-26 19:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft Download Manager
2014-03-23 22:14 - 2014-02-26 20:35 - 00000426 _____ () C:\AVScanner.ini
2014-03-16 22:04 - 2014-03-23 22:56 - 00002566 _____ () C:\Windows\IE10_main.log
2014-03-15 09:30 - 2014-03-15 09:30 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-03-15 09:30 - 2014-03-15 09:30 - 00000000 ____D () C:\Windows\system32\NV
2014-03-15 09:30 - 2014-03-15 09:30 - 00000000 ____D () C:\ProgramData\Intel
2014-03-15 09:16 - 2013-09-05 03:37 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-03-15 09:16 - 2013-09-05 03:37 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-03-15 09:15 - 2014-03-15 09:18 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-15 09:15 - 2014-03-15 09:15 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation

==================== One Month Modified Files and Folders =======

2014-04-04 17:35 - 2014-04-04 17:34 - 00016357 _____ () C:\Users\MediMax\Desktop\FRST.txt
2014-04-04 17:34 - 2014-04-01 08:33 - 00000000 ____D () C:\FRST
2014-04-04 17:30 - 2009-07-14 06:45 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-04 17:30 - 2009-07-14 06:45 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-04 17:28 - 2010-08-12 02:20 - 02012343 _____ () C:\Windows\WindowsUpdate.log
2014-04-04 17:23 - 2012-04-25 10:05 - 00000000 ____D () C:\Users\MediMax\AppData\Local\Deployment
2014-04-04 17:23 - 2010-08-12 02:53 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-04 17:22 - 2010-08-12 03:12 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-04 17:22 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-04 17:22 - 2009-07-14 06:51 - 00093305 _____ () C:\Windows\setupact.log
2014-04-04 07:52 - 2012-06-29 13:48 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-04 07:52 - 2010-08-12 02:53 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-03 21:34 - 2014-04-01 08:33 - 02157056 _____ (Farbar) C:\Users\MediMax\Desktop\FRST64.exe
2014-04-03 19:32 - 2014-04-03 19:32 - 00001187 _____ () C:\Users\MediMax\Desktop\JRT.txt
2014-04-03 19:25 - 2014-04-03 19:25 - 00000000 ____D () C:\Windows\ERUNT
2014-04-03 19:24 - 2014-04-03 19:24 - 01038974 _____ (Thisisu) C:\Users\MediMax\Desktop\JRT.exe
2014-04-03 19:13 - 2014-03-30 19:52 - 00000000 ____D () C:\AdwCleaner
2014-04-03 19:09 - 2014-04-03 19:09 - 01426178 _____ () C:\Users\MediMax\Desktop\adwcleaner.exe
2014-04-03 10:23 - 2012-04-25 10:05 - 00000000 ____D () C:\Users\MediMax\AppData\Local\Apps\2.0
2014-04-03 08:56 - 2014-04-02 19:48 - 00000000 ____D () C:\Qoobox
2014-04-03 08:55 - 2014-04-03 08:55 - 00019985 _____ () C:\ComboFix.txt
2014-04-03 08:43 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-04-03 08:41 - 2010-08-12 03:01 - 00217454 _____ () C:\Windows\PFRO.log
2014-04-03 08:41 - 2009-07-14 04:34 - 93585408 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-04-03 08:41 - 2009-07-14 04:34 - 21233664 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-04-03 08:41 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-04-03 08:41 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-04-03 08:41 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-04-03 08:40 - 2014-04-02 19:48 - 00000000 ____D () C:\Windows\erdnt
