| |
| |||||||
Log-Analyse und Auswertung: Windows 7: Verdacht auf Trojaner (Probleme über Probleme)Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
13.03.2014, 04:24
| #1 | |
| |  Windows 7: Verdacht auf Trojaner (Probleme über Probleme) Sehr geehrtes Team vom Trojaner-Board, mein Computer spackt seit einer geraumen Zeit völlig rum. Normalerweise versuche ich meine Probleme einfach mir einer neu aufsetzten zu beheben, jedoch bin ich es satt und möchte mal herausfinden, was meine Fehler sind. Ich habe mehrere Probleme zugleich und stelle eine Liste von den Problemen auf: Probleme: 1) Crome ist beim Start zu langsam und braucht unnatürlich lange, bis er eine Seite geöffnet hat. Außerdem öffnet er manche Seiten gar nicht und ich bekomme eine Fehlermeldung, das ein Internetproblem besteht. Zugleich zeigt mir der Internetexplorer nach längerem Laufen des Computers gar keine Seiten mehr an und z.B. sei angeblich bei Youtube kein Java installiert, was quatsch ist. 2) Ich verliere ständig die Internetverbindung bei Spielen und werde somit ausgeschlossen. Darüberhinaus ist es auch üblich, dass ich ein unheimliche hohe Latenz aufweise und das Spiel somit unspielbar ist. PS: Es liegen 100% keine Modem vor und es liegt nicht an anderen Computern im Netzwerk. 3) Anwendungen, sei es Explorer (Crome+Internetexplorer), Anwendungen wie Teamspeak, oder Spiele, stürzen zufällig entweder mit dem Hinweis "Das Programm reagiert nicht mehr" oder auch gar keiner Rückmeldung ab und schließt sich dann. 4) Der Pc Boot verläuft bemerkbar langsamer ab, als ich gewohnt bin. 5) Den "Echtzeitscann" bei der "Antivir-Free-Version" bekomme ich zum verreckten einfach nicht auf "Aktiviert" gestellt. Ich hatte dannach schon gegoggled und eine Lösung gefunden mit Malwarebytes und anderen zwei Tools, wo er seine Berichte geposted hatte, jedoch wollte ich mich daran nicht versuchen, da ihr davon abgeraten hattet. 6) Antvir und Malwarebyte spucken immer wieder Funde herraus, die jedoch nach erneuter Suche immer wieder auftreten oder spätestens beim Systemneustart. 7) Zufällig bekomm ich ein bis mehrmals gleichzeitig diese Fehlermeldung: hxxp://i.imgur.com/sYY9rFt.jpg 8) Zu Letzt bekomme ich auch manchmal folgende Fehlermeldung, wenn ich versuche mit Hilfe von Strg+Shift+Esc den Taskmanager aufzurufen: taskmgr.exe - Systemfehler Das Programm kann nicht gestartet werden, da pcwum.dll auf dem Computer fehlt. Installieren Sie das Programm erneut, um das Problem zu beheben. Dieses Problem hab ich aber wie schon erwähnt nur manchmal und dies verstehe ich auch nicht. Im Großen und Ganzen sind das meine Probleme, aus die ich einfach nicht Schlau werde. Es hat sicherlich etwas mit diesen Funden zutun, die ich immer wieder finde, aber bevor ich falsche Sachen an meinem Pc vornehme, lasse ich mich lieber von fähigen Pc-Experten beraten und führen. Zu guter Letzt werde ich nun die Berichte posten, die auf folgender Seite mir ans Herz gelegt wurden. Mein Pc ist Bootfähig! Seite: http://www.trojaner-board.de/69886-a...-beachten.html Berichte von meinem Computer: Schritt 1: Hat funktioniert ohne Rückmeldung. Re-enable Button habe ich daraufhin auch nicht gedrückt. Schritt 2: Farbar's Recovery Scan Tool FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-03-2014 01
Ran by Kevin (administrator) on KEVIN_S on 13-03-2014 04:17:20
Running from C:\Users\Kevin\Downloads
Windows 7 Ultimate (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Hi-Rez Studios) D:\Smite\HiPatchService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Realtek) C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\RtlService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\regsvr32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Razer USA Ltd) C:\Program Files (x86)\Razer\Nostromo\RazerNostromoSysTray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\RtWlan.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [6868280 2012-05-21] (Logitech Inc.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10151968 2010-05-20] (Realtek Semiconductor)
HKLM-x32\...\Run: [Razer Nostromo Driver] - C:\Program Files (x86)\Razer\Nostromo\RazerNostromoSysTray.exe [978840 2011-07-19] (Razer USA Ltd)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-10-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Avira Systray] - C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [172624 2014-03-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-25] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2747213580-207876330-2301896138-1000\...\Run: [UZRmedia] - regsvr32.exe C:\Users\Kevin\AppData\Local\UZRmedia\Hidnet24.dll <===== ATTENTION
HKU\S-1-5-21-2747213580-207876330-2301896138-1000\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-2747213580-207876330-2301896138-1000\...\MountPoints2: {4b09e8b9-9585-11e3-a541-001f1fe447f5} - G:\Lenovo_USB_Driver.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x05871061813DCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Chrome:
=======
CHR HomePage:
CHR Extension: (Google Drive) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-10]
CHR Extension: (YouTube) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-10]
CHR Extension: (Google-Suche) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-10]
CHR Extension: (AdBlock) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-12-10]
CHR Extension: (Yulia Brodskaya) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlgdloilieclkegafohackmhffbmdpko [2013-12-10]
CHR Extension: (Google Wallet) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-10]
CHR Extension: (Google Mail) - C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-10]
==================== Services (Whitelisted) =================
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-10-08] (Advanced Micro Devices, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [116816 2014-03-07] (Avira Operations GmbH & Co. KG)
U2 HiPatchService; D:\Smite\HiPatchService.exe [9216 2014-02-28] (Hi-Rez Studios)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-02-26] (LogMeIn, Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-12-15] ()
R2 Realtek11nCU; C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek)
==================== Drivers (Whitelisted) ====================
R3 1394ohci; C:\Windows\System32\DRIVERS\1394ohci.sys [227840 2009-07-14] ()
R0 ACPI; C:\Windows\System32\DRIVERS\ACPI.sys [334416 2009-07-14] ()
S3 AcpiPmi; C:\Windows\system32\DRIVERS\acpipmi.sys [12288 2009-07-14] ()
S3 adp94xx; C:\Windows\system32\DRIVERS\adp94xx.sys [491088 2009-07-14] ()
S3 adpahci; C:\Windows\system32\DRIVERS\adpahci.sys [339536 2009-07-14] ()
S3 adpu320; C:\Windows\system32\DRIVERS\adpu320.sys [182864 2009-07-14] ()
R1 AFD; C:\Windows\system32\drivers\afd.sys [500224 2009-07-14] ()
S3 agp440; C:\Windows\system32\DRIVERS\agp440.sys [61008 2009-07-14] ()
S3 aliide; C:\Windows\system32\DRIVERS\aliide.sys [15440 2009-07-14] ()
S3 amdide; C:\Windows\system32\DRIVERS\amdide.sys [15440 2009-07-14] ()
S3 AmdK8; C:\Windows\system32\DRIVERS\amdk8.sys [64512 2009-07-14] ()
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [12534784 2013-10-08] ()
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [619008 2013-10-08] ()
R3 AmdPPM; C:\Windows\System32\DRIVERS\amdppm.sys [60928 2009-07-14] ()
S3 amdsata; C:\Windows\system32\DRIVERS\amdsata.sys [106576 2009-07-14] ()
S3 amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys [194128 2009-07-14] ()
R0 amdxata; C:\Windows\System32\DRIVERS\amdxata.sys [28752 2009-07-14] ()
R2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57512 2012-11-20] ()
S3 AppID; C:\Windows\system32\drivers\appid.sys [61440 2009-07-14] ()
S3 arc; C:\Windows\system32\DRIVERS\arc.sys [87632 2009-07-14] ()
S3 arcsas; C:\Windows\system32\DRIVERS\arcsas.sys [97856 2009-07-14] ()
S3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-14] ()
R0 atapi; C:\Windows\System32\DRIVERS\atapi.sys [24128 2009-07-14] ()
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [96256 2013-07-05] ()
S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-25] (Avira Operations GmbH & Co. KG)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2014-02-25] (Avira Operations GmbH & Co. KG)
S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
S3 b06bdrv; C:\Windows\system32\DRIVERS\bxvbda.sys [468480 2009-06-10] ()
S3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] ()
U5 BattC; C:\Windows\System32\Drivers\BattC.sys [28240 2009-07-14] ()
R1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-14] ()
R1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [45056 2009-07-14] ()
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2009-07-14] ()
S3 BrFiltLo; C:\Windows\system32\DRIVERS\BrFiltLo.sys [18432 2009-06-10] ()
S3 BrFiltUp; C:\Windows\system32\DRIVERS\BrFiltUp.sys [8704 2009-06-10] ()
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-14] ()
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] ()
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] ()
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] ()
S3 BTHMODEM; C:\Windows\system32\DRIVERS\bthmodem.sys [72192 2009-07-14] ()
R4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-14] ()
R1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [147456 2009-07-14] ()
S3 circlass; C:\Windows\system32\DRIVERS\circlass.sys [45568 2009-07-14] ()
R0 CLFS; C:\Windows\System32\CLFS.sys [367696 2009-07-14] ()
S3 CmBatt; C:\Windows\system32\DRIVERS\CmBatt.sys [17664 2009-07-14] ()
S3 cmdide; C:\Windows\system32\DRIVERS\cmdide.sys [17488 2009-07-14] ()
R0 CNG; C:\Windows\System32\Drivers\cng.sys [460504 2009-07-14] ()
S3 Compbatt; C:\Windows\system32\DRIVERS\compbatt.sys [21584 2009-07-14] ()
R3 CompositeBus; C:\Windows\System32\DRIVERS\CompositeBus.sys [38912 2009-07-14] ()
S4 crcdisk; C:\Windows\system32\DRIVERS\crcdisk.sys [24144 2009-07-14] ()
R1 CSC; C:\Windows\System32\drivers\csc.sys [514048 2009-07-14] ()
U5 d9c0704a342146bd; C:\Windows\System32\Drivers\d9c0704a342146bd.sys [78800 2014-01-02] () <===== ATTENTION Necurs Rootkit?
