Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Windows fährt alle 60min automatisch herunter?

Windows fährt alle 60min automatisch herunter?


Log-Analyse und Auswertung: Windows fährt alle 60min automatisch herunter?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 04.02.2014, 18:54   #1
Bartmas
 
Windows fährt alle 60min automatisch herunter? - Standard

Windows fährt alle 60min automatisch herunter?


Hallo

Ich habe seit einiger Zeit ein großes Problem mit meinem Rechner. Er fährt alle ungefähr 60 min automatisch herunter. In den Energieoptionen ist alles normal eingestellt, also das er nicht herunterfährt. Was mir aufgefallen ist das im Ereignisprotokoll ziemlich oft ereignis id: 219 (kernel-pnp) kommt. Ich komm nicht mehr weiter und bitte hier dringendst um eure Hilfe.
Ich habe diese anleitung ''erste Schritte zur Hilfe'' durchgeführt und hier sind die ersten Logfiles.

Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-02-04 18:23:37
Windows 6.2.9200  x64 \Device\Harddisk1\DR1 -> \Device\00000038 Corsair_Force_3_SSD rev.1.3.3 111,79GB
Running: Gmer-19357.exe; Driver: C:\Users\MB\AppData\Local\Temp\awtdqpow.sys


---- User code sections - GMER 2.1 ----

.text   C:\WINDOWS\system32\dwm.exe[828] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                                    00007ffb8b69169a 4 bytes [69, 8B, FB, 7F]
.text   C:\WINDOWS\system32\dwm.exe[828] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                                    00007ffb8b6916a2 4 bytes [69, 8B, FB, 7F]
.text   C:\WINDOWS\system32\dwm.exe[828] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                                       00007ffb8b69181a 4 bytes [69, 8B, FB, 7F]
.text   C:\WINDOWS\system32\dwm.exe[828] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                                       00007ffb8b691832 4 bytes [69, 8B, FB, 7F]
.text   C:\WINDOWS\system32\nvvsvc.exe[940] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                                 00007ffb8b69169a 4 bytes [69, 8B, FB, 7F]
.text   C:\WINDOWS\system32\nvvsvc.exe[940] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                                 00007ffb8b6916a2 4 bytes [69, 8B, FB, 7F]
.text   C:\WINDOWS\system32\nvvsvc.exe[940] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                                    00007ffb8b69181a 4 bytes [69, 8B, FB, 7F]
.text   C:\WINDOWS\system32\nvvsvc.exe[940] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                                    00007ffb8b691832 4 bytes [69, 8B, FB, 7F]
.text   C:\WINDOWS\Explorer.EXE[1560] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                                       00007ffb8b69169a 4 bytes [69, 8B, FB, 7F]
.text   C:\WINDOWS\Explorer.EXE[1560] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                                       00007ffb8b6916a2 4 bytes [69, 8B, FB, 7F]
.text   C:\WINDOWS\Explorer.EXE[1560] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                                          00007ffb8b69181a 4 bytes [69, 8B, FB, 7F]
.text   C:\WINDOWS\Explorer.EXE[1560] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                                          00007ffb8b691832 4 bytes [69, 8B, FB, 7F]

---- Threads - GMER 2.1 ----

Thread  C:\WINDOWS\system32\csrss.exe [524:548]                                                                                                                                    fffff9600097d4d0
Thread  C:\WINDOWS\Explorer.EXE [1560:3956]                                                                                                                                        00007ffb7b66d6bc
Thread  C:\Program Files\Windows Media Player\wmpnetwk.exe [2024:1624]                                                                                                             00007ffb89ac81b0

