Windows fährt alle 60min automatisch herunter?
Hallo
Ich habe seit einiger Zeit ein großes Problem mit meinem Rechner. Er fährt alle ungefähr 60 min automatisch herunter. In den Energieoptionen ist alles normal eingestellt, also das er nicht herunterfährt. Was mir aufgefallen ist das im Ereignisprotokoll ziemlich oft ereignis id: 219 (kernel-pnp) kommt. Ich komm nicht mehr weiter und bitte hier dringendst um eure Hilfe.
Ich habe diese anleitung ''erste Schritte zur Hilfe'' durchgeführt und hier sind die ersten Logfiles. Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-02-04 18:23:37
Windows 6.2.9200 x64 \Device\Harddisk1\DR1 -> \Device\00000038 Corsair_Force_3_SSD rev.1.3.3 111,79GB
Running: Gmer-19357.exe; Driver: C:\Users\MB\AppData\Local\Temp\awtdqpow.sys
---- User code sections - GMER 2.1 ----
.text C:\WINDOWS\system32\dwm.exe[828] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffb8b69169a 4 bytes [69, 8B, FB, 7F]
.text C:\WINDOWS\system32\dwm.exe[828] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffb8b6916a2 4 bytes [69, 8B, FB, 7F]
.text C:\WINDOWS\system32\dwm.exe[828] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffb8b69181a 4 bytes [69, 8B, FB, 7F]
.text C:\WINDOWS\system32\dwm.exe[828] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffb8b691832 4 bytes [69, 8B, FB, 7F]
.text C:\WINDOWS\system32\nvvsvc.exe[940] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffb8b69169a 4 bytes [69, 8B, FB, 7F]
.text C:\WINDOWS\system32\nvvsvc.exe[940] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffb8b6916a2 4 bytes [69, 8B, FB, 7F]
.text C:\WINDOWS\system32\nvvsvc.exe[940] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffb8b69181a 4 bytes [69, 8B, FB, 7F]
.text C:\WINDOWS\system32\nvvsvc.exe[940] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffb8b691832 4 bytes [69, 8B, FB, 7F]
.text C:\WINDOWS\Explorer.EXE[1560] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffb8b69169a 4 bytes [69, 8B, FB, 7F]
.text C:\WINDOWS\Explorer.EXE[1560] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffb8b6916a2 4 bytes [69, 8B, FB, 7F]
.text C:\WINDOWS\Explorer.EXE[1560] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffb8b69181a 4 bytes [69, 8B, FB, 7F]
.text C:\WINDOWS\Explorer.EXE[1560] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffb8b691832 4 bytes [69, 8B, FB, 7F]
---- Threads - GMER 2.1 ----
Thread C:\WINDOWS\system32\csrss.exe [524:548] fffff9600097d4d0
Thread C:\WINDOWS\Explorer.EXE [1560:3956] 00007ffb7b66d6bc
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [2024:1624] 00007ffb89ac81b0
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@SystemStartTime 0xC4 0xAA 0x27 0x03 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@CMFStartTime 0x83 0xDE 0x27 0x03 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@CMFLastStartTime 0x3A 0x07 0xD7 0x7D ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@SystemLastStartTime 0xA9 0x7F 0xD6 0x7D ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData\BootLanguages@de-DE 55
Reg HKLM\SYSTEM\CurrentControlSet\Control\GraphicsDrivers\Configuration\GSM000116843009_01_07DB_E2*BNQ785EM9B01359SL000_26_07DB_10^F377E13FA8AC1E7E2A9537F9C3A0824E@Timestamp 0x69 0xD3 0xE4 0x03 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\Lsa@LsaPid 584
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{F4C0B258-D841-4763-877F-BCA6939D4BC5}\Connection@Name isatap.{5724FB20-3D11-406B-B433-0720176246AE}
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Executive@UuidSequenceNumber 3900034
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed -405611264
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters@BootId 57
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters@BaseTime 403469468
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@POSTTime 26029
Reg HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server@InstanceID ea87a2d1-626f-496a-88e7-434f09a
Reg HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologger\AITEventLog@FileCounter 3
Reg HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologger\SQMLogger@FileCounter 7