2014-04-03 08:20 - 2014-04-03 08:19 - 05192353 ____R (Swearware) C:\Users\MediMax\Desktop\ComboFix.exe
2014-04-02 20:28 - 2012-05-08 19:02 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-04-01 09:06 - 2009-08-04 12:40 - 00353756 _____ () C:\Windows\system32\perfh00D.dat
2014-04-01 09:06 - 2009-08-04 12:40 - 00069328 _____ () C:\Windows\system32\perfc00D.dat
2014-04-01 09:06 - 2009-08-04 12:34 - 00552004 _____ () C:\Windows\system32\perfh008.dat
2014-04-01 09:06 - 2009-08-04 12:34 - 00089670 _____ () C:\Windows\system32\perfc008.dat
2014-04-01 09:06 - 2009-08-04 12:28 - 00679576 _____ () C:\Windows\system32\prfh0816.dat
2014-04-01 09:06 - 2009-08-04 12:28 - 00133986 _____ () C:\Windows\system32\prfc0816.dat
2014-04-01 09:06 - 2009-08-04 12:15 - 00691426 _____ () C:\Windows\system32\perfh013.dat
2014-04-01 09:06 - 2009-08-04 12:15 - 00133174 _____ () C:\Windows\system32\perfc013.dat
2014-04-01 09:06 - 2009-08-04 12:09 - 00689342 _____ () C:\Windows\system32\perfh010.dat
2014-04-01 09:06 - 2009-08-04 12:09 - 00127378 _____ () C:\Windows\system32\perfc010.dat
2014-04-01 09:06 - 2009-08-04 11:57 - 00693688 _____ () C:\Windows\system32\perfh00A.dat
2014-04-01 09:06 - 2009-08-04 11:57 - 00137296 _____ () C:\Windows\system32\perfc00A.dat
2014-04-01 09:06 - 2009-08-04 11:51 - 00654400 _____ () C:\Windows\system32\perfh007.dat
2014-04-01 09:06 - 2009-08-04 11:51 - 00130240 _____ () C:\Windows\system32\perfc007.dat
2014-04-01 09:06 - 2009-07-14 07:13 - 05835700 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-01 08:57 - 2012-10-17 14:15 - 00000000 ____D () C:\ProgramData\Avira
2014-04-01 08:47 - 2014-04-01 08:47 - 00380416 _____ () C:\Users\MediMax\Desktop\Gmer-19357.exe
2014-04-01 08:27 - 2014-04-01 08:27 - 00000476 _____ () C:\Users\MediMax\Desktop\defogger_disable.log
2014-04-01 08:27 - 2014-04-01 08:27 - 00000000 _____ () C:\Users\MediMax\defogger_reenable
2014-04-01 08:27 - 2012-01-26 01:32 - 00000000 ____D () C:\Users\MediMax
2014-04-01 08:24 - 2014-04-01 08:24 - 00014889 _____ () C:\Users\MediMax\Desktop\download-defogger.htm
2014-04-01 08:16 - 2009-07-14 09:44 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-03-31 22:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-31 07:36 - 2014-03-31 07:36 - 00000000 ____D () C:\Windows\CheckSur
2014-03-31 07:07 - 2014-03-31 07:07 - 00000000 ____D () C:\Windows\system32\EventProviders
2014-03-30 23:25 - 2010-08-12 03:17 - 00002116 _____ () C:\Windows\system32\AutoRunFilter.ini
2014-03-30 23:24 - 2010-08-12 03:17 - 00001324 _____ () C:\Windows\system32\ServiceFilter.ini
2014-03-30 22:34 - 2014-03-30 22:34 - 00000000 ____D () C:\Users\Public\CyberLink
2014-03-30 22:33 - 2010-08-12 02:35 - 00000000 ____D () C:\ProgramData\CyberLink
2014-03-30 11:13 - 2014-03-30 11:01 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-30 11:00 - 2014-03-30 11:00 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-30 01:30 - 2012-10-17 14:17 - 00000000 ____D () C:\Users\MediMax\AppData\Local\DoNotTrackPlus
2014-03-29 19:41 - 2014-03-29 19:41 - 00208216 _____ (Kaspersky Lab, GERT) C:\Windows\system32\Drivers\90336673.sys
