Hallo,

Ich habe das Problem das ich bei meinem Standard User bei Windows 7 ständig wieder abgemeldet werde, wenn ich mich Anmelde, sprich ich sehe einfach nur "Willkommen" und 2 Sekunden später "Abmeldung..". Ich weiß nicht woran das liegt, kennt einer von euch vielleicht das Problem und die Lösung wie ich das beheben kann?

Ich habe als OS Microsoft Windows 7 Ultimate 64 Bit und Systemmodell HP Compaq dx2420 Microtower.

Gruß,

Ladekabel612

Hallo

Wie siehts denn mit einem anderen Benutzerkonto aus? Gleiches Problem?
Wenn keiner vorhanden ist, mal einen neuen anlegen und damit testen.

Zudem kannst du mal einen Scan mit FRST machen um zu sehen ob Malware für das Problem verantwortlich ist:

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

• Starte jetzt FRST.
• Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
• Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
• Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Hi,

Also ich habe neben dem Standard User noch meinen Administrator, mit dem ich hier Grade Schreibe. der Geht, wunderbar, auch mit Passwort. (Habe momentan da keins.) Standard Benutzer habe ich schon mehrmals gelöscht und einen neuen Angelegt, ging nicht.


FRST Logfile:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by compaq (administrator) on LADEKABEL612-PC on 13-09-2014 19:00:17
Running from C:\Users\compaq\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apache Software Foundation) C:\Program Files (x86)\XAMPP\apache\bin\httpd.exe
() C:\Program Files (x86)\XAMPP\mysql\bin\mysqld.exe
() C:\Program Files (x86)\NETGEAR\WNA3100M\WNA3100M.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apache Software Foundation) C:\Program Files (x86)\XAMPP\apache\bin\httpd.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe,C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe,
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100M Genie.lnk
ShortcutTarget: NETGEAR WNA3100M Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA3100M\WNA3100M.exe ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4CCD77966318CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com?fr=hp-avast&type=prc265
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?type=prc265&hspart=avast&hsimp=yhs-001&p={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Tcpip\..\Interfaces\{FCD5A3CD-F655-4E96-A281-65606862AD3C}: [NameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\compaq\AppData\Roaming\Mozilla\Firefox\Profiles\9qouo72v.default
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - C:\Users\compaq\AppData\Roaming\Mozilla\Firefox\Profiles\9qouo72v.default\Extensions\ich@maltegoetz.de.xpi [2014-09-13]
FF Extension: The Fox, Only Better - C:\Users\compaq\AppData\Roaming\Mozilla\Firefox\Profiles\9qouo72v.default\Extensions\thefoxonlybetter@quicksaver.xpi [2014-08-23]
FF Extension: Adblock Plus - C:\Users\compaq\AppData\Roaming\Mozilla\Firefox\Profiles\9qouo72v.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-28]
FF Extension: User Agent Switcher - C:\Users\compaq\AppData\Roaming\Mozilla\Firefox\Profiles\9qouo72v.default\Extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi [2014-08-23]
FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2014-09-03]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-15]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-10]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apache2.4; C:\program files (x86)\xampp\apache\bin\httpd.exe [20992 2014-07-19] (Apache Software Foundation) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-10] (AVAST Software)
R2 mysql; C:\program files (x86)\xampp\mysql\bin\mysqld.exe [8144896 2014-07-19] () [File not signed]
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [174088 2014-05-29] (Sandboxie Holdings, LLC)
S4 WSWNA3100M; C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvc.exe [303360 2011-12-07] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-10] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-10] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-10] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-10] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-10] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-10] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-10] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-10] ()
R3 gddcd; C:\Windows\system32\drivers\gddcd64.sys [78848 2014-07-23] (G Data Software AG)
R1 gddcv; C:\Windows\system32\drivers\gddcv64.sys [58880 2014-07-23] (G Data Software AG)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-17] (AnchorFree Inc.)
S3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation                           )
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [185352 2014-05-29] (Sandboxie Holdings, LLC)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
R3 wna3100m; C:\Windows\System32\DRIVERS\wna3100m.sys [1094760 2011-12-30] (NETGEAR Corporation                           )
S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [35344 2014-09-03] ()
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-13 19:00 - 2014-09-13 19:01 - 00009493 _____ () C:\Users\compaq\Desktop\FRST.txt
2014-09-13 19:00 - 2014-09-13 19:00 - 00000000 ____D () C:\FRST
2014-09-13 18:58 - 2014-09-13 18:58 - 02105856 _____ (Farbar) C:\Users\compaq\Desktop\FRST64.exe
2014-09-13 17:32 - 2014-09-13 17:32 - 00000056 _____ () C:\Windows\setupact.log
2014-09-13 17:32 - 2014-09-13 17:32 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-13 17:06 - 2014-09-13 17:06 - 00000000 ____D () C:\Windows\pss
2014-09-13 15:23 - 2014-09-13 16:23 - 2563039232 _____ () C:\Users\compaq\Desktop\X17-24208.iso
2014-09-13 12:42 - 2014-09-13 12:42 - 00000000 ___RD () C:\Sandbox
2014-09-13 12:41 - 2014-09-13 12:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2014-09-13 12:39 - 2014-09-13 16:51 - 00001640 _____ () C:\Windows\Sandboxie.ini
2014-09-13 12:39 - 2014-09-13 12:38 - 00000876 _____ () C:\Users\compaq\Documents\Sandboxed Web Browser.lnk
2014-09-13 12:38 - 2014-09-13 12:38 - 02656264 _____ (Sandboxie Holdings, LLC) C:\Users\compaq\Downloads\SandboxieInstall.exe
2014-09-13 12:38 - 2014-09-13 12:38 - 00000000 ____D () C:\Program Files\Sandboxie
2014-09-13 11:34 - 2014-09-13 11:34 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\WinRAR
2014-09-13 11:12 - 2014-09-13 11:42 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-13 11:12 - 2014-09-13 11:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-13 11:11 - 2014-09-13 11:12 - 00000000 ____D () C:\Program Files\WinRAR
2014-09-13 11:03 - 2013-11-03 22:21 - 00005593 _____ () C:\Users\compaq\Downloads\IE8 - WinXP.ovf
2014-09-13 11:03 - 2013-11-03 22:21 - 00000135 _____ () C:\Users\compaq\Downloads\IE8 - WinXP.mf
2014-09-13 10:59 - 2014-09-13 10:59 - 00002122 _____ () C:\Users\compaq\Documents\VMware Player.lnk
2014-09-13 10:20 - 2014-09-13 10:20 - 00369276 _____ () C:\Users\compaq\Documents\System.txt
2014-09-12 17:48 - 2014-09-12 18:09 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\tor