---- Registry - GMER 2.1 ----

Reg     HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@SystemStartTime                                                                                                          0xC4 0xAA 0x27 0x03 ...
Reg     HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@CMFStartTime                                                                                                             0x83 0xDE 0x27 0x03 ...
Reg     HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@CMFLastStartTime                                                                                                         0x3A 0x07 0xD7 0x7D ...
Reg     HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@SystemLastStartTime                                                                                                      0xA9 0x7F 0xD6 0x7D ...
Reg     HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData\BootLanguages@de-DE                                                                                                      55
Reg     HKLM\SYSTEM\CurrentControlSet\Control\GraphicsDrivers\Configuration\GSM000116843009_01_07DB_E2*BNQ785EM9B01359SL000_26_07DB_10^F377E13FA8AC1E7E2A9537F9C3A0824E@Timestamp  0x69 0xD3 0xE4 0x03 ...
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Lsa@LsaPid                                                                                                                           584
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{F4C0B258-D841-4763-877F-BCA6939D4BC5}\Connection@Name                                isatap.{5724FB20-3D11-406B-B433-0720176246AE}
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Executive@UuidSequenceNumber                                                                                         3900034
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed                                                                                          -405611264
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters@BootId                                                                          57
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters@BaseTime                                                                        403469468
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@POSTTime                                                                                                       26029
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server@InstanceID                                                                                                           ea87a2d1-626f-496a-88e7-434f09a
Reg     HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologger\AITEventLog@FileCounter                                                                                               3
Reg     HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologger\SQMLogger@FileCounter                                                                                                 7
Reg     HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologger\WdiContextLog@FileCounter                                                                                             3
Reg     HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0026832f19ca                                                                                                
Reg     HKLM\SYSTEM\CurrentControlSet\Services\bthserv\Parameters\BluetoothControlPanelTasks@State                                                                                 0
Reg     HKLM\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\Probe\{17a5dad6-d97c-4be6-8954-926f40595efc}@LastProbeTime                                                      1391463581
Reg     HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{F4C0B258-D841-4763-877F-BCA6939D4BC5}@InterfaceName                                                     isatap.{5724FB20-3D11-406B-B433-0720176246AE}
Reg     HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{F4C0B258-D841-4763-877F-BCA6939D4BC5}@ReusableType                                                      0
Reg     HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{F4C0B258-D841-4763-877F-BCA6939D4BC5}@DefunctTimestamp                                                  0x7B 0xFE 0xEF 0x52 ...
Reg     HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Teredo\PreviousState\ac-e8-7b-8d-3a-02@AddressCreationTimestamp                                                            0x94 0x8F 0x00 0x09 ...
Reg     HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Teredo\PreviousState\ac-e8-7b-8d-3a-02@ClientLocalPort                                                                     61228
Reg     HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Teredo\PreviousState\ac-e8-7b-8d-3a-02@TeredoAddress                                                                       2001:0:5ef5:79fd:2c78:781f:b288:7b6b
Reg     HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Teredo\PreviousState\ac-e8-7b-8d-3a-02@UPnPExternalPort                                                                    61228
Reg     HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch                                                                                                            3282
Reg     HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch                                                                                                           876
Reg     HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In                                 v2.22|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|LPort=3587|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\system32\svchost.exe|Svc=p2psvc|Name=@%systemroot%\system32\provsvc.dll,-200|Desc=@%systemroot%\system32\provsvc.dll,-201|EmbedCtxt=@%systemroot%\system32\provsvc.dll,-202|
Reg     HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out                                v2.22|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Private|RPort=3587|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\system32\svchost.exe|Svc=p2psvc|Name=@%systemroot%\system32\provsvc.dll,-203|Desc=@%systemroot%\system32\provsvc.dll,-204|EmbedCtxt=@%systemroot%\system32\provsvc.dll,-202|
Reg     HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In                                 v2.22|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Private|LPort=3540|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\system32\svchost.exe|Svc=pnrpsvc|Name=@%systemroot%\system32\provsvc.dll,-205|Desc=@%systemroot%\system32\provsvc.dll,-206|EmbedCtxt=@%systemroot%\system32\provsvc.dll,-202|
Reg     HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out                                v2.22|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Private|RPort=3540|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\system32\svchost.exe|Svc=pnrpsvc|Name=@%systemroot%\system32\provsvc.dll,-207|Desc=@%systemroot%\system32\provsvc.dll,-208|EmbedCtxt=@%systemroot%\system32\provsvc.dll,-202|
Reg     HKLM\SYSTEM\CurrentControlSet\Services\srvnet\Parameters@MajorSequence                                                                                                     56
Reg     HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{5724FB20-3D11-406B-B433-0720176246AE}@LeaseObtainedTime                                                1391459966
Reg     HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{5724FB20-3D11-406B-B433-0720176246AE}@T1                                                               1391503166
Reg     HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{5724FB20-3D11-406B-B433-0720176246AE}@T2                                                               1391535566
Reg     HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{5724FB20-3D11-406B-B433-0720176246AE}@LeaseTerminatesTime                                              1391546366
Reg     HKLM\SYSTEM\CurrentControlSet\Services\Winmgmt\Parameters@ServiceDllUnloadOnStop                                                                                           0
Reg     HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shutdown@CleanShutdown                                                                                             1
Reg     HKCU\Software\Microsoft\Windows\CurrentVersion\ImmersiveShell\StateStore@ProcessedPackageStateChangeVersion                                                                592
Reg     HKCU\Software\Microsoft\Windows\CurrentVersion\PushNotifications@MobileBroadbandLastResetDate                                                                              0x18 0x27 0x5A 0x05 ...
Reg     HKCU\Software\Microsoft\Windows\CurrentVersion\Store@LastTileRefresh                                                                                                       0x21 0x0F 0x81 0xA0 ...
Reg     HKCU\Software\Microsoft\Windows\CurrentVersion\Store\RefreshBannedAppList@BannedAppsLastModified                                                                           0x80 0x17 0xB8 0xED ...
Reg     HKCU\Software\Microsoft\Windows\Windows Error Reporting\Debug@StoreLocation                                                                                                C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Kernel_144_9d3dbb8252aced9f8d7b519936909be51a4cde12_00000000_cab_01190753

---- EOF - GMER 2.1 ----
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-02-2014
Ran by MB (administrator) on BARTMAS on 04-02-2014 18:12:52
Running from C:\Users\MB\Desktop
Windows 8.1 Enterprise Evaluation (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) E:\StandardProgramme\AntiVir\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) E:\StandardProgramme\AntiVir\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Atheros Commnucations) C:\Windows\System32\AdminService.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Windows\System32\wlms\wlms.exe
() E:\StandardProgramme\3\WTGService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) E:\StandardProgramme\AntiVir\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) E:\StandardProgramme\AntiVir\Avira\AntiVir Desktop\avwebg7.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\WINDOWS\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation)
HKLM-x32\...\Run: [avgnt] - E:\StandardProgramme\AntiVir\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-3469241050-3997586042-2601889986-1001\...\MountPoints2: {03dcb7c5-4cd5-11e3-8259-5404a66b4945} - "L:\AutoRun.exe" 
HKU\S-1-5-21-3469241050-3997586042-2601889986-1001\...\MountPoints2: {03dcb800-4cd5-11e3-8259-5404a66b4945} - "F:\AutoRun.exe" 
HKU\S-1-5-21-3469241050-3997586042-2601889986-1001\...\MountPoints2: {7c81caaa-51fd-11e3-825f-0026832f19ca} - "L:\.\Autorun.exe" AUTORUN=1
HKU\S-1-5-21-3469241050-3997586042-2601889986-1001\...\MountPoints2: {7c81cad0-51fd-11e3-825f-0026832f19ca} - "F:\.\Autorun.exe" AUTORUN=1
HKU\S-1-5-21-3469241050-3997586042-2601889986-1001\...\MountPoints2: {7f072434-3e92-11e3-824d-0026832f19ca} - "L:\AutoRun.exe" 
HKU\S-1-5-21-3469241050-3997586042-2601889986-1001\...\MountPoints2: {89fd9c8e-8aaa-11e3-826d-806e6f6e6963} - "F:\AutoRun.exe" 

