Die Addition: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-05-2015
Ran by Fabian at 2015-05-10 02:30:28
Running from C:\Users\Fabian\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2277406992-300031397-3310812714-500 - Administrator - Disabled)
Fabian (S-1-5-21-2277406992-300031397-3310812714-1001 - Administrator - Enabled) => C:\Users\Fabian
Gast (S-1-5-21-2277406992-300031397-3310812714-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bkav Home Plus (Enabled - Up to date) {459BD128-F0A2-863F-9B10-05C673FE5190}
AS: Bkav Home Plus (Enabled - Up to date) {FEFA30CC-D698-89B1-A1A0-3EB408791B2D}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bkav Firewall (Enabled) {7DA0500D-BACD-8767-B04F-ACF38D2D16EB}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Avira (HKLM-x32\...\{2d044ded-ae1b-40d3-8d18-97cfda75bd69}) (Version: 1.1.37.14600 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.37.14600 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.10.434 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 1.6.3.768 - Avira Operations GmbH & Co. KG)
Bkav Home Plus (HKLM-x32\...\Bkav Antivirus Software) (Version: - Bkav Corporation)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
ESEA Client (HKU\S-1-5-21-2277406992-300031397-3310812714-1001\...\ESEA) (Version: 5.0.0.0 - E-Sports Entertainment LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Gyazo 2.3 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
Infestation: Survivor Stories (HKLM-x32\...\Steam App 226700) (Version: - OP Productions LLC)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1204 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3540 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.3.1001 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.183 - Logitech Inc.)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.2 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.7 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 349.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 349.95 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 350.12 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 350.12 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{FE5DFB80-6937-4154-A2C7-EF845C1301F8}) (Version: 1.0.30.1259 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.0.30.1259 - Qualcomm Atheros) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7256 - Realtek Semiconductor Corp.)
Risk of Rain (HKLM-x32\...\Steam App 248820) (Version: - )
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Sound Blaster X-Fi MB3 (HKLM-x32\...\{3689CE39-3173-4952-B7AF-F1A9D6F9A288}) (Version: 1.00.03 - Creative Technology Limited)
Spotify (HKU\S-1-5-21-2277406992-300031397-3310812714-1001\...\Spotify) (Version: 1.0.4.90.g0b6df40b - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
21-04-2015 18:32:54 Installiert Sound Blaster X-Fi MB3
27-04-2015 19:57:33 Installiert Grand Theft Auto V
28-04-2015 22:01:44 DirectX wurde installiert
02-05-2015 01:32:48 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
02-05-2015 01:32:53 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
03-05-2015 17:20:06 DirectX wurde installiert
07-05-2015 17:13:12 Avira System Speedup 1.6
08-05-2015 22:53:11 Avira System Speedup 1.6
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {2F1FC9A4-2D5A-46CC-8D22-CC04373AA517} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {5D50B488-ACE1-44A6-ACA9-C74872DF3D36} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {7C9728A7-0AC0-4097-A428-860D064618C3} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2014-07-03] ()
Task: {890BC87F-422F-4650-B536-14C6FDA6F405} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-04-01] (Microsoft Corporation)
Task: {9DBDE46C-03E7-4815-BAFC-FF3CCA213F1A} - System32\Tasks\AviraSpeedup => C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe [2015-04-14] (Avira Operations GmbH & Co. KG)
Task: {C1778FE8-6FD4-4D20-A9E6-25B887F834EB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-03] (Adobe Systems Incorporated)
Task: {C7278925-BDFC-4410-BA74-C317ABFD1E9D} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {D4AA5B0B-B8D0-4FEE-8EAC-B4AF91E3EDAB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-06] (Google Inc.)
Task: {DB4A44EF-8684-4B76-9EC1-33C2E319B367} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-06] (Google Inc.)
