Windows 7 extreme: Pc stürzt andauernd ab und laggt.

Jenniferba80 · 09.10.2014, 15:22

Hallo Trojaner-Board Team,

seit längerem stürzt mein Pc immer wieder ab. Mal fährt er von alleine runter, mal bekommt er einen bluescreen oder er hängt sich auf. Nachdem er abgestürzt ist, kann ich ihn auch meistens nicht wieder hochfahren, da dieser dann nicht mehr booten möchte oder der bluescreen wieder erscheint oder er sich beim Hochfahren direkt wieder aufhängt. In der Zeit wo mein Pc funktioniert, laggt dieser so stark, dass das Spielen auf ihm unmöglich ist. Außerdem findet mein Virenprogramm(Avast) immer wieder neue und alte Viren, die es nicht wieder runterbekommt.
Habe echt keine Ahnung woran dies liegen kann, da ich mich auch nicht besonders mit Pc´s auskenne.

Als Anhang einmal den am meisten auftretenden bluescreen
Anhang 70033

Schon mal vielen Dank im Voraus!

Grüße, Jennifer

schrauber · 09.10.2014, 15:24

Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Jenniferba80 · 09.10.2014, 15:44

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-10-2014 01
Ran by Jenny (administrator) on JENNY-PC on 09-10-2014 16:32:12
Running from C:\Users\Jenny\Downloads
Loaded Profile: Jenny (Available profiles: Jenny)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2439072 2010-05-24] (VIA)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-07-30] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-31] (AVAST Software)
HKU\S-1-5-21-2176429021-1057270886-2413076650-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21645408 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-2176429021-1057270886-2413076650-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
Hosts: 127.0.0.1 validation.sls.microsoft.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF user.js: detected! => C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default\searchplugins\google-maps.xml
FF SearchPlugin: C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default\searchplugins\search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default\Extensions\abs@avira.com [2014-08-31]
FF Extension: Cliqz Beta - C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default\Extensions\cliqz@cliqz.com [2014-09-26]
FF Extension: Boost - C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default\Extensions\boost@boost.net.xpi [2014-08-31]
FF Extension: Simple New Tab - C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default\Extensions\snt@dotlabs.co.xpi [2014-08-31]
FF Extension: Adblock Plus - C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-31]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-31]
FF HKCU\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default\extensions\cliqz@cliqz.com