R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2009-07-14] ()
R1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-14] ()
R0 Disk; C:\Windows\System32\DRIVERS\disk.sys [73280 2009-07-14] ()
S3 drmkaud; C:\Windows\System32\drivers\drmkaud.sys [5632 2009-07-14] ()
R3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [982600 2009-11-04] ()
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] ()
S3 elxstor; C:\Windows\system32\DRIVERS\elxstor.sys [530496 2009-07-14] ()
S3 ErrDev; C:\Windows\system32\DRIVERS\errdev.sys [9728 2009-07-14] ()
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-14] ()
S3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-14] ()
S3 fdc; C:\Windows\system32\DRIVERS\fdc.sys [29696 2009-07-14] ()
R0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-14] ()
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-14] ()
S3 flpydisk; C:\Windows\system32\DRIVERS\flpydisk.sys [24576 2009-07-14] ()
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [290368 2009-07-14] ()
S3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [55376 2009-07-14] ()
U0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23104 2009-07-14] ()
R0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223448 2009-07-14] ()
S3 gagp30kx; C:\Windows\system32\DRIVERS\gagp30kx.sys [65088 2009-07-14] ()
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [33856 2009-03-18] ()
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] ()
S3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [350208 2009-07-14] ()
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [122368 2009-07-14] ()
S3 HidBatt; C:\Windows\system32\DRIVERS\HidBatt.sys [26624 2009-07-14] ()
S3 HidBth; C:\Windows\system32\DRIVERS\hidbth.sys [100864 2009-07-14] ()
S3 HidIr; C:\Windows\system32\DRIVERS\hidir.sys [46592 2009-07-14] ()
R3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [30208 2009-07-14] ()
S3 HpSAMD; C:\Windows\system32\DRIVERS\HpSAMD.sys [77888 2009-07-14] ()
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [751616 2009-07-14] ()
R0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14416 2009-07-14] ()
S3 i8042prt; C:\Windows\System32\DRIVERS\i8042prt.sys [105472 2009-07-14] ()
S3 iaStorV; C:\Windows\system32\DRIVERS\iaStorV.sys [410688 2009-07-14] ()
S3 iirsp; C:\Windows\system32\DRIVERS\iirsp.sys [44112 2009-07-14] ()
R3 IntcAzAudAddService; C:\Windows\System32\drivers\RTKVHD64.sys [2350240 2010-05-20] ()
S3 intelide; C:\Windows\system32\DRIVERS\intelide.sys [16960 2009-07-14] ()
S3 intelppm; C:\Windows\system32\DRIVERS\intelppm.sys [62464 2009-07-14] ()
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2009-07-14] ()
S3 IPMIDRV; C:\Windows\system32\DRIVERS\IPMIDrv.sys [78848 2009-07-14] ()
R3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-14] ()
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-14] ()
S3 isapnp; C:\Windows\system32\DRIVERS\isapnp.sys [20544 2009-07-14] ()
S3 iScsiPrt; C:\Windows\system32\DRIVERS\msiscsi.sys [224832 2009-07-14] ()
R3 kbdclass; C:\Windows\System32\DRIVERS\kbdclass.sys [50768 2009-07-14] ()
R3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [33280 2009-07-14] ()
R0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95312 2009-07-14] ()
R0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [153152 2009-07-14] ()
R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [20992 2009-07-14] ()
R3 LGBusEnum; C:\Windows\System32\drivers\LGBusEnum.sys [22408 2009-11-24] ()
R3 LGVirHid; C:\Windows\System32\drivers\LGVirHid.sys [16008 2009-11-24] ()
R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-14] ()
S3 LSI_FC; C:\Windows\system32\DRIVERS\lsi_fc.sys [114752 2009-07-14] ()
S3 LSI_SAS; C:\Windows\system32\DRIVERS\lsi_sas.sys [106560 2009-07-14] ()
S3 LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys [65600 2009-07-14] ()
S3 LSI_SCSI; C:\Windows\system32\DRIVERS\lsi_scsi.sys [115776 2009-07-14] ()
R2 luafv; C:\Windows\system32\drivers\luafv.sys [113152 2009-07-14] ()
S3 megasas; C:\Windows\system32\DRIVERS\megasas.sys [35392 2009-07-14] ()
S3 MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys [284736 2009-07-14] ()
S3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-14] ()
R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-14] ()
R3 mouclass; C:\Windows\System32\DRIVERS\mouclass.sys [49216 2009-07-14] ()
R3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [31232 2009-07-14] ()
R0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94784 2009-07-14] ()
S3 mpio; C:\Windows\system32\DRIVERS\mpio.sys [155216 2009-07-14] ()
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2009-07-14] ()
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [140800 2009-07-14] ()
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [157184 2009-07-14] ()
R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [285696 2009-07-14] ()
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [125952 2009-07-14] ()
S3 msahci; C:\Windows\system32\DRIVERS\msahci.sys [30272 2009-07-14] ()
S3 msdsm; C:\Windows\system32\DRIVERS\msdsm.sys [140352 2009-07-14] ()
R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [26112 2009-07-14] ()
R3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-14] ()
R0 msisadrv; C:\Windows\System32\DRIVERS\msisadrv.sys [15424 2009-07-14] ()
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-14] ()
S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-14] ()
S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-14] ()
S3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [367168 2009-07-14] ()
R1 mssmbios; C:\Windows\System32\DRIVERS\mssmbios.sys [32320 2009-07-14] ()
S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-14] ()
S3 MTConfig; C:\Windows\system32\DRIVERS\MTConfig.sys [15360 2009-07-14] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R0 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-14] ()
R3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-14] ()
R0 NDIS; C:\Windows\System32\drivers\ndis.sys [947776 2009-07-14] ()
S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-14] ()
R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-14] ()
R3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56320 2009-07-14] ()
R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2009-07-14] ()
R3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [57856 2009-07-14] ()
R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-14] ()
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [259072 2009-07-14] ()
S3 nfrd960; C:\Windows\system32\DRIVERS\nfrd960.sys [51264 2009-07-14] ()
R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [44032 2009-07-14] ()
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-14] ()
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1659984 2009-07-14] ()
R1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-14] ()
S3 nvraid; C:\Windows\system32\DRIVERS\nvraid.sys [149056 2009-07-14] ()
S3 nvstor; C:\Windows\system32\DRIVERS\nvstor.sys [167488 2009-07-14] ()
S3 nv_agp; C:\Windows\system32\DRIVERS\nv_agp.sys [122960 2009-07-14] ()
S3 ohci1394; C:\Windows\system32\DRIVERS\ohci1394.sys [72832 2009-07-14] ()
R3 Parport; C:\Windows\System32\DRIVERS\parport.sys [97280 2009-07-14] ()
R0 partmgr; C:\Windows\System32\drivers\partmgr.sys [75840 2009-07-14] ()
R0 pci; C:\Windows\System32\DRIVERS\pci.sys [183872 2009-07-14] ()
