| DerManni | 07.05.2015 16:32 |
Vielen Dank!
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-05-2015 01
Ran by Admin at 2015-05-07 17:18:04
Running from C:\Users\Admin\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Admin (S-1-5-21-395663452-3105888118-736914168-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-395663452-3105888118-736914168-500 - Administrator - Disabled)
Faimilie (S-1-5-21-395663452-3105888118-736914168-1004 - Limited - Enabled)
Gast (S-1-5-21-395663452-3105888118-736914168-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version: - Colossal Order Ltd.)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Dell Custom Help (Version: 15.06.0000.0090 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Wireless Bluetooth(R)(patch version 17.1.1512.771) (HKLM\...\{302600C1-6BDF-4FD1-1501-148929CC1385}) (Version: 17.1.1501.0514 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{80074a53-9c74-49ed-bad4-0fb14b19a01d}) (Version: 15.6.0 - Intel Corporation)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.183 - Logitech Inc.)
Malwarebytes Anti-Exploit version 1.06.1.1019 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.06.1.1019 - Malwarebytes)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 349.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 349.95 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 350.12 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.3.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.3.22 - NVIDIA Corporation)
NVIDIA Grafiktreiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.7.1025.2012 - Realtek)
ROCCAT Kone Pure Mouse Driver (HKLM-x32\...\{4905245D-56E7-4176-BE68-962728B803D6}) (Version: - Roccat GmbH)
Samsung SSD Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 3.2 - Samsung Electronics)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.3.22 - NVIDIA Corporation) Hidden
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
06-05-2015 14:12:42 DirectX wurde installiert
07-05-2015 15:57:22 Removed Intel® PROSet/Wireless WiFi Software
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {01BEB495-4B7A-4018-9EC0-FC6F6A0D816C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-04-01] (Microsoft Corporation)
Task: {1D8CB57E-630C-4366-9D14-F0B2DA346053} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {2618AE69-308F-42D7-9CA2-0D51947C3BB9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-08] (Piriform Ltd)
Task: {5A857769-5BB9-4841-9067-E373B8672534} - System32\Tasks\{DE9775E2-C2A2-468E-995E-9EF467873ABA} => pcalua.exe -a "J:\Magician Software\Samsung_Magician_Setup_v.3.2.exe" -d "J:\Magician Software"
Task: {8D779767-AFF7-4135-856F-DFF8DEA929A1} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {A4B99C9F-FC30-45E4-AEAF-36D9050B5A9B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-05] (Adobe Systems Incorporated)
Task: {C1ADBC45-34E5-4879-8E35-5E013ED230B2} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {DB0B910B-425A-4351-B483-3180D0098A00} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-05] (Avast Software s.r.o.)
Task: {DE8E9171-727F-4CF9-B022-AD34B744770C} - \ReimageUpdater No Task File <==== ATTENTION
Task: {FA37DFD0-76A6-4016-9567-E9956AEBC9DA} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) ==============
2015-05-05 23:48 - 2015-04-08 23:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-09-18 09:23 - 2014-09-18 09:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-03-12 20:23 - 2015-03-12 20:23 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 09:23 - 2014-09-18 09:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-03-12 20:23 - 2015-03-12 20:23 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-04-01 21:51 - 2015-04-01 21:51 - 00055576 _____ () C:\Program Files\CCleaner\branding.dll
2015-04-08 21:53 - 2015-04-08 21:53 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-05-05 17:22 - 2015-05-05 17:22 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-05 17:22 - 2015-05-05 17:22 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-05-07 10:59 - 2015-05-07 10:59 - 02926592 _____ () C:\Program Files\AVAST Software\Avast\defs\15050700\algo.dll
2015-05-05 18:40 - 2013-01-24 15:57 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-05-05 17:21 - 2015-05-01 18:52 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-05-05 20:46 - 2015-03-10 08:37 - 00775680 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-05-05 20:46 - 2014-12-02 02:29 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-05-05 20:46 - 2015-04-14 01:44 - 02371776 _____ () C:\Program Files (x86)\Steam\video.dll
2015-05-05 20:46 - 2014-12-02 02:29 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-05-05 20:46 - 2014-12-02 02:29 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-05-05 20:46 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-05-05 20:46 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-05-05 20:46 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-05-05 20:46 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-05-05 20:46 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-05-05 20:46 - 2015-04-14 01:44 - 00702656 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-05-05 17:22 - 2015-05-05 17:22 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-05-06 14:14 - 2012-06-23 14:54 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\hiddriver.dll