==================== Internet (Whitelisted) ====================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=irmsd103&cd=2XzuyEtN2Y1L1QzuyDzztB0CzztDtCtAzytByCtA0E0DyCyEtN0D0Tzu0CyCyBtCtN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1L1C1H1B1QtCtDtA&cr=378628600&ir=
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd103&cd=2XzuyEtN2Y1L1QzuyDzztB0CzztDtCtAzytByCtA0E0DyCyEtN0D0Tzu0CyCyBtCtN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1L1C1H1B1QtCtDtA&cr=378628600&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd103&cd=2XzuyEtN2Y1L1QzuyDzztB0CzztDtCtAzytByCtA0E0DyCyEtN0D0Tzu0CyCyBtCtN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1L1C1H1B1QtCtDtA&cr=378628600&ir=
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd103&cd=2XzuyEtN2Y1L1QzuyDzztB0CzztDtCtAzytByCtA0E0DyCyEtN0D0Tzu0CyCyBtCtN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1L1C1H1B1QtCtDtA&cr=378628600&ir=
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd103&cd=2XzuyEtN2Y1L1QzuyDzztB0CzztDtCtAzytByCtA0E0DyCyEtN0D0Tzu0CyCyBtCtN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1L1C1H1B1QtCtDtA&cr=378628600&ir=
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd103&cd=2XzuyEtN2Y1L1QzuyDzztB0CzztDtCtAzytByCtA0E0DyCyEtN0D0Tzu0CyCyBtCtN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1L1C1H1B1QtCtDtA&cr=378628600&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd103&cd=2XzuyEtN2Y1L1QzuyDzztB0CzztDtCtAzytByCtA0E0DyCyEtN0D0Tzu0CyCyBtCtN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1L1C1H1B1QtCtDtA&cr=378628600&ir=
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\MB\AppData\Roaming\Mozilla\Firefox\Profiles\7htf7oh7.default
FF user.js: detected! => C:\Users\MB\AppData\Roaming\Mozilla\Firefox\Profiles\7htf7oh7.default\user.js
FF SearchEngineOrder.1: Mysearchdial
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Extension: MySearchDial NewTab - C:\Users\MB\AppData\Roaming\Mozilla\Firefox\Profiles\7htf7oh7.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8} [2013-11-03]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\MB\AppData\Roaming\Mozilla\Firefox\Profiles\7htf7oh7.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2013-12-20]
FF Extension: Adblock Plus - C:\Users\MB\AppData\Roaming\Mozilla\Firefox\Profiles\7htf7oh7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-27]

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; E:\StandardProgramme\AntiVir\Avira\AntiVir Desktop\sched.exe [440376 2013-12-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; E:\StandardProgramme\AntiVir\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; E:\StandardProgramme\AntiVir\Avira\AntiVir Desktop\avwebg7.exe [1011768 2013-12-12] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-12-20] (APN LLC.)
R2 AtherosSvc; C:\Windows\system32\AdminService.exe [208384 2012-08-29] (Atheros Commnucations)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2013-12-14] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 WLMS; C:\Windows\system32\wlms\wlms.exe [22016 2013-08-23] (Microsoft Corporation)
R2 WTGService; E:\StandardProgramme\3\WTGService.exe [327680 2010-12-23] ()