2014-09-11 22:10 - 2014-09-11 22:14 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Telegram Win (Unofficial)
2014-09-11 22:10 - 2014-09-11 22:10 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Win (Unofficial)
2014-09-11 20:59 - 2014-09-11 20:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2014-09-11 20:55 - 2014-09-11 23:22 - 00000000 ____D () C:\Program Files (x86)\XAMPP
2014-09-11 17:19 - 2014-09-13 16:24 - 00000000 ____D () C:\Users\compaq\Documents\Virtual Machines
2014-09-11 17:16 - 2014-09-13 17:17 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\VMware
2014-09-11 17:16 - 2014-09-13 17:17 - 00000000 ____D () C:\Users\compaq\AppData\Local\VMware
2014-09-11 17:13 - 2014-09-13 17:20 - 00000000 ____D () C:\ProgramData\VMware
2014-09-11 14:32 - 2014-09-11 14:32 - 00000000 ____D () C:\Users\compaq\AppData\Local\Apps\2.0
2014-09-11 14:09 - 2014-09-11 14:09 - 00000000 ____D () C:\Program Files\Unlocker
2014-09-11 12:07 - 2014-09-11 12:07 - 00001116 _____ () C:\Users\compaq\Documents\OpenOffice 4.1.1.lnk
2014-09-11 12:07 - 2014-09-11 12:07 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2014-09-10 19:53 - 2014-09-13 11:53 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-10 19:52 - 2014-09-10 19:52 - 00001121 _____ () C:\Users\compaq\Documents\ Malwarebytes Anti-Malware .lnk
2014-09-10 19:52 - 2014-09-10 19:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-10 19:52 - 2014-09-10 19:52 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-10 19:52 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-10 19:52 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-10 19:52 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-10 18:43 - 2014-09-10 18:43 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\WinPatrol
2014-09-10 18:32 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-10 18:32 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-10 18:32 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-10 18:32 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-10 18:32 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-10 18:32 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-10 18:32 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-10 18:32 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-10 18:32 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-10 18:32 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-10 18:32 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-10 18:32 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-10 18:32 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-10 18:32 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-10 18:32 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-10 18:32 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-10 18:32 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-10 18:32 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-10 18:32 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-10 18:32 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-10 18:32 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-10 18:32 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-10 18:32 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-10 18:32 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 18:32 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-10 18:32 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-10 18:32 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-10 18:32 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-10 18:32 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-10 18:32 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-10 18:32 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-10 18:32 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-10 18:32 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-10 18:32 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-10 18:32 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-10 18:32 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-10 18:32 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-10 18:32 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-10 18:32 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-10 18:32 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-10 18:32 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-10 18:32 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-10 18:32 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-10 18:32 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-10 18:32 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-10 18:32 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-10 18:32 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-10 18:32 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-10 18:32 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-10 18:32 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-10 18:32 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-10 18:32 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-10 18:32 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-10 18:32 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-10 18:32 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-10 18:32 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-10 18:27 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-10 18:27 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-10 18:27 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-10 18:27 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 18:26 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-10 18:26 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-10 18:26 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 18:26 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 18:26 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-10 18:26 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-10 18:26 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-10 18:26 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 18:26 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-10 18:25 - 2014-09-10 18:25 - 00001088 _____ () C:\Users\compaq\Documents\Secunia PSI.lnk
2014-09-10 18:19 - 2014-09-13 17:07 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-09-10 18:19 - 2014-09-10 18:19 - 00000801 _____ () C:\Users\compaq\Documents\CCleaner.lnk
2014-09-10 18:19 - 2014-09-10 18:19 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-10 18:18 - 2014-09-10 18:18 - 00000000 ____D () C:\Users\compaq\AppData\Local\Secunia PSI
2014-09-10 18:18 - 2014-09-10 18:18 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-09-06 12:46 - 2014-09-06 16:12 - 891290112 _____ () C:\Virtuell987.vhd
2014-09-05 23:58 - 2014-09-05 23:58 - 00000360 _____ () C:\Windows\Tasks\DriverToolkit Autorun.job
2014-09-05 23:52 - 2014-09-05 23:52 - 00000000 ____D () C:\Users\compaq\AppData\Local\DriverToolkit
2014-09-05 23:36 - 2014-09-05 23:36 - 00000000 ____D () C:\Windows\ERUNT