2014-03-29 19:39 - 2014-03-29 19:39 - 00208216 _____ (Kaspersky Lab, GERT) C:\Windows\system32\Drivers\66244616.sys
2014-03-28 20:27 - 2014-03-28 20:27 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-28 20:27 - 2012-09-14 11:15 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-28 20:27 - 2010-08-12 02:56 - 00000000 ____D () C:\ProgramData\Skype
2014-03-28 18:11 - 2012-04-26 03:34 - 02349309 _____ () C:\Windows\IE9_main.log
2014-03-26 19:29 - 2014-03-26 19:29 - 00002525 _____ () C:\Users\Public\Desktop\Microsoft Download Manager.lnk
2014-03-26 19:29 - 2014-03-26 19:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft Download Manager
2014-03-26 19:24 - 2012-04-24 19:22 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-03-26 19:23 - 2012-04-24 19:19 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-03-26 19:23 - 2012-04-24 19:19 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-03-26 12:01 - 2010-08-12 02:53 - 00004120 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-26 12:01 - 2010-08-12 02:53 - 00003868 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-25 18:46 - 2013-01-13 23:19 - 00001233 _____ () C:\Users\Public\Desktop\Rossmann Fotowelt Software.lnk
2014-03-25 18:46 - 2013-01-13 23:14 - 00000000 ____D () C:\Program Files (x86)\Rossmann Fotowelt Software
2014-03-23 23:01 - 2012-05-08 09:37 - 00000134 _____ () C:\Users\MediMax\Desktop\Internet Explorer-Problembehebung.url
2014-03-23 22:56 - 2014-03-16 22:04 - 00002566 _____ () C:\Windows\IE10_main.log
2014-03-23 22:49 - 2014-01-03 11:10 - 00007373 _____ () C:\Windows\IE11_main.log
2014-03-21 21:10 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-03-15 09:30 - 2014-03-15 09:30 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-03-15 09:30 - 2014-03-15 09:30 - 00000000 ____D () C:\Windows\system32\NV
2014-03-15 09:30 - 2014-03-15 09:30 - 00000000 ____D () C:\ProgramData\Intel
2014-03-15 09:29 - 2013-03-15 17:22 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-15 09:29 - 2013-03-15 17:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-15 09:20 - 2010-08-12 03:04 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-03-15 09:18 - 2014-03-15 09:15 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-15 09:18 - 2010-08-12 03:12 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-15 09:15 - 2014-03-15 09:15 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-03-15 01:49 - 2013-07-14 09:47 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-15 01:47 - 2012-05-08 09:33 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-15 01:47 - 2012-03-28 21:05 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-13 21:47 - 2012-06-29 13:48 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-13 21:47 - 2012-06-04 21:54 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-13 21:47 - 2012-06-01 10:38 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-11 11:41 - 2012-01-26 01:40 - 00000000 ____D () C:\Users\MediMax\AppData\Roaming\Asus WebStorage
2014-03-11 10:52 - 2011-04-27 15:25 - 00133928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NisDrvWFP.sys