Reg HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologger\WdiContextLog@FileCounter 3
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0026832f19ca
Reg HKLM\SYSTEM\CurrentControlSet\Services\bthserv\Parameters\BluetoothControlPanelTasks@State 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\Probe\{17a5dad6-d97c-4be6-8954-926f40595efc}@LastProbeTime 1391463581
Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{F4C0B258-D841-4763-877F-BCA6939D4BC5}@InterfaceName isatap.{5724FB20-3D11-406B-B433-0720176246AE}
Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{F4C0B258-D841-4763-877F-BCA6939D4BC5}@ReusableType 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{F4C0B258-D841-4763-877F-BCA6939D4BC5}@DefunctTimestamp 0x7B 0xFE 0xEF 0x52 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Teredo\PreviousState\ac-e8-7b-8d-3a-02@AddressCreationTimestamp 0x94 0x8F 0x00 0x09 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Teredo\PreviousState\ac-e8-7b-8d-3a-02@ClientLocalPort 61228
Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Teredo\PreviousState\ac-e8-7b-8d-3a-02@TeredoAddress 2001:0:5ef5:79fd:2c78:781f:b288:7b6b
Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Teredo\PreviousState\ac-e8-7b-8d-3a-02@UPnPExternalPort 61228
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch 3282
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch 876
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In v2.22|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|LPort=3587|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\system32\svchost.exe|Svc=p2psvc|Name=@%systemroot%\system32\provsvc.dll,-200|Desc=@%systemroot%\system32\provsvc.dll,-201|EmbedCtxt=@%systemroot%\system32\provsvc.dll,-202|
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out v2.22|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Private|RPort=3587|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\system32\svchost.exe|Svc=p2psvc|Name=@%systemroot%\system32\provsvc.dll,-203|Desc=@%systemroot%\system32\provsvc.dll,-204|EmbedCtxt=@%systemroot%\system32\provsvc.dll,-202|
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In v2.22|Action=Allow|Active=FALSE|Dir=In|Protocol=17|Profile=Private|LPort=3540|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\system32\svchost.exe|Svc=pnrpsvc|Name=@%systemroot%\system32\provsvc.dll,-205|Desc=@%systemroot%\system32\provsvc.dll,-206|EmbedCtxt=@%systemroot%\system32\provsvc.dll,-202|
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules@Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out v2.22|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Private|RPort=3540|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\system32\svchost.exe|Svc=pnrpsvc|Name=@%systemroot%\system32\provsvc.dll,-207|Desc=@%systemroot%\system32\provsvc.dll,-208|EmbedCtxt=@%systemroot%\system32\provsvc.dll,-202|
Reg HKLM\SYSTEM\CurrentControlSet\Services\srvnet\Parameters@MajorSequence 56
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{5724FB20-3D11-406B-B433-0720176246AE}@LeaseObtainedTime 1391459966
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{5724FB20-3D11-406B-B433-0720176246AE}@T1 1391503166
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{5724FB20-3D11-406B-B433-0720176246AE}@T2 1391535566
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{5724FB20-3D11-406B-B433-0720176246AE}@LeaseTerminatesTime 1391546366
Reg HKLM\SYSTEM\CurrentControlSet\Services\Winmgmt\Parameters@ServiceDllUnloadOnStop 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shutdown@CleanShutdown 1
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\ImmersiveShell\StateStore@ProcessedPackageStateChangeVersion 592
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\PushNotifications@MobileBroadbandLastResetDate 0x18 0x27 0x5A 0x05 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Store@LastTileRefresh 0x21 0x0F 0x81 0xA0 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Store\RefreshBannedAppList@BannedAppsLastModified 0x80 0x17 0xB8 0xED ...