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-10-10] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [84720 2013-12-12] (Avira Operations GmbH & Co. KG)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-08-23] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2013-08-22] (Microsoft Corporation)
S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X]
S3 zte_ecm_enum_filter; \SystemRoot\System32\drivers\zte_ecm_enum_filter.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-04 18:12 - 2014-02-04 18:13 - 00013815 _____ () C:\Users\MB\Desktop\FRST.txt
2014-02-04 18:12 - 2014-02-04 18:12 - 00000000 ____D () C:\FRST
2014-02-04 18:11 - 2014-02-04 18:11 - 02080256 _____ (Farbar) C:\Users\MB\Desktop\FRST64.exe
2014-02-04 18:10 - 2014-02-04 18:10 - 00000466 _____ () C:\Users\MB\Desktop\defogger_disable.log
2014-02-04 18:10 - 2014-02-04 18:10 - 00000000 _____ () C:\Users\MB\defogger_reenable
2014-02-04 18:09 - 2014-02-04 18:07 - 00050477 _____ () C:\Users\MB\Desktop\Defogger.exe
2014-02-01 00:23 - 2014-02-01 00:23 - 00000124 _____ () C:\WINDOWS\setupact.log
2014-02-01 00:23 - 2014-02-01 00:23 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-02-01 00:22 - 2013-12-11 08:55 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-02-01 00:22 - 2013-12-09 01:34 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-02-01 00:22 - 2013-12-09 01:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-02-01 00:22 - 2013-11-27 16:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-02-01 00:22 - 2013-11-27 16:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-02-01 00:22 - 2013-11-27 15:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-02-01 00:22 - 2013-11-27 14:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-02-01 00:22 - 2013-11-27 13:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-02-01 00:22 - 2013-11-27 11:54 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-02-01 00:22 - 2013-11-27 11:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-02-01 00:22 - 2013-11-27 11:08 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-02-01 00:22 - 2013-11-27 10:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-02-01 00:22 - 2013-11-27 10:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-02-01 00:22 - 2013-11-27 10:17 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-02-01 00:22 - 2013-11-27 10:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-02-01 00:22 - 2013-11-27 09:58 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-02-01 00:22 - 2013-11-27 09:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-02-01 00:22 - 2013-11-27 09:20 - 04106240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-02-01 00:22 - 2013-11-27 05:01 - 00385614 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-02-01 00:22 - 2013-11-26 14:22 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-02-01 00:22 - 2013-11-26 14:20 - 02131120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-02-01 00:22 - 2013-11-26 14:20 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-02-01 00:22 - 2013-11-26 14:20 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-02-01 00:22 - 2013-11-26 12:50 - 01371312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-02-01 00:22 - 2013-11-26 12:44 - 02142936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-02-01 00:22 - 2013-11-26 12:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-02-01 00:22 - 2013-11-26 11:13 - 04191232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-02-01 00:22 - 2013-11-26 10:21 - 18577920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-02-01 00:22 - 2013-11-26 09:28 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-02-01 00:22 - 2013-11-25 02:45 - 00142680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-02-01 00:22 - 2013-11-25 02:32 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-02-01 00:22 - 2013-11-25 00:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-02-01 00:22 - 2013-11-25 00:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-02-01 00:22 - 2013-11-23 13:47 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-02-01 00:22 - 2013-11-23 12:49 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-02-01 00:22 - 2013-11-23 09:19 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-02-01 00:22 - 2013-11-23 08:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-02-01 00:22 - 2013-11-23 08:13 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-02-01 00:22 - 2013-11-23 08:08 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-02-01 00:22 - 2013-11-23 05:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-02-01 00:22 - 2013-11-23 04:57 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-02-01 00:22 - 2013-11-23 04:48 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-02-01 00:22 - 2013-11-23 04:25 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-02-01 00:22 - 2013-11-23 04:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-02-01 00:22 - 2013-11-23 04:19 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-02-01 00:22 - 2013-11-23 04:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-02-01 00:22 - 2013-11-21 07:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-02-01 00:22 - 2013-11-21 07:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-02-01 00:22 - 2013-11-16 06:11 - 00764856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-02-01 00:22 - 2013-11-15 19:19 - 00669344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-02-01 00:22 - 2013-11-15 15:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-02-01 00:22 - 2013-11-15 15:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-02-01 00:22 - 2013-11-15 15:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-02-01 00:22 - 2013-11-15 14:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-02-01 00:22 - 2013-11-05 21:12 - 02551128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-02-01 00:22 - 2013-10-31 01:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-02-01 00:22 - 2013-10-31 00:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-01-31 22:54 - 2014-02-04 18:02 - 00423847 _____ () C:\WINDOWS\WindowsUpdate.log
2014-01-31 22:33 - 2014-01-31 22:33 - 00000146 _____ () C:\Users\MB\Desktop\Java - Verknüpfung.lnk
2014-01-31 21:38 - 2014-01-31 22:53 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-01-31 21:38 - 2014-01-31 22:45 - 00000000 ____D () C:\Users\MB\Documents\Anti-Malware
2014-01-31 20:56 - 2014-01-31 20:56 - 00001367 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2014-01-31 20:55 - 2014-01-31 20:58 - 00000000 ____D () C:\Users\MB\AppData\Local\NVIDIA
2014-01-31 20:55 - 2014-01-31 20:55 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-01-31 20:55 - 2013-12-10 03:15 - 00982232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2014-01-31 20:55 - 2013-12-10 03:14 - 01100248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 30372640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 25257248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 22960416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 18310112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 18222008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 17560352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 15877216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 15230352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 12645664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-01-31 20:54 - 2013-12-19 21:33 - 11605752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 11554264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 09700224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 09657464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 03132704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 03125024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 03071656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 02947872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 02747680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 02698272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 01884448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433221.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 01511712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433221.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 01436528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 01242400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 00882464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 00879392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 00852768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 00847648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 00317472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 00266984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 00168616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 00141336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 00061216 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 00053024 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 00023754 _____ () C:\WINDOWS\system32\nvinfo.pb
2014-01-31 20:54 - 2013-12-05 09:42 - 00039200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2014-01-31 20:54 - 2013-12-05 09:42 - 00035104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2014-01-31 20:54 - 2013-12-05 09:42 - 00032544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2014-01-31 20:54 - 2013-11-28 14:38 - 00197408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2014-01-31 20:54 - 2013-11-28 14:38 - 00031520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2014-01-31 20:32 - 2014-01-31 20:32 - 00312744 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-01-31 20:32 - 2014-01-31 20:32 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-01-31 20:32 - 2014-01-31 20:32 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-01-31 20:32 - 2014-01-31 20:32 - 00108968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-01-31 20:31 - 2014-01-31 20:32 - 30796712 _____ (Oracle Corporation) C:\Users\MB\Downloads\jre-7u51-windows-x64.exe
2014-01-31 20:08 - 2013-12-09 01:15 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-01-31 20:08 - 2013-11-27 16:36 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-01-31 20:08 - 2013-11-27 12:41 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-01-31 20:08 - 2013-11-27 11:34 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-01-31 20:08 - 2013-11-27 10:54 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-01-31 20:08 - 2013-11-27 09:48 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-31 20:08 - 2013-11-27 09:45 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-01-31 20:08 - 2013-11-27 09:40 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-31 20:08 - 2013-11-27 09:38 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-01-31 20:08 - 2013-11-27 09:17 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-01-31 20:08 - 2013-11-27 09:12 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-01-31 19:15 - 2014-01-31 19:15 - 00000000 ____D () C:\Program Files\Java
2014-01-31 19:13 - 2014-01-31 20:04 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-01-30 21:20 - 2014-01-30 21:20 - 00000000 ____D () C:\Program Files\Common Files\Atheros
2014-01-26 21:53 - 2014-01-26 21:53 - 00000000 ____D () C:\Program Files (x86)\CPUID
2014-01-21 04:18 - 2014-01-31 20:04 - 00000000 ____D () C:\Program Files\WinRAR
2014-01-05 01:48 - 2014-01-31 20:03 - 00000000 ____D () C:\Users\MB\AppData\Local\The Witcher
2014-01-05 01:48 - 2014-01-05 02:22 - 00000000 ____D () C:\Users\MB\Documents\The Witcher
2014-01-05 01:47 - 2014-01-05 01:47 - 00000000 ____D () C:\Users\Public\Documents\The Witcher

