Trojaner-Board - Werbevirus-UnisAlles

Ja hab mir jetzt noch nicht die FAQ durchgelesen und bin noch immer etwas mitgenommen von der letzten Nacht :alc:

Hier die Logs:

MBAM

Zitat:

Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 01.01.2015
Suchlauf-Zeit: 10:02:55
Logdatei:
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.01.01.02
Rootkit Datenbank: v2014.12.30.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Grobi

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 321246
Verstrichene Zeit: 9 Min, 19 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 1
PUP.Optional.DeltaFix.A, C:\Program Files (x86)\DeltaFix\DeltaFix.dll, Keine Aktion durch Benutzer, [3cfa3ab83e4bdc5a83a6313240c350b0],

Registrierungsschlüssel: 24
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\CLSID\{3541934c-b208-4e21-9f45-eaf2589eccde}, Keine Aktion durch Benutzer, [8aac4ea499f00333a6ed578135cd7c84],
PUP.Optional.Multiplug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3541934C-B208-4E21-9F45-EAF2589ECCDE}, Keine Aktion durch Benutzer, [8aac4ea499f00333a6ed578135cd7c84],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3541934C-B208-4E21-9F45-EAF2589ECCDE}, Keine Aktion durch Benutzer, [8aac4ea499f00333a6ed578135cd7c84],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\., Keine Aktion durch Benutzer, [8aac4ea499f00333a6ed578135cd7c84],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\..9, Keine Aktion durch Benutzer, [8aac4ea499f00333a6ed578135cd7c84],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\., Keine Aktion durch Benutzer, [8aac4ea499f00333a6ed578135cd7c84],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\..9, Keine Aktion durch Benutzer, [8aac4ea499f00333a6ed578135cd7c84],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3541934C-B208-4E21-9F45-EAF2589ECCDE}, Keine Aktion durch Benutzer, [8aac4ea499f00333a6ed578135cd7c84],
PUP.Optional.Multiplug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{3541934C-B208-4E21-9F45-EAF2589ECCDE}, Keine Aktion durch Benutzer, [8aac4ea499f00333a6ed578135cd7c84],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{3541934C-B208-4E21-9F45-EAF2589ECCDE}, Keine Aktion durch Benutzer, [8aac4ea499f00333a6ed578135cd7c84],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\CLSID\{3541934C-B208-4E21-9F45-EAF2589ECCDE}\INPROCSERVER32, Keine Aktion durch Benutzer, [8aac4ea499f00333a6ed578135cd7c84],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\CLSID\{cd846cd6-80c3-470c-a82a-d4380eb05c84}, Keine Aktion durch Benutzer, [2b0b767cee9b7bbb8b084395ad559c64],
PUP.Optional.Multiplug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{CD846CD6-80C3-470C-A82A-D4380EB05C84}, Keine Aktion durch Benutzer, [2b0b767cee9b7bbb8b084395ad559c64],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{CD846CD6-80C3-470C-A82A-D4380EB05C84}, Keine Aktion durch Benutzer, [2b0b767cee9b7bbb8b084395ad559c64],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CD846CD6-80C3-470C-A82A-D4380EB05C84}, Keine Aktion durch Benutzer, [2b0b767cee9b7bbb8b084395ad559c64],
PUP.Optional.Multiplug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{CD846CD6-80C3-470C-A82A-D4380EB05C84}, Keine Aktion durch Benutzer, [2b0b767cee9b7bbb8b084395ad559c64],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{CD846CD6-80C3-470C-A82A-D4380EB05C84}, Keine Aktion durch Benutzer, [2b0b767cee9b7bbb8b084395ad559c64],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\CLSID\{CD846CD6-80C3-470C-A82A-D4380EB05C84}\INPROCSERVER32, Keine Aktion durch Benutzer, [2b0b767cee9b7bbb8b084395ad559c64],
Trojan.Agent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}, Keine Aktion durch Benutzer, [94a28c663e4bd363229435c96e939868],
Trojan.Agent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4CEE92A3-9F0C-51AB-ADC0-34EC24AD7B7E}, Keine Aktion durch Benutzer, [ef4742b0afda83b3674f2ed06a9742be],
Trojan.Agent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4820778D-AB0D-6D18-C316-52A6A0E1D507}, Keine Aktion durch Benutzer, [2c0a8969d6b354e23581cf2fa55c46ba],
PUP.Optional.Booster.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{fc67e7a0}, Keine Aktion durch Benutzer, [fa3c30c2266385b116fa562b7c87b54b],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4820778D-AB0D-6D18-C316-52A6A0E1D507}, Keine Aktion durch Benutzer, [e3538c668009033312bf4330a162e818],
PUP.Optional.DeltaFix.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\fc67e7a0, Keine Aktion durch Benutzer, [54e2d121a8e1e2549f89fa69af541ee2],

