Artorias92 | 19.01.2015 21:14 | Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015
Ran by Eugen at 2015-01-19 20:31:15
Running from C:\Users\Eugen\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira (HKLM-x32\...\{e7c7c227-b742-4878-9425-f09bbf9951db}) (Version: 1.1.27.25527 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.27.25527 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty: Black Ops - Multiplayer (HKLM-x32\...\Steam App 42710) (Version: - Treyarch)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-2162398557-2948459176-1126884522-1000\...\CopyTrans Suite) (Version: 3.003 - WindSolutions)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
CPUID CPU-Z 1.69.2 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version: - FromSoftware)
DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version: - FromSoftware, Inc)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Free Audio Converter version 5.0.52.1122 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.52.1122 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.50.1122 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.50.1122 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 31.0.1650.59 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1168 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.34 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\3FD0C489-0F02-481a-A3E1-9754CD396761) (Version: - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Logitech Gaming Software 8.53 (HKLM\...\Logitech Gaming Software) (Version: 8.53.154 - Logitech Inc.)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 1.0.0.79 - MSI)
MSI ECO Center (HKLM-x32\...\{1E55202F-4D31-498A-8F72-97DCBA9F2866}_is1) (Version: 1.0.0.13 - MSI)
MSI Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.1.5 - MSI)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 2.0.0.12 - MSI)
MSI Intel Extreme Tuning Utility (HKLM-x32\...\{fbd55c4e-e884-4210-a79b-5f158834b133}) (Version: 4.4.0.103 - Intel Corporation)
MSI Intel Extreme Tuning Utility (x32 Version: 4.4.0.103 - Intel Corporation) Hidden
MSI Live Update (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.0.012 - MSI)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.025 - MSI)
NBA 2K15 (HKLM-x32\...\Steam App 282350) (Version: - Visual Concepts)
NVIDIA Grafiktreiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.1.42.1045 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.1.42.1045 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.42.1045 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.1.42.1045 - Qualcomm Atheros) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7293 - Realtek Semiconductor Corp.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
Sound Blaster Cinema 2 (HKLM-x32\...\{B4F6F8CC-2C61-42CC-A4CC-76621F25BDC7}) (Version: 1.00.06 - Creative Technology Limited)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Uplay (HKLM-x32\...\Uplay) (Version: 4.5 - Ubisoft)
VGA Boost (HKLM-x32\...\{809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1) (Version: 1.0.0.7 - MSI)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
XSplit Gamecaster (HKLM-x32\...\{9CAF7619-9851-4BEA-8330-1F710D0D3716}) (Version: 1.5.1403.0601 - SplitMediaLabs)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {158EEBF0-B2DC-4C72-9667-700525C0E04E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-29] (Piriform Ltd)
Task: {4A33630B-3DBE-4B34-AB5E-AD942B82F1CE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-11] (Google Inc.)
Task: {67E404E7-D86C-402A-A8F0-D156BFBA2BAF} - System32\Tasks\SamsungMagician => P:\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {6D002D9E-A2CF-4E01-9B79-E54E256A43FE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-11] (Google Inc.)