==================== One Month Modified Files and Folders =======

2014-02-04 18:13 - 2014-02-04 18:12 - 00013815 _____ () C:\Users\MB\Desktop\FRST.txt
2014-02-04 18:12 - 2014-02-04 18:12 - 00000000 ____D () C:\FRST
2014-02-04 18:11 - 2014-02-04 18:11 - 02080256 _____ (Farbar) C:\Users\MB\Desktop\FRST64.exe
2014-02-04 18:10 - 2014-02-04 18:10 - 00000466 _____ () C:\Users\MB\Desktop\defogger_disable.log
2014-02-04 18:10 - 2014-02-04 18:10 - 00000000 _____ () C:\Users\MB\defogger_reenable
2014-02-04 18:10 - 2013-10-27 00:03 - 00000000 ____D () C:\Users\MB
2014-02-04 18:07 - 2014-02-04 18:09 - 00050477 _____ () C:\Users\MB\Desktop\Defogger.exe
2014-02-04 18:04 - 2013-10-27 00:06 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-04 18:04 - 2013-08-23 00:26 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat
2014-02-04 18:04 - 2013-08-23 00:26 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat
2014-02-04 18:03 - 2013-10-27 00:26 - 00003914 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1334734D-5160-4FF4-847A-43B2B7A9A337}
2014-02-04 18:03 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-02-04 18:02 - 2014-01-31 22:54 - 00423847 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-04 18:00 - 2013-10-27 00:15 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-04 18:00 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-02-03 22:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-02-03 21:58 - 2013-10-27 01:12 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-02-03 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-02-01 20:04 - 2013-10-27 00:08 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3469241050-3997586042-2601889986-1001
2014-02-01 00:29 - 2013-10-27 00:03 - 00000000 ___RD () C:\Users\MB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-01 00:29 - 2013-10-27 00:03 - 00000000 ___RD () C:\Users\MB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-01 00:28 - 2013-08-22 15:44 - 00335992 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-02-01 00:27 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-02-01 00:27 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-02-01 00:27 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-02-01 00:27 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-02-01 00:23 - 2014-02-01 00:23 - 00000124 _____ () C:\WINDOWS\setupact.log
2014-02-01 00:23 - 2014-02-01 00:23 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-02-01 00:23 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-02-01 00:23 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-02-01 00:23 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-02-01 00:00 - 2013-10-27 01:14 - 00046080 ___SH () C:\Users\MB\Desktop\Thumbs.db
2014-01-31 22:53 - 2014-01-31 21:38 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-01-31 22:49 - 2013-10-27 00:03 - 00000000 ____D () C:\Users\MB\AppData\Local\VirtualStore
2014-01-31 22:45 - 2014-01-31 21:38 - 00000000 ____D () C:\Users\MB\Documents\Anti-Malware
2014-01-31 22:33 - 2014-01-31 22:33 - 00000146 _____ () C:\Users\MB\Desktop\Java - Verknüpfung.lnk
2014-01-31 20:58 - 2014-01-31 20:55 - 00000000 ____D () C:\Users\MB\AppData\Local\NVIDIA
2014-01-31 20:56 - 2014-01-31 20:56 - 00001367 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2014-01-31 20:55 - 2014-01-31 20:55 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-01-31 20:55 - 2013-10-27 00:15 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-01-31 20:55 - 2013-10-27 00:15 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-01-31 20:32 - 2014-01-31 20:32 - 00312744 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-01-31 20:32 - 2014-01-31 20:32 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-01-31 20:32 - 2014-01-31 20:32 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-01-31 20:32 - 2014-01-31 20:32 - 00108968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-01-31 20:32 - 2014-01-31 20:31 - 30796712 _____ (Oracle Corporation) C:\Users\MB\Downloads\jre-7u51-windows-x64.exe
2014-01-31 20:28 - 2013-11-26 01:37 - 00000000 ____D () C:\Users\MB\AppData\Local\Deployment
2014-01-31 20:27 - 2013-12-01 04:11 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-01-31 20:25 - 2013-12-01 04:22 - 00000000 ____D () C:\Users\MB\AppData\Local\NVIDIA Corporation
2014-01-31 20:25 - 2013-10-27 00:15 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-01-31 20:19 - 2013-11-13 00:14 - 86054176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-31 20:19 - 2013-11-13 00:14 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-01-31 20:19 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-01-31 20:06 - 2013-11-20 16:53 - 00000000 ____D () C:\WINDOWS\Minidump
2014-01-31 20:04 - 2014-01-31 19:13 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-01-31 20:04 - 2014-01-21 04:18 - 00000000 ____D () C:\Program Files\WinRAR
2014-01-31 20:04 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\icsxml
2014-01-31 20:04 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\icsxml
2014-01-31 20:03 - 2014-01-05 01:48 - 00000000 ____D () C:\Users\MB\AppData\Local\The Witcher
2014-01-31 20:03 - 2013-11-26 01:37 - 00000000 ____D () C:\Users\MB\AppData\Local\Apps\2.0
2014-01-31 20:03 - 2013-11-02 01:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-01-31 20:03 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\registration
2014-01-31 20:03 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-01-31 20:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-01-31 19:15 - 2014-01-31 19:15 - 00000000 ____D () C:\Program Files\Java
2014-01-30 21:20 - 2014-01-30 21:20 - 00000000 ____D () C:\Program Files\Common Files\Atheros
2014-01-26 21:53 - 2014-01-26 21:53 - 00000000 ____D () C:\Program Files (x86)\CPUID
2014-01-21 04:18 - 2013-11-26 03:59 - 00000000 ____D () C:\Users\MB\AppData\Roaming\WinRAR
2014-01-18 20:29 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2014-01-12 06:30 - 2013-12-01 04:11 - 00214392 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2014-01-12 04:33 - 2013-11-14 03:25 - 00000375 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ics
2014-01-10 21:01 - 2013-12-01 04:11 - 00214392 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2014-01-06 23:31 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-01-06 23:31 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-05 02:22 - 2014-01-05 01:48 - 00000000 ____D () C:\Users\MB\Documents\The Witcher
2014-01-05 01:47 - 2014-01-05 01:47 - 00000000 ____D () C:\Users\Public\Documents\The Witcher

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-01 20:04

==================== End Of Log ============================
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-02-2014
Ran by MB at 2014-02-04 18:13:08
Running from C:\Users\MB\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