Task: {FEFEFFEE-FD8F-46FA-94EB-DD1C337CDA77} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2015-04-21 18:49 - 2015-04-08 23:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-04-21 18:33 - 2013-01-25 11:08 - 00089600 _____ () C:\Windows\SYSTEM32\CmdRtr64.DLL
2015-04-21 18:33 - 2013-01-25 11:06 - 00328704 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2014-09-18 09:23 - 2014-09-18 09:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-03-12 20:23 - 2015-03-12 20:23 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 09:23 - 2014-09-18 09:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-03-12 20:23 - 2015-03-12 20:23 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2013-08-08 14:30 - 2013-08-08 14:30 - 00283648 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
2015-04-21 18:49 - 2015-04-09 02:58 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-02-28 15:33 - 2014-02-28 15:33 - 00148480 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\quazip.dll
2014-02-27 15:46 - 2014-02-27 15:46 - 00864768 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\platforms\qwindows.dll
2014-02-27 15:45 - 2014-02-27 15:45 - 00677376 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2014-08-04 15:43 - 2014-08-04 15:43 - 00092104 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\directsound_win32.dll
2014-08-04 15:43 - 2014-08-04 15:43 - 00105416 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win32.dll
2014-02-27 15:46 - 2014-02-27 15:46 - 00025600 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\imageformats\qgif.dll
2014-02-27 15:46 - 2014-02-27 15:46 - 00242688 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\imageformats\qjpeg.dll
2014-08-04 15:45 - 2014-08-04 15:45 - 00477128 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-08-04 15:45 - 2014-08-04 15:45 - 00484808 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-02-27 15:46 - 2014-02-27 15:46 - 00123904 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2014-03-20 11:43 - 2014-03-20 11:43 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2277406992-300031397-3310812714-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2277406992-300031397-3310812714-1001\...\StartupApproved\Run: => "Skype"
==================== FirewallRules (whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{D1C727F0-3F3C-4465-8383-4B35D6153EFD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5353FDB7-2EA1-45CD-96B4-0007C27235AB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{90F99A4F-0913-4CBD-8323-3344CF14B039}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{1FC5ED35-57A4-432F-85A1-2FE66817A2ED}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{CE79045B-D1D5-4307-983B-7F97EE57267C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{307ABE99-8068-4E41-AE51-46B0D7DD0309}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6991396A-3D0D-4D69-B7C9-22FE5B15964C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2E3256DB-C625-4A85-B4E7-CA1632616450}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{0AAF9BD4-F0FE-4CD6-B207-4C3D6AAE96DF}C:\users\fabian\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\fabian\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{E0652197-5872-45A5-8767-781D21C47E23}C:\users\fabian\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\fabian\appdata\roaming\spotify\spotify.exe
FirewallRules: [{F88EB75E-FBCC-4711-A066-A15AF3EC89BA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{638F970E-29F5-4936-B64F-32E1B41DEEAA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DE7B1564-318F-4873-BCCA-F5EFD7CBD03B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{05F3847B-0078-4832-8F53-9D32C3D9F0B7}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{8E96388D-0420-4E89-9D91-525AE65E467A}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{A21D7893-55FE-4C28-9313-89CFE73650E1}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{A689F113-A7EE-4703-BDB6-AB94F6720810}C:\users\fabian\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\fabian\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{0B63D557-9DD5-49A8-A429-C273A8B05DDE}C:\users\fabian\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\fabian\appdata\roaming\spotify\spotify.exe
FirewallRules: [{D85916F8-2252-4389-AFBF-0021400E73C4}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{02D8B82A-09D3-4E37-97FF-EE53960BB281}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{09673685-E05E-49A1-9324-5CC3AA65AE6C}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{7F1130B8-DF41-4094-A9CB-879F84936516}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [TCP Query User{FFA3B5E6-7E64-4A3E-A23B-D316252C1B55}D:\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{0E587F29-4EBD-4664-A2A8-F7F07E56C7A0}D:\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{023D6711-9E7D-4346-A7DA-FD0F06076A88}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{783DE515-D448-4292-8871-BCA5DFDF15C0}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{41CEC9DF-BF39-4A49-9F67-3803EF91D2FC}] => (Allow) D:\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{F3D6ED05-0240-48A6-88F6-3FA633740746}] => (Allow) D:\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{B1A0FAF9-D959-421B-B4AC-60DDE8DFD291}] => (Allow) D:\Steam\steamapps\common\Rust\Legacy\rust.exe
FirewallRules: [{A3588FB2-D8CF-46D8-AF28-497C7FA5992A}] => (Allow) D:\Steam\steamapps\common\Rust\Legacy\rust.exe
FirewallRules: [{0CFB06FA-7878-48D5-9AAC-20CE18F1B65A}] => (Allow) D:\Steam\steamapps\common\The War Z\WarZlauncher.exe
FirewallRules: [{6356DDA6-9068-4127-AED2-4A4B88C784F2}] => (Allow) D:\Steam\steamapps\common\The War Z\WarZlauncher.exe
FirewallRules: [{89A9DE2E-E34C-48DF-90A6-20267EB878DA}] => (Allow) D:\Steam\steamapps\common\Risk of Rain\Risk of Rain.exe
FirewallRules: [{CE4ACA9D-5A16-4B61-BC3E-3CE2ECEC720F}] => (Allow) D:\Steam\steamapps\common\Risk of Rain\Risk of Rain.exe
FirewallRules: [TCP Query User{1436A91C-D282-4973-983D-E9AA37C3E34C}D:\steam\steamapps\common\the war z\infestation.exe] => (Allow) D:\steam\steamapps\common\the war z\infestation.exe
FirewallRules: [UDP Query User{A518385C-8FAE-4C55-A639-366943959725}D:\steam\steamapps\common\the war z\infestation.exe] => (Allow) D:\steam\steamapps\common\the war z\infestation.exe
FirewallRules: [{43F8D9D9-A5F9-4F7E-B0AC-0B5269495B2D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{A3DA9095-62DD-4D4E-92F4-A502DA4F9448}] => (Allow) C:\Program Files\360\360 Internet Security\safemon\360Tray.exe
FirewallRules: [{6B057678-3304-4A48-AE56-EFEA635B892B}] => (Allow) C:\Program Files\360\360 Internet Security\safemon\360Tray.exe
==================== Faulty Device Manager Devices =============
Name: Intel(R) HD Graphics 4600
Description: Intel(R) HD Graphics 4600
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/10/2015 01:55:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxCUIService.exe, Version: 6.15.10.3540, Zeitstempel: 0x5338f9c7
Name des fehlerhaften Moduls: igfxCUIService.exe, Version: 6.15.10.3540, Zeitstempel: 0x5338f9c7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000e6e8
ID des fehlerhaften Prozesses: 0x450
Startzeit der fehlerhaften Anwendung: 0xigfxCUIService.exe0
Pfad der fehlerhaften Anwendung: igfxCUIService.exe1
Pfad des fehlerhaften Moduls: igfxCUIService.exe2
Berichtskennung: igfxCUIService.exe3
Vollständiger Name des fehlerhaften Pakets: igfxCUIService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxCUIService.exe5
Error: (05/10/2015 00:55:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxCUIService.exe, Version: 6.15.10.3540, Zeitstempel: 0x5338f9c7
Name des fehlerhaften Moduls: igfxCUIService.exe, Version: 6.15.10.3540, Zeitstempel: 0x5338f9c7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000e6e8
ID des fehlerhaften Prozesses: 0x438
Startzeit der fehlerhaften Anwendung: 0xigfxCUIService.exe0
Pfad der fehlerhaften Anwendung: igfxCUIService.exe1
Pfad des fehlerhaften Moduls: igfxCUIService.exe2
Berichtskennung: igfxCUIService.exe3
Vollständiger Name des fehlerhaften Pakets: igfxCUIService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxCUIService.exe5
Error: (05/10/2015 00:43:53 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database
Error: (05/09/2015 11:27:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: 5hlqmsezvll8gibnh2.exe, Version: 0.0.0.0, Zeitstempel: 0x554d1a4a
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17415, Zeitstempel: 0x54504ade
Ausnahmecode: 0xe0434352
Fehleroffset: 0x00014598
ID des fehlerhaften Prozesses: 0x1530
Startzeit der fehlerhaften Anwendung: 0x5hlqmsezvll8gibnh2.exe0
Pfad der fehlerhaften Anwendung: 5hlqmsezvll8gibnh2.exe1
Pfad des fehlerhaften Moduls: 5hlqmsezvll8gibnh2.exe2
Berichtskennung: 5hlqmsezvll8gibnh2.exe3
Vollständiger Name des fehlerhaften Pakets: 5hlqmsezvll8gibnh2.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: 5hlqmsezvll8gibnh2.exe5
Error: (05/09/2015 11:27:37 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: 5hlqmsezvll8gibnh2.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.InvalidCastException
Stapel:
bei Microsoft.VisualBasic.CompilerServices.Conversions.ToInteger(System.String)
bei Sikerim.Mainhake.sikerimjump_loop()
bei Sikerim.Mainhake._Lambda$__3()
bei System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart()
Error: (05/09/2015 07:38:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: 66cz1cuxomob9gjmgd.exe, Version: 0.0.0.0, Zeitstempel: 0x554d1a4a
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17415, Zeitstempel: 0x54504ade
Ausnahmecode: 0xe0434352
Fehleroffset: 0x00014598
ID des fehlerhaften Prozesses: 0x1848
Startzeit der fehlerhaften Anwendung: 0x66cz1cuxomob9gjmgd.exe0
Pfad der fehlerhaften Anwendung: 66cz1cuxomob9gjmgd.exe1
Pfad des fehlerhaften Moduls: 66cz1cuxomob9gjmgd.exe2
Berichtskennung: 66cz1cuxomob9gjmgd.exe3
Vollständiger Name des fehlerhaften Pakets: 66cz1cuxomob9gjmgd.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: 66cz1cuxomob9gjmgd.exe5
Error: (05/09/2015 07:38:58 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: 66cz1cuxomob9gjmgd.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: Microsoft.DirectX.Direct3D.GraphicsException
Stapel:
bei Microsoft.DirectX.Direct3D.Device.PresentInternal(Microsoft.DirectX.PrivateImplementationDetails.tagRECT*, Microsoft.DirectX.PrivateImplementationDetails.tagRECT*, IntPtr)
bei Microsoft.DirectX.Direct3D.Device.Present()
bei Sikerim.DXOverlay.drawDX()
bei System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart()
Error: (05/09/2015 04:44:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: 9viv6rtuhl6q2zn86c.exe, Version: 0.0.0.0, Zeitstempel: 0x554d1a4a
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17415, Zeitstempel: 0x54504ade
Ausnahmecode: 0xe0434352
Fehleroffset: 0x00014598
ID des fehlerhaften Prozesses: 0x17e8
Startzeit der fehlerhaften Anwendung: 0x9viv6rtuhl6q2zn86c.exe0
Pfad der fehlerhaften Anwendung: 9viv6rtuhl6q2zn86c.exe1
Pfad des fehlerhaften Moduls: 9viv6rtuhl6q2zn86c.exe2
Berichtskennung: 9viv6rtuhl6q2zn86c.exe3
Vollständiger Name des fehlerhaften Pakets: 9viv6rtuhl6q2zn86c.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: 9viv6rtuhl6q2zn86c.exe5
Error: (05/09/2015 04:44:22 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: 9viv6rtuhl6q2zn86c.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: Microsoft.DirectX.Direct3D.GraphicsException
Stapel:
bei Microsoft.DirectX.Direct3D.Device.PresentInternal(Microsoft.DirectX.PrivateImplementationDetails.tagRECT*, Microsoft.DirectX.PrivateImplementationDetails.tagRECT*, IntPtr)
bei Microsoft.DirectX.Direct3D.Device.Present()
bei Sikerim.DXOverlay.drawDX()
bei System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart()
Error: (05/09/2015 03:20:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: 1yggi9mltbx23bt600.exe, Version: 0.0.0.0, Zeitstempel: 0x554d1a4a
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17415, Zeitstempel: 0x54504ade
Ausnahmecode: 0xe0434352
Fehleroffset: 0x00014598
ID des fehlerhaften Prozesses: 0x6b8
Startzeit der fehlerhaften Anwendung: 0x1yggi9mltbx23bt600.exe0
Pfad der fehlerhaften Anwendung: 1yggi9mltbx23bt600.exe1
Pfad des fehlerhaften Moduls: 1yggi9mltbx23bt600.exe2
Berichtskennung: 1yggi9mltbx23bt600.exe3
Vollständiger Name des fehlerhaften Pakets: 1yggi9mltbx23bt600.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: 1yggi9mltbx23bt600.exe5
System errors:
=============
Error: (05/10/2015 01:55:35 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Intel(R) HD Graphics Control Panel Service" wurde mit folgendem Fehler beendet:
%%2147500037
Error: (05/10/2015 01:55:24 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\SysLib.sys
Error: (05/10/2015 01:55:24 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\SysLib0.sys
Error: (05/10/2015 01:55:24 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\SysLib1.sys
Error: (05/10/2015 01:55:24 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\SysLib2.sys
Error: (05/10/2015 01:55:24 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\SysLib3.sys
Error: (05/10/2015 01:55:24 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\SysLib4.sys
Error: (05/10/2015 01:55:24 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\SysLib5.sys