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-31]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-31] (AVAST Software)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2011-06-16] (Microsoft Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-31] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-31] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-31] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-31] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-31] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-31] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-31] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-31] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 UHSfiltv; C:\Windows\System32\drivers\UHSfiltv.sys [23552 2013-07-19] (Creative Technology Ltd.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-09 16:32 - 2014-10-09 16:32 - 00009464 _____ () C:\Users\Jenny\Downloads\FRST.txt
2014-10-09 16:31 - 2014-10-09 16:32 - 00000000 ____D () C:\FRST
2014-10-09 16:30 - 2014-10-09 16:30 - 02109952 _____ (Farbar) C:\Users\Jenny\Downloads\FRST64.exe
2014-10-09 14:13 - 2014-10-09 14:13 - 00000000 _____ () C:\Users\Jenny\defogger_reenable
2014-10-02 21:21 - 2014-10-02 21:21 - 00000577 _____ () C:\Users\Jenny\Desktop\World of Tanks 0.9.3 ProMod.lnk
2014-09-27 19:30 - 2014-09-27 19:30 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-09-26 20:53 - 2014-09-26 20:53 - 00000000 ____D () C:\Users\Jenny\Documents\Abelssoft
2014-09-26 20:50 - 2014-09-27 19:31 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-09-26 20:50 - 2014-09-26 20:50 - 00000000 ____D () C:\Users\Jenny\AppData\Roaming\Opera Software
2014-09-26 20:50 - 2014-09-26 20:50 - 00000000 ____D () C:\Users\Jenny\AppData\Local\Opera Software
2014-09-26 20:49 - 2014-09-26 20:49 - 00000000 ____D () C:\Users\Jenny\AppData\Roaming\TuneUp Software
2014-09-26 20:49 - 2014-09-26 20:49 - 00000000 ____D () C:\Users\Jenny\AppData\Local\TuneUp Software
2014-09-26 20:48 - 2014-09-26 21:10 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-09-26 20:48 - 2014-09-26 20:48 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-09-26 20:38 - 2014-09-26 20:38 - 00000973 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-09-26 20:38 - 2014-09-26 20:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-09-26 20:37 - 2014-09-26 20:49 - 00000000 ____D () C:\Users\Jenny\AppData\Roaming\RHEng
2014-09-26 20:37 - 2014-09-26 20:37 - 00000000 ____D () C:\Users\Jenny\AppData\Roaming\OpenCandy
2014-09-26 20:36 - 2014-09-26 20:38 - 00000000 ____D () C:\Users\Jenny\AppData\Roaming\DVDVideoSoft
2014-09-26 20:13 - 2014-09-26 20:13 - 00000000 ____D () C:\Users\Jenny\AppData\Local\Abelssoft
2014-09-26 20:12 - 2011-05-13 12:16 - 00493056 _____ ( datenhaus GmbH) C:\Windows\SysWOW64\dhRichClient3.dll
2014-09-26 20:12 - 2011-03-25 20:42 - 00338432 _____ () C:\Windows\SysWOW64\sqlite36_engine.dll
2014-09-26 20:11 - 2014-09-26 20:11 - 01101648 _____ () C:\Users\Jenny\Downloads\YouTube Song Downloader 2014 - CHIP-Installer.exe
2014-09-25 20:52 - 2014-09-27 19:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-24 19:54 - 2014-10-09 11:05 - 00000483 _____ () C:\Users\Jenny\Desktop\MrFishIt.config.xml
2014-09-19 15:30 - 2014-09-19 15:30 - 00000577 _____ () C:\Users\Jenny\Desktop\World of Tanks 0.9.2 ProMod.lnk
2014-09-19 15:22 - 2014-10-02 21:19 - 00155136 _____ () C:\Windows\SysWOW64\unrar.dll
2014-09-19 15:22 - 2014-10-02 21:19 - 00034308 _____ () C:\Windows\SysWOW64\bassmod.dll
2014-09-19 15:22 - 2014-09-19 15:22 - 02406912 _____ (OldSkool) C:\Users\Jenny\Downloads\ProMod.exe
2014-09-19 15:22 - 2014-09-19 15:22 - 01931296 _____ (Codejock Software) C:\Windows\Codejock.Controls.v15.3.1.ocx
2014-09-19 15:22 - 2014-09-19 15:22 - 01931296 _____ (Codejock Software) C:\Windows\CODEJO~2.OCX
2014-09-19 15:22 - 2014-09-19 15:22 - 01070152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomctl.ocx
2014-09-19 15:22 - 2014-09-19 15:22 - 00136008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinet.ocx
2014-09-19 15:22 - 2014-09-19 15:22 - 00136008 _____ (Microsoft Corporation) C:\Windows\msinet.ocx
2014-09-13 19:21 - 2014-09-27 19:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-13 19:21 - 2014-09-13 19:21 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-09 15:38 - 2014-09-09 15:38 - 00000658 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-09-09 15:38 - 2014-09-09 15:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2014-09-09 14:05 - 2014-09-09 14:05 - 00000743 _____ () C:\Users\Public\Desktop\World of Warcraft.lnk
2014-09-09 14:04 - 2014-09-09 14:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-09 16:31 - 2014-08-31 12:39 - 00000000 ____D () C:\Users\Jenny\AppData\Roaming\Skype
2014-10-09 15:52 - 2014-09-05 17:15 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-09 14:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-10-09 14:13 - 2014-08-31 11:54 - 00000000 ____D () C:\Users\Jenny
2014-10-09 13:38 - 2009-07-14 06:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-09 13:38 - 2009-07-14 06:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-09 13:37 - 2011-04-12 09:43 - 00696620 _____ () C:\Windows\system32\perfh007.dat
2014-10-09 13:37 - 2011-04-12 09:43 - 00147916 _____ () C:\Windows\system32\perfc007.dat
2014-10-09 13:37 - 2009-07-14 07:13 - 01612484 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-09 13:34 - 2014-08-31 11:53 - 01932422 _____ () C:\Windows\WindowsUpdate.log
2014-10-09 13:30 - 2014-08-31 12:23 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-09 13:30 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-09 13:30 - 2009-07-14 06:51 - 00028476 _____ () C:\Windows\setupact.log
2014-10-09 13:22 - 2014-08-31 13:04 - 00001974 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-10-09 13:22 - 2014-08-31 13:03 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-10-06 19:14 - 2014-08-31 13:02 - 389557557 _____ () C:\Windows\MEMORY.DMP
2014-10-06 19:14 - 2014-08-31 13:02 - 00000000 ____D () C:\Windows\Minidump
2014-10-02 20:23 - 2014-08-31 12:40 - 00000000 ____D () C:\Users\Jenny\AppData\Local\Battle.net
2014-10-02 20:23 - 2014-08-31 12:22 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-09-28 11:42 - 2010-11-21 05:47 - 00006408 _____ () C:\Windows\PFRO.log
2014-09-27 19:31 - 2014-08-31 11:54 - 00001465 _____ () C:\Users\Jenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-27 19:31 - 2014-08-31 11:54 - 00001425 _____ () C:\Users\Jenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-09-09 19:52 - 2014-09-05 17:15 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-09 19:52 - 2014-09-05 17:15 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-09 19:52 - 2014-09-05 17:15 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-09 14:05 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