2014-09-05 21:20 - 2014-09-10 17:51 - 00000000 ___RD () C:\Users\compaq\Dropbox
2014-09-05 21:12 - 2014-09-10 18:08 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Dropbox
2014-09-03 18:13 - 2014-09-03 18:13 - 00035344 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2014-09-03 18:03 - 2014-09-03 18:03 - 00000000 ____D () C:\ProgramData\Paessler
2014-09-03 18:03 - 2014-09-03 18:03 - 00000000 ____D () C:\ProgramData\Licenses
2014-09-03 10:02 - 2014-09-13 16:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-01 18:56 - 2014-09-01 18:56 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\deskcalc
2014-09-01 18:49 - 2014-09-01 18:49 - 00000000 ____D () C:\Users\compaq\AppData\Local\SlimWare Utilities Inc
2014-08-31 21:29 - 2014-08-31 21:29 - 00000000 ____D () C:\Users\compaq\AppData\Local\Adobe
2014-08-31 20:56 - 2014-08-31 20:56 - 00000000 ____D () C:\ProgramData\Geevs
2014-08-31 20:03 - 2014-09-01 19:24 - 00000000 ____D () C:\Users\compaq\AppData\Local\Windows Live
2014-08-31 19:54 - 2014-09-01 18:32 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\avidemux
2014-08-31 18:20 - 2014-08-31 18:20 - 00000000 ____D () C:\Users\compaq\AppData\Local\Tempa8b1a712f48233524e0c6b8833d1169e
2014-08-30 21:55 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-08-30 21:55 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-08-30 21:55 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-08-30 21:55 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-08-30 21:55 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-08-30 21:55 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-08-30 21:55 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-08-30 21:55 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-08-30 21:55 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-08-30 21:55 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-08-30 21:55 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-08-30 21:55 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-08-30 21:55 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-08-30 21:55 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-08-30 21:55 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-08-30 21:55 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-08-30 21:55 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-08-30 21:55 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-08-30 21:55 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-08-30 21:55 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-08-30 21:55 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-08-30 21:55 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2014-08-30 21:55 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-08-30 21:55 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-08-30 21:55 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-08-30 21:55 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-08-30 21:54 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-08-30 21:54 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2014-08-30 21:54 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-08-30 21:54 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-08-30 21:54 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-08-30 21:54 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-08-30 21:54 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-08-29 23:02 - 2014-09-02 17:06 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Dev-Cpp
2014-08-29 00:24 - 2014-08-29 01:31 - 3221225984 _____ () C:\Virtuell4.vhd
2014-08-28 15:44 - 2014-08-28 16:02 - 524288512 _____ () C:\Virtuell3.vhd
2014-08-28 15:24 - 2014-08-28 15:26 - 2147484160 _____ () C:\Virtuell2.vhd
2014-08-28 13:46 - 2014-08-28 14:52 - 2147484160 _____ () C:\Virtuell.vhd
2014-08-28 12:44 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 12:44 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 12:44 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-23 14:43 - 2014-08-23 14:43 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-08-23 14:42 - 2014-08-23 14:42 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-08-23 14:10 - 2014-08-23 14:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-22 18:45 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-22 18:45 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-22 18:45 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-22 18:45 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-22 18:45 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-22 18:45 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-22 18:45 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-22 18:45 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-22 18:45 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-22 18:45 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-22 18:45 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-22 18:45 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-22 18:45 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-22 18:45 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-22 01:27 - 2014-08-22 01:27 - 00000000 ____D () C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2014-08-21 18:32 - 2014-08-21 18:32 - 02695493 _____ () C:\Users\compaq\Documents\WNR2000 Firmware Version 1.2.3.7 (WW).rar
2014-08-16 21:39 - 2014-08-16 21:39 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-14 02:53 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 02:53 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 02:53 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 02:53 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-14 02:53 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 02:53 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 02:53 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 02:53 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-13 19:01 - 2014-09-13 19:00 - 00009493 _____ () C:\Users\compaq\Desktop\FRST.txt
2014-09-13 19:00 - 2014-09-13 19:00 - 00000000 ____D () C:\FRST
2014-09-13 18:58 - 2014-09-13 18:58 - 02105856 _____ (Farbar) C:\Users\compaq\Desktop\FRST64.exe
2014-09-13 18:15 - 2014-01-23 22:38 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-13 17:51 - 2014-01-23 19:22 - 01595574 _____ () C:\Windows\WindowsUpdate.log
2014-09-13 17:39 - 2009-07-14 06:45 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-13 17:39 - 2009-07-14 06:45 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-13 17:32 - 2014-09-13 17:32 - 00000056 _____ () C:\Windows\setupact.log
2014-09-13 17:32 - 2014-09-13 17:32 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-13 17:32 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-13 17:20 - 2014-09-11 17:13 - 00000000 ____D () C:\ProgramData\VMware
2014-09-13 17:19 - 2011-04-12 09:43 - 00698856 _____ () C:\Windows\system32\perfh007.dat
2014-09-13 17:19 - 2011-04-12 09:43 - 00148996 _____ () C:\Windows\system32\perfc007.dat
2014-09-13 17:17 - 2014-09-11 17:16 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\VMware