Task: {972A8E20-138A-4B9A-AA67-48CAC48BB9AE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C9351A89-5543-4801-A7C4-3FAF03B1D033} - System32\Tasks\{5254B6C7-8C43-4401-85D4-30FEACF8753E} => pcalua.exe -a C:\Users\Eugen\Downloads\Install_CopyTransControlCenter.exe -d C:\Users\Eugen\Downloads
Task: {C9DA7EB3-8367-4921-8158-635B2D41A48F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {DA24D709-DE75-4596-AA70-4CEACBD9C5B7} - System32\Tasks\{9AB18ECD-2FB7-4E12-A769-D0F6B730B02D} => pcalua.exe -a "C:\Program Files (x86)\MSI\Live Update\LU5\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7245\Setup.exe" -d C:\Windows\system32 -c /s /f2c:\RHDSetup.log /z[-rpC:\RHDSetup.log] /runfromtemp
Task: {FF3F2AF4-B77E-4A2B-9FDC-9875E4EB708A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-13] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-06-12 16:09 - 2014-05-20 02:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-06-11 21:00 - 2014-02-21 10:21 - 00089600 _____ () C:\Windows\SYSTEM32\CmdRtr64.DLL
2014-06-11 21:00 - 2014-02-21 10:19 - 00366080 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2014-06-11 21:10 - 2014-04-10 12:57 - 02126448 _____ () C:\Program Files (x86)\MSI\ECO Center\ECO_Service.exe
2014-06-11 21:09 - 2014-08-19 13:14 - 01992192 _____ () C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
2014-02-11 19:21 - 2014-02-11 19:21 - 00860160 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-02-11 19:22 - 2014-02-11 19:22 - 01043968 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-02-11 19:21 - 2014-02-11 19:21 - 00052736 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-02-11 19:22 - 2014-02-11 19:22 - 00236032 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2014-04-17 10:02 - 2014-04-17 10:02 - 00300544 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
2014-10-23 20:19 - 2014-10-23 20:19 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-01-19 20:11 - 2015-01-19 20:11 - 00050477 _____ () C:\Users\Eugen\Desktop\Defogger.exe
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-01-08 19:11 - 2005-07-18 13:43 - 00160256 _____ () C:\Program Files (x86)\MSI\Live Update\unrar.dll
2014-06-11 21:00 - 2014-02-21 10:20 - 00074240 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2014-06-11 21:00 - 2014-02-21 10:17 - 00274944 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2014-06-11 21:58 - 2014-09-28 17:59 - 00019872 _____ () P:\Samsung Magician\SAMSUNG_SSD.dll
2014-06-11 21:00 - 2013-11-14 22:07 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.59\libglesv2.dll
2014-06-11 21:00 - 2013-11-14 22:07 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.59\libegl.dll
2014-06-11 21:00 - 2013-11-14 22:08 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.59\pdf.dll
2014-06-11 21:00 - 2013-11-14 22:08 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.59\ppGoogleNaClPluginChrome.dll
2014-06-11 21:00 - 2013-11-14 22:07 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.59\ffmpegsumo.dll
2014-06-11 21:00 - 2013-11-14 22:08 - 13582800 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.59\PepperFlash\pepflashplayer.dll
2014-02-19 17:51 - 2014-02-19 17:51 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-2162398557-2948459176-1126884522-500 - Administrator - Disabled)
Eugen (S-1-5-21-2162398557-2948459176-1126884522-1000 - Administrator - Enabled) => C:\Users\Eugen
Gast (S-1-5-21-2162398557-2948459176-1126884522-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2162398557-2948459176-1126884522-1002 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/10/2015 02:28:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 31.0.1650.59 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 15f0
Startzeit: 01d02cd656d2c4ee
Endzeit: 22
Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Berichts-ID: 8f153a06-98cc-11e4-9219-448a5b9a5592
Error: (01/09/2015 10:34:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DARKSOULS.exe, Version: 1.0.2.0, Zeitstempel: 0x546fa3c5
Name des fehlerhaften Moduls: DARKSOULS.exe, Version: 1.0.2.0, Zeitstempel: 0x546fa3c5
Ausnahmecode: 0xc0000409
Fehleroffset: 0x008299a3
ID des fehlerhaften Prozesses: 0x16d4
Startzeit der fehlerhaften Anwendung: 0xDARKSOULS.exe0
Pfad der fehlerhaften Anwendung: DARKSOULS.exe1
Pfad des fehlerhaften Moduls: DARKSOULS.exe2
Berichtskennung: DARKSOULS.exe3
Error: (01/08/2015 07:11:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Live Update.exe, Version: 6.0.6.0, Zeitstempel: 0x53c5cdf7