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 1
PUP.Optional.DeltaFix.A, C:\Program Files (x86)\DeltaFix, Keine Aktion durch Benutzer, [3cfa3ab83e4bdc5a83a6313240c350b0],

Dateien: 11
PUP.Optional.Multiplug, C:\Program Files (x86)\YoutuubeAdBloaCke\C46HFDiYwrmLwT.x64.dll, Keine Aktion durch Benutzer, [8aac4ea499f00333a6ed578135cd7c84],
PUP.Optional.Multiplug, C:\Program Files (x86)\YoutuubeAdBloaCke\C46HFDiYwrmLwT.dll, Keine Aktion durch Benutzer, [8aac4ea499f00333a6ed578135cd7c84],
PUP.Optional.Multiplug, C:\Program Files (x86)\unisaaleoS\5jsXP0tLKwFAln.x64.dll, Keine Aktion durch Benutzer, [2b0b767cee9b7bbb8b084395ad559c64],
PUP.Optional.Multiplug, C:\Program Files (x86)\unisaaleoS\5jsXP0tLKwFAln.dll, Keine Aktion durch Benutzer, [2b0b767cee9b7bbb8b084395ad559c64],
Trojan.Agent, C:\Program Files (x86)\The Independent\The Independent.exe, Keine Aktion durch Benutzer, [94a28c663e4bd363229435c96e939868],
Trojan.Agent, C:\Program Files (x86)\unisaaleoS\5jsXP0tLKwFAln.exe, Keine Aktion durch Benutzer, [ef4742b0afda83b3674f2ed06a9742be],
Trojan.Agent, C:\Program Files (x86)\UnisAlles\UnisAlles.exe, Keine Aktion durch Benutzer, [59dd6a88781146f0f2c452ac9f62c838],
Trojan.Agent, C:\Program Files (x86)\YoutuubeAdBloaCke\C46HFDiYwrmLwT.exe, Keine Aktion durch Benutzer, [2c0a8969d6b354e23581cf2fa55c46ba],
PUP.Optional.DeltaFix.A, C:\Program Files (x86)\DeltaFix\DeltaFix.dll, Keine Aktion durch Benutzer, [3cfa3ab83e4bdc5a83a6313240c350b0],
PUP.Optional.ReMarkable.A, C:\Users\Grobi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage, Keine Aktion durch Benutzer, [251106ec6e1b1e189e5dc21d7e86b24e],
PUP.Optional.ReMarkable.A, C:\Users\Grobi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage-journal, Keine Aktion durch Benutzer, [90a63cb67b0e0531f308756ad2321be5],

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)

(end)

Adw-Cleaner
AdwCleaner Logfile:

Code:

# AdwCleaner v4.106 - Bericht erstellt am 01/01/2015 um 14:17:29

# Aktualisiert 21/12/2014 von Xplode

# Database : 2014-12-30.1 [Live]

# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)

# Benutzername : Grobi - GROBI-PC

# Gestartet von : C:\Users\Grobi\Downloads\adwcleaner_4.106.exe

# Option : Löschen
 

***** [ Dienste ] *****
 
 

***** [ Dateien / Ordner ] *****
 

Ordner Gelöscht : C:\ProgramData\apn

Ordner Gelöscht : C:\ProgramData\15809979698785046646

Ordner Gelöscht : C:\Users\Grobi\Desktop\Browser

Ordner Gelöscht : C:\Users\Grobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio

Datei Gelöscht : C:\Users\Grobi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage

Datei Gelöscht : C:\Users\Grobi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage-journal
 