Some content of TEMP:
====================
C:\Users\MediMax\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-30 01:54

==================== End Of Log ============================
         
--- --- ---


Addition:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by MediMax at 2014-04-04 17:35:42
Running from C:\Users\MediMax\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Alice Greenfingers (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version:  - Oberon Media)
ANDI 2013 (HKLM-x32\...\{21E3464C-EE59-4EA2-B3E1-4FCE000B8722}) (Version: 5.0.5 - LGLN Hannover)
ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.10 - ASUS)
ASUS AP Bank (HKLM-x32\...\ASUS AP Bank_is1) (Version: 1.0.0.0 - ASUSTEK)
ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.0.8 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}) (Version: 1.1.37 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0008 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS)
ASUS Video Magic (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.4015 - CyberLink Corp.)
ASUS Video Magic (x32 Version: 6.0.4015 - CyberLink Corp.) Hidden
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.19 - asus)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 2.0.46.1429 - eCareme Technologies, Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0003 - ASUS)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version:  - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version:  - AVM Berlin)
Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version:  - Oberon Media)
Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden
ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.7 - ASUS)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1908 - CyberLink Corp.) Hidden
CyberLink MediaShow Espresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 5.0.1606_25588 - CyberLink Corp.)
CyberLink MediaShow Espresso (x32 Version: 5.0.1606_25588 - CyberLink Corp.) Hidden
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
CyberLink PhotoNow (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.1.3602c - CyberLink Corp.) Hidden
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2609a - CyberLink Corp.)
CyberLink PowerDirector (x32 Version: 8.0.2609a - CyberLink Corp.) Hidden
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.3009.50 - CyberLink Corp.)
CyberLink PowerDVD 9 (x32 Version: 9.0.3009.50 - CyberLink Corp.) Hidden
ETDWare PS/2-x64 7.0.5.11_WHQL (HKLM\...\Elantech) (Version: 7.0.5.11 - ELAN Microelectronics Corp.)
everpixx 6.7 (HKLM-x32\...\{592ED299-14EF-4C0F-92B4-B62E7CD5A2BE}_is1) (Version:  - everpixx)
ExpressGate Cloud (HKLM-x32\...\InstallShield_{499DED08-6FA8-4749-8E94-8526CC9D1CA8}) (Version: 2.1.62.301 - Asus)
ExpressGate Cloud (x32 Version: 2.1.62.301 - Asus) Hidden
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.5 - ASUS)
fotokasten comfort 5.0 (HKLM-x32\...\fotokasten comfort_is1) (Version:  - )
FotoQuelle Fotosoftware 4.11.0 (HKLM-x32\...\FotoQuelle Fotosoftware) (Version: 4.11.0 - ORWO Net)
Fresco Logic USB3.0 Host Controller (HKLM\...\{506B5C23-16B3-459D-9877-915004C248D6}) (Version: 3.0.89.14 - Fresco Logic Inc.)
FRITZ!Box USB-Fernanschluss (HKCU\...\f018cf21c0452c64) (Version: 2.3.0.2 - AVM Berlin)
Game Park Console (HKLM-x32\...\{C9991C9B-0783-452E-8954-AB93E2AB3B80}_is1) (Version: 6.2.0.2 - Oberon Media, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version:  - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
HP Deskjet 3050A J611 series - Grundlegende Software für das Gerät (HKLM\...\{61ADDE9C-3AE6-46FC-9127-DFFF637AED03}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Hilfe (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2131 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.115.11 - Intel)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Lidl-Fotos (HKLM-x32\...\Lidl-Fotos_is1) (Version:  - )
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Download Manager (HKLM-x32\...\{654977DB-0001-0002-0001-EABD228DDE8B}) (Version: 1.2.1 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{0E8D886F-3205-4472-848E-990F400FF218}) (Version: 7601 - Microsoft)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{46EA439E-2D16-49B6-AA80-00DE992FE7CE}) (Version: 7601 - Microsoft)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{5CBDF0C2-6FD1-4A32-9A0A-143D9AB91CCE}) (Version: 7601 - Microsoft)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{68ADAEAA-DABD-45C1-9CC2-F995407549CD}) (Version: 7601 - Microsoft)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{8DD62FB6-083D-40B9-9D7D-48449FDDDED5}) (Version: 7601 - Microsoft)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MyDriveConnect 3.3.0.1342 (HKLM-x32\...\MyDriveConnect) (Version: 3.3.0.1342 - TomTom)
NVIDIA 3D Vision Treiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.14.17 (Version: 1.14.17 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2702 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.14.17 - NVIDIA Corporation) Hidden
NVIDIA Updatus (x32 Version: 1.0.3 - NVIDIA Corporation) Hidden
Piggly FREE (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-1173957}) (Version:  - Oberon Media)
Ravensburger tiptoi (HKLM-x32\...\Ravensburger tiptoi) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6122 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.00049 - Realtek Semiconductor Corp.)
Rossmann Fotowelt Software 4.13 (HKLM-x32\...\Rossmann Fotowelt Software) (Version: 4.13 - ORWO Net)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Smileyville FREE (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117396510}) (Version:  - Oberon Media)
syncables desktop SE (HKLM-x32\...\{BBED4F90-7AE5-40BF-AFB7-1B495692F4AB}) (Version: 5.5.615.9518 - syncables)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878234) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{EC1934B0-AE0F-4BBD-8955-54BB3247ED9E}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
USB2.0 UVC 2M WebCam (HKLM\...\USB2.0 UVC 2M WebCam) (Version: 5.8.54000.204 - Sonix)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Windows Live Anmelde-Assistent (HKLM-x32\...\{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}) (Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 14.0.8052.1208 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8051.1204 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{8C1E2925-14F8-45AA-B999-1E2A74BF5607}) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.30.1 - ASUS)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.17 - ASUS)