Some content of TEMP:
====================
C:\Users\Jenny\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Jenny\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Jenny\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Jenny\AppData\Local\Temp\SDShelEx-x64.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe
[2011-06-16 19:09] - [2011-06-18 01:30] - 2871808 ____A (Microsoft Corporation) 5740B1555D51D56547043181789027A5

C:\Windows\SysWOW64\explorer.exe
[2011-06-16 19:09] - [2011-06-18 01:35] - 2616320 ____A (Microsoft Corporation) 88B413E78ADB75A062AB947C1BF6D49A

C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-07 15:35

==================== End Of Log ============================

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2014 01
Ran by Jenny at 2014-10-09 16:34:14
Running from C:\Users\Jenny\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
ATI Catalyst Install Manager (HKLM\...\{62140B07-129A-2BD0-81D2-2A1A7408ADC8}) (Version: 3.0.762.0 - ATI Technologies, Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com)
EPU-4 Engine (HKLM-x32\...\{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}) (Version: 1.02.01 - )
Free YouTube to MP3 Converter version 3.12.44.922 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.44.922 - DVDVideoSoft Ltd.)
HashCheck Shell Extension (x86-64) (HKLM\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Java 8 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218020F0}) (Version: 8.0.200 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.20.26 - Oracle Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.1 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0009 - Realtek)
Skype™ 6.18 (HKLM-x32\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 6.18.106 - Skype Technologies S.A.)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.275 - TuneUp Software) Hidden
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2836939v3) (Version: 3 - Microsoft Corporation)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

07-10-2014 13:42:50 Geplanter Prüfpunkt
09-10-2014 11:21:39 avast! antivirus system restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-08-31 12:51 - 00000864 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 validation.sls.microsoft.com

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe
Task: {AB515481-34F6-4AAD-BFF2-58879529AE5A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated)
Task: {AC5E3041-9A57-49EF-B588-14950E0EC184} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe [2010-02-03] (ASUSTeK Computer Inc.)
Task: {C4E8B14A-4159-4C58-BDAD-281DBBFC97E8} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => d:\program files\windows defender\MpCmdRun.exe
Task: {D71D4684-5660-4F65-9ED2-092D84C6687F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-31] (AVAST Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-08-31 12:22 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-08-31 12:07 - 2010-03-15 12:28 - 00166400 _____ () C:\Program Files (x86)\Zubehör\WinRAR\rarext.dll
2014-08-31 12:09 - 2010-05-24 17:10 - 00076192 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2014-08-31 12:09 - 2010-05-24 17:10 - 00383904 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2014-08-31 12:09 - 2010-05-24 17:10 - 00103328 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\VMicApi.dll
2014-08-31 12:09 - 2010-05-24 17:10 - 64641440 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll
2014-08-31 13:03 - 2014-08-31 13:03 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-10-09 13:22 - 2014-10-09 13:22 - 02859008 _____ () C:\Program Files\AVAST Software\Avast\defs\14100900\algo.dll
2014-08-31 13:03 - 2014-08-31 13:03 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-08-31 12:41 - 2009-03-19 22:35 - 00208896 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\AiNap.dll
2014-08-31 12:41 - 2009-03-19 22:35 - 00008704 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\vvc.dll
2014-08-31 12:41 - 2009-01-15 14:55 - 00565248 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll
2014-08-31 12:41 - 2009-03-25 16:53 - 00053248 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\AsSpindownTimeout.dll
2014-09-25 20:52 - 2014-09-25 20:52 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-2176429021-1057270886-2413076650-500 - Administrator - Disabled)
Gast (S-1-5-21-2176429021-1057270886-2413076650-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2176429021-1057270886-2413076650-1002 - Limited - Enabled)
Jenny (S-1-5-21-2176429021-1057270886-2413076650-1000 - Administrator - Enabled) => C:\Users\Jenny

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/09/2014 01:31:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/09/2014 01:22:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/09/2014 00:43:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/09/2014 10:56:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/08/2014 10:02:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/08/2014 07:01:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/08/2014 04:17:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/08/2014 04:05:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/08/2014 01:31:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/08/2014 02:05:47 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (10/09/2014 01:30:56 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎09.‎10.‎2014 um 13:28:27 unerwartet heruntergefahren.

Error: (10/09/2014 10:56:22 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎08.‎10.‎2014 um 22:05:41 unerwartet heruntergefahren.

Error: (10/08/2014 10:02:49 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎08.‎10.‎2014 um 22:01:34 unerwartet heruntergefahren.

Error: (10/08/2014 10:01:34 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎08.‎10.‎2014 um 21:59:47 unerwartet heruntergefahren.

Error: (10/08/2014 07:00:54 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎08.‎10.‎2014 um 18:38:44 unerwartet heruntergefahren.

Error: (10/08/2014 04:17:51 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎08.‎10.‎2014 um 16:15:44 unerwartet heruntergefahren.

Error: (10/08/2014 04:05:36 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎08.‎10.‎2014 um 16:02:18 unerwartet heruntergefahren.

Error: (10/06/2014 07:14:16 PM) (Source: BugCheck) (EventID: 1005) (User: )
Description: 

Error: (10/06/2014 07:14:15 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎06.‎10.‎2014 um 18:42:20 unerwartet heruntergefahren.

Error: (10/06/2014 04:00:41 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎05.‎10.‎2014 um 17:25:53 unerwartet heruntergefahren.


Microsoft Office Sessions:
=========================
Error: (10/09/2014 01:31:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/09/2014 01:22:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/09/2014 00:43:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/09/2014 10:56:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/08/2014 10:02:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/08/2014 07:01:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/08/2014 04:17:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/08/2014 04:05:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/08/2014 01:31:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/08/2014 02:05:47 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2014-10-09 16:12:09.017
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-09 16:10:35.461
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-09 14:58:50.610
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-09 14:58:38.908
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-09 14:58:21.012
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-09 13:31:11.424
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-09 13:21:48.964
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-09 12:43:24.251
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-09 10:56:38.993
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-08 22:03:03.810
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: AMD Athlon(tm) II X3 445 Processor
Percentage of memory in use: 67%
Total physical RAM: 2046.11 MB
Available physical RAM: 656.54 MB
Total Pagefile: 4092.23 MB
Available Pagefile: 2321.3 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (Win7) (Fixed) (Total:55.8 GB) (Free:32.57 GB) NTFS
Drive d: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.05 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (Spiele) (Fixed) (Total:504.62 GB) (Free:338.32 GB) NTFS
Drive f: (Sicherung) (Fixed) (Total:138.8 GB) (Free:86.05 GB) NTFS
Drive g: (Win8) (Fixed) (Total:54.87 GB) (Free:35.26 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: F61D68C9)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=54.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=643.4 GB) - (Type=OF Extended)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 55.9 GB) (Disk ID: 6ACBC97C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=55.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Danke für den Hinweis und die so schnelle Antwort

schrauber · 09.10.2014, 23:57

Zitat:

Hosts: 127.0.0.1 validation.sls.microsoft.com

was wurde denn da gecrackt?

Jenniferba80 · 11.10.2014, 19:50

Davon wusste ich bisher noch nichts :O allerdings fährt mein Pc momentan überhaupt nicht mehr hoch, sodass ich auch keine weiteren Schritte mehr am Pc befolgen kann. Was soll ich tun?

schrauber · 12.10.2014, 13:55

Geht das ein wenig genauer? Ich sitze nit vor dem Gerät.

Jenniferba80 · 12.10.2014, 15:38

Der Pc startet jedoch bleibt der Bildschirm schwarz und man hört auch nicht mehr das Windows startet.

schrauber · 13.10.2014, 13:09

Bildschirm und Rechner komplett aus. Bildschirm an, dieser geht nach einiger Zeit in Standby und zeigt "Kein Signal". Rechner jetzt einschalten. Geht das Standy Licht am Bildschirm weg und verändert sich?

Jenniferba80 · 13.10.2014, 17:23

Der Monitor bleibt im standby modus. Kabel sind alle richtig drin die habe ich schon überprüft.

schrauber · 14.10.2014, 10:12

Kabel tauschen, oder Graka defekt. Hat der ne Grafikkarte und noch zusätzlich ne Onboard Graka?

Wenn ja Graka raus, Kabel an On Board graka anschliessen, testen.

Jenniferba80 · 18.10.2014, 15:23

Ja lag an der graka. Habe nun eine neue drin und der pc geht wieder an, allerdings laggt dieser immernoch obwohl er dies nicht sollte, weshalb ich ihn gerne noch weiter von euch testen und untersuchen lassen würde. Tut mir leid das ich erst so spät geantwortet habe.

schrauber · 19.10.2014, 08:35

Dann mal los:

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Jenniferba80 · 19.10.2014, 10:34

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-10-2014 01
Ran by Jenny (administrator) on JENNY-PC on 19-10-2014 11:28:55
Running from C:\Users\Jenny\Downloads
Loaded Profile: Jenny (Available profiles: Jenny)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Blizzard Entertainment) E:\World of Warcraft Stormblade\Wow.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\Jenny\Downloads\FRST64(1).exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2439072 2010-05-24] (VIA)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-07-30] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-31] (AVAST Software)
HKU\S-1-5-21-2176429021-1057270886-2413076650-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21645408 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-2176429021-1057270886-2413076650-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
Hosts: 127.0.0.1 validation.sls.microsoft.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default
FF DefaultSearchUrl: hxxp://wisersearch.com/search.php?channel=de&q=
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF user.js: detected! => C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default\searchplugins\google-maps.xml
FF SearchPlugin: C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default\searchplugins\search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default\Extensions\abs@avira.com [2014-08-31]
FF Extension: Cliqz Beta - C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default\Extensions\cliqz@cliqz.com [2014-09-26]
FF Extension: Boost - C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default\Extensions\boost@boost.net.xpi [2014-08-31]
FF Extension: Simple New Tab - C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default\Extensions\snt@dotlabs.co.xpi [2014-08-31]
FF Extension: Adblock Plus - C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-31]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-31]
FF HKCU\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default\extensions\cliqz@cliqz.com

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-31]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-31] (AVAST Software)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2011-06-16] (Microsoft Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-31] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-31] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-31] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-31] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-31] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-31] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-31] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-31] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 UHSfiltv; C:\Windows\System32\drivers\UHSfiltv.sys [23552 2013-07-19] (Creative Technology Ltd.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-19 11:20 - 2014-10-19 11:20 - 02112000 _____ (Farbar) C:\Users\Jenny\Downloads\FRST64(1).exe
2014-10-16 12:02 - 2014-10-16 12:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-10-16 11:51 - 2014-07-02 19:44 - 00609240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-10-09 16:34 - 2014-10-09 16:35 - 00021216 _____ () C:\Users\Jenny\Downloads\Addition.txt
2014-10-09 16:32 - 2014-10-19 11:29 - 00009678 _____ () C:\Users\Jenny\Downloads\FRST.txt
2014-10-09 16:31 - 2014-10-19 11:28 - 00000000 ____D () C:\FRST
2014-10-09 16:30 - 2014-10-09 16:30 - 02109952 _____ (Farbar) C:\Users\Jenny\Downloads\FRST64.exe
2014-10-09 14:13 - 2014-10-09 14:13 - 00000000 _____ () C:\Users\Jenny\defogger_reenable
2014-10-02 21:21 - 2014-10-02 21:21 - 00000577 _____ () C:\Users\Jenny\Desktop\World of Tanks 0.9.3 ProMod.lnk
2014-09-27 19:30 - 2014-09-27 19:30 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-09-26 20:53 - 2014-09-26 20:53 - 00000000 ____D () C:\Users\Jenny\Documents\Abelssoft
2014-09-26 20:50 - 2014-09-27 19:31 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-09-26 20:50 - 2014-09-26 20:50 - 00000000 ____D () C:\Users\Jenny\AppData\Roaming\Opera Software
2014-09-26 20:50 - 2014-09-26 20:50 - 00000000 ____D () C:\Users\Jenny\AppData\Local\Opera Software
2014-09-26 20:49 - 2014-09-26 20:49 - 00000000 ____D () C:\Users\Jenny\AppData\Roaming\TuneUp Software
2014-09-26 20:49 - 2014-09-26 20:49 - 00000000 ____D () C:\Users\Jenny\AppData\Local\TuneUp Software
2014-09-26 20:48 - 2014-09-26 21:10 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-09-26 20:48 - 2014-09-26 20:48 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-09-26 20:38 - 2014-09-26 20:38 - 00000973 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-09-26 20:38 - 2014-09-26 20:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-09-26 20:37 - 2014-09-26 20:49 - 00000000 ____D () C:\Users\Jenny\AppData\Roaming\RHEng
2014-09-26 20:37 - 2014-09-26 20:37 - 00000000 ____D () C:\Users\Jenny\AppData\Roaming\OpenCandy
2014-09-26 20:36 - 2014-09-26 20:38 - 00000000 ____D () C:\Users\Jenny\AppData\Roaming\DVDVideoSoft
2014-09-26 20:13 - 2014-09-26 20:13 - 00000000 ____D () C:\Users\Jenny\AppData\Local\Abelssoft
2014-09-26 20:12 - 2011-05-13 12:16 - 00493056 _____ ( datenhaus GmbH) C:\Windows\SysWOW64\dhRichClient3.dll
2014-09-26 20:12 - 2011-03-25 20:42 - 00338432 _____ () C:\Windows\SysWOW64\sqlite36_engine.dll
2014-09-26 20:11 - 2014-09-26 20:11 - 01101648 _____ () C:\Users\Jenny\Downloads\YouTube Song Downloader 2014 - CHIP-Installer.exe
2014-09-25 20:52 - 2014-09-27 19:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-24 19:54 - 2014-10-09 11:05 - 00000483 _____ () C:\Users\Jenny\Desktop\MrFishIt.config.xml
2014-09-19 15:30 - 2014-09-19 15:30 - 00000577 _____ () C:\Users\Jenny\Desktop\World of Tanks 0.9.2 ProMod.lnk
2014-09-19 15:22 - 2014-10-02 21:19 - 00155136 _____ () C:\Windows\SysWOW64\unrar.dll
2014-09-19 15:22 - 2014-10-02 21:19 - 00034308 _____ () C:\Windows\SysWOW64\bassmod.dll
2014-09-19 15:22 - 2014-09-19 15:22 - 02406912 _____ (OldSkool) C:\Users\Jenny\Downloads\ProMod.exe
2014-09-19 15:22 - 2014-09-19 15:22 - 01931296 _____ (Codejock Software) C:\Windows\Codejock.Controls.v15.3.1.ocx
2014-09-19 15:22 - 2014-09-19 15:22 - 01931296 _____ (Codejock Software) C:\Windows\CODEJO~2.OCX
2014-09-19 15:22 - 2014-09-19 15:22 - 01070152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomctl.ocx
2014-09-19 15:22 - 2014-09-19 15:22 - 00136008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinet.ocx
2014-09-19 15:22 - 2014-09-19 15:22 - 00136008 _____ (Microsoft Corporation) C:\Windows\msinet.ocx

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-19 11:25 - 2009-07-14 06:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-19 11:25 - 2009-07-14 06:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-19 11:24 - 2011-04-12 09:43 - 00696620 _____ () C:\Windows\system32\perfh007.dat
2014-10-19 11:24 - 2011-04-12 09:43 - 00147916 _____ () C:\Windows\system32\perfc007.dat
2014-10-19 11:24 - 2009-07-14 07:13 - 01612484 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-19 11:22 - 2014-08-31 11:53 - 01752740 _____ () C:\Windows\WindowsUpdate.log
2014-10-19 11:18 - 2014-08-31 12:39 - 00000000 ____D () C:\Users\Jenny\AppData\Roaming\Skype
2014-10-19 11:18 - 2014-08-31 12:23 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-19 11:18 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-19 11:18 - 2009-07-14 06:51 - 00032332 _____ () C:\Windows\setupact.log
2014-10-19 06:52 - 2014-09-05 17:15 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-19 02:43 - 2014-08-31 13:02 - 221609478 _____ () C:\Windows\MEMORY.DMP
2014-10-19 02:43 - 2014-08-31 13:02 - 00000000 ____D () C:\Windows\Minidump
2014-10-19 01:30 - 2014-08-31 12:40 - 00000000 ____D () C:\Users\Jenny\AppData\Local\Battle.net
2014-10-19 01:21 - 2014-08-31 12:22 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-10-19 01:01 - 2014-08-31 13:03 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-10-16 11:51 - 2014-08-31 12:22 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-10-09 14:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-10-09 14:13 - 2014-08-31 11:54 - 00000000 ____D () C:\Users\Jenny
2014-10-09 13:22 - 2014-08-31 13:04 - 00001974 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-09-28 11:42 - 2010-11-21 05:47 - 00006408 _____ () C:\Windows\PFRO.log
2014-09-27 19:31 - 2014-08-31 11:54 - 00001465 _____ () C:\Users\Jenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-27 19:31 - 2014-08-31 11:54 - 00001425 _____ () C:\Users\Jenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-09-27 19:29 - 2014-09-13 19:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

Some content of TEMP:
====================
C:\Users\Jenny\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Jenny\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Jenny\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Jenny\AppData\Local\Temp\SDShelEx-x64.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe
[2011-06-16 19:09] - [2011-06-18 01:30] - 2871808 ____A (Microsoft Corporation) 5740B1555D51D56547043181789027A5

C:\Windows\SysWOW64\explorer.exe
[2011-06-16 19:09] - [2011-06-18 01:35] - 2616320 ____A (Microsoft Corporation) 88B413E78ADB75A062AB947C1BF6D49A

C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-16 18:54

==================== End Of Log ============================

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-10-2014 01
Ran by Jenny at 2014-10-19 11:30:12
Running from C:\Users\Jenny\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
ATI Catalyst Install Manager (HKLM\...\{62140B07-129A-2BD0-81D2-2A1A7408ADC8}) (Version: 3.0.762.0 - ATI Technologies, Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com)
EPU-4 Engine (HKLM-x32\...\{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}) (Version: 1.02.01 - )
Free YouTube to MP3 Converter version 3.12.44.922 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.44.922 - DVDVideoSoft Ltd.)
HashCheck Shell Extension (x86-64) (HKLM\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Java 8 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218020F0}) (Version: 8.0.200 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.20.26 - Oracle Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.1 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0009 - Realtek)
Skype™ 6.18 (HKLM-x32\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 6.18.106 - Skype Technologies S.A.)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.275 - TuneUp Software) Hidden
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2836939v3) (Version: 3 - Microsoft Corporation)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

09-10-2014 11:21:39 avast! antivirus system restore point
16-10-2014 17:01:49 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-08-31 12:51 - 00000864 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 validation.sls.microsoft.com

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe
Task: {AB515481-34F6-4AAD-BFF2-58879529AE5A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated)
Task: {AC5E3041-9A57-49EF-B588-14950E0EC184} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe [2010-02-03] (ASUSTeK Computer Inc.)
Task: {C4E8B14A-4159-4C58-BDAD-281DBBFC97E8} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => d:\program files\windows defender\MpCmdRun.exe
Task: {D71D4684-5660-4F65-9ED2-092D84C6687F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-31] (AVAST Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-08-31 12:22 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-08-31 12:09 - 2010-05-24 17:10 - 00076192 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2014-08-31 12:09 - 2010-05-24 17:10 - 00383904 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2014-08-31 12:09 - 2010-05-24 17:10 - 00103328 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\VMicApi.dll
2014-08-31 12:09 - 2010-05-24 17:10 - 64641440 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll
2014-08-31 13:03 - 2014-08-31 13:03 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-10-18 23:53 - 2014-10-18 23:53 - 02896384 _____ () C:\Program Files\AVAST Software\Avast\defs\14101801\algo.dll
2014-10-19 11:18 - 2014-10-19 11:18 - 02896384 _____ () C:\Program Files\AVAST Software\Avast\defs\14101900\algo.dll
2014-08-31 12:41 - 2009-03-19 22:35 - 00208896 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\AiNap.dll
2014-08-31 12:41 - 2009-03-19 22:35 - 00008704 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\vvc.dll
2014-08-31 12:41 - 2009-01-15 14:55 - 00565248 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll
2014-08-31 12:41 - 2009-03-25 16:53 - 00053248 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\AsSpindownTimeout.dll
2014-08-31 13:03 - 2014-08-31 13:03 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-10-31 15:58 - 2011-04-16 19:56 - 00413696 _____ () E:\World of Warcraft Stormblade\DivxDecoder.dll
2014-09-25 20:52 - 2014-09-25 20:52 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-2176429021-1057270886-2413076650-500 - Administrator - Disabled)
Gast (S-1-5-21-2176429021-1057270886-2413076650-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2176429021-1057270886-2413076650-1002 - Limited - Enabled)
Jenny (S-1-5-21-2176429021-1057270886-2413076650-1000 - Administrator - Enabled) => C:\Users\Jenny

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/19/2014 11:18:17 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/19/2014 02:43:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/19/2014 01:35:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/19/2014 01:01:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/18/2014 07:53:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/18/2014 04:19:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/18/2014 00:28:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/17/2014 07:33:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/17/2014 01:00:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/17/2014 04:51:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (10/19/2014 11:18:11 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (10/19/2014 02:43:36 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (10/19/2014 02:43:35 AM) (Source: BugCheck) (EventID: 1005) (User: )
Description: 

Error: (10/19/2014 02:43:34 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎19.‎10.‎2014 um 02:40:47 unerwartet heruntergefahren.

Error: (10/19/2014 01:34:58 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (10/19/2014 01:34:55 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎19.‎10.‎2014 um 01:31:29 unerwartet heruntergefahren.

Error: (10/19/2014 01:01:40 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (10/18/2014 07:53:34 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (10/18/2014 04:19:14 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (10/18/2014 04:13:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Sicherheitscenter" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office Sessions:
=========================
Error: (10/19/2014 11:18:17 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/19/2014 02:43:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/19/2014 01:35:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/19/2014 01:01:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/18/2014 07:53:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/18/2014 04:19:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/18/2014 00:28:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/17/2014 07:33:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/17/2014 01:00:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/17/2014 04:51:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2014-10-19 11:28:33.265
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-19 11:28:09.147
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-19 11:25:22.476
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-19 11:24:06.223
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-19 11:23:02.869
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-19 11:22:59.746
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-19 11:22:58.210
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-19 11:22:51.187
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-19 11:19:42.026
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-19 11:19:36.530
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: AMD Athlon(tm) II X3 445 Processor
Percentage of memory in use: 39%
Total physical RAM: 4094.11 MB
Available physical RAM: 2474.72 MB
Total Pagefile: 8186.42 MB
Available Pagefile: 6348.64 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Win7) (Fixed) (Total:55.8 GB) (Free:28.42 GB) NTFS
Drive d: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.05 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (Spiele) (Fixed) (Total:504.62 GB) (Free:340.08 GB) NTFS
Drive f: (Sicherung) (Fixed) (Total:138.8 GB) (Free:86.05 GB) NTFS
Drive g: (Win8) (Fixed) (Total:54.87 GB) (Free:35.26 GB) NTFS
Drive h: (System-reserviert) (Fixed) (Total:0.34 GB) (Free:0.09 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 55.9 GB) (Disk ID: 6ACBC97C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=55.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: F61D68C9)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=54.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=643.4 GB) - (Type=OF Extended)

==================== End Of Log ============================

Nach einem Tag Ruhe erscheinen nun wieder die bluescreens und der Pc hängt sich wieder auf.

schrauber · 20.10.2014, 07:31

Zitat:

Hosts: 127.0.0.1 validation.sls.microsoft.com

Wir sind immer noch hierbei:
Installier mal ein legales Windows, vielleicht wirds dann besser

Jenniferba80 · 20.10.2014, 20:03

Ok danke wusste nicht, dass ich kein legales windows auf meinem pc habe

Werde mir morgen ein neues legales windows drauf machen und hoffentlich geht dann alles wieder

12.10.2014, 13:55	#6
schrauber /// the machine /// TB-Ausbilder	Windows 7 extreme: Pc stürzt andauernd ab und laggt. Geht das ein wenig genauer? Ich sitze nit vor dem Gerät. __________________ --> Windows 7 extreme: Pc stürzt andauernd ab und laggt.

Windows 7 extreme: Pc stürzt andauernd ab und laggt.

Log-Analyse und Auswertung: Windows 7 extreme: Pc stürzt andauernd ab und laggt.