Reg HKCU\Software\Microsoft\Windows\Windows Error Reporting\Debug@StoreLocation C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Kernel_144_9d3dbb8252aced9f8d7b519936909be51a4cde12_00000000_cab_01190753
---- EOF - GMER 2.1 ----
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-02-2014
Ran by MB (administrator) on BARTMAS on 04-02-2014 18:12:52
Running from C:\Users\MB\Desktop
Windows 8.1 Enterprise Evaluation (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) E:\StandardProgramme\AntiVir\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) E:\StandardProgramme\AntiVir\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Atheros Commnucations) C:\Windows\System32\AdminService.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Windows\System32\wlms\wlms.exe
() E:\StandardProgramme\3\WTGService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) E:\StandardProgramme\AntiVir\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) E:\StandardProgramme\AntiVir\Avira\AntiVir Desktop\avwebg7.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\WINDOWS\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation)
HKLM-x32\...\Run: [avgnt] - E:\StandardProgramme\AntiVir\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-3469241050-3997586042-2601889986-1001\...\MountPoints2: {03dcb7c5-4cd5-11e3-8259-5404a66b4945} - "L:\AutoRun.exe"
HKU\S-1-5-21-3469241050-3997586042-2601889986-1001\...\MountPoints2: {03dcb800-4cd5-11e3-8259-5404a66b4945} - "F:\AutoRun.exe"
HKU\S-1-5-21-3469241050-3997586042-2601889986-1001\...\MountPoints2: {7c81caaa-51fd-11e3-825f-0026832f19ca} - "L:\.\Autorun.exe" AUTORUN=1
HKU\S-1-5-21-3469241050-3997586042-2601889986-1001\...\MountPoints2: {7c81cad0-51fd-11e3-825f-0026832f19ca} - "F:\.\Autorun.exe" AUTORUN=1
HKU\S-1-5-21-3469241050-3997586042-2601889986-1001\...\MountPoints2: {7f072434-3e92-11e3-824d-0026832f19ca} - "L:\AutoRun.exe"
HKU\S-1-5-21-3469241050-3997586042-2601889986-1001\...\MountPoints2: {89fd9c8e-8aaa-11e3-826d-806e6f6e6963} - "F:\AutoRun.exe"
==================== Internet (Whitelisted) ====================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=irmsd103&cd=2XzuyEtN2Y1L1QzuyDzztB0CzztDtCtAzytByCtA0E0DyCyEtN0D0Tzu0CyCyBtCtN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1L1C1H1B1QtCtDtA&cr=378628600&ir=
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd103&cd=2XzuyEtN2Y1L1QzuyDzztB0CzztDtCtAzytByCtA0E0DyCyEtN0D0Tzu0CyCyBtCtN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1L1C1H1B1QtCtDtA&cr=378628600&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd103&cd=2XzuyEtN2Y1L1QzuyDzztB0CzztDtCtAzytByCtA0E0DyCyEtN0D0Tzu0CyCyBtCtN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1L1C1H1B1QtCtDtA&cr=378628600&ir=
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd103&cd=2XzuyEtN2Y1L1QzuyDzztB0CzztDtCtAzytByCtA0E0DyCyEtN0D0Tzu0CyCyBtCtN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1L1C1H1B1QtCtDtA&cr=378628600&ir=
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd103&cd=2XzuyEtN2Y1L1QzuyDzztB0CzztDtCtAzytByCtA0E0DyCyEtN0D0Tzu0CyCyBtCtN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1L1C1H1B1QtCtDtA&cr=378628600&ir=
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd103&cd=2XzuyEtN2Y1L1QzuyDzztB0CzztDtCtAzytByCtA0E0DyCyEtN0D0Tzu0CyCyBtCtN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1L1C1H1B1QtCtDtA&cr=378628600&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd103&cd=2XzuyEtN2Y1L1QzuyDzztB0CzztDtCtAzytByCtA0E0DyCyEtN0D0Tzu0CyCyBtCtN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1L1C1H1B1QtCtDtA&cr=378628600&ir=
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\MB\AppData\Roaming\Mozilla\Firefox\Profiles\7htf7oh7.default
FF user.js: detected! => C:\Users\MB\AppData\Roaming\Mozilla\Firefox\Profiles\7htf7oh7.default\user.js
FF SearchEngineOrder.1: Mysearchdial
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Extension: MySearchDial NewTab - C:\Users\MB\AppData\Roaming\Mozilla\Firefox\Profiles\7htf7oh7.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8} [2013-11-03]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\MB\AppData\Roaming\Mozilla\Firefox\Profiles\7htf7oh7.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2013-12-20]
FF Extension: Adblock Plus - C:\Users\MB\AppData\Roaming\Mozilla\Firefox\Profiles\7htf7oh7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-27]
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; E:\StandardProgramme\AntiVir\Avira\AntiVir Desktop\sched.exe [440376 2013-12-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; E:\StandardProgramme\AntiVir\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; E:\StandardProgramme\AntiVir\Avira\AntiVir Desktop\avwebg7.exe [1011768 2013-12-12] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-12-20] (APN LLC.)