R0 pciide; C:\Windows\System32\DRIVERS\pciide.sys [12352 2009-07-14] ()
S3 pcmcia; C:\Windows\system32\DRIVERS\pcmcia.sys [220752 2009-07-14] ()
R0 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-14] ()
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [651264 2009-07-14] ()
R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111616 2009-07-14] ()
S3 Processor; C:\Windows\system32\DRIVERS\processr.sys [60416 2009-07-14] ()
R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2009-07-14] ()
S3 ql2300; C:\Windows\system32\DRIVERS\ql2300.sys [1524816 2009-07-14] ()
S3 ql40xx; C:\Windows\system32\DRIVERS\ql40xx.sys [128592 2009-07-14] ()
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2009-07-14] ()
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-14] ()
R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-14] ()
R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [130048 2009-07-14] ()
R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-14] ()
R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-14] ()
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2009-07-14] ()
R3 rdpbus; C:\Windows\System32\DRIVERS\rdpbus.sys [24064 2009-07-14] ()
R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-14] ()
S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [165376 2009-07-14] ()
R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-14] ()
R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-14] ()
S3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [204800 2009-07-14] ()
R0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [214096 2009-07-14] ()
R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-14] ()
R3 RTL8167; C:\Windows\System32\DRIVERS\Rt64win7.sys [347680 2010-05-20] ()
R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [762472 2010-08-06] ()
R3 rzjoystk; C:\Windows\System32\DRIVERS\rzjoystk.sys [19968 2011-03-24] ()
R3 RzSynapse; C:\Windows\System32\DRIVERS\RzSynapse.sys [157184 2011-07-14] ()
S3 s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [6656 2009-07-14] ()
S3 sbp2port; C:\Windows\system32\DRIVERS\sbp2port.sys [104016 2009-07-14] ()
R1 SCDEmu; C:\Windows\System32\Drivers\SCDEmu.sys [126912 2012-04-19] ()
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2009-07-14] ()
R2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] ()
R3 Serenum; C:\Windows\System32\DRIVERS\serenum.sys [23552 2009-07-14] ()
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] ()
S3 sermouse; C:\Windows\system32\DRIVERS\sermouse.sys [26624 2009-07-14] ()
S3 sffdisk; C:\Windows\system32\DRIVERS\sffdisk.sys [14336 2009-07-14] ()
S3 sffp_mmc; C:\Windows\system32\DRIVERS\sffp_mmc.sys [13824 2009-07-14] ()
S3 sffp_sd; C:\Windows\system32\DRIVERS\sffp_sd.sys [14336 2009-07-14] ()
S3 sfloppy; C:\Windows\system32\DRIVERS\sfloppy.sys [16896 2009-07-14] ()
S3 SiSRaid2; C:\Windows\system32\DRIVERS\SiSRaid2.sys [43584 2009-07-14] ()
S3 SiSRaid4; C:\Windows\system32\DRIVERS\sisraid4.sys [80464 2009-07-14] ()
S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-14] ()
R0 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-14] ()
R3 srv; C:\Windows\System32\DRIVERS\srv.sys [465408 2009-07-14] ()
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [407040 2009-07-14] ()
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [162816 2009-07-14] ()
S3 stexstor; C:\Windows\system32\DRIVERS\stexstor.sys [24656 2009-07-14] ()
R0 storflt; C:\Windows\System32\DRIVERS\vmstorfl.sys [46672 2009-07-14] ()
S3 storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [34896 2009-07-14] ()
R3 swenum; C:\Windows\System32\DRIVERS\swenum.sys [12496 2009-07-14] ()
R0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1898576 2009-07-14] ()
S3 TCPIP6; C:\Windows\System32\DRIVERS\tcpip.sys [1898576 2009-07-14] ()
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [44544 2009-07-14] ()
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-14] ()
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2009-07-14] ()
R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [99840 2009-07-14] ()
R1 TermDD; C:\Windows\System32\DRIVERS\termdd.sys [62544 2009-07-14] ()
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [38400 2009-07-14] ()
R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2009-07-14] ()
S3 uagp35; C:\Windows\system32\DRIVERS\uagp35.sys [64080 2009-07-14] ()
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [327168 2009-07-14] ()
S3 uliagpkx; C:\Windows\system32\DRIVERS\uliagpkx.sys [64592 2009-07-14] ()
R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [48640 2009-07-14] ()
S3 UmPass; C:\Windows\system32\DRIVERS\umpass.sys [9728 2009-07-14] ()
R3 usbaudio; C:\Windows\System32\drivers\usbaudio.sys [109568 2009-07-14] ()
R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [98816 2009-07-14] ()
S3 usbcir; C:\Windows\system32\DRIVERS\usbcir.sys [100352 2009-07-14] ()
R3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [51200 2009-07-14] ()
R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2009-07-14] ()
R3 usbohci; C:\Windows\System32\DRIVERS\usbohci.sys [25600 2009-07-14] ()
S3 usbprint; C:\Windows\system32\DRIVERS\usbprint.sys [25088 2009-07-14] ()
S3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [89600 2009-07-14] ()
S3 usbuhci; C:\Windows\system32\DRIVERS\usbuhci.sys [30720 2009-07-14] ()
R0 vdrvroot; C:\Windows\System32\DRIVERS\vdrvroot.sys [36432 2009-07-14] ()
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-14] ()
R1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-14] ()
S3 vhdmp; C:\Windows\system32\DRIVERS\vhdmp.sys [217680 2009-07-14] ()
S3 viaide; C:\Windows\system32\DRIVERS\viaide.sys [17488 2009-07-14] ()
S3 vmbus; C:\Windows\system32\DRIVERS\vmbus.sys [200272 2009-07-14] ()
S3 VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [21760 2009-07-14] ()
R0 volmgr; C:\Windows\System32\DRIVERS\volmgr.sys [71760 2009-07-14] ()
R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363584 2009-07-14] ()
R0 volsnap; C:\Windows\System32\DRIVERS\volsnap.sys [294992 2009-07-14] ()
R3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [187904 2009-11-04] ()
R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [66304 2009-11-04] ()
R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [95232 2009-11-04] ()
R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [359552 2009-11-04] ()
S3 vsmraid; C:\Windows\system32\DRIVERS\vsmraid.sys [161872 2009-07-14] ()
R3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [24576 2009-07-14] ()
R1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [59904 2009-07-14] ()
S3 vwifimp; C:\Windows\System32\DRIVERS\vwifimp.sys [17920 2009-07-14] ()
S3 WacomPen; C:\Windows\system32\DRIVERS\wacompen.sys [27776 2009-07-14] ()
S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2009-07-14] ()
R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2009-07-14] ()
S3 Wd; C:\Windows\system32\DRIVERS\wd.sys [21056 2009-07-14] ()
R0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [654928 2009-07-14] ()
R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-14] ()
S3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [22096 2009-07-14] ()
R3 WmiAcpi; C:\Windows\System32\DRIVERS\wmiacpi.sys [14336 2009-07-14] ()
S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2009-07-14] ()
R3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [112128 2009-07-14] ()
S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [172544 2009-07-14] ()
S3 xnacc; C:\Windows\System32\DRIVERS\xnacc.sys [679936 2009-07-14] ()
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-13 04:17 - 2014-03-13 04:17 - 00027051 _____ () C:\Users\Kevin\Downloads\FRST.txt
2014-03-13 04:16 - 2014-03-13 04:16 - 02157056 _____ (Farbar) C:\Users\Kevin\Downloads\FRST64 (1).exe
2014-03-13 04:14 - 2014-03-13 04:15 - 00000472 _____ () C:\Users\Kevin\Downloads\defogger_disable.log
2014-03-13 04:14 - 2014-03-13 04:14 - 00000000 _____ () C:\Users\Kevin\defogger_reenable
2014-03-13 04:12 - 2014-03-13 04:12 - 00050477 _____ () C:\Users\Kevin\Downloads\Defogger.exe
2014-03-13 04:06 - 2014-03-13 04:10 - 00002794 _____ () C:\Users\Kevin\Desktop\Neues Textdokument (2).txt
2014-03-13 03:18 - 2014-03-13 04:17 - 00000000 ____D () C:\FRST
2014-03-13 03:17 - 2014-03-13 03:17 - 02157056 _____ (Farbar) C:\Users\Kevin\Downloads\FRST64.exe
2014-03-13 03:09 - 2014-03-13 03:28 - 00000112 _____ () C:\Windows\setupact.log
2014-03-13 03:09 - 2014-03-13 03:09 - 00084668 _____ () C:\Windows\PFRO.log
2014-03-13 03:09 - 2014-03-13 03:09 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-13 02:14 - 2014-03-13 02:14 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Avira
2014-03-13 02:13 - 2014-02-25 11:41 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-03-13 02:13 - 2014-02-25 11:41 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-03-13 02:13 - 2014-02-25 11:41 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-03-13 02:09 - 2014-03-13 02:13 - 00000000 ____D () C:\ProgramData\Avira
2014-03-13 02:09 - 2014-03-13 02:13 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-03-13 02:09 - 2014-03-13 02:09 - 00000400 _____ () C:\Windows\WindowsUpdate.log
2014-03-13 02:05 - 2014-03-13 02:10 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F869E1D1-5B82-488D-9FEB-12FCC8122624}
2014-03-11 00:31 - 2014-02-21 10:21 - 00000000 ____D () C:\Users\Kevin\Downloads\Plague.Inc.Evolved.Early.Access.Cracked-3DM
2014-03-10 22:49 - 2013-11-08 09:12 - 00000000 ____D () C:\Users\Kevin\Downloads\After.Earth.2013.BDRip.AC3.German.XviD-MB
2014-03-10 16:02 - 2014-03-10 16:06 - 86944409 _____ () C:\Users\Kevin\Downloads\aoe-gravity_dvdscr.part11.rar
2014-03-10 16:02 - 2014-03-10 16:06 - 105906279 _____ () C:\Users\Kevin\Downloads\aoe-gravity_dvdscr.part10.rar
2014-03-10 16:02 - 2014-03-10 16:06 - 105906279 _____ () C:\Users\Kevin\Downloads\aoe-gravity_dvdscr.part09.rar
2014-03-10 16:02 - 2014-03-10 16:06 - 105906279 _____ () C:\Users\Kevin\Downloads\aoe-gravity_dvdscr.part08.rar
2014-03-10 15:43 - 2014-03-10 15:48 - 105906279 _____ () C:\Users\Kevin\Downloads\aoe-gravity_dvdscr.part07.rar
2014-03-10 15:43 - 2014-03-10 15:48 - 105906279 _____ () C:\Users\Kevin\Downloads\aoe-gravity_dvdscr.part06.rar
2014-03-10 15:40 - 2014-03-10 15:47 - 105906279 _____ () C:\Users\Kevin\Downloads\aoe-gravity_dvdscr.part05.rar
2014-03-10 15:40 - 2014-03-10 15:47 - 105906279 _____ () C:\Users\Kevin\Downloads\aoe-gravity_dvdscr.part04.rar
2014-03-10 15:40 - 2014-03-10 15:47 - 105906279 _____ () C:\Users\Kevin\Downloads\aoe-gravity_dvdscr.part03.rar
2014-03-10 15:40 - 2014-03-10 15:47 - 105906279 _____ () C:\Users\Kevin\Downloads\aoe-gravity_dvdscr.part02.rar
2014-03-10 15:40 - 2014-03-10 15:46 - 105906279 _____ () C:\Users\Kevin\Downloads\aoe-gravity_dvdscr.part01.rar
2014-03-10 04:19 - 2014-03-10 04:21 - 00000000 ____D () C:\Users\Kevin\Downloads\Der.Butler.German.DL.2013.AC3.BDRiP.XViD-KOC
2014-03-10 03:43 - 2014-03-10 04:09 - 524288093 _____ () C:\Users\Kevin\Downloads\DBG21A3BRXO.part4.rar
2014-03-10 03:43 - 2014-03-10 04:09 - 524288081 _____ () C:\Users\Kevin\Downloads\DBG21A3BRXO.part3.rar
2014-03-10 03:43 - 2014-03-10 04:09 - 524288057 _____ () C:\Users\Kevin\Downloads\DBG21A3BRXO.part2.rar
2014-03-10 03:43 - 2014-03-10 04:07 - 524288034 _____ () C:\Users\Kevin\Downloads\DBG21A3BRXO.part1.rar
2014-03-10 03:43 - 2014-03-10 03:57 - 222763023 _____ () C:\Users\Kevin\Downloads\DBG21A3BRXO.part5.rar
2014-03-10 03:17 - 2014-03-10 03:34 - 536870912 _____ () C:\Users\Kevin\Downloads\After.Earth.2013-MB.part2.rar
2014-03-10 03:16 - 2014-03-10 03:33 - 536870912 _____ () C:\Users\Kevin\Downloads\After.Earth.2013-MB.part1.rar
2014-03-10 03:16 - 2014-03-10 03:32 - 405353908 _____ () C:\Users\Kevin\Downloads\After.Earth.2013-MB.part3.rar
2014-03-10 03:07 - 2014-03-12 05:32 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-10 03:07 - 2014-03-10 03:07 - 00000000 ____D () C:\Windows\system32\Macromed
2014-03-10 01:02 - 2014-03-13 01:46 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Wudenu
2014-03-10 01:02 - 2014-03-12 23:41 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Onyx
2014-03-09 20:47 - 2014-03-09 20:47 - 00000000 ____D () C:\Users\Kevin\Documents\Thief
2014-03-09 01:52 - 2014-03-09 01:52 - 00000000 ____D () C:\Program Files (x86)\Dungeon Defenders
2014-03-06 14:56 - 2014-03-06 14:56 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-03-06 14:56 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-03-06 14:56 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-03-06 14:56 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-03-06 14:56 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-03-06 14:50 - 2014-03-06 14:50 - 00000000 ____D () C:\Program Files (x86)\Lavalys
2014-03-02 23:41 - 2014-03-02 23:41 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Chromium
2014-03-01 05:39 - 2014-03-12 05:32 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-01 05:39 - 2014-03-01 05:39 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-03-01 04:39 - 2014-03-01 04:39 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Awesomium
2014-03-01 04:38 - 2014-03-01 04:38 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios
2014-03-01 01:02 - 2014-03-01 01:02 - 00003020 _____ () C:\Windows\System32\Tasks\{0AB74374-0385-0807-B05D-5863E26D732D}
2014-02-27 15:30 - 2014-02-27 15:30 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-02-25 23:05 - 2014-03-03 06:39 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Agamdu
2014-02-25 23:05 - 2014-03-03 04:50 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Epymit
2014-02-25 20:11 - 2014-02-25 20:11 - 00001109 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-25 20:11 - 2014-02-25 20:11 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Malwarebytes
2014-02-25 20:11 - 2014-02-25 20:11 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-25 20:11 - 2014-02-25 20:11 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-25 20:11 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-25 20:00 - 2014-02-25 20:00 - 00013787 _____ () C:\Windows\SysWOW64\hs_err_pid3156.log
2014-02-25 19:33 - 2014-02-25 19:40 - 00000000 ____D () C:\Program Files (x86)\GUM9211.tmp
2014-02-25 19:33 - 2014-02-25 19:34 - 49940480 _____ () C:\Program Files (x86)\GUT9212.tmp
2014-02-25 19:33 - 2014-02-25 19:33 - 00019841 _____ () C:\Windows\SysWOW64\hs_err_pid200.log
2014-02-25 17:47 - 2014-02-25 17:47 - 00019830 _____ () C:\Windows\SysWOW64\hs_err_pid1280.log
2014-02-20 13:11 - 2014-02-25 20:25 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Yfucvo
2014-02-20 13:11 - 2014-02-25 20:23 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Osyv