***** [ Tasks ] *****
 

Task Gelöscht : WOT WTHUR1

Task Gelöscht : WOT WTUE1

Task Gelöscht : WOT WMON1

Task Gelöscht : WOT WW1

Task Gelöscht : WOT WFRI1

Task Gelöscht : WOT WW2

Task Gelöscht : WOT WWED1

Task Gelöscht : WOT W1

Task Gelöscht : WOT W2

Task Gelöscht : WOT T

Task Gelöscht : WOT N
 

***** [ Verknüpfungen ] *****
 
 

***** [ Registrierungsdatenbank ] *****
 

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}

Schlüssel Gelöscht : HKCU\Software\InstallCore

Schlüssel Gelöscht : HKCU\Software\OCS

Schlüssel Gelöscht : HKCU\Software\systweak

Schlüssel Gelöscht : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}

Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}

Schlüssel Gelöscht : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
 

***** [ Browser ] *****
 

-\\ Internet Explorer v11.0.9600.17280
 
 

-\\ Mozilla Firefox v32.0.3 (x86 de)
 
 

-\\ Google Chrome v39.0.2171.95
 

[C:\Users\Grobi\AppData\Local\Google\Chrome\User Data\Default\preferences] - Gelöscht [Extension] : gkojfkhlekighikafcpjkiklfbnlmeio
 

-\\ Opera v26.0.1656.60
 
 

*************************
 

AdwCleaner[R0].txt - [2726 octets] - [01/01/2015 14:05:22]

AdwCleaner[S0].txt - [2492 octets] - [01/01/2015 14:17:29]
 

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2552 octets] ##########[/QUOTE]

--- --- ---

FRST

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-12-2014

Ran by Grobi (administrator) on GROBI-PC on 01-01-2015 14:25:52

Running from C:\Users\Grobi\Downloads

Loaded Profile: Grobi (Available profiles: Grobi)

Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)

Internet Explorer Version 11 (Default browser: Launcher)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-24] (NVIDIA Corporation)

HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart

HKLM-x32\...\Run: [Smart File Advisor] => C:\Program Files (x86)\Smart File Advisor\sfa.exe [283712 2013-11-26] (Filefacts.net)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)

HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-08-19] (DivX, LLC)

HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()

HKU\S-1-5-21-3421910340-2995637167-323149007-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)

HKU\S-1-5-21-3421910340-2995637167-323149007-1001\...\MountPoints2: {7689d091-3529-11e4-b0e6-806e6f6e6963} - D:\setup.exe

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

HKU\S-1-5-21-3421910340-2995637167-323149007-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 

FireFox:

========

FF ProfilePath: C:\Users\Grobi\AppData\Roaming\Mozilla\Firefox\Profiles\ujj81xye.default

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()

FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()

FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)

FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)

FF Extension: Adblock Plus - C:\Users\Grobi\AppData\Roaming\Mozilla\Firefox\Profiles\ujj81xye.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-12]
 

Chrome: 

=======

CHR dev: Chrome dev build detected! <======= ATTENTION

CHR Profile: C:\Users\Grobi\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Präsentationen) - C:\Users\Grobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-05]

CHR Extension: (Google Docs) - C:\Users\Grobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-05]

CHR Extension: (Google Drive) - C:\Users\Grobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-05]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Grobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-02]

CHR Extension: (YouTube) - C:\Users\Grobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-05]

CHR Extension: (Google-Suche) - C:\Users\Grobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-05]

CHR Extension: (Hola Better Internet Engine) - C:\Users\Grobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\epbfmioobedknooiakdehepogalbgkng [2014-11-22]

CHR Extension: (Google Tabellen) - C:\Users\Grobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-05]

CHR Extension: (AdBlock) - C:\Users\Grobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-09-05]

CHR Extension: (Google Wallet) - C:\Users\Grobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-05]

CHR Extension: (Google Mail) - C:\Users\Grobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-05]

CHR Extension: (UnisAlles) - C:\ProgramData\oelngekhhhhlldfmolhmblmpmjenblcl\ [2014-09-05]
 

==================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [610688 2014-10-25] ()

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)

R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-24] (NVIDIA Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-24] (NVIDIA Corporation)
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2014-12-23] ()

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-09-05] (Disc Soft Ltd)

R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2014-12-23] ()

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-01] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)

R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-24] (NVIDIA Corporation)

S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 

==================== One Month Created Files and Folders ========[/QUOTE]
 
 FRST Addition

[QUOTE]Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2014

Ran by Grobi at 2015-01-01 14:26:30

Running from C:\Users\Grobi\Downloads

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

(If an entry is included in the fixlist, it will be removed.)
 