R2 AtherosSvc; C:\Windows\system32\AdminService.exe [208384 2012-08-29] (Atheros Commnucations)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2013-12-14] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 WLMS; C:\Windows\system32\wlms\wlms.exe [22016 2013-08-23] (Microsoft Corporation)
R2 WTGService; E:\StandardProgramme\3\WTGService.exe [327680 2010-12-23] ()
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-10-10] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [84720 2013-12-12] (Avira Operations GmbH & Co. KG)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-08-23] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2013-08-22] (Microsoft Corporation)
S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X]
S3 zte_ecm_enum_filter; \SystemRoot\System32\drivers\zte_ecm_enum_filter.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-04 18:12 - 2014-02-04 18:13 - 00013815 _____ () C:\Users\MB\Desktop\FRST.txt
2014-02-04 18:12 - 2014-02-04 18:12 - 00000000 ____D () C:\FRST
2014-02-04 18:11 - 2014-02-04 18:11 - 02080256 _____ (Farbar) C:\Users\MB\Desktop\FRST64.exe
2014-02-04 18:10 - 2014-02-04 18:10 - 00000466 _____ () C:\Users\MB\Desktop\defogger_disable.log
2014-02-04 18:10 - 2014-02-04 18:10 - 00000000 _____ () C:\Users\MB\defogger_reenable
2014-02-04 18:09 - 2014-02-04 18:07 - 00050477 _____ () C:\Users\MB\Desktop\Defogger.exe
2014-02-01 00:23 - 2014-02-01 00:23 - 00000124 _____ () C:\WINDOWS\setupact.log
2014-02-01 00:23 - 2014-02-01 00:23 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-02-01 00:22 - 2013-12-11 08:55 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-02-01 00:22 - 2013-12-09 01:34 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-02-01 00:22 - 2013-12-09 01:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-02-01 00:22 - 2013-11-27 16:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-02-01 00:22 - 2013-11-27 16:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-02-01 00:22 - 2013-11-27 15:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-02-01 00:22 - 2013-11-27 14:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-02-01 00:22 - 2013-11-27 13:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-02-01 00:22 - 2013-11-27 11:54 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-02-01 00:22 - 2013-11-27 11:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-02-01 00:22 - 2013-11-27 11:08 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-02-01 00:22 - 2013-11-27 10:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-02-01 00:22 - 2013-11-27 10:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-02-01 00:22 - 2013-11-27 10:17 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-02-01 00:22 - 2013-11-27 10:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-02-01 00:22 - 2013-11-27 09:58 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-02-01 00:22 - 2013-11-27 09:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-02-01 00:22 - 2013-11-27 09:20 - 04106240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-02-01 00:22 - 2013-11-27 05:01 - 00385614 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-02-01 00:22 - 2013-11-26 14:22 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-02-01 00:22 - 2013-11-26 14:20 - 02131120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-02-01 00:22 - 2013-11-26 14:20 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-02-01 00:22 - 2013-11-26 14:20 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-02-01 00:22 - 2013-11-26 12:50 - 01371312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-02-01 00:22 - 2013-11-26 12:44 - 02142936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-02-01 00:22 - 2013-11-26 12:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-02-01 00:22 - 2013-11-26 11:13 - 04191232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-02-01 00:22 - 2013-11-26 10:21 - 18577920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-02-01 00:22 - 2013-11-26 09:28 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-02-01 00:22 - 2013-11-25 02:45 - 00142680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-02-01 00:22 - 2013-11-25 02:32 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-02-01 00:22 - 2013-11-25 00:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-02-01 00:22 - 2013-11-25 00:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-02-01 00:22 - 2013-11-23 13:47 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-02-01 00:22 - 2013-11-23 12:49 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-02-01 00:22 - 2013-11-23 09:19 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-02-01 00:22 - 2013-11-23 08:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-02-01 00:22 - 2013-11-23 08:13 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-02-01 00:22 - 2013-11-23 08:08 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-02-01 00:22 - 2013-11-23 05:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-02-01 00:22 - 2013-11-23 04:57 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-02-01 00:22 - 2013-11-23 04:48 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-02-01 00:22 - 2013-11-23 04:25 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-02-01 00:22 - 2013-11-23 04:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-02-01 00:22 - 2013-11-23 04:19 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-02-01 00:22 - 2013-11-23 04:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-02-01 00:22 - 2013-11-21 07:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-02-01 00:22 - 2013-11-21 07:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-02-01 00:22 - 2013-11-16 06:11 - 00764856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-02-01 00:22 - 2013-11-15 19:19 - 00669344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-02-01 00:22 - 2013-11-15 15:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-02-01 00:22 - 2013-11-15 15:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-02-01 00:22 - 2013-11-15 15:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-02-01 00:22 - 2013-11-15 14:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-02-01 00:22 - 2013-11-05 21:12 - 02551128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-02-01 00:22 - 2013-10-31 01:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-02-01 00:22 - 2013-10-31 00:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-01-31 22:54 - 2014-02-04 18:02 - 00423847 _____ () C:\WINDOWS\WindowsUpdate.log
2014-01-31 22:33 - 2014-01-31 22:33 - 00000146 _____ () C:\Users\MB\Desktop\Java - Verknüpfung.lnk
2014-01-31 21:38 - 2014-01-31 22:53 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-01-31 21:38 - 2014-01-31 22:45 - 00000000 ____D () C:\Users\MB\Documents\Anti-Malware
2014-01-31 20:56 - 2014-01-31 20:56 - 00001367 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2014-01-31 20:55 - 2014-01-31 20:58 - 00000000 ____D () C:\Users\MB\AppData\Local\NVIDIA
2014-01-31 20:55 - 2014-01-31 20:55 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-01-31 20:55 - 2013-12-10 03:15 - 00982232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2014-01-31 20:55 - 2013-12-10 03:14 - 01100248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 30372640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 25257248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 22960416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 18310112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 18222008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 17560352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 15877216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 15230352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 12645664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-01-31 20:54 - 2013-12-19 21:33 - 11605752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 11554264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 09700224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 09657464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 03132704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 03125024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 03071656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 02947872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 02747680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 02698272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 01884448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433221.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 01511712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433221.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 01436528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 01242400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 00882464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 00879392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 00852768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 00847648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 00317472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 00266984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 00168616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 00141336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 00061216 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 00053024 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2014-01-31 20:54 - 2013-12-19 21:33 - 00023754 _____ () C:\WINDOWS\system32\nvinfo.pb
2014-01-31 20:54 - 2013-12-05 09:42 - 00039200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2014-01-31 20:54 - 2013-12-05 09:42 - 00035104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2014-01-31 20:54 - 2013-12-05 09:42 - 00032544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2014-01-31 20:54 - 2013-11-28 14:38 - 00197408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2014-01-31 20:54 - 2013-11-28 14:38 - 00031520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2014-01-31 20:32 - 2014-01-31 20:32 - 00312744 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-01-31 20:32 - 2014-01-31 20:32 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-01-31 20:32 - 2014-01-31 20:32 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-01-31 20:32 - 2014-01-31 20:32 - 00108968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-01-31 20:31 - 2014-01-31 20:32 - 30796712 _____ (Oracle Corporation) C:\Users\MB\Downloads\jre-7u51-windows-x64.exe