2014-02-19 12:47 - 2014-02-19 12:47 - 00000000 ____D () C:\Program Files\Lenovo
==================== One Month Modified Files and Folders =======
2014-03-13 04:17 - 2014-03-13 04:17 - 00027051 _____ () C:\Users\Kevin\Downloads\FRST.txt
2014-03-13 04:17 - 2014-03-13 03:18 - 00000000 ____D () C:\FRST
2014-03-13 04:16 - 2014-03-13 04:16 - 02157056 _____ (Farbar) C:\Users\Kevin\Downloads\FRST64 (1).exe
2014-03-13 04:15 - 2014-03-13 04:14 - 00000472 _____ () C:\Users\Kevin\Downloads\defogger_disable.log
2014-03-13 04:14 - 2014-03-13 04:14 - 00000000 _____ () C:\Users\Kevin\defogger_reenable
2014-03-13 04:14 - 2013-12-10 14:26 - 00000000 ____D () C:\Users\Kevin
2014-03-13 04:12 - 2014-03-13 04:12 - 00050477 _____ () C:\Users\Kevin\Downloads\Defogger.exe
2014-03-13 04:10 - 2014-03-13 04:06 - 00002794 _____ () C:\Users\Kevin\Desktop\Neues Textdokument (2).txt
2014-03-13 03:36 - 2009-07-14 05:45 - 00013536 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-13 03:36 - 2009-07-14 05:45 - 00013536 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-13 03:29 - 2013-12-10 15:04 - 00000557 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-03-13 03:28 - 2014-03-13 03:09 - 00000112 _____ () C:\Windows\setupact.log
2014-03-13 03:28 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-13 03:17 - 2014-03-13 03:17 - 02157056 _____ (Farbar) C:\Users\Kevin\Downloads\FRST64.exe
2014-03-13 03:09 - 2014-03-13 03:09 - 00084668 _____ () C:\Windows\PFRO.log
2014-03-13 03:09 - 2014-03-13 03:09 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-13 03:09 - 2009-07-14 01:20 - 00000000 __SHD () C:\Users\Kevin\AppData\Roaming\brjhugsc
2014-03-13 03:07 - 2013-12-10 15:14 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Battle.net
2014-03-13 02:32 - 2014-01-18 15:59 - 00000000 ____D () C:\Users\Kevin\Desktop\Sc
2014-03-13 02:32 - 2013-12-10 14:51 - 00000000 ____D () C:\Users\Kevin\Desktop\Spiele
2014-03-13 02:32 - 2013-12-10 14:51 - 00000000 ____D () C:\Users\Kevin\Desktop\Programme
2014-03-13 02:30 - 2014-01-18 21:04 - 00003334 _____ () C:\Windows\System32\Tasks\{96E09B51-3767-4369-B365-95C572CD4F5D}
2014-03-13 02:14 - 2014-03-13 02:14 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Avira
2014-03-13 02:13 - 2014-03-13 02:09 - 00000000 ____D () C:\ProgramData\Avira
2014-03-13 02:13 - 2014-03-13 02:09 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-03-13 02:10 - 2014-03-13 02:05 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F869E1D1-5B82-488D-9FEB-12FCC8122624}
2014-03-13 02:09 - 2014-03-13 02:09 - 00000400 _____ () C:\Windows\WindowsUpdate.log
2014-03-13 02:09 - 2013-12-10 14:41 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-13 02:08 - 2013-12-26 02:45 - 00000000 ____D () C:\Users\Kevin\AppData\Local\LogMeIn Hamachi
2014-03-13 02:08 - 2013-12-10 15:07 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\TS3Client
2014-03-13 01:58 - 2013-12-11 12:56 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-03-13 01:57 - 2013-12-10 21:00 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-03-13 01:46 - 2014-03-10 01:02 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Wudenu
2014-03-13 01:41 - 2014-01-29 18:21 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Microsoft Games
2014-03-12 23:53 - 2009-07-14 18:58 - 00700562 _____ () C:\Windows\system32\perfh007.dat
2014-03-12 23:53 - 2009-07-14 18:58 - 00149462 _____ () C:\Windows\system32\perfc007.dat
2014-03-12 23:53 - 2009-07-14 06:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-12 23:41 - 2014-03-10 01:02 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Onyx
2014-03-12 23:31 - 2013-12-11 16:36 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Skype
2014-03-12 22:55 - 2013-12-11 00:01 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\vlc
2014-03-12 05:32 - 2014-03-10 03:07 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 05:32 - 2014-03-01 05:39 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-10 22:54 - 2013-12-27 04:57 - 00000000 ____D () C:\Users\Kevin\Downloads\2.Harry.Potter.und.die.Kammer.des.Schreckens-23thstreet
2014-03-10 16:06 - 2014-03-10 16:02 - 86944409 _____ () C:\Users\Kevin\Downloads\aoe-gravity_dvdscr.part11.rar
2014-03-10 16:06 - 2014-03-10 16:02 - 105906279 _____ () C:\Users\Kevin\Downloads\aoe-gravity_dvdscr.part10.rar
2014-03-10 16:06 - 2014-03-10 16:02 - 105906279 _____ () C:\Users\Kevin\Downloads\aoe-gravity_dvdscr.part09.rar
2014-03-10 16:06 - 2014-03-10 16:02 - 105906279 _____ () C:\Users\Kevin\Downloads\aoe-gravity_dvdscr.part08.rar
2014-03-10 15:48 - 2014-03-10 15:43 - 105906279 _____ () C:\Users\Kevin\Downloads\aoe-gravity_dvdscr.part07.rar
2014-03-10 15:48 - 2014-03-10 15:43 - 105906279 _____ () C:\Users\Kevin\Downloads\aoe-gravity_dvdscr.part06.rar
2014-03-10 15:47 - 2014-03-10 15:40 - 105906279 _____ () C:\Users\Kevin\Downloads\aoe-gravity_dvdscr.part05.rar
2014-03-10 15:47 - 2014-03-10 15:40 - 105906279 _____ () C:\Users\Kevin\Downloads\aoe-gravity_dvdscr.part04.rar
2014-03-10 15:47 - 2014-03-10 15:40 - 105906279 _____ () C:\Users\Kevin\Downloads\aoe-gravity_dvdscr.part03.rar
2014-03-10 15:47 - 2014-03-10 15:40 - 105906279 _____ () C:\Users\Kevin\Downloads\aoe-gravity_dvdscr.part02.rar
2014-03-10 15:46 - 2014-03-10 15:40 - 105906279 _____ () C:\Users\Kevin\Downloads\aoe-gravity_dvdscr.part01.rar
2014-03-10 15:40 - 2013-12-10 14:42 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-03-10 04:21 - 2014-03-10 04:19 - 00000000 ____D () C:\Users\Kevin\Downloads\Der.Butler.German.DL.2013.AC3.BDRiP.XViD-KOC
2014-03-10 04:09 - 2014-03-10 03:43 - 524288093 _____ () C:\Users\Kevin\Downloads\DBG21A3BRXO.part4.rar
2014-03-10 04:09 - 2014-03-10 03:43 - 524288081 _____ () C:\Users\Kevin\Downloads\DBG21A3BRXO.part3.rar
2014-03-10 04:09 - 2014-03-10 03:43 - 524288057 _____ () C:\Users\Kevin\Downloads\DBG21A3BRXO.part2.rar
2014-03-10 04:07 - 2014-03-10 03:43 - 524288034 _____ () C:\Users\Kevin\Downloads\DBG21A3BRXO.part1.rar
2014-03-10 03:57 - 2014-03-10 03:43 - 222763023 _____ () C:\Users\Kevin\Downloads\DBG21A3BRXO.part5.rar
2014-03-10 03:34 - 2014-03-10 03:17 - 536870912 _____ () C:\Users\Kevin\Downloads\After.Earth.2013-MB.part2.rar
2014-03-10 03:33 - 2014-03-10 03:16 - 536870912 _____ () C:\Users\Kevin\Downloads\After.Earth.2013-MB.part1.rar
2014-03-10 03:32 - 2014-03-10 03:16 - 405353908 _____ () C:\Users\Kevin\Downloads\After.Earth.2013-MB.part3.rar
2014-03-10 03:07 - 2014-03-10 03:07 - 00000000 ____D () C:\Windows\system32\Macromed
2014-03-09 20:47 - 2014-03-09 20:47 - 00000000 ____D () C:\Users\Kevin\Documents\Thief
2014-03-09 01:52 - 2014-03-09 01:52 - 00000000 ____D () C:\Program Files (x86)\Dungeon Defenders
2014-03-07 17:31 - 2013-12-10 15:14 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Battle.net
2014-03-07 05:29 - 2013-12-11 23:03 - 00000596 _____ () C:\Users\Kevin\Desktop\Neues Textdokument.txt
2014-03-06 14:56 - 2014-03-06 14:56 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-03-06 14:56 - 2013-12-10 21:03 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-06 14:56 - 2013-12-10 21:03 - 00000000 ____D () C:\Program Files (x86)\Java
2014-03-06 14:50 - 2014-03-06 14:50 - 00000000 ____D () C:\Program Files (x86)\Lavalys
2014-03-03 06:39 - 2014-02-25 23:05 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Agamdu
2014-03-03 04:50 - 2014-02-25 23:05 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Epymit
2014-03-02 23:41 - 2014-03-02 23:41 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Chromium
2014-03-01 06:02 - 2013-12-29 00:48 - 00000000 ____D () C:\Users\Kevin\Documents\my games
2014-03-01 05:39 - 2014-03-01 05:39 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-03-01 04:39 - 2014-03-01 04:39 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Awesomium
2014-03-01 04:38 - 2014-03-01 04:38 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios
2014-03-01 04:38 - 2013-12-10 14:30 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-01 01:02 - 2014-03-01 01:02 - 00003020 _____ () C:\Windows\System32\Tasks\{0AB74374-0385-0807-B05D-5863E26D732D}
2014-02-27 20:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-27 15:30 - 2014-02-27 15:30 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-02-25 21:15 - 2013-12-17 01:14 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Yjquxu
2014-02-25 20:25 - 2014-02-20 13:11 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Yfucvo
2014-02-25 20:25 - 2013-12-10 14:27 - 00000000 ___RD () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-25 20:23 - 2014-02-20 13:11 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Osyv
2014-02-25 20:11 - 2014-02-25 20:11 - 00001109 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-25 20:11 - 2014-02-25 20:11 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Malwarebytes
2014-02-25 20:11 - 2014-02-25 20:11 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-25 20:11 - 2014-02-25 20:11 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-25 20:00 - 2014-02-25 20:00 - 00013787 _____ () C:\Windows\SysWOW64\hs_err_pid3156.log
2014-02-25 19:40 - 2014-02-25 19:33 - 00000000 ____D () C:\Program Files (x86)\GUM9211.tmp
2014-02-25 19:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-02-25 19:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-02-25 19:34 - 2014-02-25 19:33 - 49940480 _____ () C:\Program Files (x86)\GUT9212.tmp
2014-02-25 19:34 - 2013-12-10 14:33 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-25 19:33 - 2014-02-25 19:33 - 00019841 _____ () C:\Windows\SysWOW64\hs_err_pid200.log
2014-02-25 19:33 - 2013-12-10 14:32 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Deployment
2014-02-25 19:25 - 2014-01-21 23:30 - 00000000 ____D () C:\Windows\Minidump
2014-02-25 19:25 - 2013-12-10 14:15 - 00000000 ____D () C:\Windows\Panther
2014-02-25 17:47 - 2014-02-25 17:47 - 00019830 _____ () C:\Windows\SysWOW64\hs_err_pid1280.log
2014-02-25 11:41 - 2014-03-13 02:13 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-02-25 11:41 - 2014-03-13 02:13 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-02-25 11:41 - 2014-03-13 02:13 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-02-21 10:21 - 2014-03-11 00:31 - 00000000 ____D () C:\Users\Kevin\Downloads\Plague.Inc.Evolved.Early.Access.Cracked-3DM
2014-02-19 12:47 - 2014-02-19 12:47 - 00000000 ____D () C:\Program Files\Lenovo
2014-02-17 15:57 - 2013-12-10 14:31 - 00001491 _____ () C:\Users\Kevin\Desktop\W-Lan Code.txt
2014-02-16 22:50 - 2013-12-15 18:21 - 00281392 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-02-16 22:50 - 2013-12-11 12:55 - 00281392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
Some content of TEMP:
====================
C:\Users\Kevin\AppData\Local\Temp\avgnt.exe
C:\Users\Kevin\AppData\Local\Temp\riftuninstall.exe
C:\Users\Kevin\AppData\Local\Temp\Uninstaller-7636.exe
C:\Users\Kevin\AppData\Local\Temp\VSUSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2009-07-14 00:20] - [2009-07-14 02:45] - 0294992 ____A () D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\Drivers\volsnap.sys No Company Name <===== ATTENTION!
testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!
LastRegBack: 2014-02-28 00:40
==================== End Of Log ============================
Addition.txt: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-03-2014 01
Ran by Kevin at 2014-03-13 04:19:00
Running from C:\Users\Kevin\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader 9.1 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 13.15.100.31008 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1008.932.15229 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{5AE0838D-19B1-5D12-5FE8-E6503B2C8716}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2013.1008.932.15229 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.81008.0920 - Advanced Micro Devices, Inc.) Hidden
Assassin’s Creed® III (HKLM-x32\...\Steam App 208480) (Version: - Ubisoft Montreal)
Avira (HKLM-x32\...\{b0281a65-bf49-4b99-9ba4-8bd5acf46421}) (Version: 1.0.5179.26566 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.0.5179.26566 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Awesomenauts (HKLM-x32\...\Steam App 204300) (Version: - Ronimo Games)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bloodline Champions (HKLM-x32\...\Steam App 6370) (Version: - Stunlock Studios)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version: - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - )
CanoScan LiDE 210 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4809) (Version: - Canon Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.20 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Darksiders II (HKLM-x32\...\Darksiders II_is1) (Version: - )
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dota 2 Test (HKLM-x32\...\Steam App 205790) (Version: - )
Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version: - Trendy Entertainment)
Edimax Wireless LAN Driver and Utility (HKLM-x32\...\{9C049499-055C-4a0c-A916-1D12314F45EB}) (Version: 1.00.0165 - )
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.117 - Google Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Lenovo USB driver (HKLM\...\Lenovo USB Driver_is1) (Version: V1.0 - Lenovo)
Logitech Gaming Software (Version: 8.30.86 - Logitech Inc.) Hidden
Logitech Gaming Software 8.30 (HKLM\...\Logitech Gaming Software) (Version: 8.30.86 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.173 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.173 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.5.2.1549 - Native Instruments)
Native Instruments Service Center (Version: 2.5.2.1549 - Native Instruments) Hidden
Native Instruments Supercharger (HKLM-x32\...\Native Instruments Supercharger) (Version: 1.1.0.418 - Native Instruments)
Native Instruments Supercharger (Version: 1.1.0.418 - Native Instruments) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.1 - Power Software Ltd)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
R.U.S.E (HKLM-x32\...\Steam App 21970) (Version: - Eugen Systems)
Razer Nostromo (HKLM-x32\...\{0214578F-4888-43FB-9E34-C14FCFDEDDEB}) (Version: 2.02.08 - Razer USA Ltd.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.18.322.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6093 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SkyDrift (HKLM-x32\...\Steam App 91100) (Version: - Digital Reality)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 0.1.1989.5 - Hi-Rez Studios)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
TEdit 3 (HKLM-x32\...\{F015942F-C1BD-4297-A8A4-C0B8D42B39C5}) (Version: 3.4.13358.0 - BinaryConstruct)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
