Drewfyre | 01.08.2014 10:04 | Wie gesagt die Logs sind zu groß, alleine der FRST Log ist 191227 Zeilen lang. Aber hier die anderen beiden Logs :
Addition : Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-07-2014 02
Ran by Henrik at 2014-08-01 02:47:05
Running from C:\Users\Henrik\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 13.30.100.40417 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0417.2226.38446 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.5.464 - Avira)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.810 - Curse)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel(R) Network Connections 18.5.54.0 (Version: 18.5.54.0 - Intel) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) Hidden
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
Java 7 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417065FF}) (Version: 7.0.650 - Oracle)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217065FF}) (Version: 7.0.650 - Oracle)
Java Auto Updater (x32 Version: 2.1.65.19 - Oracle, Inc.) Hidden
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.53 (HKLM\...\Logitech Gaming Software) (Version: 8.53.186 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.15.20888 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
Skype™ 6.18 (HKLM-x32\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 6.18.105 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3187653717-1412001005-1178783675-1000_Classes\CLSID\{ca267ef4-5b7e-4ad6-b0d3-f360fc22df37}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
==================== Restore Points =========================
26-07-2014 11:59:09 Windows Update
27-07-2014 17:00:10 Windows-Sicherung
28-07-2014 00:49:35 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {038DF96C-5E8C-46D8-8027-42337FF98B00} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-01] (Adobe Systems Incorporated)
Task: {3C73C8CC-4341-404F-BBF9-E13C8BBC987E} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {50419589-3EBA-46FF-9029-619ED6338641} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-25] (Google Inc.)
Task: {67D54E45-CAEC-4E13-A5A2-655B73F9A006} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-25] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-07-02 23:54 - 2014-07-02 23:54 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-07-02 23:59 - 2014-07-02 23:59 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-07-02 23:54 - 2014-07-02 23:54 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-07-02 23:59 - 2014-07-02 23:59 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2014-07-25 23:41 - 2014-07-25 23:41 - 00014848 _____ () C:\Users\Henrik\AppData\Local\Apps\2.0\MP3WJ4OP.G01\ANZ55GTW.R3D\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\Curse.CurseClient.WowDb.dll
2014-07-25 23:41 - 2014-07-25 23:41 - 00035840 _____ () C:\Users\Henrik\AppData\Local\Apps\2.0\MP3WJ4OP.G01\ANZ55GTW.R3D\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\Curse.Advertising.dll
2014-07-25 23:41 - 2014-07-25 23:41 - 00099840 _____ () C:\Users\Henrik\AppData\Local\Apps\2.0\MP3WJ4OP.G01\ANZ55GTW.R3D\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\Curse.CurseClient.CMOD2.dll
2014-08-01 02:39 - 2014-08-01 02:39 - 00050477 _____ () C:\Users\Henrik\Desktop\Defogger.exe
2014-07-25 23:12 - 2014-07-25 23:12 - 26065408 _____ () C:\Program Files (x86)\Battle.net\Battle.net.4872\libcef.dll
2014-07-25 23:12 - 2014-07-25 23:12 - 00739840 _____ () C:\Program Files (x86)\Battle.net\Battle.net.4872\libglesv2.dll
2014-07-25 23:12 - 2014-07-25 23:12 - 00130048 _____ () C:\Program Files (x86)\Battle.net\Battle.net.4872\libegl.dll
2014-07-25 22:56 - 2013-09-03 16:52 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-07-26 09:27 - 2014-07-12 02:53 - 01116672 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll
2014-07-26 09:27 - 2014-07-12 02:53 - 00438784 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2014-07-26 09:27 - 2014-07-12 02:53 - 00399360 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll
2014-07-26 09:27 - 2014-07-12 02:53 - 00331264 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-07-26 09:27 - 2014-06-27 00:40 - 00764416 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-07-26 09:27 - 2014-07-16 04:28 - 02139328 _____ () C:\Program Files (x86)\Steam\video.dll
2014-07-26 09:27 - 2014-04-29 02:37 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll
2014-07-26 09:27 - 2014-07-16 04:28 - 01116864 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-07-26 09:27 - 2014-05-02 01:35 - 20628160 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-07-25 23:08 - 2014-07-15 11:24 - 00718664 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll
2014-07-25 23:08 - 2014-07-15 11:24 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dll
2014-07-25 23:08 - 2014-07-15 11:24 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll
2014-07-25 23:08 - 2014-07-15 11:24 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
2014-07-25 23:08 - 2014-07-15 11:24 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Spotify => "C:\Users\Henrik\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Henrik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/31/2014 08:23:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/30/2014 09:53:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/29/2014 07:03:47 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/28/2014 11:37:00 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Fehler beim Lizenzaktivierungsplaner (sppuinotify.dll). Fehlercode:
0x80080005
Error: (07/28/2014 11:37:00 PM) (Source: Software Protection Platform Service) (EventID: 8195) (User: )
Description: Fehler beim Lizenzaktivierungsplaner (sppuinotify.dll) bei der automatischen Aktivierung. Fehlercode:
0x80080005
Error: (07/28/2014 09:52:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/27/2014 09:53:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/26/2014 01:59:24 PM) (Source: MsiInstaller) (EventID: 11704) (User: Henrik-PC)
Description: Product: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 -- Error 1704.An installation for Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 is currently suspended. You must undo the changes made by that installation to continue. Do you want to undo those changes?