2014-01-31 20:08 - 2013-12-09 01:15 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-01-31 20:08 - 2013-11-27 16:36 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-01-31 20:08 - 2013-11-27 12:41 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-01-31 20:08 - 2013-11-27 11:34 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-01-31 20:08 - 2013-11-27 10:54 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-01-31 20:08 - 2013-11-27 09:48 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-31 20:08 - 2013-11-27 09:45 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-01-31 20:08 - 2013-11-27 09:40 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-31 20:08 - 2013-11-27 09:38 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-01-31 20:08 - 2013-11-27 09:17 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-01-31 20:08 - 2013-11-27 09:12 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-01-31 19:15 - 2014-01-31 19:15 - 00000000 ____D () C:\Program Files\Java
2014-01-31 19:13 - 2014-01-31 20:04 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-01-30 21:20 - 2014-01-30 21:20 - 00000000 ____D () C:\Program Files\Common Files\Atheros
2014-01-26 21:53 - 2014-01-26 21:53 - 00000000 ____D () C:\Program Files (x86)\CPUID
2014-01-21 04:18 - 2014-01-31 20:04 - 00000000 ____D () C:\Program Files\WinRAR
2014-01-05 01:48 - 2014-01-31 20:03 - 00000000 ____D () C:\Users\MB\AppData\Local\The Witcher
2014-01-05 01:48 - 2014-01-05 02:22 - 00000000 ____D () C:\Users\MB\Documents\The Witcher
2014-01-05 01:47 - 2014-01-05 01:47 - 00000000 ____D () C:\Users\Public\Documents\The Witcher
==================== One Month Modified Files and Folders =======
2014-02-04 18:13 - 2014-02-04 18:12 - 00013815 _____ () C:\Users\MB\Desktop\FRST.txt
2014-02-04 18:12 - 2014-02-04 18:12 - 00000000 ____D () C:\FRST
2014-02-04 18:11 - 2014-02-04 18:11 - 02080256 _____ (Farbar) C:\Users\MB\Desktop\FRST64.exe
2014-02-04 18:10 - 2014-02-04 18:10 - 00000466 _____ () C:\Users\MB\Desktop\defogger_disable.log
2014-02-04 18:10 - 2014-02-04 18:10 - 00000000 _____ () C:\Users\MB\defogger_reenable
2014-02-04 18:10 - 2013-10-27 00:03 - 00000000 ____D () C:\Users\MB
2014-02-04 18:07 - 2014-02-04 18:09 - 00050477 _____ () C:\Users\MB\Desktop\Defogger.exe
2014-02-04 18:04 - 2013-10-27 00:06 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-04 18:04 - 2013-08-23 00:26 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat
2014-02-04 18:04 - 2013-08-23 00:26 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat
2014-02-04 18:03 - 2013-10-27 00:26 - 00003914 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1334734D-5160-4FF4-847A-43B2B7A9A337}
2014-02-04 18:03 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-02-04 18:02 - 2014-01-31 22:54 - 00423847 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-04 18:00 - 2013-10-27 00:15 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-04 18:00 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-02-03 22:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-02-03 21:58 - 2013-10-27 01:12 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-02-03 20:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-02-01 20:04 - 2013-10-27 00:08 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3469241050-3997586042-2601889986-1001
2014-02-01 00:29 - 2013-10-27 00:03 - 00000000 ___RD () C:\Users\MB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-01 00:29 - 2013-10-27 00:03 - 00000000 ___RD () C:\Users\MB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-01 00:28 - 2013-08-22 15:44 - 00335992 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-02-01 00:27 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-02-01 00:27 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-02-01 00:27 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-02-01 00:27 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-02-01 00:23 - 2014-02-01 00:23 - 00000124 _____ () C:\WINDOWS\setupact.log
2014-02-01 00:23 - 2014-02-01 00:23 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-02-01 00:23 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-02-01 00:23 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-02-01 00:23 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-02-01 00:00 - 2013-10-27 01:14 - 00046080 ___SH () C:\Users\MB\Desktop\Thumbs.db
2014-01-31 22:53 - 2014-01-31 21:38 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-01-31 22:49 - 2013-10-27 00:03 - 00000000 ____D () C:\Users\MB\AppData\Local\VirtualStore
2014-01-31 22:45 - 2014-01-31 21:38 - 00000000 ____D () C:\Users\MB\Documents\Anti-Malware
2014-01-31 22:33 - 2014-01-31 22:33 - 00000146 _____ () C:\Users\MB\Desktop\Java - Verknüpfung.lnk
2014-01-31 20:58 - 2014-01-31 20:55 - 00000000 ____D () C:\Users\MB\AppData\Local\NVIDIA
2014-01-31 20:56 - 2014-01-31 20:56 - 00001367 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2014-01-31 20:55 - 2014-01-31 20:55 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-01-31 20:55 - 2013-10-27 00:15 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-01-31 20:55 - 2013-10-27 00:15 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-01-31 20:32 - 2014-01-31 20:32 - 00312744 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-01-31 20:32 - 2014-01-31 20:32 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-01-31 20:32 - 2014-01-31 20:32 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-01-31 20:32 - 2014-01-31 20:32 - 00108968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-01-31 20:32 - 2014-01-31 20:31 - 30796712 _____ (Oracle Corporation) C:\Users\MB\Downloads\jre-7u51-windows-x64.exe
2014-01-31 20:28 - 2013-11-26 01:37 - 00000000 ____D () C:\Users\MB\AppData\Local\Deployment