2014-09-13 17:17 - 2014-09-11 17:16 - 00000000 ____D () C:\Users\compaq\AppData\Local\VMware
2014-09-13 17:10 - 2014-02-10 23:51 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-09-13 17:08 - 2009-07-14 07:13 - 01626558 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-13 17:07 - 2014-09-10 18:19 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-09-13 17:06 - 2014-09-13 17:06 - 00000000 ____D () C:\Windows\pss
2014-09-13 16:51 - 2014-09-13 12:39 - 00001640 _____ () C:\Windows\Sandboxie.ini
2014-09-13 16:31 - 2014-09-03 10:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-13 16:24 - 2014-09-11 17:19 - 00000000 ____D () C:\Users\compaq\Documents\Virtual Machines
2014-09-13 16:23 - 2014-09-13 15:23 - 2563039232 _____ () C:\Users\compaq\Desktop\X17-24208.iso
2014-09-13 12:42 - 2014-09-13 12:42 - 00000000 ___RD () C:\Sandbox
2014-09-13 12:41 - 2014-09-13 12:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2014-09-13 12:38 - 2014-09-13 12:39 - 00000876 _____ () C:\Users\compaq\Documents\Sandboxed Web Browser.lnk
2014-09-13 12:38 - 2014-09-13 12:38 - 02656264 _____ (Sandboxie Holdings, LLC) C:\Users\compaq\Downloads\SandboxieInstall.exe
2014-09-13 12:38 - 2014-09-13 12:38 - 00000000 ____D () C:\Program Files\Sandboxie
2014-09-13 11:53 - 2014-09-10 19:53 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-13 11:42 - 2014-09-13 11:12 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-13 11:42 - 2014-09-13 11:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-13 11:34 - 2014-09-13 11:34 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\WinRAR
2014-09-13 11:12 - 2014-09-13 11:11 - 00000000 ____D () C:\Program Files\WinRAR
2014-09-13 10:59 - 2014-09-13 10:59 - 00002122 _____ () C:\Users\compaq\Documents\VMware Player.lnk
2014-09-13 10:59 - 2014-01-23 21:21 - 01645874 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-13 10:20 - 2014-09-13 10:20 - 00369276 _____ () C:\Users\compaq\Documents\System.txt
2014-09-12 18:24 - 2014-04-15 00:16 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-12 18:09 - 2014-09-12 17:48 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\tor
2014-09-12 17:09 - 2009-07-14 06:45 - 00299144 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-11 23:22 - 2014-09-11 20:55 - 00000000 ____D () C:\Program Files (x86)\XAMPP
2014-09-11 22:14 - 2014-09-11 22:10 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Telegram Win (Unofficial)
2014-09-11 22:10 - 2014-09-11 22:10 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Win (Unofficial)
2014-09-11 20:59 - 2014-09-11 20:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2014-09-11 17:34 - 2014-01-23 19:23 - 00000000 ____D () C:\Users\compaq
2014-09-11 16:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-11 14:32 - 2014-09-11 14:32 - 00000000 ____D () C:\Users\compaq\AppData\Local\Apps\2.0
2014-09-11 14:19 - 2014-01-23 21:05 - 00065152 _____ () C:\Users\compaq\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-11 14:16 - 2014-05-11 11:59 - 00000000 ____D () C:\ProgramData\InstallMate
2014-09-11 14:09 - 2014-09-11 14:09 - 00000000 ____D () C:\Program Files\Unlocker
2014-09-11 12:07 - 2014-09-11 12:07 - 00001116 _____ () C:\Users\compaq\Documents\OpenOffice 4.1.1.lnk
2014-09-11 12:07 - 2014-09-11 12:07 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2014-09-10 19:52 - 2014-09-10 19:52 - 00001121 _____ () C:\Users\compaq\Documents\ Malwarebytes Anti-Malware .lnk
2014-09-10 19:52 - 2014-09-10 19:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-10 19:52 - 2014-09-10 19:52 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-10 18:55 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-09-10 18:43 - 2014-09-10 18:43 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\WinPatrol
2014-09-10 18:30 - 2014-01-23 20:41 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-10 18:28 - 2014-01-23 20:41 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-10 18:27 - 2014-05-04 01:26 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-10 18:25 - 2014-09-10 18:25 - 00001088 _____ () C:\Users\compaq\Documents\Secunia PSI.lnk
2014-09-10 18:23 - 2014-06-21 22:40 - 00003730 _____ () C:\Windows\System32\Tasks\Overwolf Updater Task
2014-09-10 18:23 - 2014-01-23 22:38 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-10 18:23 - 2014-01-23 22:38 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-10 18:23 - 2014-01-23 22:38 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-10 18:19 - 2014-09-10 18:19 - 00000801 _____ () C:\Users\compaq\Documents\CCleaner.lnk
2014-09-10 18:19 - 2014-09-10 18:19 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-10 18:18 - 2014-09-10 18:18 - 00000000 ____D () C:\Users\compaq\AppData\Local\Secunia PSI
2014-09-10 18:18 - 2014-09-10 18:18 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-09-10 18:09 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-10 18:08 - 2014-09-05 21:12 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Dropbox
2014-09-10 18:06 - 2014-06-21 22:29 - 00000000 ____D () C:\Users\compaq\AppData\Local\TeamSpeak 3 Client
2014-09-10 18:06 - 2014-04-30 01:33 - 00000000 ____D () C:\ProgramData\Skype
2014-09-10 18:05 - 2014-02-21 20:18 - 00000000 ____D () C:\ProgramData\Origin
2014-09-10 18:04 - 2014-01-29 16:25 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Notepad++
2014-09-10 17:51 - 2014-09-05 21:20 - 00000000 ___RD () C:\Users\compaq\Dropbox
2014-09-06 16:12 - 2014-09-06 12:46 - 891290112 _____ () C:\Virtuell987.vhd
2014-09-05 23:58 - 2014-09-05 23:58 - 00000360 _____ () C:\Windows\Tasks\DriverToolkit Autorun.job
2014-09-05 23:52 - 2014-09-05 23:52 - 00000000 ____D () C:\Users\compaq\AppData\Local\DriverToolkit
2014-09-05 23:36 - 2014-09-05 23:36 - 00000000 ____D () C:\Windows\ERUNT
2014-09-05 04:10 - 2014-09-10 18:26 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-05 04:05 - 2014-09-10 18:26 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-03 18:22 - 2014-07-22 22:08 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-03 18:13 - 2014-09-03 18:13 - 00035344 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2014-09-03 18:03 - 2014-09-03 18:03 - 00000000 ____D () C:\ProgramData\Paessler
2014-09-03 18:03 - 2014-09-03 18:03 - 00000000 ____D () C:\ProgramData\Licenses
2014-09-02 17:06 - 2014-08-29 23:02 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Dev-Cpp
2014-09-01 19:24 - 2014-08-31 20:03 - 00000000 ____D () C:\Users\compaq\AppData\Local\Windows Live
2014-09-01 19:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-09-01 18:56 - 2014-09-01 18:56 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\deskcalc
2014-09-01 18:49 - 2014-09-01 18:49 - 00000000 ____D () C:\Users\compaq\AppData\Local\SlimWare Utilities Inc
2014-09-01 18:32 - 2014-08-31 19:54 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\avidemux
2014-08-31 21:29 - 2014-08-31 21:29 - 00000000 ____D () C:\Users\compaq\AppData\Local\Adobe
2014-08-31 21:29 - 2014-01-23 20:12 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Adobe