Error: (07/26/2014 01:31:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/26/2014 01:26:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: sched.exe, Version: 14.0.5.320, Zeitstempel: 0x536a2e7a
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x733d71fc
ID des fehlerhaften Prozesses: 0x1adc
Startzeit der fehlerhaften Anwendung: 0xsched.exe0
Pfad der fehlerhaften Anwendung: sched.exe1
Pfad des fehlerhaften Moduls: sched.exe2
Berichtskennung: sched.exe3
System errors:
=============
Error: (07/29/2014 07:32:37 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet:
%%1062
Error: (07/29/2014 07:10:50 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 107.
Error: (07/29/2014 07:10:50 AM) (Source: Schannel) (EventID: 4106) (User: NT-AUTORITÄT)
Description: Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.
Error: (07/29/2014 07:10:50 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 107.
Error: (07/29/2014 07:10:50 AM) (Source: Schannel) (EventID: 4106) (User: NT-AUTORITÄT)
Description: Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.
Error: (07/28/2014 11:37:00 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F87B28F1-DA9A-4F35-8EC0-800EFCF26B83}
Error: (07/28/2014 10:44:54 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 107.
Error: (07/28/2014 10:44:54 AM) (Source: Schannel) (EventID: 4106) (User: NT-AUTORITÄT)
Description: Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.
Error: (07/28/2014 10:44:54 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 107.
Error: (07/28/2014 10:44:54 AM) (Source: Schannel) (EventID: 4106) (User: NT-AUTORITÄT)
Description: Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.
Microsoft Office Sessions:
=========================
Error: (07/31/2014 08:23:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/30/2014 09:53:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/29/2014 07:03:47 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/28/2014 11:37:00 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: 0x80080005
Error: (07/28/2014 11:37:00 PM) (Source: Software Protection Platform Service) (EventID: 8195) (User: )
Description: 0x80080005
Error: (07/28/2014 09:52:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/27/2014 09:53:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/26/2014 01:59:24 PM) (Source: MsiInstaller) (EventID: 11704) (User: Henrik-PC)
Description: Product: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 -- Error 1704.An installation for Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 is currently suspended. You must undo the changes made by that installation to continue. Do you want to undo those changes?(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (07/26/2014 01:31:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/26/2014 01:26:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: sched.exe14.0.5.320536a2e7aunknown0.0.0.000000000c0000005733d71fc1adc01cfa8c468c9a7d1C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exeunknowna67632b1-14b7-11e4-b046-d050990988b8
==================== Memory info ===========================
Percentage of memory in use: 35%
Total physical RAM: 8122.27 MB
Available physical RAM: 5276 MB
Total Pagefile: 16242.71 MB
Available Pagefile: 12291.07 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.69 GB) (Free:46.7 GB) NTFS
Drive d: (D) (Fixed) (Total:698.63 GB) (Free:616.65 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 699 GB) (Disk ID: 4B325247)
Partition 1: (Not Active) - (Size=699 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 770C9F6D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=112 GB) - (Type=07 NTFS)
==================== End Of Log ============================
GMER : Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-08-01 02:57:32
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk1\DR1 -> \Device\0000005b Samsung_ rev.EXT0 111,79GB
Running: Gmer-19357.exe; Driver: C:\Users\Henrik\AppData\Local\Temp\pfdirpob.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff80002fab000 45 bytes [00, 00, 10, 02, 4E, 74, 66, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 575 fffff80002fab02f 29 bytes [00, 01, 00, 06, 00, 00, 00, ...]
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe[3224] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000076be1465 2 bytes [BE, 76]
.text C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe[3224] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000076be14bb 2 bytes [BE, 76]
.text ... * 2
.text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe[5432] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076be1465 2 bytes [BE, 76]
.text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe[5432] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076be14bb 2 bytes [BE, 76]
.text ... * 2
.text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[6016] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076be1465 2 bytes [BE, 76]
.text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[6016] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076be14bb 2 bytes [BE, 76]
.text ... * 2
.text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[6008] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076be1465 2 bytes [BE, 76]
.text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[6008] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076be14bb 2 bytes [BE, 76]
.text ... * 2
? C:\Windows\system32\mssprxy.dll [6008] entry point in ".rdata" section 0000000058e071e6
---- Processes - GMER 2.1 ----
Library C:\ProgramData\Razer\Synapse\Devices\RazerConfigNative.dll (*** suspicious ***) @ C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [3224] (Razer Configurator/Razer Inc.)(2014-07-07 09:37:22) 000000005ded0000
---- EOF - GMER 2.1 ---- |