2014-01-31 20:27 - 2013-12-01 04:11 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-01-31 20:25 - 2013-12-01 04:22 - 00000000 ____D () C:\Users\MB\AppData\Local\NVIDIA Corporation
2014-01-31 20:25 - 2013-10-27 00:15 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-01-31 20:19 - 2013-11-13 00:14 - 86054176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-31 20:19 - 2013-11-13 00:14 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-01-31 20:19 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-01-31 20:06 - 2013-11-20 16:53 - 00000000 ____D () C:\WINDOWS\Minidump
2014-01-31 20:04 - 2014-01-31 19:13 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-01-31 20:04 - 2014-01-21 04:18 - 00000000 ____D () C:\Program Files\WinRAR
2014-01-31 20:04 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\icsxml
2014-01-31 20:04 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\icsxml
2014-01-31 20:03 - 2014-01-05 01:48 - 00000000 ____D () C:\Users\MB\AppData\Local\The Witcher
2014-01-31 20:03 - 2013-11-26 01:37 - 00000000 ____D () C:\Users\MB\AppData\Local\Apps\2.0
2014-01-31 20:03 - 2013-11-02 01:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-01-31 20:03 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\registration
2014-01-31 20:03 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-01-31 20:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-01-31 19:15 - 2014-01-31 19:15 - 00000000 ____D () C:\Program Files\Java
2014-01-30 21:20 - 2014-01-30 21:20 - 00000000 ____D () C:\Program Files\Common Files\Atheros
2014-01-26 21:53 - 2014-01-26 21:53 - 00000000 ____D () C:\Program Files (x86)\CPUID
2014-01-21 04:18 - 2013-11-26 03:59 - 00000000 ____D () C:\Users\MB\AppData\Roaming\WinRAR
2014-01-18 20:29 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2014-01-12 06:30 - 2013-12-01 04:11 - 00214392 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2014-01-12 04:33 - 2013-11-14 03:25 - 00000375 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ics
2014-01-10 21:01 - 2013-12-01 04:11 - 00214392 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2014-01-06 23:31 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-01-06 23:31 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-05 02:22 - 2014-01-05 01:48 - 00000000 ____D () C:\Users\MB\Documents\The Witcher
2014-01-05 01:47 - 2014-01-05 01:47 - 00000000 ____D () C:\Users\Public\Documents\The Witcher
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-01 20:04
==================== End Of Log ============================
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-02-2014
Ran by MB at 2014-02-04 18:13:08
Running from C:\Users\MB\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
3DataManager (x32 Version: 3.0 - 3DataManager)
Adobe AIR (x32 Version: 3.9.0.1210 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1210 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Arduino (x32 Version: 1.0.5 - Arduino LLC)
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
Avira SearchFree Toolbar (x32 Version: 12.10.0.2949 - APN, LLC)
Battlefield 4™ (x32 Version: 1.0.0.1 - Electronic Arts)
CCleaner (Version: 4.08 - Piriform)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java 7 Update 51 (64-bit) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (x32 Version: 0.9 - AppWork GmbH)
Maxthon Cloud Browser (x32 Version: 4.2.0.4000 - Maxthon International Limited)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
MobileWiFi (x32 Version: TOOL-ConnLaucher_WIN1.09.02.00 - Huawei Technologies Co.,Ltd)
NVIDIA 3D Vision Controller-Treiber 332.21 (Version: 332.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 332.21 (Version: 332.21 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.1 (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 332.21 (Version: 332.21 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3221 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 332.21 (Version: 332.21 - NVIDIA Corporation) Hidden
NVIDIA Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.19 (Version: 1.2.19 - NVIDIA Corporation)
Origin (x32 Version: 9.3.11.2762 - Electronic Arts, Inc.)
PunkBuster Services (x32 Version: 0.993 - Even Balance, Inc.)
Python 3.3 pyreadline-2.0 (HKCU Version: - )
Python 3.3 pyserial-2.7 (HKCU Version: - )
Python 3.3.3 (x32 Version: 3.3.3150 - Python Software Foundation)
Rust (x32 Version: - Facepunch Studios)
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
The Stanley Parable (x32 Version: - Galactic Cafe)
The Witcher 2: Assassins of Kings Enhanced Edition (x32 Version: - CD Projekt RED)
The Witcher: Enhanced Edition (x32 Version: - CD Projekt RED)
WinZip 18.0 (x32 Version: 18.0.10661 - WinZip Computing, S.L. )
World of Tanks (x32 Version: - Wargaming.net)
==================== Restore Points =========================
17-01-2014 05:59:10 Windows Modules Installer
27-01-2014 19:26:17 Geplanter Prüfpunkt
30-01-2014 20:20:21 Windows Update
31-01-2014 19:02:58 Wiederherstellungsvorgang
==================== Hosts content: ==========================
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4C49B534-516D-434D-B422-AF8858926111} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-01-31] (Microsoft Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7EAEF73C-98C9-45CB-BF35-F3CA3450A3D7} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: {84667A5D-5D68-4FD1-A5B6-25EFC4432F27} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {94010744-FD73-4159-8F43-F5013964FE3D} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\mxup.exe [2013-11-21] (Maxthon International ltd.)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2013-10-27 00:47 - 2013-10-10 18:14 - 00394824 _____ () E:\StandardProgramme\AntiVir\Avira\AntiVir Desktop\sqlite3.dll