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000222d2
ID des fehlerhaften Prozesses: 0xec4
Startzeit der fehlerhaften Anwendung: 0xLive Update.exe0
Pfad der fehlerhaften Anwendung: Live Update.exe1
Pfad des fehlerhaften Moduls: Live Update.exe2
Berichtskennung: Live Update.exe3
Error: (01/08/2015 07:09:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AEFUWIN64.exe, Version: 0.0.0.0, Zeitstempel: 0x4e0a8329
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005320e
ID des fehlerhaften Prozesses: 0x1448
Startzeit der fehlerhaften Anwendung: 0xAEFUWIN64.exe0
Pfad der fehlerhaften Anwendung: AEFUWIN64.exe1
Pfad des fehlerhaften Moduls: AEFUWIN64.exe2
Berichtskennung: AEFUWIN64.exe3
Error: (01/08/2015 07:06:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Live Update.exe, Version: 6.0.6.0, Zeitstempel: 0x53c5cdf7
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000222d2
ID des fehlerhaften Prozesses: 0xf58
Startzeit der fehlerhaften Anwendung: 0xLive Update.exe0
Pfad der fehlerhaften Anwendung: Live Update.exe1
Pfad des fehlerhaften Moduls: Live Update.exe2
Berichtskennung: Live Update.exe3
Error: (01/04/2015 02:19:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Avira.OE.Systray.exe, Version: 1.1.27.25537, Zeitstempel: 0x546de872
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x5b8
Startzeit der fehlerhaften Anwendung: 0xAvira.OE.Systray.exe0
Pfad der fehlerhaften Anwendung: Avira.OE.Systray.exe1
Pfad des fehlerhaften Moduls: Avira.OE.Systray.exe2
Berichtskennung: Avira.OE.Systray.exe3
Error: (01/04/2015 02:19:12 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.Systray.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Net.Sockets.SocketException
Stapel:
bei System.Net.SafeCloseSocketAndEvent.CreateWSASocketWithEvent(System.Net.Sockets.AddressFamily, System.Net.Sockets.SocketType, System.Net.Sockets.ProtocolType, Boolean, Boolean)
bei System.Net.NetworkInformation.NetworkChange+AddressChangeListener.StartHelper(System.Net.NetworkInformation.NetworkAddressChangedEventHandler, Boolean, System.Net.NetworkInformation.StartIPOptions)
bei Avira.OE.WinCore.NetworkStatusListener..ctor()
bei Avira.OE.WinCore.InternetConnectionMonitor..ctor()
bei Avira.OE.Systray.SystrayIcon..ctor(Avira.OE.WinCore.Interface.IServiceStatusMonitor, Avira.OE.Communicator.Interface.ICommunicatorClientProxy, Avira.OE.MiniGui.IMiniGuiWindow, Avira.OE.WinCore.Interface.IProcessController)
bei Avira.OE.Systray.SystrayIcon..ctor()
bei Avira.OE.Systray.Program.Main(System.String[])
Error: (01/04/2015 02:18:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Avira.OE.Systray.exe, Version: 1.1.27.25537, Zeitstempel: 0x546de872
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x560
Startzeit der fehlerhaften Anwendung: 0xAvira.OE.Systray.exe0
Pfad der fehlerhaften Anwendung: Avira.OE.Systray.exe1
Pfad des fehlerhaften Moduls: Avira.OE.Systray.exe2
Berichtskennung: Avira.OE.Systray.exe3
Error: (01/04/2015 02:18:44 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.Systray.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Net.Sockets.SocketException
Stapel:
bei System.Net.SafeCloseSocketAndEvent.CreateWSASocketWithEvent(System.Net.Sockets.AddressFamily, System.Net.Sockets.SocketType, System.Net.Sockets.ProtocolType, Boolean, Boolean)
bei System.Net.NetworkInformation.NetworkChange+AddressChangeListener.StartHelper(System.Net.NetworkInformation.NetworkAddressChangedEventHandler, Boolean, System.Net.NetworkInformation.StartIPOptions)
bei Avira.OE.WinCore.NetworkStatusListener..ctor()
bei Avira.OE.WinCore.InternetConnectionMonitor..ctor()
bei Avira.OE.Systray.SystrayIcon..ctor(Avira.OE.WinCore.Interface.IServiceStatusMonitor, Avira.OE.Communicator.Interface.ICommunicatorClientProxy, Avira.OE.MiniGui.IMiniGuiWindow, Avira.OE.WinCore.Interface.IProcessController)
bei Avira.OE.Systray.SystrayIcon..ctor()
bei Avira.OE.Systray.Program.Main(System.String[])
Error: (01/04/2015 02:18:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Avira.OE.Systray.exe, Version: 1.1.27.25537, Zeitstempel: 0x546de872
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x4f0
Startzeit der fehlerhaften Anwendung: 0xAvira.OE.Systray.exe0
Pfad der fehlerhaften Anwendung: Avira.OE.Systray.exe1
Pfad des fehlerhaften Moduls: Avira.OE.Systray.exe2
Berichtskennung: Avira.OE.Systray.exe3
System errors:
=============
Error: (01/18/2015 08:46:27 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 70. Der interne Fehlerstatus lautet: 105.