==================== Restore Points  =========================

02-04-2014 07:01:39 Sprachpaketdeinstallation
02-04-2014 19:19:52 Sprachpaketdeinstallation
03-04-2014 07:20:44 Sprachpaketdeinstallation
03-04-2014 16:54:05 Sprachpaketdeinstallation
03-04-2014 19:31:34 Sprachpaketdeinstallation

==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-04-03 08:42 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0108D889-0F11-4861-98CE-497428B643E4} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-07-31] (ASUS)
Task: {27924240-4D7D-4141-8B06-8564817B9232} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK)
Task: {7B6E6FE0-1956-4C40-A8F6-B9E56CA71D2B} - \Scheduled Update for Ask Toolbar No Task File
Task: {7FD6C534-7194-4970-A929-C6063B5692B0} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-05-28] (ATK)
Task: {811A4837-2DB3-4F0B-B94A-1E7B5E30C2A0} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {91CA6E11-BC78-450A-9588-17128503C099} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe [2010-05-17] (asus)
Task: {D34EEA53-B5B7-438B-B01F-52690B83A6B4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-12] (Google Inc.)
Task: {DC2B33DB-1D41-4FBB-A5DB-EA2207F48D0C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-13] (Adobe Systems Incorporated)
Task: {EA1A419D-F120-4437-A6D3-3A11D27485B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-12] (Google Inc.)
Task: {F708ED90-CCBC-4800-BBE5-A9FD7C1814B2} - System32\Tasks\P4G Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-03-15 09:17 - 2013-08-30 00:43 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-03-16 03:48 - 2010-03-16 03:48 - 00148816 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\EcaremeDLL.dll
2010-08-12 02:54 - 2010-08-12 02:54 - 00030032 _____ () C:\Windows\assembly\GAC_MSIL\SqliteShared\1.0.3726.20828__0d0f4b69e50e559b\SqliteShared.dll
2010-08-12 02:54 - 2010-08-12 02:54 - 00931840 _____ () C:\Windows\assembly\GAC_64\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll
2010-01-11 19:27 - 2010-01-11 19:27 - 00017920 _____ () C:\Program Files\P4G\DevMng.dll
2010-05-06 03:22 - 2010-05-06 03:22 - 00108544 _____ () C:\Program Files\P4G\OvrClk.dll
2010-03-16 03:48 - 2010-03-16 03:48 - 01754448 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
2008-10-01 08:02 - 2008-10-01 08:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2010-08-12 03:17 - 2007-11-30 20:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
2011-04-10 18:40 - 2011-04-10 18:40 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-07-02 22:36 - 2010-07-02 22:36 - 01597440 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2010-08-12 02:37 - 2010-04-06 08:29 - 00244904 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2010-03-16 03:48 - 2010-03-16 03:48 - 00079184 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\EeeStorageUploader.exe
2009-11-02 23:20 - 2009-11-02 23:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 23:23 - 2009-11-02 23:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2010-02-24 00:14 - 2010-02-24 00:14 - 00071680 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Brightness.dll
2010-02-24 00:11 - 2010-02-24 00:11 - 00076288 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Volume.dll
2010-02-24 00:12 - 2010-02-24 00:12 - 00186880 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Resolution.dll
2010-02-24 00:14 - 2010-02-24 00:14 - 00050688 _____ () C:\Program Files (x86)\ASUS\ControlDeck\P4GControl.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:115CEE00
AlternateDataStreams: C:\ProgramData\Temp:2F370DA6
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/04/2014 05:24:30 PM) (Source: Outlook) (User: )
Description: Fehler beim Abrufen des Crawlbereichs-Managers. Fehler=0x8001010d.