2014-08-31 20:56 - 2014-08-31 20:56 - 00000000 ____D () C:\ProgramData\Geevs
2014-08-31 20:31 - 2014-01-23 19:23 - 00000000 ____D () C:\Users\compaq\AppData\Local\VirtualStore
2014-08-31 18:34 - 2014-01-26 15:10 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-08-31 18:20 - 2014-08-31 18:20 - 00000000 ____D () C:\Users\compaq\AppData\Local\Tempa8b1a712f48233524e0c6b8833d1169e
2014-08-31 00:27 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\DigitalLocker
2014-08-29 01:31 - 2014-08-29 00:24 - 3221225984 _____ () C:\Virtuell4.vhd
2014-08-28 16:02 - 2014-08-28 15:44 - 524288512 _____ () C:\Virtuell3.vhd
2014-08-28 15:26 - 2014-08-28 15:24 - 2147484160 _____ () C:\Virtuell2.vhd
2014-08-28 15:16 - 2014-07-01 14:37 - 00007601 _____ () C:\Users\compaq\AppData\Local\Resmon.ResmonCfg
2014-08-28 14:52 - 2014-08-28 13:46 - 2147484160 _____ () C:\Virtuell.vhd
2014-08-26 11:34 - 2014-02-01 16:09 - 00000000 ____D () C:\ProgramData\Adobe
2014-08-26 11:32 - 2011-04-12 09:54 - 00000000 ____D () C:\Windows\CSC
2014-08-26 11:32 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Web
2014-08-26 01:16 - 2014-04-30 01:33 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Skype
2014-08-25 06:53 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-23 14:43 - 2014-08-23 14:43 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-08-23 14:42 - 2014-08-23 14:42 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-08-23 14:10 - 2014-08-23 14:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-23 04:07 - 2014-08-28 12:44 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 12:44 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 12:44 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 01:31 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-08-22 01:27 - 2014-08-22 01:27 - 00000000 ____D () C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2014-08-21 18:32 - 2014-08-21 18:32 - 02695493 _____ () C:\Users\compaq\Documents\WNR2000 Firmware Version 1.2.3.7 (WW).rar
2014-08-21 17:54 - 2014-01-27 16:30 - 00000000 ____D () C:\Users\compaq\AppData\Local\Google
2014-08-21 03:11 - 2014-02-07 16:58 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\FileZilla
2014-08-19 20:05 - 2014-09-10 18:32 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-19 19:39 - 2014-09-10 18:32 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-19 01:01 - 2014-09-10 18:32 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-19 00:29 - 2014-09-10 18:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-19 00:29 - 2014-09-10 18:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-19 00:26 - 2014-09-10 18:32 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-19 00:20 - 2014-09-10 18:32 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-19 00:19 - 2014-09-10 18:32 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-19 00:15 - 2014-09-10 18:32 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-19 00:15 - 2014-09-10 18:32 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-19 00:14 - 2014-09-10 18:32 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-19 00:14 - 2014-09-10 18:32 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-19 00:08 - 2014-09-10 18:32 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-19 00:08 - 2014-09-10 18:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-19 00:08 - 2014-09-10 18:32 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-19 00:05 - 2014-09-10 18:32 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-19 00:03 - 2014-09-10 18:32 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-19 00:03 - 2014-09-10 18:32 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-19 00:03 - 2014-09-10 18:32 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-18 23:57 - 2014-09-10 18:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-18 23:56 - 2014-09-10 18:32 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-18 23:51 - 2014-09-10 18:32 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-18 23:46 - 2014-09-10 18:32 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-18 23:45 - 2014-09-10 18:32 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-18 23:45 - 2014-09-10 18:32 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-18 23:44 - 2014-09-10 18:32 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-18 23:44 - 2014-09-10 18:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-18 23:42 - 2014-09-10 18:32 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-18 23:40 - 2014-09-10 18:32 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-18 23:39 - 2014-09-10 18:32 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-18 23:39 - 2014-09-10 18:32 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-18 23:39 - 2014-09-10 18:32 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-18 23:38 - 2014-09-10 18:32 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-18 23:37 - 2014-09-10 18:32 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-18 23:36 - 2014-09-10 18:32 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-18 23:35 - 2014-09-10 18:32 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-18 23:27 - 2014-09-10 18:32 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-18 23:25 - 2014-09-10 18:32 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-18 23:25 - 2014-09-10 18:32 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-18 23:23 - 2014-09-10 18:32 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-18 23:23 - 2014-09-10 18:32 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-18 23:22 - 2014-09-10 18:32 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-18 23:19 - 2014-09-10 18:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-18 23:17 - 2014-09-10 18:32 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-18 23:17 - 2014-09-10 18:32 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-18 23:16 - 2014-09-10 18:32 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-18 23:15 - 2014-09-10 18:32 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-18 23:15 - 2014-09-10 18:32 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-18 23:09 - 2014-09-10 18:32 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-18 23:08 - 2014-09-10 18:32 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-18 23:07 - 2014-09-10 18:32 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-18 22:55 - 2014-09-10 18:32 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-18 22:46 - 2014-09-10 18:32 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-18 22:38 - 2014-09-10 18:32 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-18 22:38 - 2014-09-10 18:32 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-18 22:36 - 2014-09-10 18:32 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-16 21:39 - 2014-08-16 21:39 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-15 00:56 - 2014-01-09 11:06 - 00661448 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110.dll
2014-08-14 13:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions

Some content of TEMP:
====================
C:\Users\compaq\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-06 13:45

==================== End Of Log ============================
         

--- --- ---

--- --- ---

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by compaq at 2014-09-13 19:01:39
Running from C:\Users\compaq\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7art Fluorescent Clock © 7art-screensavers.com (HKLM-x32\...\7art Fluorescent Clock Screensaver_is1) (Version: 3.1 - 7art-screensavers.com)
7art Radiating Clock © 7art-screensavers.com (HKLM-x32\...\7art Radiating Clock Screensaver_is1) (Version: 3.1 - 7art-screensavers.com)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\{047904BA-C065-40D5-969A-C7D91CA93D62}) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\{6CBBF19C-2B69-4143-81C4-D5B56D32088C}) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 12.5.100.30429 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.937.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{37FCE154-7F59-74F0-3A35-BF503CEB230B}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80430.0002 - Advanced Micro Devices, Inc.) Hidden
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2013.0429.2313.39747 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0429.2313.39747 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0429.2313.39747 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0429.2313.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0429.2313.39747 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{4fd02573-5f12-4ae4-8027-c63f8e1115af}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft_VC100_CRT_x86 (HKLM-x32\...\{6FDDB201-2CA0-42BD-973F-7B2C4A61EA3F}) (Version: 1.0.0 - Microsoft)
Mozilla Firefox 32.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.1 (x86 de)) (Version: 32.0.1 - Mozilla)
NETGEAR WNA3100M N300 Wireless USB Adapter (HKLM-x32\...\{D3580358-0F78-402A-BE53-2E9D06383E04}) (Version: 1.0.0.10 - NETGEAR)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5910 - Realtek Semiconductor Corp.)
Sandboxie 4.12 (64-bit) (HKLM\...\Sandboxie) (Version: 4.12 - Sandboxie Holdings, LLC)
Telegram Win (Unofficial) version 0.5.15 (HKCU\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.5.15 - Telegram (Unofficial))
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.2-6 - Bitnami)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-624198674-977653023-2037852723-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\compaq\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File