Transformers: Fall of Cybertron (HKLM-x32\...\Steam App 213120) (Version: - Mercenary Technologies)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VLC media player 2.0.2 (HKLM\...\VLC media player) (Version: 2.0.2 - VideoLAN)
Warhammer® 40,000™: Dawn of War® II – Retribution™ (HKLM-x32\...\Steam App 56400) (Version: - Relic Entertainment)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
==================== Restore Points =========================
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {348B7B85-BF52-460A-AEF1-19D8F097C353} - System32\Tasks\{0AB74374-0385-0807-B05D-5863E26D732D} => C:\Users\Kevin\AppData\Roaming\.minecraft\saves\ruehrqh.exe [2014-03-04] ()
==================== Loaded Modules (whitelisted) =============
2009-07-14 00:19 - 2009-07-14 02:40 - 00043520 _____ () C:\Windows\system32\CSRSRV.dll
2009-07-14 00:19 - 2009-07-14 02:41 - 00036864 _____ () C:\Windows\system32\pcwum.dll
2009-07-14 00:19 - 2009-07-14 02:41 - 00036864 _____ () c:\windows\system32\pcwum.DLL
2009-07-14 00:19 - 2009-07-14 02:41 - 00036864 _____ () C:\Windows\System32\pcwum.dll
2009-07-14 00:19 - 2009-07-14 02:41 - 00036864 _____ () c:\windows\system32\pcwum.dll
2013-10-08 09:35 - 2013-10-08 09:35 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-10-22 14:41 - 2012-10-22 14:41 - 00749056 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-10-22 14:42 - 2012-10-22 14:42 - 03645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2013-10-08 09:34 - 2013-10-08 09:34 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-12-11 12:55 - 2013-12-15 18:21 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-10-08 09:34 - 2013-10-08 09:34 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-03-13 02:13 - 2014-02-25 11:41 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-03-07 14:47 - 2014-03-07 14:47 - 00111696 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2009-07-14 00:19 - 2009-07-14 02:41 - 00036864 _____ () C:\Windows\system32\pcwum.DLL
2014-03-07 14:48 - 2014-03-07 14:48 - 00061520 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-01-02 00:17 - 2014-01-02 00:17 - 00016896 _____ () C:\Users\Kevin\AppData\Local\UZRmedia\Hidnet24.dll
2014-03-13 02:14 - 2014-03-07 14:48 - 00049744 _____ () C:\Users\Kevin\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2013-12-10 14:30 - 2009-12-09 21:20 - 00126976 _____ () C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\EnumDevLib.dll
2014-02-25 19:33 - 2014-02-20 02:02 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\chrome_elf.dll
2014-02-25 19:33 - 2014-02-20 02:02 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\libglesv2.dll
2014-02-25 19:33 - 2014-02-20 02:02 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\libegl.dll
2014-02-25 19:33 - 2014-02-20 02:03 - 04060488 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\pdf.dll
2014-02-25 19:33 - 2014-02-20 02:03 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll
2014-02-25 19:33 - 2014-02-20 02:02 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ffmpegsumo.dll
2014-02-25 19:33 - 2014-02-20 02:03 - 13632840 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: Microsoft-Adapter für Miniports virtueller WiFis
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/13/2014 03:34:47 AM) (Source: Application Hang) (User: )
Description: Programm FRST64.exe, Version 3.3.10.2 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1598
Startzeit: 01cf3e64c3b5409f
Endzeit: 9
Anwendungspfad: C:\Users\Kevin\Downloads\FRST64.exe
Berichts-ID: 086c05ac-aa58-11e3-8b8e-82ffc1deec15
Error: (03/13/2014 03:18:00 AM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "Error calling CreateFile on volume '\\?\Volume{453bb823-619d-11e3-bb3a-806e6f6e6963}\'" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Vorgang:
Überprüfen, ob das Volume vom Anbieter unterstützt wird
Volume einem Schattenkopiesatz hinzufügen
Kontext:
Ausführungskontext: Coordinator
Anbieter-ID: {00000000-0000-0000-0000-000000000000}
Volumename: C:\
Ausführungskontext: Coordinator
Error: (03/13/2014 03:17:21 AM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "Error calling CreateFile on volume '\\?\Volume{453bb823-619d-11e3-bb3a-806e6f6e6963}\'" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Vorgang:
Überprüfen, ob das Volume vom Anbieter unterstützt wird
Volume einem Schattenkopiesatz hinzufügen
Kontext:
Ausführungskontext: Coordinator
Anbieter-ID: {00000000-0000-0000-0000-000000000000}
Volumename: C:\
Ausführungskontext: Coordinator
Error: (03/13/2014 03:16:52 AM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "Error calling CreateFile on volume '\\?\Volume{453bb823-619d-11e3-bb3a-806e6f6e6963}\'" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Vorgang:
Überprüfen, ob das Volume vom Anbieter unterstützt wird
Volume einem Schattenkopiesatz hinzufügen
Kontext:
Ausführungskontext: Coordinator
Anbieter-ID: {00000000-0000-0000-0000-000000000000}
Volumename: C:\
Ausführungskontext: Coordinator
Error: (03/13/2014 03:16:51 AM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "Error calling CreateFile on volume '\\?\Volume{453bb823-619d-11e3-bb3a-806e6f6e6963}\'" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Vorgang:
Überprüfen, ob das Volume vom Anbieter unterstützt wird
Volume einem Schattenkopiesatz hinzufügen
Kontext:
Ausführungskontext: Coordinator
Anbieter-ID: {00000000-0000-0000-0000-000000000000}
Volumename: C:\
Ausführungskontext: Coordinator
Error: (03/13/2014 03:16:51 AM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "Error calling CreateFile on volume '\\?\Volume{453bb823-619d-11e3-bb3a-806e6f6e6963}\'" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Vorgang:
Überprüfen, ob das Volume vom Anbieter unterstützt wird
Volume einem Schattenkopiesatz hinzufügen
Kontext:
Ausführungskontext: Coordinator
Anbieter-ID: {00000000-0000-0000-0000-000000000000}
Volumename: C:\
Ausführungskontext: Coordinator
Error: (03/13/2014 03:16:40 AM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "Error calling CreateFile on volume '\\?\Volume{453bb823-619d-11e3-bb3a-806e6f6e6963}\'" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Vorgang:
Überprüfen, ob das Volume vom Anbieter unterstützt wird
Volume einem Schattenkopiesatz hinzufügen
Kontext:
Ausführungskontext: Coordinator
Anbieter-ID: {00000000-0000-0000-0000-000000000000}
Volumename: C:\
Ausführungskontext: Coordinator
Error: (03/13/2014 03:16:39 AM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "Error calling CreateFile on volume '\\?\Volume{453bb823-619d-11e3-bb3a-806e6f6e6963}\'" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Vorgang:
Überprüfen, ob das Volume vom Anbieter unterstützt wird
Volume einem Schattenkopiesatz hinzufügen
Kontext:
Ausführungskontext: Coordinator
Anbieter-ID: {00000000-0000-0000-0000-000000000000}
Volumename: C:\
Ausführungskontext: Coordinator
Error: (03/13/2014 03:16:35 AM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "Error calling CreateFile on volume '\\?\Volume{453bb823-619d-11e3-bb3a-806e6f6e6963}\'" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Vorgang:
Überprüfen, ob das Volume vom Anbieter unterstützt wird
Volume einem Schattenkopiesatz hinzufügen
Kontext:
Ausführungskontext: Coordinator
Anbieter-ID: {00000000-0000-0000-0000-000000000000}
Volumename: C:\
Ausführungskontext: Coordinator