3DataManager (x32 Version: 3.0 - 3DataManager)
Adobe AIR (x32 Version: 3.9.0.1210 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1210 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Arduino (x32 Version: 1.0.5 - Arduino LLC)
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
Avira SearchFree Toolbar (x32 Version: 12.10.0.2949 - APN, LLC)
Battlefield 4™ (x32 Version: 1.0.0.1 - Electronic Arts)
CCleaner (Version: 4.08 - Piriform)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java 7 Update 51 (64-bit) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (x32 Version: 0.9 - AppWork GmbH)
Maxthon Cloud Browser (x32 Version: 4.2.0.4000 - Maxthon International Limited)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
MobileWiFi (x32 Version: TOOL-ConnLaucher_WIN1.09.02.00 - Huawei Technologies Co.,Ltd)
NVIDIA 3D Vision Controller-Treiber 332.21 (Version: 332.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 332.21 (Version: 332.21 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.1 (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 332.21 (Version: 332.21 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3221 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 332.21 (Version: 332.21 - NVIDIA Corporation) Hidden
NVIDIA Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.19 (Version: 1.2.19 - NVIDIA Corporation)
Origin (x32 Version: 9.3.11.2762 - Electronic Arts, Inc.)
PunkBuster Services (x32 Version: 0.993 - Even Balance, Inc.)
Python 3.3 pyreadline-2.0 (HKCU Version:  - )
Python 3.3 pyserial-2.7 (HKCU Version:  - )
Python 3.3.3 (x32 Version: 3.3.3150 - Python Software Foundation)
Rust (x32 Version:  - Facepunch Studios)
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
The Stanley Parable (x32 Version:  - Galactic Cafe)
The Witcher 2: Assassins of Kings Enhanced Edition (x32 Version:  - CD Projekt RED)
The Witcher: Enhanced Edition (x32 Version:  - CD Projekt RED)
WinZip 18.0 (x32 Version: 18.0.10661 - WinZip Computing, S.L. )
World of Tanks (x32 Version:  - Wargaming.net)

==================== Restore Points  =========================

17-01-2014 05:59:10 Windows Modules Installer
27-01-2014 19:26:17 Geplanter Prüfpunkt
30-01-2014 20:20:21 Windows Update
31-01-2014 19:02:58 Wiederherstellungsvorgang

==================== Hosts content: ==========================

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4C49B534-516D-434D-B422-AF8858926111} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-01-31] (Microsoft Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7EAEF73C-98C9-45CB-BF35-F3CA3450A3D7} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: {84667A5D-5D68-4FD1-A5B6-25EFC4432F27} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {94010744-FD73-4159-8F43-F5013964FE3D} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\mxup.exe [2013-11-21] (Maxthon International ltd.)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-10-27 00:47 - 2013-10-10 18:14 - 00394824 _____ () E:\StandardProgramme\AntiVir\Avira\AntiVir Desktop\sqlite3.dll
2013-12-29 22:31 - 2013-11-18 02:18 - 00258944 _____ () C:\Program Files (x86)\Maxthon\bin\Maxzlib.dll
2013-12-29 22:31 - 2013-11-18 02:18 - 00232760 _____ () C:\Program Files (x86)\Maxthon\Addons\Mobile\MxMobile.dll
2013-12-29 22:31 - 2013-11-18 02:18 - 00258944 _____ () C:\Program Files (x86)\Maxthon\Bin\maxzlib.dll
2013-12-29 22:31 - 2013-11-21 07:37 - 00887064 _____ () C:\Program Files (x86)\Maxthon\Core\Webkit\libglesv2.dll
2013-12-29 22:31 - 2013-11-21 07:37 - 00109336 _____ () C:\Program Files (x86)\Maxthon\Core\Webkit\libegl.dll
2013-12-29 22:31 - 2013-11-26 02:25 - 15990664 _____ () C:\Program Files (x86)\Maxthon\Core\Webkit\Npplugins\NPSWF32.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WLMS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WLMS => ""="Service"

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/03/2014 08:30:03 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (02/02/2014 02:24:13 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (02/01/2014 08:24:09 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (01/31/2014 09:57:23 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (01/31/2014 09:00:02 PM) (Source: Microsoft-Windows-LocationProvider) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database

Error: (01/31/2014 09:00:00 PM) (Source: ESENT) (User: )
Description: svchost (1160) SRUJet: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\WINDOWS\system32\SRU\SRU0038A.log.

Error: (01/31/2014 08:05:47 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -528.

Error: (01/31/2014 08:05:47 PM) (Source: ESENT) (User: )
Description: Catalog Database (1184) Catalog Database: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\WINDOWS\system32\CatRoot2\edb00019.log.

Error: (01/31/2014 08:02:59 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (01/30/2014 09:53:59 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]


System errors:
=============
Error: (02/04/2014 06:00:23 PM) (Source: ipnathlp) (User: )
Description: 

Error: (02/04/2014 06:00:23 PM) (Source: ipnathlp) (User: )
Description: 

Error: (02/03/2014 10:39:43 PM) (Source: disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk7\DR7 gefunden.

Error: (02/03/2014 10:39:43 PM) (Source: disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden.

Error: (02/03/2014 10:39:43 PM) (Source: disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.

Error: (02/03/2014 10:39:43 PM) (Source: disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk4\DR4 gefunden.

Error: (02/03/2014 10:39:26 PM) (Source: disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden.

Error: (02/03/2014 10:39:26 PM) (Source: disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.

Error: (02/03/2014 10:39:26 PM) (Source: disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk7\DR7 gefunden.

Error: (02/03/2014 10:39:26 PM) (Source: disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk4\DR4 gefunden.


Microsoft Office Sessions:
=========================
Error: (02/03/2014 08:30:03 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe)(User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (02/02/2014 02:24:13 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe)(User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (02/01/2014 08:24:09 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe)(User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (01/31/2014 09:57:23 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe)(User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (01/31/2014 09:00:02 PM) (Source: Microsoft-Windows-LocationProvider)(User: NT-AUTORITÄT)
Description: -2146893813

Error: (01/31/2014 09:00:00 PM) (Source: ESENT)(User: )
Description: svchost1160SRUJet: C:\WINDOWS\system32\SRU\SRU0038A.log-1811 (0xfffff8ed)

Error: (01/31/2014 08:05:47 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: -528

Error: (01/31/2014 08:05:47 PM) (Source: ESENT)(User: )
Description: Catalog Database1184Catalog Database: C:\WINDOWS\system32\CatRoot2\edb00019.log-1811 (0xfffff8ed)

Error: (01/31/2014 08:02:59 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert

Error: (01/30/2014 09:53:59 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe)(User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]


==================== Memory info =========================== 

Percentage of memory in use: 19%
Total physical RAM: 8168.76 MB
Available physical RAM: 6564.25 MB
Total Pagefile: 9448.76 MB
Available Pagefile: 7731.76 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.79 GB) (Free:78.3 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:232.88 GB) (Free:229.41 GB) NTFS
Drive e: () (Fixed) (Total:931.51 GB) (Free:481.46 GB) NTFS
Drive f: (MobileWiFi) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: CE9FCE9F)
Partition 1: (Active) - (Size=233 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 220C9A9C)
Partition 1: (Active) - (Size=112 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: EBB77844)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================
mit freundlichen Grüßen
Bartmas

Alt 04.02.2014, 19:51   #2
schrauber
/// the machine
/// TB-Ausbilder
 
Windows fährt alle 60min automatisch herunter? - Standard

Windows fährt alle 60min automatisch herunter?