2015-05-05 20:46 - 2015-02-25 03:58 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-05-05 17:22 - 2015-05-05 17:22 - 00985600 _____ () C:\Program Files\AVAST Software\Avast\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-395663452-3105888118-736914168-1001\...\dell.com -> dell.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-395663452-3105888118-736914168-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{8CE99A56-CBBA-4C1D-A5E0-9CE8DE92BEDF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{6FF9E6DD-3519-45DE-9C51-55D0832B4B71}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{541CCB7F-A395-4966-A57B-72BF91347A94}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{90AE1680-B77D-4CDB-9413-00D75D3F9CF0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3700D59C-6BA7-4181-AF9B-E9BF99D39DEF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BDF52479-D547-4750-8508-9E4F2793D42E}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{569485DE-2539-43D7-B751-CDB834F88391}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{F911610C-18C2-47C5-9D7B-F349538BD983}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{DF57E6F3-F726-4E1A-8226-48B7A99CD817}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{CA2C3D4C-B2D1-428B-BF9A-F75525FABFD3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{70084C9B-359A-4B21-98B4-B5502CF38E77}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C7D329AA-9228-404D-8200-CEEF5DE2985A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{92801155-478F-4589-9906-C52C7F5C005F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A6EB08BA-3B8D-4E41-BFA2-92D7C6737492}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A5D28C84-B113-4D22-93F7-ACCC3FDA1153}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{FB5AF047-2E4B-4B08-96FE-B4246BFE5D4D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CA54A146-D853-454E-B99F-7EBA37AC4412}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5CB05613-DCA2-4AD8-9AAB-803D8DC1FED2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{5BD8C8C5-10CB-46D0-8316-43D6C26A5AE5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{5D2E364A-0FAA-4F69-B667-B7E9FB53783F}] => (Allow) D:\Spiele\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{90F41C92-2A0C-43B5-9282-70A0643563D6}] => (Allow) D:\Spiele\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{ADE2EAF8-9697-4371-B8AC-C3D0355C11AD}] => (Allow) D:\Spiele\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{F8E2A56A-42AB-4577-B7B2-177811759DF2}] => (Allow) D:\Spiele\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{B32E67A2-DB6D-4749-9964-3EA0E57A839F}] => (Allow) D:\Spiele\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{F8E2E167-E1F5-440D-822A-ADB0C0935DCF}] => (Allow) D:\Spiele\Steam\steamapps\common\Cities_Skylines\Cities.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/07/2015 04:46:24 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Error: (05/07/2015 04:46:23 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Error: (05/07/2015 04:00:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: unInstaller.exe, Version: 5.3.1.20, Zeitstempel: 0x550f7536
Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.8387, Zeitstempel: 0x51ea24a5
Ausnahmecode: 0xc0000417
Fehleroffset: 0x00037256
ID des fehlerhaften Prozesses: 0x18b4
Startzeit der fehlerhaften Anwendung: 0xunInstaller.exe0
Pfad der fehlerhaften Anwendung: unInstaller.exe1
Pfad des fehlerhaften Moduls: unInstaller.exe2
Berichtskennung: unInstaller.exe3
Vollständiger Name des fehlerhaften Pakets: unInstaller.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: unInstaller.exe5
Error: (05/07/2015 04:00:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: unInstaller.exe, Version: 5.3.1.20, Zeitstempel: 0x550f7536
Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.8387, Zeitstempel: 0x51ea24a5
Ausnahmecode: 0xc0000417
Fehleroffset: 0x00037256
ID des fehlerhaften Prozesses: 0x1414
Startzeit der fehlerhaften Anwendung: 0xunInstaller.exe0
Pfad der fehlerhaften Anwendung: unInstaller.exe1
Pfad des fehlerhaften Moduls: unInstaller.exe2
Berichtskennung: unInstaller.exe3
Vollständiger Name des fehlerhaften Pakets: unInstaller.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: unInstaller.exe5
Error: (05/07/2015 03:59:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Uninstaller.exe, Version: 5.3.1.20, Zeitstempel: 0x550f7536
Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.8387, Zeitstempel: 0x51ea24a5
Ausnahmecode: 0xc0000417
Fehleroffset: 0x00037256
ID des fehlerhaften Prozesses: 0x864
Startzeit der fehlerhaften Anwendung: 0xUninstaller.exe0
Pfad der fehlerhaften Anwendung: Uninstaller.exe1
Pfad des fehlerhaften Moduls: Uninstaller.exe2
Berichtskennung: Uninstaller.exe3
Vollständiger Name des fehlerhaften Pakets: Uninstaller.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Uninstaller.exe5
Error: (05/07/2015 03:57:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "select * from CIntelWLANEvent" konnte im Namespace "//./ROOT/default" aufgrund des Fehlers "0x80041010" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
Error: (05/07/2015 03:55:44 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/07/2015 02:18:15 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Error: (05/07/2015 02:18:14 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Error: (05/07/2015 02:18:11 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
System errors:
=============