Error: (01/17/2015 04:27:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (01/17/2015 04:27:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (01/17/2015 01:12:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (01/17/2015 01:12:18 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (01/10/2015 04:18:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (01/10/2015 04:18:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (01/04/2015 02:24:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (01/04/2015 02:18:07 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (01/04/2015 02:18:07 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Microsoft Office Sessions:
=========================
Error: (01/10/2015 02:28:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe31.0.1650.5915f001d02cd656d2c4ee22C:\Program Files (x86)\Google\Chrome\Application\chrome.exe8f153a06-98cc-11e4-9219-448a5b9a5592
Error: (01/09/2015 10:34:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DARKSOULS.exe1.0.2.0546fa3c5DARKSOULS.exe1.0.2.0546fa3c5c0000409008299a316d401d02c1ae3205f58D:\steam\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exeD:\steam\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe4a40092f-9847-11e4-9da6-448a5b9a5592
Error: (01/08/2015 07:11:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Live Update.exe6.0.6.053c5cdf7ntdll.dll6.1.7601.18247521ea8e7c0000005000222d2ec401d02b6e72b7917cC:\Program Files (x86)\MSI\Live Update\Live Update.exeC:\Windows\SysWOW64\ntdll.dllba09fd47-9761-11e4-9203-448a5b9a5592
Error: (01/08/2015 07:09:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: AEFUWIN64.exe0.0.0.04e0a8329ntdll.dll6.1.7601.18247521eaf24c0000005000000000005320e144801d02b6e15cceb06C:\Program Files (x86)\MSI\Live Update\FlashUty\AMI\EFIWIN\AEFUWIN64.exeC:\Windows\SYSTEM32\ntdll.dll6ee0943f-9761-11e4-97fa-448a5b9a5592
Error: (01/08/2015 07:06:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Live Update.exe6.0.6.053c5cdf7ntdll.dll6.1.7601.18247521ea8e7c0000005000222d2f5801d02b55b09ac660C:\Program Files (x86)\MSI\Live Update\Live Update.exeC:\Windows\SysWOW64\ntdll.dll0e233db6-9761-11e4-87b1-448a5b9a5592
Error: (01/04/2015 02:19:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Avira.OE.Systray.exe1.1.27.25537546de872KERNELBASE.dll6.1.7601.1840953159a86e04343520000c42d5b801d02821079126aeC:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exeC:\Windows\syswow64\KERNELBASE.dll4e42a858-9414-11e4-b220-f25a3f3e0dda
Error: (01/04/2015 02:19:12 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.Systray.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Net.Sockets.SocketException
Stapel:
bei System.Net.SafeCloseSocketAndEvent.CreateWSASocketWithEvent(System.Net.Sockets.AddressFamily, System.Net.Sockets.SocketType, System.Net.Sockets.ProtocolType, Boolean, Boolean)
bei System.Net.NetworkInformation.NetworkChange+AddressChangeListener.StartHelper(System.Net.NetworkInformation.NetworkAddressChangedEventHandler, Boolean, System.Net.NetworkInformation.StartIPOptions)
bei Avira.OE.WinCore.NetworkStatusListener..ctor()
bei Avira.OE.WinCore.InternetConnectionMonitor..ctor()
bei Avira.OE.Systray.SystrayIcon..ctor(Avira.OE.WinCore.Interface.IServiceStatusMonitor, Avira.OE.Communicator.Interface.ICommunicatorClientProxy, Avira.OE.MiniGui.IMiniGuiWindow, Avira.OE.WinCore.Interface.IProcessController)
bei Avira.OE.Systray.SystrayIcon..ctor()
bei Avira.OE.Systray.Program.Main(System.String[])
Error: (01/04/2015 02:18:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Avira.OE.Systray.exe1.1.27.25537546de872KERNELBASE.dll6.1.7601.1840953159a86e04343520000c42d56001d02820f701b3e6C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exeC:\Windows\syswow64\KERNELBASE.dll3db596f0-9414-11e4-b220-f25a3f3e0dda