Hi,

geht er einfach aus oder wird ein Bluescreen angezeigt?
__________________

__________________
Alt 04.02.2014, 19:57   #3
Bartmas
 
Windows fährt alle 60min automatisch herunter? - Standard

Windows fährt alle 60min automatisch herunter?


Er fährt normal herunter, wie wenn ich ihn herunterfahre nur hat ungewollt.

mfg
__________________
Alt 05.02.2014, 12:56   #4
schrauber
/// the machine
/// TB-Ausbilder
 
Windows fährt alle 60min automatisch herunter? - Standard

Windows fährt alle 60min automatisch herunter?


Also er zeigt schön das Bild an mit "Windows wird heruntergefahren" und so, als hättest du es angeklickt?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 05.02.2014, 15:07   #5
Bartmas
 
Windows fährt alle 60min automatisch herunter? - Standard

Windows fährt alle 60min automatisch herunter?


hi

ja er zeigt das bild an!

So heute wieder mal rechner gestartet, diesmal ist er nach 10 min automatisch heruntergefahren.

Das sind die Meldungen vom Ereignissprotokoll:

EBENE DATUM/UHRZEIT QUELLE EREIGNIS ID AUFGABENKATEGORIE
Warnung 05.02.2014 15:01:05 Kernel-PnP 219 (212)
Fehler 05.02.2014 15:01:04 SharedAccess_NAT 34001 Keine
Fehler 05.02.2014 15:00:48 Ntfs (Ntfs) 55 Keine
Warnung 05.02.2014 15:00:48 Ntfs (Microsoft-Windows-Ntfs) 98 Keine
Warnung 05.02.2014 15:00:45 BTHUSB 28 Keine
Warnung 05.02.2014 15:00:44 disk 153 Keine
Fehler 05.02.2014 14:54:08 Store-Licensing 512 Keine
Fehler 05.02.2014 14:51:03 disk 11 Keine

Das sind die ereignisse vom start des rechners bis zum automatischen herunterfahren.

Bitte um weitere Hilfe bin am verzweifeln und danke bis hierhin

mfg Bartmas

Geändert von Bartmas (05.02.2014 um 15:52 Uhr)

Alt 06.02.2014, 10:17   #6
schrauber
/// the machine
/// TB-Ausbilder
 
Windows fährt alle 60min automatisch herunter? - Standard

Windows fährt alle 60min automatisch herunter?


Zitat:
Warnung 05.02.2014 15:01:05 Kernel-PnP 219 (212)
Öffne die Meldung mal mit Doppelklick und poste den kompletten Inhalt. Sehr merkwürdig das Ganze...
__________________
--> Windows fährt alle 60min automatisch herunter?

Alt 06.02.2014, 16:38   #7
Bartmas
 
Windows fährt alle 60min automatisch herunter? - Standard

Windows fährt alle 60min automatisch herunter?


Ereigniseigenschaften - Ereignis 219, Kernel-PnP:

-Allgemein:
Fehler beim Laden des Treibers \Driver\WudfRd für das Gerät SWD\WPDBUSENUM\_??_USBSTOR#Disk&Ven_HUAWEI&Prod_SD_Storage&Rev_2.31#8&1c862274&0#{53f56307-b6bf-11d0
-Details:
+ System

- Provider

[ Name] Microsoft-Windows-Kernel-PnP
[ Guid] {9C205A39-1250-487D-ABD7-E831C6290539}

EventID 219

Version 0

Level 3

Task 212

Opcode 0

Keywords 0x8000000000000000

- TimeCreated

[ SystemTime] 2014-02-06T15:30:58.712580800Z

EventRecordID 44888

Correlation

- Execution

[ ProcessID] 4
[ ThreadID] 100

Channel System

Computer Bartmas

- Security

[ UserID] S-1-5-18


- EventData

DriverNameLength 119
DriverName SWD\WPDBUSENUM\_??_USBSTOR#Disk&Ven_HUAWEI&Prod_SD_Storage&Rev_2.31#8&1c862274&0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}
Status 3221226341
FailureNameLength 14
FailureName \Driver\WudfRd
Version 0

XML-Ansicht: - <Event xmlns="hxxp://schemas.microsoft.com/win/2004/08/events/event">
- <System>
<Provider Name="Microsoft-Windows-Kernel-PnP" Guid="{9C205A39-1250-487D-ABD7-E831C6290539}" />
<EventID>219</EventID>
<Version>0</Version>
<Level>3</Level>
<Task>212</Task>
<Opcode>0</Opcode>
<Keywords>0x8000000000000000</Keywords>
<TimeCreated SystemTime="2014-02-06T15:30:58.712580800Z" />
<EventRecordID>44888</EventRecordID>
<Correlation />
<Execution ProcessID="4" ThreadID="100" />
<Channel>System</Channel>
<Computer>Bartmas</Computer>
<Security UserID="S-1-5-18" />
</System>
- <EventData>
<Data Name="DriverNameLength">119</Data>
<Data Name="DriverName">SWD\WPDBUSENUM\_??_USBSTOR#Disk&Ven_HUAWEI&Prod_SD_Storage&Rev_2.31#8&1c862274&0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}</Data>
<Data Name="Status">3221226341</Data>
<Data Name="FailureNameLength">14</Data>
<Data Name="FailureName">\Driver\WudfRd</Data>
<Data Name="Version">0</Data>
</EventData>
</Event>

mfg
Bartmas

Alt 07.02.2014, 09:59   #8
schrauber
/// the machine
/// TB-Ausbilder
 
Windows fährt alle 60min automatisch herunter? - Standard

Windows fährt alle 60min automatisch herunter?