Error: (05/10/2015 01:55:24 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\SysLib6.sys
Error: (05/10/2015 01:55:24 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\SysLib7.sys
Microsoft Office Sessions:
=========================
Error: (05/10/2015 01:55:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxCUIService.exe6.15.10.35405338f9c7igfxCUIService.exe6.15.10.35405338f9c7c0000005000000000000e6e845001d08ab39f7a2661C:\Windows\system32\igfxCUIService.exeC:\Windows\system32\igfxCUIService.exee1ff3599-f6a6-11e4-8256-fcaa1472c8b5
Error: (05/10/2015 00:55:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxCUIService.exe6.15.10.35405338f9c7igfxCUIService.exe6.15.10.35405338f9c7c0000005000000000000e6e843801d08aab386d3a52C:\Windows\system32\igfxCUIService.exeC:\Windows\system32\igfxCUIService.exe7b86def1-f69e-11e4-8255-fcaa1472c8b5
Error: (05/10/2015 00:43:53 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: -2147024883
Error: (05/09/2015 11:27:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: 5hlqmsezvll8gibnh2.exe0.0.0.0554d1a4aKERNELBASE.dll6.3.9600.1741554504adee043435200014598153001d08a841dedc349C:\Users\Default\AppData\Local\Temp\5hlqmsezvll8gibnh2.exeC:\Windows\SYSTEM32\KERNELBASE.dll3621e277-f692-11e4-8254-fcaa1472c8b5
Error: (05/09/2015 11:27:37 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: 5hlqmsezvll8gibnh2.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.InvalidCastException
Stapel:
bei Microsoft.VisualBasic.CompilerServices.Conversions.ToInteger(System.String)
bei Sikerim.Mainhake.sikerimjump_loop()
bei Sikerim.Mainhake._Lambda$__3()
bei System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart()
Error: (05/09/2015 07:38:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: 66cz1cuxomob9gjmgd.exe0.0.0.0554d1a4aKERNELBASE.dll6.3.9600.1741554504adee043435200014598184801d08a78adb57687C:\Users\Default\AppData\Local\Temp\66cz1cuxomob9gjmgd.exeC:\Windows\SYSTEM32\KERNELBASE.dll455458bd-f672-11e4-8254-fcaa1472c8b5
Error: (05/09/2015 07:38:58 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: 66cz1cuxomob9gjmgd.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: Microsoft.DirectX.Direct3D.GraphicsException
Stapel:
bei Microsoft.DirectX.Direct3D.Device.PresentInternal(Microsoft.DirectX.PrivateImplementationDetails.tagRECT*, Microsoft.DirectX.PrivateImplementationDetails.tagRECT*, IntPtr)
bei Microsoft.DirectX.Direct3D.Device.Present()
bei Sikerim.DXOverlay.drawDX()
bei System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart()
Error: (05/09/2015 04:44:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: 9viv6rtuhl6q2zn86c.exe0.0.0.0554d1a4aKERNELBASE.dll6.3.9600.1741554504adee04343520001459817e801d08a5f4bb611d4C:\Users\Default\AppData\Local\Temp\9viv6rtuhl6q2zn86c.exeC:\Windows\SYSTEM32\KERNELBASE.dlle0debfc6-f659-11e4-8254-fcaa1472c8b5
Error: (05/09/2015 04:44:22 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: 9viv6rtuhl6q2zn86c.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: Microsoft.DirectX.Direct3D.GraphicsException
Stapel:
bei Microsoft.DirectX.Direct3D.Device.PresentInternal(Microsoft.DirectX.PrivateImplementationDetails.tagRECT*, Microsoft.DirectX.PrivateImplementationDetails.tagRECT*, IntPtr)
bei Microsoft.DirectX.Direct3D.Device.Present()
bei Sikerim.DXOverlay.drawDX()
bei System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart()
Error: (05/09/2015 03:20:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: 1yggi9mltbx23bt600.exe0.0.0.0554d1a4aKERNELBASE.dll6.3.9600.1741554504adee0434352000145986b801d08a4e40270d5bC:\Users\Default\AppData\Local\Temp\1yggi9mltbx23bt600.exeC:\Windows\SYSTEM32\KERNELBASE.dll280c0f0d-f64e-11e4-8254-fcaa1472c8b5
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
Percentage of memory in use: 17%
Total physical RAM: 16244.91 MB
Available physical RAM: 13396.55 MB
Total Pagefile: 18676.91 MB
Available Pagefile: 15500.57 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:476.6 GB) (Free:433.5 GB) NTFS
Drive d: (Volume) (Fixed) (Total:1862.89 GB) (Free:1776.59 GB) NTFS
Drive f: () (Removable) (Total:0.94 GB) (Free:0.17 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 476.9 GB) (Disk ID: 42CEAAC6)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=476.6 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 2 (Size: 962 MB) (Disk ID: 6E652072)
No partition Table on disk 2.
==================== End Of Log ============================ |