2013-12-29 22:31 - 2013-11-18 02:18 - 00258944 _____ () C:\Program Files (x86)\Maxthon\bin\Maxzlib.dll
2013-12-29 22:31 - 2013-11-18 02:18 - 00232760 _____ () C:\Program Files (x86)\Maxthon\Addons\Mobile\MxMobile.dll
2013-12-29 22:31 - 2013-11-18 02:18 - 00258944 _____ () C:\Program Files (x86)\Maxthon\Bin\maxzlib.dll
2013-12-29 22:31 - 2013-11-21 07:37 - 00887064 _____ () C:\Program Files (x86)\Maxthon\Core\Webkit\libglesv2.dll
2013-12-29 22:31 - 2013-11-21 07:37 - 00109336 _____ () C:\Program Files (x86)\Maxthon\Core\Webkit\libegl.dll
2013-12-29 22:31 - 2013-11-26 02:25 - 15990664 _____ () C:\Program Files (x86)\Maxthon\Core\Webkit\Npplugins\NPSWF32.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WLMS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WLMS => ""="Service"
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/03/2014 08:30:03 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
Error: (02/02/2014 02:24:13 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
Error: (02/01/2014 08:24:09 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
Error: (01/31/2014 09:57:23 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
Error: (01/31/2014 09:00:02 PM) (Source: Microsoft-Windows-LocationProvider) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database
Error: (01/31/2014 09:00:00 PM) (Source: ESENT) (User: )
Description: svchost (1160) SRUJet: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\WINDOWS\system32\SRU\SRU0038A.log.
Error: (01/31/2014 08:05:47 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -528.
Error: (01/31/2014 08:05:47 PM) (Source: ESENT) (User: )
Description: Catalog Database (1184) Catalog Database: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\WINDOWS\system32\CatRoot2\edb00019.log.
Error: (01/31/2014 08:02:59 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (01/30/2014 09:53:59 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
System errors:
=============
Error: (02/04/2014 06:00:23 PM) (Source: ipnathlp) (User: )
Description:
Error: (02/04/2014 06:00:23 PM) (Source: ipnathlp) (User: )
Description:
Error: (02/03/2014 10:39:43 PM) (Source: disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk7\DR7 gefunden.
Error: (02/03/2014 10:39:43 PM) (Source: disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden.
Error: (02/03/2014 10:39:43 PM) (Source: disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
Error: (02/03/2014 10:39:43 PM) (Source: disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk4\DR4 gefunden.
Error: (02/03/2014 10:39:26 PM) (Source: disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden.
Error: (02/03/2014 10:39:26 PM) (Source: disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
Error: (02/03/2014 10:39:26 PM) (Source: disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk7\DR7 gefunden.
Error: (02/03/2014 10:39:26 PM) (Source: disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk4\DR4 gefunden.
Microsoft Office Sessions:
=========================
Error: (02/03/2014 08:30:03 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe)(User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
Error: (02/02/2014 02:24:13 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe)(User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
Error: (02/01/2014 08:24:09 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe)(User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
Error: (01/31/2014 09:57:23 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe)(User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
Error: (01/31/2014 09:00:02 PM) (Source: Microsoft-Windows-LocationProvider)(User: NT-AUTORITÄT)
Description: -2146893813
Error: (01/31/2014 09:00:00 PM) (Source: ESENT)(User: )
Description: svchost1160SRUJet: C:\WINDOWS\system32\SRU\SRU0038A.log-1811 (0xfffff8ed)
Error: (01/31/2014 08:05:47 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: -528
Error: (01/31/2014 08:05:47 PM) (Source: ESENT)(User: )
Description: Catalog Database1184Catalog Database: C:\WINDOWS\system32\CatRoot2\edb00019.log-1811 (0xfffff8ed)
Error: (01/31/2014 08:02:59 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
Error: (01/30/2014 09:53:59 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe)(User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
==================== Memory info ===========================
Percentage of memory in use: 19%
Total physical RAM: 8168.76 MB
Available physical RAM: 6564.25 MB
Total Pagefile: 9448.76 MB
Available Pagefile: 7731.76 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.79 GB) (Free:78.3 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:232.88 GB) (Free:229.41 GB) NTFS
Drive e: () (Fixed) (Total:931.51 GB) (Free:481.46 GB) NTFS
Drive f: (MobileWiFi) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: CE9FCE9F)
Partition 1: (Active) - (Size=233 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 220C9A9C)
Partition 1: (Active) - (Size=112 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: EBB77844)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)
==================== End Of Log ============================
mit freundlichen Grüßen
Bartmas |