System errors:
=============
Error: (04/03/2014 11:11:55 PM) (Source: ACPI) (User: )
Description: ACPI: ACPI-BIOS versucht, in einen ungültigen PCI-Operationsbereich (0x4) zu schreiben. Wenden Sie sich an den Systemhersteller, um technische Unterstützung zu erhalten.

Error: (04/03/2014 11:11:55 PM) (Source: ACPI) (User: )
Description: ACPI: ACPI-BIOS versucht, in einen ungültigen PCI-Operationsbereich (0x4) zu schreiben. Wenden Sie sich an den Systemhersteller, um technische Unterstützung zu erhalten.

Error: (04/03/2014 09:38:02 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: Das Sprachpaket für es-ES kann von CBS nicht entfernt werden. Zurückgegebener CBS-Fehlercode: 0x80073701.

Error: (04/03/2014 09:38:02 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: CBS-Fehler 0x80073701 '' bei Verwendung des Benutzeroberflächen-Sprachpakets für es-ES.

Error: (04/03/2014 09:37:20 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: Das Sprachpaket für pt-PT kann von CBS nicht entfernt werden. Zurückgegebener CBS-Fehlercode: 0x80073701.

Error: (04/03/2014 09:37:20 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: CBS-Fehler 0x80073701 '' bei Verwendung des Benutzeroberflächen-Sprachpakets für pt-PT.

Error: (04/03/2014 09:36:39 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: Das Sprachpaket für nl-NL kann von CBS nicht entfernt werden. Zurückgegebener CBS-Fehlercode: 0x80073701.

Error: (04/03/2014 09:36:39 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: CBS-Fehler 0x80073701 '' bei Verwendung des Benutzeroberflächen-Sprachpakets für nl-NL.

Error: (04/03/2014 09:35:52 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: Das Sprachpaket für it-IT kann von CBS nicht entfernt werden. Zurückgegebener CBS-Fehlercode: 0x80073701.

Error: (04/03/2014 09:35:52 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: CBS-Fehler 0x80073701 '' bei Verwendung des Benutzeroberflächen-Sprachpakets für it-IT.


Microsoft Office Sessions:
=========================
Error: (08/08/2012 08:22:39 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2078 seconds with 180 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-04-02 19:59:21.293
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-02 19:59:21.137
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 46%
Total physical RAM: 5932.49 MB
Available physical RAM: 3149.33 MB
Total Pagefile: 11863.11 MB
Available Pagefile: 8857.25 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Laufwerk C) (Fixed) (Total:149.05 GB) (Free:87.92 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:427.59 GB) (Free:372.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 9D8E95DE)
Partition 1: (Not Active) - (Size=20 GB) - (Type=1C)
Partition 2: (Active) - (Size=149 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=428 GB) - (Type=OF Extended)

==================== End Of Log ============================
         

Alt 04.04.2014, 17:15   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 - Standard

Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 [gelöst]



Ok, Kontrollscans mit MBAM und ESET bitte

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 05.04.2014, 12:35   #15
Nobbes03
 
Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 - Standard

Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 [gelöst]



Hallo!
Hier die gewünschten Log.

zuerst Eset

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=9d03a14f6de45545bf6c179ffce8b5d4
# engine=17763
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-05 10:53:33
# local_time=2014-04-05 12:53:33 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT 
# compatibility_mode=5892 16777213 88 94 840587 47534574 0 0
# scanned=451477
# found=0
# cleaned=0
# scan_time=14232
         
mbam:

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 04.04.2014
Suchlauf-Zeit: 18:44:06
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.0.1000
Malware Datenbank: v2014.04.04.04
Rootkit Datenbank: v2014.03.27.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 7
CPU: x64
Dateisystem: NTFS
Benutzer: MediMax

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 302848
Verstrichene Zeit: 14 Min, 2 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)
         
Gruß

Antwort

Themen zu Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701
appdata, appdatalow, bericht, betriebssystem, bingbar, browser, c:\windows, explorer, forum, gmer, google, helper, home, hängen, icon, internet, internet explorer, laptop, microsoft, nicht mehr, ordner, preferences, programm, registrierungsdatenbank, software, system32, temp, update, windows



Ähnliche Themen: Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701


  1. Windows 7 - Windows Explorer stürzt dauernd ab und Update KB3046482 lässt sich nicht installieren
    Alles rund um Windows - 31.05.2015 (12)
  2. Sandboxie funktionierte nicht mehr und lässt sich jetzt nicht neu installieren. (Windows 7)
    Log-Analyse und Auswertung - 15.10.2014 (5)
  3. Windows Firewall lässt sich nicht aktivieren - Fehlercode: 0x80070424
    Antiviren-, Firewall- und andere Schutzprogramme - 28.09.2014 (10)
  4. PC 'friert' nach Start öfter ein und Windows Update lässt sich nicht installieren
    Plagegeister aller Art und deren Bekämpfung - 20.09.2014 (13)
  5. Bundestrojaner - Windows XP lässt sich nicht neu installieren
    Plagegeister aller Art und deren Bekämpfung - 07.09.2014 (16)
  6. Windows Firewall lässt sich nicht aktivieren fehlercode 0x80070424
    Plagegeister aller Art und deren Bekämpfung - 29.09.2013 (26)
  7. Windows Firewall lässt sich nicht aktivieren. Fehlercode 0x80070424
    Log-Analyse und Auswertung - 05.08.2013 (13)
  8. Windows Update + FIX-IT + Microsoft £Anwendunge lassen sich nicht mehr installieren
    Log-Analyse und Auswertung - 25.07.2013 (1)
  9. Windows Firewall lässt sich nicht einschalten Fehlercode 0X80070424
    Plagegeister aller Art und deren Bekämpfung - 14.05.2012 (12)
  10. Fehlercode 0x80070424 // Windows - Firewall lässt sich nicht mehr aktivieren
    Log-Analyse und Auswertung - 26.03.2012 (5)
  11. Service Pack 1 Windows 7 lässt sich nicht installieren SP1 win7
    Alles rund um Windows - 19.04.2011 (31)
  12. HP Druckersoftware lässt sich unter Windows 7 nicht installieren.
    Alles rund um Windows - 10.10.2010 (7)
  13. Windows xp lässt sich nicht installieren
    Alles rund um Windows - 01.08.2010 (11)
  14. Windows fährt nicht hoch und lässt sich nich installieren.
    Alles rund um Windows - 19.07.2009 (4)
  15. Vundo.og - Windows lässt sich nicht neu installieren
    Plagegeister aller Art und deren Bekämpfung - 18.12.2008 (6)
  16. Windows lässt sich nach Virus nicht mehr installieren
    Plagegeister aller Art und deren Bekämpfung - 31.08.2007 (1)
  17. Firefox update lässt sich nicht installieren.
    Alles rund um Windows - 09.08.2007 (2)

Zum Thema Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 - Hallo! Ich versuche jetzt seit einiger Zeit das Update SP1 zu installieren. Ich bin darauf gestoßen, da mein Explorer(8) veraltet ist. Die Installattion hat wohl seit 2012 nicht funktioniert. Da - Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701...
Archiv
Du betrachtest: Update Windows 7 SP1 lässt sich nicht installieren Fehlercode 80073701 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.