Error: (03/13/2014 03:15:35 AM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "Error calling CreateFile on volume '\\?\Volume{453bb823-619d-11e3-bb3a-806e6f6e6963}\'" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Vorgang:
Überprüfen, ob das Volume vom Anbieter unterstützt wird
Volume einem Schattenkopiesatz hinzufügen
Kontext:
Ausführungskontext: Coordinator
Anbieter-ID: {00000000-0000-0000-0000-000000000000}
Volumename: C:\
Ausführungskontext: Coordinator
System errors:
=============
Error: (03/13/2014 04:05:39 AM) (Source: ipnathlp) (User: )
Description:
Error: (03/13/2014 03:53:32 AM) (Source: ipnathlp) (User: )
Description:
Error: (03/13/2014 03:34:25 AM) (Source: ipnathlp) (User: )
Description:
Error: (03/13/2014 03:30:11 AM) (Source: ipnathlp) (User: )
Description: 0
Error: (03/13/2014 03:29:33 AM) (Source: ipnathlp) (User: )
Description:
Error: (03/13/2014 03:29:28 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
avipbb
avkmgr
Error: (03/13/2014 03:28:37 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "avgntflt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%31
Error: (03/13/2014 03:20:49 AM) (Source: ipnathlp) (User: )
Description:
Error: (03/13/2014 03:15:05 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "avipbb" wurde aufgrund folgenden Fehlers nicht gestartet:
%%31
Error: (03/13/2014 03:13:42 AM) (Source: ipnathlp) (User: )
Description:
Microsoft Office Sessions:
=========================
Error: (03/13/2014 03:34:47 AM) (Source: Application Hang)(User: )
Description: FRST64.exe3.3.10.2159801cf3e64c3b5409f9C:\Users\Kevin\Downloads\FRST64.exe086c05ac-aa58-11e3-8b8e-82ffc1deec15
Error: (03/13/2014 03:18:00 AM) (Source: VSS)(User: )
Description: Error calling CreateFile on volume '\\?\Volume{453bb823-619d-11e3-bb3a-806e6f6e6963}\'0x80070005, Zugriff verweigert
Vorgang:
Überprüfen, ob das Volume vom Anbieter unterstützt wird
Volume einem Schattenkopiesatz hinzufügen
Kontext:
Ausführungskontext: Coordinator
Anbieter-ID: {00000000-0000-0000-0000-000000000000}
Volumename: C:\
Ausführungskontext: Coordinator
Error: (03/13/2014 03:17:21 AM) (Source: VSS)(User: )
Description: Error calling CreateFile on volume '\\?\Volume{453bb823-619d-11e3-bb3a-806e6f6e6963}\'0x80070005, Zugriff verweigert
Vorgang:
Überprüfen, ob das Volume vom Anbieter unterstützt wird
Volume einem Schattenkopiesatz hinzufügen
Kontext:
Ausführungskontext: Coordinator
Anbieter-ID: {00000000-0000-0000-0000-000000000000}
Volumename: C:\
Ausführungskontext: Coordinator
Error: (03/13/2014 03:16:52 AM) (Source: VSS)(User: )
Description: Error calling CreateFile on volume '\\?\Volume{453bb823-619d-11e3-bb3a-806e6f6e6963}\'0x80070005, Zugriff verweigert
Vorgang:
Überprüfen, ob das Volume vom Anbieter unterstützt wird
Volume einem Schattenkopiesatz hinzufügen
Kontext:
Ausführungskontext: Coordinator
Anbieter-ID: {00000000-0000-0000-0000-000000000000}
Volumename: C:\
Ausführungskontext: Coordinator
Error: (03/13/2014 03:16:51 AM) (Source: VSS)(User: )
Description: Error calling CreateFile on volume '\\?\Volume{453bb823-619d-11e3-bb3a-806e6f6e6963}\'0x80070005, Zugriff verweigert
Vorgang:
Überprüfen, ob das Volume vom Anbieter unterstützt wird
Volume einem Schattenkopiesatz hinzufügen
Kontext:
Ausführungskontext: Coordinator
Anbieter-ID: {00000000-0000-0000-0000-000000000000}
Volumename: C:\
Ausführungskontext: Coordinator
Error: (03/13/2014 03:16:51 AM) (Source: VSS)(User: )
Description: Error calling CreateFile on volume '\\?\Volume{453bb823-619d-11e3-bb3a-806e6f6e6963}\'0x80070005, Zugriff verweigert
Vorgang:
Überprüfen, ob das Volume vom Anbieter unterstützt wird
Volume einem Schattenkopiesatz hinzufügen
Kontext:
Ausführungskontext: Coordinator
Anbieter-ID: {00000000-0000-0000-0000-000000000000}
Volumename: C:\
Ausführungskontext: Coordinator
Error: (03/13/2014 03:16:40 AM) (Source: VSS)(User: )
Description: Error calling CreateFile on volume '\\?\Volume{453bb823-619d-11e3-bb3a-806e6f6e6963}\'0x80070005, Zugriff verweigert
Vorgang:
Überprüfen, ob das Volume vom Anbieter unterstützt wird
Volume einem Schattenkopiesatz hinzufügen
Kontext:
Ausführungskontext: Coordinator
Anbieter-ID: {00000000-0000-0000-0000-000000000000}
Volumename: C:\
Ausführungskontext: Coordinator
Error: (03/13/2014 03:16:39 AM) (Source: VSS)(User: )
Description: Error calling CreateFile on volume '\\?\Volume{453bb823-619d-11e3-bb3a-806e6f6e6963}\'0x80070005, Zugriff verweigert
Vorgang:
Überprüfen, ob das Volume vom Anbieter unterstützt wird
Volume einem Schattenkopiesatz hinzufügen
Kontext:
Ausführungskontext: Coordinator
Anbieter-ID: {00000000-0000-0000-0000-000000000000}
Volumename: C:\
Ausführungskontext: Coordinator
Error: (03/13/2014 03:16:35 AM) (Source: VSS)(User: )
Description: Error calling CreateFile on volume '\\?\Volume{453bb823-619d-11e3-bb3a-806e6f6e6963}\'0x80070005, Zugriff verweigert
Vorgang:
Überprüfen, ob das Volume vom Anbieter unterstützt wird
Volume einem Schattenkopiesatz hinzufügen
Kontext:
Ausführungskontext: Coordinator
Anbieter-ID: {00000000-0000-0000-0000-000000000000}
Volumename: C:\
Ausführungskontext: Coordinator
Error: (03/13/2014 03:15:35 AM) (Source: VSS)(User: )
Description: Error calling CreateFile on volume '\\?\Volume{453bb823-619d-11e3-bb3a-806e6f6e6963}\'0x80070005, Zugriff verweigert
Vorgang:
Überprüfen, ob das Volume vom Anbieter unterstützt wird
Volume einem Schattenkopiesatz hinzufügen
Kontext:
Ausführungskontext: Coordinator
Anbieter-ID: {00000000-0000-0000-0000-000000000000}
Volumename: C:\
Ausführungskontext: Coordinator
CodeIntegrity Errors:
===================================
Date: 2014-03-06 14:50:51.941
Description: N/A
Date: 2014-03-06 14:50:51.937
Description: N/A
Date: 2014-03-06 14:50:51.256
Description: N/A
Date: 2014-03-06 14:50:51.252
Description: N/A
Date: 2014-01-02 10:43:14.886
Description: N/A
Date: 2014-01-02 10:43:14.863
Description: N/A
==================== Memory info ===========================
Percentage of memory in use: 32%
Total physical RAM: 8191.11 MB
Available physical RAM: 5501.02 MB
Total Pagefile: 16380.38 MB
Available Pagefile: 13158.88 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:186.21 GB) (Free:112.59 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:931.51 GB) (Free:601.78 GB) NTFS
Drive e: (NCIS 422-508) (CDROM) (Total:3.76 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 06CA3123)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 186 GB) (Disk ID: FFFFFFFF)
Partition: GPT Partition Type.
==================== End Of Log ============================
- 1) Als erstes hat er mit folgende Meldung angezeigt: Zitat:
 Dabei heraus kam diese Meldung:  Der Log vom Programm hänge ich jetzt an. Dies müssten alle Vorgehensweisen sein und ich hoffe, das ich nichts vergessen habe. Freue mich schon Rückmeldung und hoffe sehr, dass ihr mir helfen könnt. MfG Hahpuh Geändert von Hahpuh (13.03.2014 um 05:10 Uhr) |
| Themen zu Windows 7: Verdacht auf Trojaner (Probleme über Probleme) |
| 4d36e972-e325-11ce-bfc1-08002be10318, antivirus, branding, computer, desktop, dxgkrnl, fehler, flash player, help, homepage, installation, langsam, launch, mobogenie, mobogenie entfernen, realtek, registry, rootkit, scan, security, software, spielen, svchost.exe, system, taskmanager, teamspeak, tunnel, usb, win32/boaxxe.be, win32/packed.vmprotect.abd, win32/sefnit.cw |
Baum-Darstellung