==================== Restore Points  =========================

12-09-2014 15:15:08 Windows Update
13-09-2014 15:07:56 OpenOffice 4.1.0 wird entfernt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1780E9B1-8B9C-457B-8D39-542DE815DD96} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-10] (AVAST Software)
Task: {24F303C0-0152-4F95-93CB-41CE49E2F54A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {2EC11773-AB91-43B8-A583-6701160A5685} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {8DDBE902-1A55-49DD-A664-2359B76E9644} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10] (Adobe Systems Incorporated)
Task: {95AE50EB-80FD-4545-B439-F4CF6C25C82F} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe

==================== Loaded Modules (whitelisted) =============

2010-07-15 06:44 - 2010-07-15 06:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2014-09-11 20:57 - 2014-07-19 08:38 - 08144896 _____ () C:\program files (x86)\xampp\mysql\bin\mysqld.exe
2014-01-26 14:50 - 2011-12-06 19:16 - 08364288 _____ () C:\Program Files (x86)\NETGEAR\WNA3100M\WNA3100M.exe
2013-06-18 16:49 - 2013-06-18 16:49 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-04-30 00:08 - 2013-04-30 00:08 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-07-10 01:50 - 2014-07-10 01:50 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-09-13 11:15 - 2014-09-13 11:15 - 02862592 _____ () C:\Program Files\AVAST Software\Avast\defs\14091300\algo.dll
2014-09-11 20:56 - 2014-07-19 14:49 - 00218112 _____ () C:\program files (x86)\xampp\apache\bin\pcre.dll
2014-09-11 20:57 - 2014-07-23 20:49 - 00097792 _____ () C:\Program Files (x86)\XAMPP\php\libpq.dll
2014-01-26 14:50 - 2011-09-13 17:57 - 00282624 _____ () C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvcLib.dll
2014-07-10 01:50 - 2014-07-10 01:51 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-09-03 10:02 - 2014-09-13 16:31 - 03716720 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-09-10 18:22 - 2014-09-10 18:23 - 16825520 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: WSWNA3100M => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup
MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"

==================== Faulty Device Manager Devices =============

Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/13/2014 05:33:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/13/2014 05:16:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vprintproxy.exe, Version: 10.0.3.48389, Zeitstempel: 0x539a371c
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0xcc8d8dff
ID des fehlerhaften Prozesses: 0x6e8
Startzeit der fehlerhaften Anwendung: 0xvprintproxy.exe0
Pfad der fehlerhaften Anwendung: vprintproxy.exe1
Pfad des fehlerhaften Moduls: vprintproxy.exe2
Berichtskennung: vprintproxy.exe3

Error: (09/13/2014 05:07:56 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-624198674-977653023-2037852723-1004.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.


Vorgang:
   OnIdentify-Ereignis
   Generatordaten werden gesammelt

Kontext:
   Ausführungskontext: Shadow Copy Optimization Writer
   Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Generatorname: Shadow Copy Optimization Writer
   Generatorinstanz-ID: {abd24bde-dd94-41d0-ba97-ed08e9f49341}

Error: (09/13/2014 05:03:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/13/2014 04:53:28 PM) (Source: VSS) (EventID: 12298) (User: )
Description: Volumeschattenkopie-Dienstfehler: Die E/A-Schreibvorgänge können während des Schattenkopie-Erstellungszeitraums auf Volume "\\?\Volume{65fc586a-8452-11e3-bb5f-806e6f6e6963}\" nicht gespeichert werden.
Der Volumeindex im Schattenkopiesatz ist 0. Fehlerdetails: Offen[0x00000000, Der Vorgang wurde erfolgreich beendet.
], Leerung[0x00000000, Der Vorgang wurde erfolgreich beendet.
], Freigabe[0x80042314, Der Schattenkopieanbieter hat beim Warten auf den Schreibvorgang auf das Volume, von dem eine Schattenkopie erstellt wird, das Zeitlimit überschritten. Ursache hierfür könnte eine durch eine Anwendung oder einen Systemdienst verursachte hohe Aktivität auf dem Volume sein. Wiederholen Sie den Vorgang später, wenn das Volume nicht so stark ausgelastet ist.
], Ausführung[0x00000000, Der Vorgang wurde erfolgreich beendet.
].


Vorgang:
   Asynchroner Vorgang wird ausgeführt

Kontext:
   Aktueller Status: DoSnapshotSet

Error: (09/13/2014 04:53:19 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x81000101).

Error: (09/13/2014 04:42:44 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-624198674-977653023-2037852723-1004.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.