Error: (05/07/2015 04:39:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Steam Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/07/2015 04:39:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Bluetooth OBEX Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/07/2015 04:39:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Bluetooth Device Monitor" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/07/2015 04:39:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/07/2015 04:39:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Skype Updater" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/07/2015 04:39:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Reimage Real Time Protector" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/07/2015 04:39:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/07/2015 04:39:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/07/2015 04:39:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Malwarebytes Anti-Exploit Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/07/2015 04:39:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Wireless Bluetooth(R) 4.0 Radio Management" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office Sessions:
=========================
Error: (05/07/2015 04:46:24 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\Admin\Downloads\esetsmartinstaller_deu.exe
Error: (05/07/2015 04:46:23 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\Admin\Downloads\esetsmartinstaller_deu.exe
Error: (05/07/2015 04:00:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: unInstaller.exe5.3.1.20550f7536MSVCR90.dll9.0.30729.838751ea24a5c00004170003725618b401d088ce2231b9e1C:\Program Files (x86)\Glarysoft\Absolute Uninstaller 5\unInstaller.exeC:\WINDOWS\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\MSVCR90.dll62ad2803-f4c1-11e4-be6e-b8ca3a809666
Error: (05/07/2015 04:00:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: unInstaller.exe5.3.1.20550f7536MSVCR90.dll9.0.30729.838751ea24a5c000041700037256141401d088ce1d32fadbC:\Program Files (x86)\Glarysoft\Absolute Uninstaller 5\unInstaller.exeC:\WINDOWS\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\MSVCR90.dll5cee2cbf-f4c1-11e4-be6e-b8ca3a809666
Error: (05/07/2015 03:59:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Uninstaller.exe5.3.1.20550f7536MSVCR90.dll9.0.30729.838751ea24a5c00004170003725686401d088cd7328cec3C:\Program Files (x86)\Glarysoft\Absolute Uninstaller 5\Uninstaller.exeC:\WINDOWS\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\MSVCR90.dll544bd903-f4c1-11e4-be6e-b8ca3a809666
Error: (05/07/2015 03:57:29 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: //./ROOT/defaultselect * from CIntelWLANEvent0x80041010
Error: (05/07/2015 03:55:44 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"C:\Program Files (x86)\Glary Utilities 5\ContextHandler.dll
Error: (05/07/2015 02:18:15 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\Admin\Downloads\esetsmartinstaller_deu.exe
Error: (05/07/2015 02:18:14 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\Admin\Downloads\esetsmartinstaller_deu.exe
Error: (05/07/2015 02:18:11 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\Admin\Downloads\esetsmartinstaller_deu.exe
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz
Percentage of memory in use: 12%
Total physical RAM: 16333.71 MB
Available physical RAM: 14259.47 MB
Total Pagefile: 19277.71 MB
Available Pagefile: 17135.66 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:237.52 GB) (Free:171.01 GB) NTFS
Drive d: () (Fixed) (Total:1863.02 GB) (Free:1832.83 GB) NTFS
Drive e: () (Fixed) (Total:29.8 GB) (Free:29.41 GB) FAT32 ==>[System with boot components (obtained from reading drive)]
Drive j: (RESOURCE_CD) (CDROM) (Total:1.94 GB) (Free:0 GB) CDFS
Drive k: () (Removable) (Total:28.94 GB) (Free:28.89 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: E82FBA1C)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 6285B48C)
Partition: GPT Partition Type.
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 29.8 GB) (Disk ID: F68DB753)
Partition 1: (Active) - (Size=29.8 GB) - (Type=0C)
========================================================
Disk: 3 (Size: 29 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
Code:
GMER Logfile:
Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-05-07 17:17:31
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000033 Samsung_SSD_840_PRO_Series rev.DXM06B0Q 238,47GB
Running: Gmer-19357.exe; Driver: C:\Users\Admin\AppData\Local\Temp\pxldapow.sys
---- Threads - GMER 2.1 ----
Thread C:\WINDOWS\system32\csrss.exe [796:828] fffff960008c72d0
Thread C:\WINDOWS\system32\csrss.exe [796:948] fffff960008c72d0
Thread C:\WINDOWS\system32\svchost.exe [1732:3104] 00007ff9e8fc1600
Thread C:\WINDOWS\system32\svchost.exe [1732:3112] 00007ff9e8f61b70
Thread C:\WINDOWS\system32\svchost.exe [1732:3724] 00007ff9ec094440
Thread C:\WINDOWS\system32\svchost.exe [1732:5064] 00007ff9ec091040
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
--- --- ---
Vielen Vielen Dank für die Mühe!
Da die Scans mittlerweile, danke eurer Tipps hier im Forum, negativ ausfallen, habe ich mich auf die drei Logs beschränkt.
GMER spuckt zugriffsfehler aus, er kann auf zwei Datei nicht zugreifen:
Windows\System32\config\system
Benutzer\Admin\ntuser.dat
Ist das wichtig ?
Ich hoffe es ist nichts auffällig dabei! :eek:
Gruß DerManni :crazy: |
So funktioniert es: