Windows/Desktop läd ganz normal, bleibt dann doch hängen

vikiklein · 26.02.2015, 14:16

Heyho!
Die letzten zwei Tage habe ich meinen zweiten Laptop wieder dank eurer Hilfe wieder zurecht gebogen. Dabei hab ich die Programme auf meinem anderen Laptop auf einen USB Stick downloaden müssen und so auf den anderen installieren. Ich denke, dass dabei irgendwas auf meinem ersten Laptop dann auch kaputt gegangen ist...

Anfangs ging gar nichts, sodass ich es im Abgesicherten Modus nur starten konnte und da dann Malwarebytes und AdwCleaner hab durchlaufen lassen. Die haben dann auch etwas gefunden. Danach ging Windows normal an und es wurde besser, nur hängt jetzt eben alles... Also Windows startet ganz normal und der Desktop auch. Doch wenn ich dann auf etwas klicke dauert es ewig, bis etwas passiert, oder es friert sofort ein (wird dann so weiß)
Alles hängt total und reagiert ganz langsam, die Maus bleibt stehen und der ladende Mauszeiger ist nur noch zu sehen. Ich poste mal die Logfiles von JRT und AdwCleaner. Von Malwarebytes weiß ich nicht wie ich es exportieren soll, da die Bildschirmauflösung im abgesicherten Modus rießig ist und ich nicht auf den Button "Exportieren" komme...

Ich muss dazu sagen, dass mein kleinerer Cousin vor kurzem an dem schon rumgefummelt hatte, da es schon problemchen gab, daher weiß ich nicht, was sich da so alles finden lässt... Ich kenn mich mit dem Zeug null aus!

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows Vista (TM) Home Premium x86
Ran by Viki on 25.02.2015 at 20:04:32,23
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25.02.2015 at 20:08:03,50
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Code:

ATTFilter

# AdwCleaner v4.111 - Bericht erstellt 25/02/2015 um 19:56:47
# Aktualisiert 18/02/2015 von Xplode
# Datenbank : 2015-02-18.3 [Lokal]
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 1 (x86)
# Benutzername : Viki - VIKI-PC
# Gestarted von : C:\Users\Viki\Desktop\AdwCleaner_4.111.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Program Files\kikin
Ordner Gelöscht : C:\Users\Viki\AppData\Roaming\kikin
Datei Gelöscht : C:\Users\Viki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_lyrics.wikia.com_0.localstorage
Datei Gelöscht : C:\Users\Viki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_lyrics.wikia.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Viki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.oldielyrics.com_0.localstorage
Datei Gelöscht : C:\Users\Viki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.oldielyrics.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Viki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Viki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E601996F-E400-41CA-804B-CD6373A7EEE2}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E601996F-E400-41CA-804B-CD6373A7EEE2}
Schlüssel Gelöscht : HKCU\Software\OCS
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>

***** [ Internetbrowser ] *****

-\\ Internet Explorer v7.0.6001.18639


-\\ Google Chrome v40.0.2214.115

[C:\Users\Viki\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.hft-stuttgart.de/search?SearchableText={searchTerms}&x=0&y=0&i18nContent_language%3Alist=de&i18nContent_language%3Alist=neutral

*************************

AdwCleaner[R0].txt - [2462 Bytes] - [25/02/2015 19:54:47]
AdwCleaner[S0].txt - [2384 Bytes] - [25/02/2015 19:56:47]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2443  Bytes] ##########

Warlord711 · 26.02.2015, 14:19

Hallo vikiklein

Mein Name ist Timo und ich werde Dir bei deinem Problem behilflich sein.

Bitte arbeite alle Schritte der Reihe nach ab.
Hier findest du die Anleitung für Hilfesuchende
Lese die Anleitungen sorgfältig. Sollte es Probleme geben, bitte stoppen und hier so gut es geht beschreiben.
Nur Scans durchführen zu denen Du von einem Helfer aufgefordert wirst.
Bitte kein Crossposting ( posten in mehreren Foren).
Installiere oder Deinstalliere während der Bereinigung keine Software ausser Du wurdest dazu aufgefordert.
Lese Dir die Anleitung zuerst vollständig durch. Sollte etwas unklar sein, frage bevor Du beginnst.
Poste die Logfiles direkt in deinen Thread. Nicht anhängen ausser ich fordere Dich dazu auf.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist immer der sicherste Weg.

Wir arbeiten hier alle freiwillig und meist auch nur in unserer Freizeit. Daher kann es bei Antworten zu Verzögerungen kommen.
Solltest du innerhalb 48 Std keine Antwort von mir erhalten, dann schreib mit eine PM
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis ich oder jemand vom Team sagt, dass Du clean bist.

Führe sämtliche Tools mit administrativen Rechten aus, Vista, Win7,Win8 User mit Rechtsklick "als Administrator starten".

Mach mal nen FRST Log vom System:

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

vikiklein · 26.02.2015, 14:33

Halli Hallo!
Ihr seid hier echt fix! Danke für die schnelle Antwort

Hier die Logs:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-02-2015 01
Ran by Viki (administrator) on VIKI-PC on 26-02-2015 14:25:59
Running from C:\Users\Viki\Desktop
Loaded Profiles: Viki (Available profiles: Viki)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 7 (Default browser: Chrome)
Boot Mode: Safe Mode (minimal)
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)



==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [182808 2008-07-20] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6139904 2008-05-07] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1037608 2008-04-04] (Synaptics, Inc.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2008-06-30] ()
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [809480 2008-06-16] (Dritek System Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-28] (AVAST Software)
HKLM\...\Run: [BrStsWnd] => C:\Program Files\Brownie\BrstsWnd.exe [3618160 2011-03-25] (brother)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
Winlogon\Notify\AWinNotifyVitaKey MC3000: C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-228543602-174168497-2536557004-1000\...\Run: [Spotify] => C:\Users\Viki\AppData\Roaming\Spotify\Spotify.exe [6737976 2014-12-11] (Spotify Ltd)
HKU\S-1-5-21-228543602-174168497-2536557004-1000\...\Run: [Spotify Web Helper] => C:\Users\Viki\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-11] (Spotify Ltd)
HKU\S-1-5-21-228543602-174168497-2536557004-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Viki\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-228543602-174168497-2536557004-1000\...\Run: [RGSC] => C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
HKU\S-1-5-21-228543602-174168497-2536557004-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\Acer\Acer Bio Protection\PwdFilter
Startup: C:\Users\Viki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Viki\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Viki\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Viki\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Viki\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Viki\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Viki\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Viki\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Viki\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Viki\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0114&m=aspire_8930
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0114&m=aspire_8930
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-228543602-174168497-2536557004-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0114&m=aspire_8930
HKU\S-1-5-21-228543602-174168497-2536557004-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0114&m=aspire_8930
HKU\S-1-5-21-228543602-174168497-2536557004-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://global.acer.com
HKU\S-1-5-21-228543602-174168497-2536557004-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-01-13]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-13]

Chrome: 
=======
CHR HomePage: Default -> hxxp://google.de/
CHR StartupUrls: Default -> "hxxp://google.de/"
CHR Profile: C:\Users\Viki\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Viki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-13]
CHR Extension: (Google Drive) - C:\Users\Viki\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-13]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Viki\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-09]
CHR Extension: (YouTube) - C:\Users\Viki\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-13]
CHR Extension: (GMX MailCheck) - C:\Users\Viki\AppData\Local\Google\Chrome\User Data\Default\Extensions\camnampocfohlcgbajligmemmabnljcm [2014-01-13]
CHR Extension: (Adblock Plus) - C:\Users\Viki\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-12-05]
CHR Extension: (Google Search) - C:\Users\Viki\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-13]
CHR Extension: (Avast Online Security) - C:\Users\Viki\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-13]
CHR Extension: (Google Wallet) - C:\Users\Viki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-13]
CHR Extension: (Citavi Picker) - C:\Users\Viki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2014-03-11]
CHR Extension: (Gmail) - C:\Users\Viki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-13]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-15]
CHR HKLM\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - C:\Program Files\Citavi 4\Pickers\Chrome\ChromePicker.crx [2014-02-07]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-15] (AVAST Software)
S2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [815104 2008-04-30] (Intel(R) Corporation) [File not signed]
S2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2007-01-17] (Hewlett-Packard Company) [File not signed]
S2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [466944 2008-04-30] (Intel(R) Corporation) [File not signed]
S2 RichVideo; C:\Program Files\Cyberlink\Shared files\RichVideo.exe [272024 2007-01-09] ()
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 AlfaFF; C:\Windows\System32\Drivers\AlfaFF.sys [43184 2014-01-13] (Alfa Corporation)
S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2015-01-15] ()
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2015-01-15] (AVAST Software)
S1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55240 2015-01-15] (AVAST Software)
S0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2015-01-15] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2015-01-15] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2015-01-15] (AVAST Software)
S1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57928 2015-01-15] (AVAST Software)
S0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2015-01-15] ()
S1 DritekPortIO; C:\Program Files\Launch Manager\DPortIO.sys [20112 2006-11-02] (Dritek System Inc.)
R3 itecir; C:\Windows\System32\DRIVERS\itecir.sys [54784 2007-12-18] (ITE Tech. Inc. )
S3 L1E; C:\Windows\System32\DRIVERS\L1E60x86.sys [47104 2008-05-19] (Atheros Communications, Inc.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-02-26] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 vpnva; system32\DRIVERS\vpnva.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-26 14:25 - 2015-02-26 14:26 - 00014993 _____ () C:\Users\Viki\Desktop\FRST.txt
2015-02-26 14:25 - 2015-02-26 14:26 - 00000000 ____D () C:\FRST
2015-02-26 14:25 - 2015-02-26 14:23 - 01127424 _____ (Farbar) C:\Users\Viki\Desktop\FRST.exe
2015-02-26 13:40 - 2015-02-26 13:40 - 00000000 _____ () C:\Users\Viki\AppData\Local\{2FED1825-9BBF-45A3-8896-DB873D66D481}
2015-02-25 20:08 - 2015-02-25 20:08 - 00000924 _____ () C:\Users\Viki\Desktop\JRT.txt
2015-02-25 19:54 - 2015-02-25 20:12 - 00000000 ____D () C:\AdwCleaner
2015-02-25 19:52 - 2015-02-25 19:51 - 01388274 _____ (Thisisu) C:\Users\Viki\Desktop\JRT.exe
2015-02-25 19:52 - 2015-02-25 19:49 - 02126848 _____ () C:\Users\Viki\Desktop\AdwCleaner_4.111.exe
2015-02-25 19:11 - 2015-02-25 19:11 - 00000053 _____ () C:\Users\Viki\Desktop\gtacode.txt
2015-02-25 18:51 - 2015-02-26 13:51 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-25 18:51 - 2015-02-25 18:51 - 00000863 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-02-25 18:51 - 2015-02-25 18:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-02-25 18:51 - 2015-02-25 18:51 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-25 18:51 - 2015-02-25 18:51 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2015-02-25 18:51 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-25 18:51 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-25 18:51 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-24 14:00 - 2015-02-25 11:47 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-02-23 20:22 - 2015-02-23 20:22 - 00040512 _____ () C:\Users\Viki\Documents\unterschrift.tif

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-26 14:22 - 2014-01-23 15:00 - 00001356 _____ () C:\Users\Viki\AppData\Local\d3d9caps.dat
2015-02-26 13:53 - 2008-01-21 08:16 - 01561522 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-26 13:42 - 2014-01-13 15:26 - 00198428 _____ () C:\ProgramData\nvModes.dat
2015-02-26 13:41 - 2014-01-13 15:27 - 00198428 _____ () C:\ProgramData\nvModes.001
2015-02-26 13:40 - 2014-01-21 13:45 - 00000099 _____ () C:\Windows\Brownie.ini
2015-02-26 13:40 - 2014-01-13 17:24 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-26 13:39 - 2014-01-15 11:38 - 00000266 _____ () C:\Windows\Tasks\AutoKMS.job
2015-02-26 13:39 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-26 13:39 - 2006-11-02 13:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-26 13:39 - 2006-11-02 13:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-25 19:26 - 2008-01-21 03:47 - 01672812 _____ () C:\Windows\PFRO.log
2015-02-25 19:21 - 2014-04-21 10:39 - 00000000 ____D () C:\Users\Viki\AppData\Roaming\Spotify
2015-02-25 19:12 - 2009-02-02 12:17 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-02-25 18:55 - 2014-01-13 18:40 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-25 18:48 - 2014-01-13 17:24 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-25 11:51 - 2014-01-13 15:15 - 01364926 _____ () C:\Windows\WindowsUpdate.log
2015-02-25 11:44 - 2014-01-13 18:52 - 00000000 ___RD () C:\Users\Viki\Dropbox
2015-02-25 11:44 - 2014-01-13 18:50 - 00000000 ____D () C:\Users\Viki\AppData\Roaming\Dropbox
2015-02-25 11:43 - 2014-04-21 10:44 - 00000000 ____D () C:\Users\Viki\AppData\Local\Spotify
2015-02-24 14:28 - 2006-11-02 14:01 - 00032606 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-24 14:16 - 2014-03-11 21:14 - 00000000 ____D () C:\Users\Viki\Documents\Citavi 4
2015-02-23 22:19 - 2014-02-13 10:38 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-23 22:13 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-02-23 22:11 - 2009-02-02 12:28 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-23 22:11 - 2006-11-02 11:24 - 113756392 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-02-23 22:11 - 2006-11-02 11:23 - 00000219 _____ () C:\Windows\win.ini
2015-02-23 22:06 - 2006-11-02 12:18 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-23 19:55 - 2014-01-13 18:40 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-02-23 19:55 - 2014-01-13 18:40 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-02-23 19:42 - 2014-01-13 18:52 - 00000920 _____ () C:\Users\Viki\Desktop\Dropbox.lnk
2015-02-23 19:42 - 2014-01-13 18:50 - 00000000 ____D () C:\Users\Viki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-01-30 11:28 - 2014-01-14 11:32 - 00002577 _____ () C:\Users\Viki\Desktop\Microsoft Word 2010.lnk

==================== Files in the root of some directories =======

2006-12-11 18:13 - 2006-12-11 18:13 - 0097336 _____ (Un4seen Developments) C:\Users\Viki\AppData\Local\bass.dll
2006-12-11 18:13 - 2006-12-11 18:13 - 0013872 _____ (Un4seen Developments) C:\Users\Viki\AppData\Local\basscd.dll
2007-08-13 16:46 - 2007-08-13 16:46 - 0102912 _____ (Albert L Faber) C:\Users\Viki\AppData\Local\CDRip.dll
2014-01-23 15:00 - 2015-02-26 14:22 - 0001356 _____ () C:\Users\Viki\AppData\Local\d3d9caps.dat
2014-01-14 11:26 - 2015-01-04 22:27 - 0015360 _____ () C:\Users\Viki\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-13 17:49 - 2014-01-13 17:51 - 0146764 _____ () C:\Users\Viki\AppData\Local\edsinstaller.txt-20140113.log
2007-08-13 16:46 - 2007-08-13 16:46 - 0155136 _____ () C:\Users\Viki\AppData\Local\lame_enc.dll
2007-01-18 20:09 - 2007-01-18 20:09 - 0623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\Viki\AppData\Local\No23 Recorder.exe
2005-08-23 21:34 - 2005-08-23 21:34 - 0029184 _____ () C:\Users\Viki\AppData\Local\no23xwrapper.dll
2006-10-26 00:06 - 2006-10-26 00:06 - 0015872 _____ () C:\Users\Viki\AppData\Local\ogg.dll
2014-04-21 11:11 - 2014-09-24 14:29 - 0001497 _____ () C:\Users\Viki\AppData\Local\RecConfig.xml
2006-10-26 00:06 - 2006-10-26 00:06 - 0143872 _____ () C:\Users\Viki\AppData\Local\vorbis.dll
2006-10-26 00:06 - 2006-10-26 00:06 - 0064000 _____ () C:\Users\Viki\AppData\Local\vorbisenc.dll
2006-10-26 00:06 - 2006-10-26 00:06 - 0019456 _____ () C:\Users\Viki\AppData\Local\vorbisfile.dll
2015-02-26 13:40 - 2015-02-26 13:40 - 0000000 _____ () C:\Users\Viki\AppData\Local\{2FED1825-9BBF-45A3-8896-DB873D66D481}
2014-01-13 22:25 - 2014-01-13 22:25 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-01-13 15:47 - 2014-01-13 15:47 - 0000537 _____ () C:\ProgramData\ArcadeDeluxe2.log
2014-01-13 15:27 - 2015-02-26 13:41 - 0198428 _____ () C:\ProgramData\nvModes.001
2014-01-13 15:26 - 2015-02-26 13:42 - 0198428 _____ () C:\ProgramData\nvModes.dat

Some content of TEMP:
====================
C:\Users\Viki\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpffrexd.dll
C:\Users\Viki\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmply5xuz.dll
C:\Users\Viki\AppData\Local\Temp\Quarantine.exe
C:\Users\Viki\AppData\Local\Temp\RtkBtMnt.exe
C:\Users\Viki\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-26 14:27

==================== End Of Log ============================

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 25-02-2015 01
Ran by Viki at 2015-02-26 14:27:04
Running from C:\Users\Viki\Desktop
Boot Mode: Safe Mode (minimal)
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acer Crystal Eye Webcam 3.0.6.3 (HKLM\...\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}) (Version: 3.0.6.3 - SuYin)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Agere Systems HDA Modem (HKLM\...\Agere Systems Soft Modem) (Version:  - Agere Systems)
Akamai NetSession Interface (HKU\S-1-5-21-228543602-174168497-2536557004-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.30 - Atheros Communications Inc.)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.0.2208 - AVAST Software)
Brother HL-3040CN (HKLM\...\{CBF700D8-260C-4FAA-B128-3FB901D2A5A9}) (Version: 1.00 - Brother)
Citavi 4 (HKLM\...\{CC0A85B2-734A-45B3-B678-05F6A6499AC7}) (Version: 4.3.0.15 - Swiss Academic Software)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.3023d - CyberLink Corp.)
Dropbox (HKU\S-1-5-21-228543602-174168497-2536557004-1000\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Grand Theft Auto IV (Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
HP Deskjet 2050 J510 series - Grundlegende Software für das Gerät (HKLM\...\{2B586056-937F-4D0B-A7AF-9D83D9771D97}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{26921B2E-3E62-47F9-A514-1FC4A83BD738}) (Version: 12.00.0004 - Intel(R) Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
ITECIR (HKLM\...\{40580068-9B10-40B5-9548-536CE88AB23C}) (Version: 1.6 - ITE)
Java 7 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
JMicron JMB38X Flash Media Controller (HKLM\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.00.12.07 - JMicron Technology Corp.)
kikin Plugin (NO23 Edition) 1.11 (HKLM\...\kikin Plugin (NO23 Edition)) (Version: 1.11 - kikin)
Launch Manager (HKLM\...\LManager) (Version:  - )
LightScribe  1.4.142.1 (Version: 1.4.142.1 - hxxp://www.lightscribe.com) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Works (HKLM\...\{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}) (Version: 08.05.0822 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
No23 Recorder (HKLM\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - NVIDIA Corporation)
NVIDIA PhysX (HKLM\...\{DD1865F0-AD73-40FB-B23E-1822E02396FF}) (Version: 9.09.0203 - NVIDIA Corporation)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5618 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype™ 6.18 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-228543602-174168497-2536557004-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 10.2.4.1 - Synaptics)
Tinypic 3.18 (HKLM\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
Validity Sensors software (HKLM\...\{567E8236-C414-4888-8211-3D61608D57AE}) (Version: 2.7.44 - Validity Sensors, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Wisdom-soft AutoScreenRecorder 3.1 Free (HKLM\...\Wisdom-soft AutoScreenRecorder 3.1 Free) (Version:  - Wisdom Software Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-228543602-174168497-2536557004-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Viki\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-228543602-174168497-2536557004-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Viki\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-228543602-174168497-2536557004-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Viki\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-228543602-174168497-2536557004-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Viki\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-228543602-174168497-2536557004-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Viki\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-228543602-174168497-2536557004-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Viki\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-228543602-174168497-2536557004-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Viki\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-228543602-174168497-2536557004-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Viki\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-228543602-174168497-2536557004-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Viki\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-228543602-174168497-2536557004-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Viki\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

==================== Restore Points  =========================

24-01-2015 14:24:46 Geplanter Prüfpunkt
27-01-2015 18:29:03 Geplanter Prüfpunkt
28-01-2015 19:39:09 Geplanter Prüfpunkt
30-01-2015 18:34:08 Geplanter Prüfpunkt
31-01-2015 16:04:22 Geplanter Prüfpunkt
01-02-2015 15:12:00 Geplanter Prüfpunkt
23-02-2015 22:04:32 Windows Update
24-02-2015 12:26:49 Geplanter Prüfpunkt
25-02-2015 19:09:50 Entfernt Grand Theft Auto IV

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {25329CF2-5103-412C-8FDA-D19D6B606A30} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {30C1EB45-3889-4E01-BFD7-BC876AD575DB} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-15] (AVAST Software)
Task: {37BCCD46-7AD8-4C26-8954-1D8572DE0754} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {3B627C0C-E522-4079-9F61-10DD50083ACD} - \SUPERAntiSpyware Scheduled Task 419450f3-887b-48f2-81ee-a1c055b533bb No Task File <==== ATTENTION
Task: {4DBBE573-181C-4D40-A5A8-2C357C1A872F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-13] (Google Inc.)
Task: {69222F0A-8FFB-46CD-AC06-B4A66996A571} - \SUPERAntiSpyware Scheduled Task 98f1ad61-99e3-4dfd-a0cf-c0cc7c7f59bc No Task File <==== ATTENTION
Task: {86CB11C6-714B-45EB-9EFA-D654CD818219} - System32\Tasks\{4D233EA2-60AE-442B-8FD3-8FA3E42127D4} => pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}\setup.exe" -c -runfromtemp -l0x0007 -removeonly
Task: {A05B6C55-0A42-4382-905B-07BFE836B7C2} - System32\Tasks\SDMsgUpdate (Local) => C:\SmartDraw CI\Messages\SDNotify.exe [2012-08-13] ()
Task: {A08FBB2A-07E1-4F5F-8FB0-06EB7E099BA3} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2014-01-15] ()
Task: {A0D81E29-ACBE-46C9-912E-4F8CFC14C9D8} - System32\Tasks\SDMsgUpdate (TE) => C:\SmartDraw CI\Messages\SDNotify.exe [2012-08-13] ()
Task: {D837CCDE-6B96-491D-92F4-F23E05CF0942} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-23] (Adobe Systems Incorporated)
Task: {F9F1E915-0093-4D8D-996E-73CB6773B588} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-13] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\WINDOWS\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2014-01-13 15:29 - 2014-01-13 15:29 - 00080896 _____ () C:\Program Files\Acer\Acer Bio Protection\PwdFilter.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-228543602-174168497-2536557004-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\img20.jpg
DNS Servers: Media is not connected to internet.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-228543602-174168497-2536557004-500 - Administrator - Disabled)
Gast (S-1-5-21-228543602-174168497-2536557004-501 - Limited - Enabled)
Viki (S-1-5-21-228543602-174168497-2536557004-1000 - Administrator - Enabled) => C:\Users\Viki

==================== Faulty Device Manager Devices =============

Name: USB-Massenspeichergerät
Description: USB-Massenspeichergerät
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Kompatibles USB-Speichergerät
Service: USBSTOR
Problem: : Windows cannot use this hardware device because it has been prepared for safe removal, but it has not been removed from the computer. (Code 47)
Resolution: Unplug the device, and then plug it in again. Alternately, restart the computer to make the device available.

Name: Anwenderinfrarotgeräte
Description: Anwenderinfrarotgeräte
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: circlass
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (02/26/2015 02:10:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/26/2015 02:09:26 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\vistasp1_gdr\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (02/26/2015 01:52:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/26/2015 01:51:03 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\vistasp1_gdr\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (02/26/2015 01:40:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/25/2015 08:13:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (02/26/2015 02:10:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068

Error: (02/26/2015 02:10:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068

Error: (02/26/2015 02:10:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068

Error: (02/26/2015 02:10:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068

Error: (02/26/2015 02:10:48 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: AFD
aswRdr
aswRvrt
aswSnx
aswSP
aswTdi
aswVmm
DfsC
NetBIOS
netbt
nsiproxy
PSched
RasAcd
rdbss
Smb
spldr
Tcpip
tdx
Wanarpv6

Error: (02/26/2015 02:10:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068

Error: (02/26/2015 02:10:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: TCP/IP Registry CompatibilityTCP/IP-Protokolltreiber%%31

Error: (02/26/2015 02:10:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: NLA (Network Location Awareness)TCP/IP-Protokolltreiber%%31

Error: (02/26/2015 02:10:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: IP-HilfsdienstNetzwerkspeicher-Schnittstellendienst%%1068

Error: (02/26/2015 02:10:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: WebClientWebDav Client Redirector Driver%%1068


Microsoft Office Sessions:
=========================
Error: (02/26/2015 02:10:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/26/2015 02:09:26 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\vistasp1_gdr\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (02/26/2015 01:52:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/26/2015 01:51:03 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\vistasp1_gdr\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (02/26/2015 01:40:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/25/2015 08:13:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2015-02-26 14:26:53.984
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-26 14:26:53.922
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-26 14:26:53.844
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-26 14:26:53.766
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-26 14:26:53.532
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-26 14:26:53.454
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-26 14:26:53.391
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-26 14:26:53.313
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-26 14:26:37.401
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-26 14:26:37.339
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU T6500 @ 2.10GHz
Percentage of memory in use: 15%
Total physical RAM: 3068.03 MB
Available physical RAM: 2577.39 MB
Total Pagefile: 6338.34 MB
Available Pagefile: 6034.36 MB
Total Virtual: 2047.88 MB
Available Virtual: 1931.95 MB

==================== Drives ================================

Drive c: (ACER) (Fixed) (Total:144.04 GB) (Free:53.98 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:137.5 GB) (Free:96.59 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 4EBF5754)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=144 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=137.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=3.5 GB) - (Type=12)

==================== End Of Log ============================

Warlord711 · 26.02.2015, 18:26

Läuft der Rechner im Normalmodus garnicht mehr ?

Falls ja, mach bitte daraus einen FRST Scan.

vikiklein · 26.02.2015, 19:00

Ne wie gesagt, er startet unter dem normalem Modus, aber bleibt ja dann hängen und nichts geht mehr....
Daher gehts nur im abgesichertem Modus. Sorry!

Warlord711 · 26.02.2015, 19:29

Lösch mal den Office-Crack, vielleicht gehts dann wieder.

Drücke bitte die

+ R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

C:\Windows\Tasks\AutoKMS.job
emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem USB Stick.

Starte deinen Rechner erneut in die Reparaturoptionen
Starte nun die FRST.exe erneut und klicke den Entfernen Button.

Das Tool erstellt eine Fixlog.txt auf deinem USB Stick. Poste den Inhalt bitte hier.

vikiklein · 26.02.2015, 19:41

Wie lösche ich dieses Office-Crack? Und was meinst du mit den Reparaturoptionen? Ist das der abgesicherte Modus?

Warlord711 · 26.02.2015, 19:44

Genau, einfach die Fixlist.txt erstellen und dorthin kopieren wo die FRST(64).exe liegt.

Dann FRST starten und auf den Fix Button klicken.

vikiklein · 26.02.2015, 19:58

Ok hab ich gemacht. Windows hängt im normalen Modus aber leider immer noch....

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 25-02-2015 01
Ran by Viki at 2015-02-26 19:49:52 Run:1
Running from C:\Users\Viki\Desktop
Loaded Profiles: Viki (Available profiles: Viki)
Boot Mode: Safe Mode (minimal)

==============================================

Content of fixlist:
*****************
C:\Windows\Tasks\AutoKMS.job
emptytemp:
         
*****************

C:\Windows\Tasks\AutoKMS.job => Moved successfully.
EmptyTemp: => Removed 4.5 GB temporary data.


The system needed a reboot. 

==== End of Fixlog 19:51:59 ====

Warlord711 · 26.02.2015, 20:24

Ok, dann lass erstmal sfc laufen:

sfc /scannow - Windows Systemintegritätsüberprüfung

klicken auf den Start-Button und
in das Suchfenster cmd eingeben.
Es erscheint im oberen Teil des Fensters ein schwarzes Symbol.
Hierauf folgt ein Rechtsklick und
wählen aus dem Kontextmenü den Eintrag Als Administrator ausführen aus.

Im nun geöffneten Fenster

Code:

ATTFilter

sfc /scannow

eingeben, gefolgt von einem Druck auf die Enter-Taste.

Nach Abschluss der Aktion wird darüber informiert welche Fehler durch SFC gefunden wurden. Auch, wenn keine Fehler gefunden wurden, teilt SFC dies am Ende mit, wie auf dem Screenshot zu sehen.

Bitte das Ergebnis mitteilen.

Kopier bitte den Inhalt der Codebox in die Zwischenablage, indem du auf Alles auswählen klickst und dann STRG+C oder Rechte Maustaste - Kopieren wählst.
Code:
ATTFilter
```
findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >%userprofile%\Desktop\sfcdetails.txt
         
```
Drücke jetzt die Windowstaste + R und füge den kopierten Befehle per STRG+V oder Rechte Maustaste - Einfügen ein.
Drücke die Eingabetaste oder OK
Auf dem Desktop wir die Datei sfcdetails.txt erzeugt. Poste mir deren Inhalt

vikiklein · 26.02.2015, 20:43

Code:

ATTFilter

Microsoft Windows [Version 6.0.6001]
Copyright (c) 2006 Microsoft Corporation. Alle Rechte vorbehalten.

C:\Windows\system32>sfc /scannow

Systemsuche wird gestartet. Dieser Vorgang kann einige Zeit dauern.

Überprüfungsphase des Systemsuche wird gestartet.
Überprüfung 100% abgeschlossen.
Der Windows-Ressourcenschutz hat beschädigte Dateien gefunden und konnte einige
der Dateien nicht reparieren.
Details finden Sie in der Datei "CBS.Log" (windir\Logs\CBS\CBS.log).
Beispielsweise "C:\Windows\Logs\CBS\CBS.log".

C:\Windows\system32>

Also irgendwie erstellt er mir diese Datei nicht... ich finde sie nicht auf dem Desktop?

Warlord711 · 26.02.2015, 21:04

Gibts denn nen Fehler beim Ausführen des letzten Befehls ?

vikiklein · 26.02.2015, 21:21

Ne das läd was in einem schwarzen fenster und dann is es plötzlich weg und nichts mehr davon zu sehen. Wenn ich es nochmal ausführe dann passiert nichts mehr.

Warlord711 · 26.02.2015, 21:28

Kopier nochmal

Code:

ATTFilter

findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >%userprofile%\Desktop\sfcdetails.txt

mit STRG+C in die Zwischenablage.

Dann drückst du Windowstaste +R und gibt cmd ein. In dem Fenster dann per Rechte Maustaste - Einfügen den Befehl einfügen und mit <Enter> abschicken.

vikiklein · 26.02.2015, 21:39

Hat geklappt:

Code:

ATTFilter

2015-02-26 20:29:32, Info                  CSI    00000006 [SR] Verifying 100 (0x00000064) components
2015-02-26 20:29:32, Info                  CSI    00000007 [SR] Beginning Verify and Repair transaction
2015-02-26 20:29:39, Info                  CSI    00000009 [SR] Verify complete
2015-02-26 20:29:40, Info                  CSI    0000000a [SR] Verifying 100 (0x00000064) components
2015-02-26 20:29:40, Info                  CSI    0000000b [SR] Beginning Verify and Repair transaction
2015-02-26 20:29:48, Info                  CSI    0000000d [SR] Verify complete
2015-02-26 20:29:49, Info                  CSI    0000000e [SR] Verifying 100 (0x00000064) components
2015-02-26 20:29:49, Info                  CSI    0000000f [SR] Beginning Verify and Repair transaction
2015-02-26 20:29:51, Info                  CSI    00000011 [SR] Verify complete
2015-02-26 20:29:52, Info                  CSI    00000012 [SR] Verifying 100 (0x00000064) components
2015-02-26 20:29:52, Info                  CSI    00000013 [SR] Beginning Verify and Repair transaction
2015-02-26 20:29:53, Info                  CSI    00000015 [SR] Verify complete
2015-02-26 20:29:53, Info                  CSI    00000016 [SR] Verifying 100 (0x00000064) components
2015-02-26 20:29:53, Info                  CSI    00000017 [SR] Beginning Verify and Repair transaction
2015-02-26 20:29:54, Info                  CSI    00000019 [SR] Verify complete
2015-02-26 20:29:55, Info                  CSI    0000001a [SR] Verifying 100 (0x00000064) components
2015-02-26 20:29:55, Info                  CSI    0000001b [SR] Beginning Verify and Repair transaction
2015-02-26 20:29:56, Info                  CSI    0000001d [SR] Verify complete
2015-02-26 20:29:57, Info                  CSI    0000001e [SR] Verifying 100 (0x00000064) components
2015-02-26 20:29:57, Info                  CSI    0000001f [SR] Beginning Verify and Repair transaction
2015-02-26 20:29:58, Info                  CSI    00000021 [SR] Verify complete
2015-02-26 20:29:58, Info                  CSI    00000022 [SR] Verifying 100 (0x00000064) components
2015-02-26 20:29:58, Info                  CSI    00000023 [SR] Beginning Verify and Repair transaction
2015-02-26 20:29:59, Info                  CSI    00000025 [SR] Verify complete
2015-02-26 20:30:00, Info                  CSI    00000026 [SR] Verifying 100 (0x00000064) components
2015-02-26 20:30:00, Info                  CSI    00000027 [SR] Beginning Verify and Repair transaction
2015-02-26 20:30:01, Info                  CSI    00000029 [SR] Verify complete
2015-02-26 20:30:02, Info                  CSI    0000002a [SR] Verifying 100 (0x00000064) components
2015-02-26 20:30:02, Info                  CSI    0000002b [SR] Beginning Verify and Repair transaction
2015-02-26 20:30:07, Info                  CSI    0000002d [SR] Verify complete
2015-02-26 20:30:08, Info                  CSI    0000002e [SR] Verifying 100 (0x00000064) components
2015-02-26 20:30:08, Info                  CSI    0000002f [SR] Beginning Verify and Repair transaction
2015-02-26 20:30:09, Info                  CSI    00000031 [SR] Verify complete
2015-02-26 20:30:10, Info                  CSI    00000032 [SR] Verifying 100 (0x00000064) components
2015-02-26 20:30:10, Info                  CSI    00000033 [SR] Beginning Verify and Repair transaction
2015-02-26 20:30:12, Info                  CSI    00000035 [SR] Verify complete
2015-02-26 20:30:13, Info                  CSI    00000036 [SR] Verifying 100 (0x00000064) components
2015-02-26 20:30:13, Info                  CSI    00000037 [SR] Beginning Verify and Repair transaction
2015-02-26 20:30:14, Info                  CSI    00000039 [SR] Verify complete
2015-02-26 20:30:15, Info                  CSI    0000003a [SR] Verifying 100 (0x00000064) components
2015-02-26 20:30:15, Info                  CSI    0000003b [SR] Beginning Verify and Repair transaction
2015-02-26 20:30:15, Info                  CSI    0000003d [SR] Verify complete
2015-02-26 20:30:16, Info                  CSI    0000003e [SR] Verifying 100 (0x00000064) components
2015-02-26 20:30:16, Info                  CSI    0000003f [SR] Beginning Verify and Repair transaction
2015-02-26 20:30:18, Info                  CSI    00000041 [SR] Verify complete
2015-02-26 20:30:18, Info                  CSI    00000042 [SR] Verifying 100 (0x00000064) components
2015-02-26 20:30:18, Info                  CSI    00000043 [SR] Beginning Verify and Repair transaction
2015-02-26 20:30:21, Info                  CSI    00000045 [SR] Verify complete
2015-02-26 20:30:21, Info                  CSI    00000046 [SR] Verifying 100 (0x00000064) components
2015-02-26 20:30:21, Info                  CSI    00000047 [SR] Beginning Verify and Repair transaction
2015-02-26 20:30:23, Info                  CSI    00000049 [SR] Verify complete
2015-02-26 20:30:23, Info                  CSI    0000004a [SR] Verifying 100 (0x00000064) components
2015-02-26 20:30:23, Info                  CSI    0000004b [SR] Beginning Verify and Repair transaction
2015-02-26 20:30:25, Info                  CSI    0000004d [SR] Verify complete
2015-02-26 20:30:26, Info                  CSI    0000004e [SR] Verifying 100 (0x00000064) components
2015-02-26 20:30:26, Info                  CSI    0000004f [SR] Beginning Verify and Repair transaction
2015-02-26 20:30:27, Info                  CSI    00000051 [SR] Verify complete
2015-02-26 20:30:28, Info                  CSI    00000052 [SR] Verifying 100 (0x00000064) components
2015-02-26 20:30:28, Info                  CSI    00000053 [SR] Beginning Verify and Repair transaction
2015-02-26 20:30:30, Info                  CSI    00000055 [SR] Verify complete
2015-02-26 20:30:30, Info                  CSI    00000056 [SR] Verifying 100 (0x00000064) components
2015-02-26 20:30:30, Info                  CSI    00000057 [SR] Beginning Verify and Repair transaction
2015-02-26 20:30:32, Info                  CSI    00000059 [SR] Verify complete
2015-02-26 20:30:32, Info                  CSI    0000005a [SR] Verifying 100 (0x00000064) components
2015-02-26 20:30:32, Info                  CSI    0000005b [SR] Beginning Verify and Repair transaction
2015-02-26 20:30:36, Info                  CSI    0000005d [SR] Verify complete
2015-02-26 20:30:36, Info                  CSI    0000005e [SR] Verifying 100 (0x00000064) components
2015-02-26 20:30:36, Info                  CSI    0000005f [SR] Beginning Verify and Repair transaction
2015-02-26 20:30:43, Info                  CSI    00000061 [SR] Verify complete
2015-02-26 20:30:43, Info                  CSI    00000062 [SR] Verifying 100 (0x00000064) components
2015-02-26 20:30:43, Info                  CSI    00000063 [SR] Beginning Verify and Repair transaction
2015-02-26 20:30:49, Info                  CSI    00000065 [SR] Verify complete
2015-02-26 20:30:50, Info                  CSI    00000066 [SR] Verifying 100 (0x00000064) components
2015-02-26 20:30:50, Info                  CSI    00000067 [SR] Beginning Verify and Repair transaction
2015-02-26 20:30:55, Info                  CSI    0000006a [SR] Verify complete
2015-02-26 20:30:55, Info                  CSI    0000006b [SR] Verifying 100 (0x00000064) components
2015-02-26 20:30:55, Info                  CSI    0000006c [SR] Beginning Verify and Repair transaction
2015-02-26 20:31:01, Info                  CSI    0000006f [SR] Verify complete
2015-02-26 20:31:01, Info                  CSI    00000070 [SR] Verifying 100 (0x00000064) components
2015-02-26 20:31:01, Info                  CSI    00000071 [SR] Beginning Verify and Repair transaction
2015-02-26 20:31:08, Info                  CSI    00000073 [SR] Verify complete
2015-02-26 20:31:09, Info                  CSI    00000074 [SR] Verifying 100 (0x00000064) components
2015-02-26 20:31:09, Info                  CSI    00000075 [SR] Beginning Verify and Repair transaction
2015-02-26 20:31:18, Info                  CSI    0000007f [SR] Verify complete
2015-02-26 20:31:19, Info                  CSI    00000080 [SR] Verifying 100 (0x00000064) components
2015-02-26 20:31:19, Info                  CSI    00000081 [SR] Beginning Verify and Repair transaction
2015-02-26 20:31:26, Info                  CSI    00000083 [SR] Verify complete
2015-02-26 20:31:26, Info                  CSI    00000084 [SR] Verifying 100 (0x00000064) components
2015-02-26 20:31:26, Info                  CSI    00000085 [SR] Beginning Verify and Repair transaction
2015-02-26 20:31:33, Info                  CSI    00000087 [SR] Verify complete
2015-02-26 20:31:34, Info                  CSI    00000088 [SR] Verifying 100 (0x00000064) components
2015-02-26 20:31:34, Info                  CSI    00000089 [SR] Beginning Verify and Repair transaction
2015-02-26 20:31:41, Info                  CSI    0000008b [SR] Verify complete
2015-02-26 20:31:41, Info                  CSI    0000008c [SR] Verifying 100 (0x00000064) components
2015-02-26 20:31:41, Info                  CSI    0000008d [SR] Beginning Verify and Repair transaction
2015-02-26 20:31:50, Info                  CSI    0000008f [SR] Verify complete
2015-02-26 20:31:50, Info                  CSI    00000090 [SR] Verifying 100 (0x00000064) components
2015-02-26 20:31:50, Info                  CSI    00000091 [SR] Beginning Verify and Repair transaction
2015-02-26 20:32:01, Info                  CSI    00000095 [SR] Verify complete
2015-02-26 20:32:01, Info                  CSI    00000096 [SR] Verifying 100 (0x00000064) components
2015-02-26 20:32:01, Info                  CSI    00000097 [SR] Beginning Verify and Repair transaction
2015-02-26 20:32:16, Info                  CSI    00000099 [SR] Verify complete
2015-02-26 20:32:16, Info                  CSI    0000009a [SR] Verifying 100 (0x00000064) components
2015-02-26 20:32:16, Info                  CSI    0000009b [SR] Beginning Verify and Repair transaction
2015-02-26 20:32:35, Info                  CSI    0000009d [SR] Verify complete
2015-02-26 20:32:35, Info                  CSI    0000009e [SR] Verifying 100 (0x00000064) components
2015-02-26 20:32:35, Info                  CSI    0000009f [SR] Beginning Verify and Repair transaction
2015-02-26 20:32:43, Info                  CSI    000000a1 [SR] Verify complete
2015-02-26 20:32:43, Info                  CSI    000000a2 [SR] Verifying 100 (0x00000064) components
2015-02-26 20:32:43, Info                  CSI    000000a3 [SR] Beginning Verify and Repair transaction
2015-02-26 20:32:46, Info                  CSI    000000a5 [SR] Verify complete
2015-02-26 20:32:47, Info                  CSI    000000a6 [SR] Verifying 100 (0x00000064) components
2015-02-26 20:32:47, Info                  CSI    000000a7 [SR] Beginning Verify and Repair transaction
2015-02-26 20:32:49, Info                  CSI    000000a9 [SR] Verify complete
2015-02-26 20:32:50, Info                  CSI    000000aa [SR] Verifying 100 (0x00000064) components
2015-02-26 20:32:50, Info                  CSI    000000ab [SR] Beginning Verify and Repair transaction
2015-02-26 20:33:01, Info                  CSI    000000c9 [SR] Verify complete
2015-02-26 20:33:02, Info                  CSI    000000ca [SR] Verifying 100 (0x00000064) components
2015-02-26 20:33:02, Info                  CSI    000000cb [SR] Beginning Verify and Repair transaction
2015-02-26 20:33:07, Info                  CSI    000000cd [SR] Verify complete
2015-02-26 20:33:07, Info                  CSI    000000ce [SR] Verifying 100 (0x00000064) components
2015-02-26 20:33:07, Info                  CSI    000000cf [SR] Beginning Verify and Repair transaction
2015-02-26 20:33:12, Info                  CSI    000000d1 [SR] Verify complete
2015-02-26 20:33:12, Info                  CSI    000000d2 [SR] Verifying 100 (0x00000064) components
2015-02-26 20:33:12, Info                  CSI    000000d3 [SR] Beginning Verify and Repair transaction
2015-02-26 20:33:16, Info                  CSI    000000d5 [SR] Verify complete
2015-02-26 20:33:17, Info                  CSI    000000d6 [SR] Verifying 100 (0x00000064) components
2015-02-26 20:33:17, Info                  CSI    000000d7 [SR] Beginning Verify and Repair transaction
2015-02-26 20:33:24, Info                  CSI    000000d9 [SR] Verify complete
2015-02-26 20:33:25, Info                  CSI    000000da [SR] Verifying 100 (0x00000064) components
2015-02-26 20:33:25, Info                  CSI    000000db [SR] Beginning Verify and Repair transaction
2015-02-26 20:33:35, Info                  CSI    000000dd [SR] Verify complete
2015-02-26 20:33:36, Info                  CSI    000000de [SR] Verifying 100 (0x00000064) components
2015-02-26 20:33:36, Info                  CSI    000000df [SR] Beginning Verify and Repair transaction
2015-02-26 20:33:40, Info                  CSI    000000e1 [SR] Verify complete
2015-02-26 20:33:40, Info                  CSI    000000e2 [SR] Verifying 100 (0x00000064) components
2015-02-26 20:33:40, Info                  CSI    000000e3 [SR] Beginning Verify and Repair transaction
2015-02-26 20:33:50, Info                  CSI    000000e5 [SR] Verify complete
2015-02-26 20:33:51, Info                  CSI    000000e6 [SR] Verifying 100 (0x00000064) components
2015-02-26 20:33:51, Info                  CSI    000000e7 [SR] Beginning Verify and Repair transaction
2015-02-26 20:33:57, Info                  CSI    000000e9 [SR] Verify complete
2015-02-26 20:33:58, Info                  CSI    000000ea [SR] Verifying 100 (0x00000064) components
2015-02-26 20:33:58, Info                  CSI    000000eb [SR] Beginning Verify and Repair transaction
2015-02-26 20:34:05, Info                  CSI    000000ed [SR] Verify complete
2015-02-26 20:34:05, Info                  CSI    000000ee [SR] Verifying 100 (0x00000064) components
2015-02-26 20:34:05, Info                  CSI    000000ef [SR] Beginning Verify and Repair transaction
2015-02-26 20:34:17, Info                  CSI    00000114 [SR] Verify complete
2015-02-26 20:34:18, Info                  CSI    00000115 [SR] Verifying 100 (0x00000064) components
2015-02-26 20:34:18, Info                  CSI    00000116 [SR] Beginning Verify and Repair transaction
2015-02-26 20:34:32, Info                  CSI    00000118 [SR] Verify complete
2015-02-26 20:34:33, Info                  CSI    00000119 [SR] Verifying 100 (0x00000064) components
2015-02-26 20:34:33, Info                  CSI    0000011a [SR] Beginning Verify and Repair transaction
2015-02-26 20:34:56, Info                  CSI    0000011c [SR] Verify complete
2015-02-26 20:34:57, Info                  CSI    0000011d [SR] Verifying 100 (0x00000064) components
2015-02-26 20:34:57, Info                  CSI    0000011e [SR] Beginning Verify and Repair transaction
2015-02-26 20:35:16, Info                  CSI    00000120 [SR] Verify complete
2015-02-26 20:35:17, Info                  CSI    00000121 [SR] Verifying 100 (0x00000064) components
2015-02-26 20:35:17, Info                  CSI    00000122 [SR] Beginning Verify and Repair transaction
2015-02-26 20:35:28, Info                  CSI    00000124 [SR] Verify complete
2015-02-26 20:35:28, Info                  CSI    00000125 [SR] Verifying 100 (0x00000064) components
2015-02-26 20:35:28, Info                  CSI    00000126 [SR] Beginning Verify and Repair transaction
2015-02-26 20:35:36, Info                  CSI    00000128 [SR] Verify complete
2015-02-26 20:35:37, Info                  CSI    00000129 [SR] Verifying 100 (0x00000064) components
2015-02-26 20:35:37, Info                  CSI    0000012a [SR] Beginning Verify and Repair transaction
2015-02-26 20:35:43, Info                  CSI    0000012c [SR] Verify complete
2015-02-26 20:35:44, Info                  CSI    0000012d [SR] Verifying 100 (0x00000064) components
2015-02-26 20:35:44, Info                  CSI    0000012e [SR] Beginning Verify and Repair transaction
2015-02-26 20:35:51, Info                  CSI    00000131 [SR] Verify complete
2015-02-26 20:35:52, Info                  CSI    00000132 [SR] Verifying 100 (0x00000064) components
2015-02-26 20:35:52, Info                  CSI    00000133 [SR] Beginning Verify and Repair transaction
2015-02-26 20:36:05, Info                  CSI    00000135 [SR] Verify complete
2015-02-26 20:36:05, Info                  CSI    00000136 [SR] Verifying 100 (0x00000064) components
2015-02-26 20:36:05, Info                  CSI    00000137 [SR] Beginning Verify and Repair transaction
2015-02-26 20:36:14, Info                  CSI    00000139 [SR] Verify complete
2015-02-26 20:36:14, Info                  CSI    0000013a [SR] Verifying 100 (0x00000064) components
2015-02-26 20:36:14, Info                  CSI    0000013b [SR] Beginning Verify and Repair transaction
2015-02-26 20:36:24, Info                  CSI    0000013d [SR] Verify complete
2015-02-26 20:36:24, Info                  CSI    0000013e [SR] Verifying 100 (0x00000064) components
2015-02-26 20:36:24, Info                  CSI    0000013f [SR] Beginning Verify and Repair transaction
2015-02-26 20:36:31, Info                  CSI    00000141 [SR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6001.18000, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2015-02-26 20:36:35, Info                  CSI    00000143 [SR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6001.18000, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2015-02-26 20:36:35, Info                  CSI    00000144 [SR] This component was referenced by [l:158{79}]"Package_20_for_KB936330~31bf3856ad364e35~x86~~6.0.1.18000.936330-33_neutral_GDR"
2015-02-26 20:36:35, Info                  CSI    00000147 [SR] Could not reproject corrupted file [ml:520{260},l:72{36}]"\??\C:\Program Files\Windows Sidebar"\[l:24{12}]"settings.ini"; source file in store is also corrupted
2015-02-26 20:36:38, Info                  CSI    00000149 [SR] Verify complete
2015-02-26 20:36:38, Info                  CSI    0000014a [SR] Verifying 100 (0x00000064) components
2015-02-26 20:36:38, Info                  CSI    0000014b [SR] Beginning Verify and Repair transaction
2015-02-26 20:36:45, Info                  CSI    0000014d [SR] Verify complete
2015-02-26 20:36:46, Info                  CSI    0000014e [SR] Verifying 100 (0x00000064) components
2015-02-26 20:36:46, Info                  CSI    0000014f [SR] Beginning Verify and Repair transaction
2015-02-26 20:36:57, Info                  CSI    00000151 [SR] Verify complete
2015-02-26 20:36:57, Info                  CSI    00000152 [SR] Verifying 100 (0x00000064) components
2015-02-26 20:36:57, Info                  CSI    00000153 [SR] Beginning Verify and Repair transaction
2015-02-26 20:37:11, Info                  CSI    00000156 [SR] Verify complete
2015-02-26 20:37:12, Info                  CSI    00000157 [SR] Verifying 100 (0x00000064) components
2015-02-26 20:37:12, Info                  CSI    00000158 [SR] Beginning Verify and Repair transaction
2015-02-26 20:37:19, Info                  CSI    0000015a [SR] Verify complete
2015-02-26 20:37:20, Info                  CSI    0000015b [SR] Verifying 100 (0x00000064) components
2015-02-26 20:37:20, Info                  CSI    0000015c [SR] Beginning Verify and Repair transaction
2015-02-26 20:37:28, Info                  CSI    0000015e [SR] Verify complete
2015-02-26 20:37:28, Info                  CSI    0000015f [SR] Verifying 100 (0x00000064) components
2015-02-26 20:37:28, Info                  CSI    00000160 [SR] Beginning Verify and Repair transaction
2015-02-26 20:37:36, Info                  CSI    00000162 [SR] Verify complete
2015-02-26 20:37:36, Info                  CSI    00000163 [SR] Verifying 100 (0x00000064) components
2015-02-26 20:37:36, Info                  CSI    00000164 [SR] Beginning Verify and Repair transaction
2015-02-26 20:37:48, Info                  CSI    00000166 [SR] Verify complete
2015-02-26 20:37:49, Info                  CSI    00000167 [SR] Verifying 100 (0x00000064) components
2015-02-26 20:37:49, Info                  CSI    00000168 [SR] Beginning Verify and Repair transaction
2015-02-26 20:38:02, Info                  CSI    0000016a [SR] Verify complete
2015-02-26 20:38:02, Info                  CSI    0000016b [SR] Verifying 100 (0x00000064) components
2015-02-26 20:38:02, Info                  CSI    0000016c [SR] Beginning Verify and Repair transaction
2015-02-26 20:38:06, Info                  CSI    0000016e [SR] Verify complete
2015-02-26 20:38:07, Info                  CSI    0000016f [SR] Verifying 100 (0x00000064) components
2015-02-26 20:38:07, Info                  CSI    00000170 [SR] Beginning Verify and Repair transaction
2015-02-26 20:38:12, Info                  CSI    00000172 [SR] Verify complete
2015-02-26 20:38:13, Info                  CSI    00000173 [SR] Verifying 100 (0x00000064) components
2015-02-26 20:38:13, Info                  CSI    00000174 [SR] Beginning Verify and Repair transaction
2015-02-26 20:38:20, Info                  CSI    00000176 [SR] Verify complete
2015-02-26 20:38:20, Info                  CSI    00000177 [SR] Verifying 100 (0x00000064) components
2015-02-26 20:38:20, Info                  CSI    00000178 [SR] Beginning Verify and Repair transaction
2015-02-26 20:38:28, Info                  CSI    0000017a [SR] Verify complete
2015-02-26 20:38:28, Info                  CSI    0000017b [SR] Verifying 100 (0x00000064) components
2015-02-26 20:38:28, Info                  CSI    0000017c [SR] Beginning Verify and Repair transaction
2015-02-26 20:38:34, Info                  CSI    0000017e [SR] Verify complete
2015-02-26 20:38:34, Info                  CSI    0000017f [SR] Verifying 100 (0x00000064) components
2015-02-26 20:38:34, Info                  CSI    00000180 [SR] Beginning Verify and Repair transaction
2015-02-26 20:38:54, Info                  CSI    00000182 [SR] Verify complete
2015-02-26 20:38:54, Info                  CSI    00000183 [SR] Verifying 100 (0x00000064) components
2015-02-26 20:38:54, Info                  CSI    00000184 [SR] Beginning Verify and Repair transaction
2015-02-26 20:38:59, Info                  CSI    00000186 [SR] Verify complete
2015-02-26 20:39:00, Info                  CSI    00000187 [SR] Verifying 100 (0x00000064) components
2015-02-26 20:39:00, Info                  CSI    00000188 [SR] Beginning Verify and Repair transaction
2015-02-26 20:39:09, Info                  CSI    00000193 [SR] Verify complete
2015-02-26 20:39:09, Info                  CSI    00000194 [SR] Verifying 62 (0x0000003e) components
2015-02-26 20:39:09, Info                  CSI    00000195 [SR] Beginning Verify and Repair transaction
2015-02-26 20:39:14, Info                  CSI    00000197 [SR] Verify complete
2015-02-26 20:39:14, Info                  CSI    00000198 [SR] Repairing 1 components
2015-02-26 20:39:14, Info                  CSI    00000199 [SR] Beginning Verify and Repair transaction
2015-02-26 20:39:14, Info                  CSI    0000019b [SR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6001.18000, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2015-02-26 20:39:14, Info                  CSI    0000019d [SR] Cannot repair member file [l:24{12}]"settings.ini" of Microsoft-Windows-Sidebar, Version = 6.0.6001.18000, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2015-02-26 20:39:14, Info                  CSI    0000019e [SR] This component was referenced by [l:158{79}]"Package_20_for_KB936330~31bf3856ad364e35~x86~~6.0.1.18000.936330-33_neutral_GDR"
2015-02-26 20:39:14, Info                  CSI    000001a1 [SR] Could not reproject corrupted file [ml:520{260},l:72{36}]"\??\C:\Program Files\Windows Sidebar"\[l:24{12}]"settings.ini"; source file in store is also corrupted
2015-02-26 20:39:14, Info                  CSI    000001a3 [SR] Repair complete
2015-02-26 20:39:14, Info                  CSI    000001a4 [SR] Committing transaction
2015-02-26 20:39:15, Info                  CSI    000001a8 [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction  have been successfully repaired

26.02.2015, 18:26	#4
Warlord711 /// TB-Ausbilder	Windows/Desktop läd ganz normal, bleibt dann doch hängen Läuft der Rechner im Normalmodus garnicht mehr ? Falls ja, mach bitte daraus einen FRST Scan. __________________ Lerne, zurück zu schlagen und unterstütze uns! TB Akademie \| Spende \| Lob & Kritik

26.02.2015, 19:44	#8
Warlord711 /// TB-Ausbilder	Windows/Desktop läd ganz normal, bleibt dann doch hängen Genau, einfach die Fixlist.txt erstellen und dorthin kopieren wo die FRST(64).exe liegt. Dann FRST starten und auf den Fix Button klicken. __________________ Lerne, zurück zu schlagen und unterstütze uns! TB Akademie \| Spende \| Lob & Kritik

26.02.2015, 21:04	#12
Warlord711 /// TB-Ausbilder	Windows/Desktop läd ganz normal, bleibt dann doch hängen Gibts denn nen Fehler beim Ausführen des letzten Befehls ? __________________ Lerne, zurück zu schlagen und unterstütze uns! TB Akademie \| Spende \| Lob & Kritik

Windows/Desktop läd ganz normal, bleibt dann doch hängen

Plagegeister aller Art und deren Bekämpfung: Windows/Desktop läd ganz normal, bleibt dann doch hängen