Error: (01/04/2015 02:18:44 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.Systray.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Net.Sockets.SocketException
Stapel:
bei System.Net.SafeCloseSocketAndEvent.CreateWSASocketWithEvent(System.Net.Sockets.AddressFamily, System.Net.Sockets.SocketType, System.Net.Sockets.ProtocolType, Boolean, Boolean)
bei System.Net.NetworkInformation.NetworkChange+AddressChangeListener.StartHelper(System.Net.NetworkInformation.NetworkAddressChangedEventHandler, Boolean, System.Net.NetworkInformation.StartIPOptions)
bei Avira.OE.WinCore.NetworkStatusListener..ctor()
bei Avira.OE.WinCore.InternetConnectionMonitor..ctor()
bei Avira.OE.Systray.SystrayIcon..ctor(Avira.OE.WinCore.Interface.IServiceStatusMonitor, Avira.OE.Communicator.Interface.ICommunicatorClientProxy, Avira.OE.MiniGui.IMiniGuiWindow, Avira.OE.WinCore.Interface.IProcessController)
bei Avira.OE.Systray.SystrayIcon..ctor()
bei Avira.OE.Systray.Program.Main(System.String[])
Error: (01/04/2015 02:18:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Avira.OE.Systray.exe1.1.27.25537546de872KERNELBASE.dll6.1.7601.1840953159a86e04343520000c42d4f001d02820e94f68f2C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exeC:\Windows\syswow64\KERNELBASE.dll30758e0a-9414-11e4-b220-f25a3f3e0dda
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz
Percentage of memory in use: 36%
Total physical RAM: 8143.64 MB
Available physical RAM: 5194.65 MB
Total Pagefile: 16285.46 MB
Available Pagefile: 12484.2 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.79 GB) (Free:191.05 GB) NTFS
Drive d: (Games) (Fixed) (Total:488.28 GB) (Free:362.13 GB) NTFS
Drive p: (Programme) (Fixed) (Total:443.23 GB) (Free:442.61 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: A6CC0685)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: FD87B7E6)
Partition 1: (Not Active) - (Size=488.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=443.2 GB) - (Type=07 NTFS)
==================== End Of Log ============================ Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-01-19 20:41:15
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 Samsung_SSD_840_EVO_250GB rev.EXT0BB6Q 232,89GB
Running: Gmer-19357.exe; Driver: C:\Users\Eugen\AppData\Local\Temp\agloapow.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 594 fffff80002ff0092 4 bytes [00, 00, 00, 00]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 601 fffff80002ff0099 9 bytes [00, 00, 00, 00, 00, 00, 00, ...]
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[1828] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076ec1465 2 bytes [EC, 76]
.text C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[1828] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076ec14bb 2 bytes [EC, 76]
.text ... * 2
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[5432] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076ec1465 2 bytes [EC, 76]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[5432] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076ec14bb 2 bytes [EC, 76]
.text ... * 2
.text C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe[6012] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076ec1465 2 bytes [EC, 76]
.text C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe[6012] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076ec14bb 2 bytes [EC, 76]
.text ... * 2
---- EOF - GMER 2.1 ---- So hoffe ich hab alles richtig gemacht.
E: Habe die Anweisung hinsichtlich Defogger auch befolgt und ihn auf Disabled gelassen. |