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installed Programs ======================
 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 

Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)

AIDA64 Extreme v4.60 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 4.60 - FinalWire Ltd.)

ANNO 1404 - Venedig (HKLM-x32\...\{A07B2C21-863B-47AB-AE7E-20BB00BD7D33}) (Version: 2.0.5008.0 - Ubisoft)

ANNO 1404 (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.02.0000 - Ubisoft)

Anno 1404 (x32 Version: 1.00.0000 - Ubisoft) Hidden

Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)

Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)

BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )

BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )

CCG Launcher version 0.6 (HKLM-x32\...\{28362054-F79B-4697-A246-3ECF730E7E9D}_is1) (Version: 0.6 - Custom Combat Gaming)

CCGLauncher version 0.0.0.7 (HKLM-x32\...\{78D51CE5-799C-4FCA-9635-6F61E19EA5E3}_is1) (Version: 0.0.0.7 - Custom Combat Gaming)

Curse Client (HKU\S-1-5-21-3421910340-2995637167-323149007-1001\...\101a9f93b8f0bb6f) (Version: 5.1.1.820 - Curse)

DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)

Die Gilde 2 Complete Edition 1.00 (HKLM-x32\...\Die Gilde 2 Complete Edition 1.00) (Version: 1.00 - specy123)

DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.88 - DivX, LLC)

FreeArc 0.666 (HKLM-x32\...\FreeArc) (Version: 0.666 - Bulat Ziganshin)

GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)

League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )

League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden

Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)

Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.1 - Mozilla)

NVIDIA 3D Vision Controller-Treiber 332.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 332.17 - NVIDIA Corporation)

NVIDIA 3D Vision Treiber 332.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 332.17 - NVIDIA Corporation)

NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation)

NVIDIA Grafiktreiber 332.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.17 - NVIDIA Corporation)

NVIDIA HD-Audiotreiber 1.3.29.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.29.0 - NVIDIA Corporation)

NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)

NVIDIA Virtual Audio 1.2.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.19 - NVIDIA Corporation)

Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )

OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)

Opera Stable 26.0.1656.60 (HKLM-x32\...\Opera 26.0.1656.60) (Version: 26.0.1656.60 - Opera Software ASA)

Patrician IV Gold Edition (HKLM-x32\...\Patrician IV Gold Edition_is1) (Version:  - )

Project 64 version 2.1.0.1 (HKLM-x32\...\Project 64_is1) (Version: 2.1.0.1 - )

SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden

Smart File Advisor 1.2.0 (HKLM-x32\...\Smart File Advisor_is1) (Version: 1.2.0 - Filefacts.net)

SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )

Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)

TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)

VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden

VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)

WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)

WinZip 18.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E3}) (Version: 18.5.11111 - WinZip Computing, S.L. )

World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
 

==================== Custom CLSID (selected items): ==========================
 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 

CustomCLSID: HKU\S-1-5-21-3421910340-2995637167-323149007-1001_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-3421910340-2995637167-323149007-1001_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-3421910340-2995637167-323149007-1001_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-3421910340-2995637167-323149007-1001_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-3421910340-2995637167-323149007-1001_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-3421910340-2995637167-323149007-1001_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-3421910340-2995637167-323149007-1001_Classes\CLSID\{cef85cd7-ea37-4771-8af3-c3926e9eb810}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
 

==================== Restore Points  =========================
 

01-01-2015 12:14:22 Geplanter Prüfpunkt
 

==================== Hosts content: ==========================
 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 

==================== Scheduled Tasks (whitelisted) =============
 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 

Task: {47106E77-C69A-444D-8C21-B1C8AD032355} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-12] (Google Inc.)

Task: {5BB0160F-9571-4CC8-9E3C-BDD9F16EBC2C} - System32\Tasks\Opera scheduled Autoupdate 1410995574 => C:\Program Files (x86)\Opera\launcher.exe [2014-12-17] (Opera Software)

Task: {B0C2AAC0-3FBA-46CF-A7FC-4ACCA4953F69} - System32\Tasks\{7114017C-FEB5-4ECB-AE0E-036E1C38E512} => pcalua.exe -a "C:\Users\Grobi\Desktop\OpenOffice 4.1.1 (de) Installation Files\setup.exe" -d "C:\Users\Grobi\Desktop\OpenOffice 4.1.1 (de) Installation Files"

Task: {CAB1EDEA-4580-405E-AD19-9C0F76A41B52} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-12] (Google Inc.)

Task: {D3966EE9-8ECC-4E7C-9240-0C966F972B04} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 

==================== Loaded Modules (whitelisted) =============
 

2014-09-05 19:45 - 2013-12-17 22:37 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2014-01-10 06:26 - 2014-01-10 06:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

2014-01-10 06:28 - 2014-01-10 06:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll

2014-12-12 00:38 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll

2014-12-12 00:38 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll

2014-12-12 00:38 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll

2014-12-12 00:38 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
 

==================== Alternate Data Streams (whitelisted) =========
 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 

==================== Safe Mode (whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 

==================== EXE Association (whitelisted) =============
 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 

==================== MSCONFIG/TASK MANAGER disabled items =========
 

(Currently there is no automatic fix for this section.)
 
 

========================= Accounts: ==========================
 

Administrator (S-1-5-21-3421910340-2995637167-323149007-500 - Administrator - Disabled)

Gast (S-1-5-21-3421910340-2995637167-323149007-501 - Limited - Disabled)

Grobi (S-1-5-21-3421910340-2995637167-323149007-1001 - Administrator - Enabled) => C:\Users\Grobi

HomeGroupUser$ (S-1-5-21-3421910340-2995637167-323149007-1002 - Limited - Enabled)
 

==================== Faulty Device Manager Devices =============
 

Name: 

Description: 

Class Guid: 

Manufacturer: 

Service: 

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 

Name: RTL8187_Wireless

Description: RTL8187_Wireless

Class Guid: 

Manufacturer: 

Service: 

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (01/01/2015 02:20:27 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (01/01/2015 01:24:25 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (01/01/2015 10:50:47 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (01/01/2015 10:32:17 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (01/01/2015 08:24:29 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (12/28/2014 06:11:43 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Programm Project64.exe, Version 2.1.0.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
 

Prozess-ID: 1350
 

Startzeit: 01d022b9c09da826
 

Endzeit: 53
 

Anwendungspfad: C:\Program Files (x86)\Project64 2.1\Project64.exe
 

Berichts-ID:
 

Error: (12/28/2014 05:13:50 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: Project64.exe, Version: 2.1.0.1, Zeitstempel: 0x52f74674

Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7

Ausnahmecode: 0xc0000005

Fehleroffset: 0x000337a2

ID des fehlerhaften Prozesses: 0x9d4

Startzeit der fehlerhaften Anwendung: 0xProject64.exe0

Pfad der fehlerhaften Anwendung: Project64.exe1

Pfad des fehlerhaften Moduls: Project64.exe2

Berichtskennung: Project64.exe3
 

Error: (12/28/2014 05:13:49 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: Project64.exe, Version: 2.1.0.1, Zeitstempel: 0x52f74674

Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7

Ausnahmecode: 0xc0000005

Fehleroffset: 0x0002e3be

ID des fehlerhaften Prozesses: 0x9d4

Startzeit der fehlerhaften Anwendung: 0xProject64.exe0

Pfad der fehlerhaften Anwendung: Project64.exe1

Pfad des fehlerhaften Moduls: Project64.exe2

Berichtskennung: Project64.exe3
 

Error: (12/28/2014 05:13:47 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: Project64.exe, Version: 2.1.0.1, Zeitstempel: 0x52f74674

Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7

Ausnahmecode: 0xc0000005

Fehleroffset: 0x0002e3be

ID des fehlerhaften Prozesses: 0x9d4

Startzeit der fehlerhaften Anwendung: 0xProject64.exe0

Pfad der fehlerhaften Anwendung: Project64.exe1

Pfad des fehlerhaften Moduls: Project64.exe2

Berichtskennung: Project64.exe3
 

Error: (12/28/2014 04:54:19 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: Project64.exe, Version: 2.1.0.1, Zeitstempel: 0x52f74674

Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7

Ausnahmecode: 0xc0000005

Fehleroffset: 0x0002e3be

ID des fehlerhaften Prozesses: 0x1064

Startzeit der fehlerhaften Anwendung: 0xProject64.exe0

Pfad der fehlerhaften Anwendung: Project64.exe1

Pfad des fehlerhaften Moduls: Project64.exe2

Berichtskennung: Project64.exe3
 
 

System errors:

=============

Error: (01/01/2015 02:17:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
 

Error: (01/01/2015 02:17:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
 

Error: (01/01/2015 02:17:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 

Error: (01/01/2015 02:17:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 

Error: (01/01/2015 02:17:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 

Error: (01/01/2015 02:17:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "MBAMScheduler" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 

Error: (01/01/2015 02:17:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 

Error: (01/01/2015 02:17:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "Druckwarteschlange" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
 

Error: (01/01/2015 02:17:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "NVIDIA Stereoscopic 3D Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 

Error: (01/01/2015 02:17:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 
 

Microsoft Office Sessions:

=========================

Error: (01/01/2015 02:20:27 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (01/01/2015 01:24:25 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (01/01/2015 10:50:47 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (01/01/2015 10:32:17 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (01/01/2015 08:24:29 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (12/28/2014 06:11:43 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Project64.exe2.1.0.1135001d022b9c09da82653C:\Program Files (x86)\Project64 2.1\Project64.exe
 

Error: (12/28/2014 05:13:50 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Project64.exe2.1.0.152f74674ntdll.dll6.1.7601.18247521ea8e7c0000005000337a29d401d022b9185e5026C:\Program Files (x86)\Project64 2.1\Project64.exeC:\Windows\SysWOW64\ntdll.dll8200275a-8eac-11e4-a91e-001d60b4b6bd
 

Error: (12/28/2014 05:13:49 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Project64.exe2.1.0.152f74674ntdll.dll6.1.7601.18247521ea8e7c00000050002e3be9d401d022b9185e5026C:\Program Files (x86)\Project64 2.1\Project64.exeC:\Windows\SysWOW64\ntdll.dll81540655-8eac-11e4-a91e-001d60b4b6bd
 

Error: (12/28/2014 05:13:47 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Project64.exe2.1.0.152f74674ntdll.dll6.1.7601.18247521ea8e7c00000050002e3be9d401d022b9185e5026C:\Program Files (x86)\Project64 2.1\Project64.exeC:\Windows\SysWOW64\ntdll.dll80722e86-8eac-11e4-a91e-001d60b4b6bd
 

Error: (12/28/2014 04:54:19 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Project64.exe2.1.0.152f74674ntdll.dll6.1.7601.18247521ea8e7c00000050002e3be106401d022b3d8bf98d6C:\Program Files (x86)\Project64 2.1\Project64.exeC:\Windows\SysWOW64\ntdll.dllc830cbab-8ea9-11e4-a91e-001d60b4b6bd
 
 

==================== Memory info =========================== 
 

Processor: Intel(R) Core(TM)2 Quad CPU Q9550 @ 2.83GHz

Percentage of memory in use: 27%

Total physical RAM: 8191.12 MB

Available physical RAM: 5905.4 MB

Total Pagefile: 16380.41 MB

Available Pagefile: 14111.67 MB

Total Virtual: 8192 MB

Available Virtual: 8191.82 MB
 

==================== Drives ================================
 

Drive b: (Volume) (Fixed) (Total:74.43 GB) (Free:8.89 GB) NTFS

Drive c: () (Fixed) (Total:74.53 GB) (Free:11.72 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Drive d: (de_windows_7_ultimate_with_sp1) (CDROM) (Total:3.51 GB) (Free:0 GB) UDF
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 74.5 GB) 

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=74.4 GB) - (Type=07 NTFS)
 

========================================================

Disk: 1 (MBR Code: Windows 7 or 8) (Size: 74.5 GB) 

Partition 1: (Active) - (Size=74.5 GB) - (Type=07 NTFS)
 

==================== End Of Log ============================

--- --- ---

Falls noch etwas benötigt wird einfach anfragen.

Grüße Grobi