ist da irgendwas am Rechner angeklemmt via USB?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 07.02.2014, 21:35   #9
Bartmas
 
Windows fährt alle 60min automatisch herunter? - Standard

Windows fährt alle 60min automatisch herunter?


hi

maus, tastatur, mobile Internet, Gamepad und halt die usb3.0 am gehäuse vom motherboard aber der ist selten in Verwendung und die 2.0 am Gehäuse -> sind aber auch nicht in Verwendung

Geräte Manager:
USB Controller:

ASMedia USB 3.0 eXtensible-Hostcontroller - 0096 (microsoft)
ASMedia USB 3.0 eXtensible-Hostcontroller - 0096 (microsoft)
Atheros Valkyrie BootROM
Generic USB Hub
Generic USB Hub
HUAWEI Enumerator Device
HUAWEI Enumerator Device
HUAWEI Enumerator Device
HUAWEI Enumerator Device
HUAWEI Enumerator Device
HUAWEI Enumerator Device
HUAWEI Mobile Connect - Bus Enumerate Device
Intel(R) 6 Series/C200 Series Chipset Family USB Enhanced Host Controller - 1C2D
Intel(R) 6 Series/C200 Series Chipset Family USB Enhanced Host Controller - 1C26
Unbekanntes USB-Gerät (Fehler beim Anfordern einer Gerätebeschreibung.)
Unbekanntes USB-Gerät (Ungültige Gerätebeschreibung.)
USB-Massenspeichergerät
USB-Massenspeichergerät
USB-Massenspeichergerät
USB-Massenspeichergerät
USB-Massenspeichergerät
USB-Massenspeichergerät
USB-Massenspeichergerät
USB-Root-Hub
USB-Root-Hub
USB-Root-Hub (xHCI)
USB-Root-Hub (xHCI)
USB-Verbundgerät
USB-Verbundgerät
USB-Verbundgerät
USB-Verbundgerät
USB-Verbundgerät
USB-Verbundgerät
USB-Verbundgerät
USB-Verbundgerät


Gruß Bartmas

Alt 08.02.2014, 16:50   #10
schrauber
/// the machine
/// TB-Ausbilder
 
Windows fährt alle 60min automatisch herunter? - Standard

Windows fährt alle 60min automatisch herunter?


Rechner starten, alles Externe abklemmen und warten
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Windows fährt alle 60min automatisch herunter?
4d36e972-e325-11ce-bfc1-08002be10318, administrator, antivir, antivirus, avira, browser, defender, down, emsisoft, error, fehler, flash player, mozilla, newtab, nvidia, problem, registry, rundll, scan, security, server, services.exe, software, system, temp, teredo, windows, winlogon.exe, wmi


« octett stream (Paypal) - habe ich nun alles beseitigt? | OTLogfile Auswertung benötigt »


Ähnliche Themen: Windows fährt alle 60min automatisch herunter?


  1. NT-Autorität/System - PC fährt automatisch herunter - Blaster/Sasser-Virus?
    Plagegeister aller Art und deren Bekämpfung - 11.09.2014 (47)
  2. Virus auf den PC / Virenschutz automatisch entfernt/PC fährt sich nach belieben herunter/Sehr langsam
    Plagegeister aller Art und deren Bekämpfung - 26.04.2014 (1)
  3. Startbildschirm Weiß, Abgesicherter Modus fährt automatisch herunter
    Plagegeister aller Art und deren Bekämpfung - 13.08.2013 (3)
  4. Computer fährt sich automatisch herunter - BackDoor.Generic16.AUUY
    Log-Analyse und Auswertung - 25.05.2013 (2)
  5. Leerer Desktop, Computer fährt automatisch herunter
    Plagegeister aller Art und deren Bekämpfung - 09.01.2013 (29)
  6. Laptop (Lenovo G560) fährt automatisch, ungewollt herunter!
    Log-Analyse und Auswertung - 09.02.2012 (7)
  7. windows.exe und PC fährt automatisch herunter - Win32/Injector.DYT Trojaner
    Plagegeister aller Art und deren Bekämpfung - 15.11.2011 (11)
  8. PC fährt automatisch herunter
    Plagegeister aller Art und deren Bekämpfung - 30.09.2010 (13)
  9. Pc fährt automatisch ohne Fehlermeldung und Bluescrren herunter
    Plagegeister aller Art und deren Bekämpfung - 12.09.2010 (0)
  10. Windows fährt nach 1 Min herunter
    Alles rund um Windows - 08.08.2010 (6)
  11. flacor.dat - Windows fährt herunter
    Log-Analyse und Auswertung - 19.05.2010 (2)
  12. Windows fährt selbstständig herunter ...
    Log-Analyse und Auswertung - 02.12.2009 (1)
  13. Windows fährt nicht herunter
    Log-Analyse und Auswertung - 27.07.2009 (2)
  14. Pc fährt automatisch herunter
    Plagegeister aller Art und deren Bekämpfung - 16.12.2007 (4)
  15. Beim Starten des Internets fährt mein Antivirus programm automatisch herunter
    Antiviren-, Firewall- und andere Schutzprogramme - 24.07.2007 (13)
  16. Computer fährt alle 20 Minuten automatisch runter!
    Plagegeister aller Art und deren Bekämpfung - 21.05.2007 (19)
  17. PC fährt automatisch herunter "lsass.exe"
    Plagegeister aller Art und deren Bekämpfung - 27.08.2005 (7)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows fährt alle 60min automatisch herunter? - Hallo Ich habe seit einiger Zeit ein großes Problem mit meinem Rechner. Er fährt alle ungefähr 60 min automatisch herunter. In den Energieoptionen ist alles normal eingestellt, also das er - Windows fährt alle 60min automatisch herunter?...
Archiv
Du betrachtest: Windows fährt alle 60min automatisch herunter? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131