Vorgang:
   OnIdentify-Ereignis
   Generatordaten werden gesammelt

Kontext:
   Ausführungskontext: Shadow Copy Optimization Writer
   Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Generatorname: Shadow Copy Optimization Writer
   Generatorinstanz-ID: {e2118f7b-9c4e-4707-8212-12f0f2c322e2}

Error: (09/13/2014 02:51:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 630

Startzeit: 01cfcf1c7d6db13c

Endzeit: 5946

Anwendungspfad: C:\Windows\Explorer.EXE

Berichts-ID: 99c58ef5-3b44-11e4-b55f-005056c00008

Error: (09/13/2014 02:50:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 32.0.0.5350, Zeitstempel: 0x53fc3d9f
Name des fehlerhaften Moduls: mozalloc.dll, Version: 32.0.0.5350, Zeitstempel: 0x53fc0a56
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x13bc
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (09/13/2014 02:50:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 32.0.0.5350 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: a6c

Startzeit: 01cfcf1c8f3f393d

Endzeit: 28112

Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID: 523d5a93-3b44-11e4-b55f-005056c00008


System errors:
=============
Error: (09/13/2014 05:02:26 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎13.‎09.‎2014 um 17:01:08 unerwartet heruntergefahren.

Error: (09/13/2014 04:53:27 PM) (Source: volsnap) (EventID: 8) (User: )
Description: Das Zeitlimit für den Lösch- und Speicherschreibvorgang für Volume "C:" wurde beim Warten auf eine Schreibvorgangfreigabe überschritten.

Error: (09/13/2014 08:37:38 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst eventlog erreicht.

Error: (09/12/2014 05:16:47 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Definition Update for Windows Defender - KB915597 (Definition 1.183.2261.0)

Error: (09/12/2014 05:15:44 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Defender" wurde nicht richtig gestartet.

Error: (09/11/2014 07:46:23 PM) (Source: volsnap) (EventID: 35) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht vergrößert werden kann.

Error: (09/11/2014 02:18:56 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (09/10/2014 06:44:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "UMVPFSrv" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/09/2014 02:13:17 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {60A90A2F-858D-42AF-8929-82BE9D99E8A1}

Error: (09/07/2014 01:58:32 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {3EB3C877-1F16-487C-9050-104DBCD66683}


Microsoft Office Sessions:
=========================
Error: (09/13/2014 05:33:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/13/2014 05:16:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vprintproxy.exe10.0.3.48389539a371cunknown0.0.0.000000000c0000005cc8d8dff6e801cfcf65123488c9C:\Program Files (x86)\VMware\VMware Player\vprintproxy.exeunknownfc92d5fe-3b58-11e4-b9d3-005056c00008

Error: (09/13/2014 05:07:56 PM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-624198674-977653023-2037852723-1004.bak)0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.


Vorgang:
   OnIdentify-Ereignis
   Generatordaten werden gesammelt

Kontext:
   Ausführungskontext: Shadow Copy Optimization Writer
   Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Generatorname: Shadow Copy Optimization Writer
   Generatorinstanz-ID: {abd24bde-dd94-41d0-ba97-ed08e9f49341}

Error: (09/13/2014 05:03:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/13/2014 04:53:28 PM) (Source: VSS) (EventID: 12298) (User: )
Description: \\?\Volume{65fc586a-8452-11e3-bb5f-806e6f6e6963}\00x00000000, Der Vorgang wurde erfolgreich beendet.
0x00000000, Der Vorgang wurde erfolgreich beendet.
0x80042314, Der Schattenkopieanbieter hat beim Warten auf den Schreibvorgang auf das Volume, von dem eine Schattenkopie erstellt wird, das Zeitlimit überschritten. Ursache hierfür könnte eine durch eine Anwendung oder einen Systemdienst verursachte hohe Aktivität auf dem Volume sein. Wiederholen Sie den Vorgang später, wenn das Volume nicht so stark ausgelastet ist.
0x00000000, Der Vorgang wurde erfolgreich beendet.


Vorgang:
   Asynchroner Vorgang wird ausgeführt

Kontext:
   Aktueller Status: DoSnapshotSet

Error: (09/13/2014 04:53:19 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x81000101

Error: (09/13/2014 04:42:44 PM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-624198674-977653023-2037852723-1004.bak)0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.


Vorgang:
   OnIdentify-Ereignis
   Generatordaten werden gesammelt

Kontext:
   Ausführungskontext: Shadow Copy Optimization Writer
   Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Generatorname: Shadow Copy Optimization Writer
   Generatorinstanz-ID: {e2118f7b-9c4e-4707-8212-12f0f2c322e2}

Error: (09/13/2014 02:51:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.1.7601.1756763001cfcf1c7d6db13c5946C:\Windows\Explorer.EXE99c58ef5-3b44-11e4-b55f-005056c00008

Error: (09/13/2014 02:50:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe32.0.0.535053fc3d9fmozalloc.dll32.0.0.535053fc0a56800000030000141b13bc01cfcf1caf4ee8feC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll7ee1ecca-3b44-11e4-b55f-005056c00008

Error: (09/13/2014 02:50:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe32.0.0.5350a6c01cfcf1c8f3f393d28112C:\Program Files (x86)\Mozilla Firefox\firefox.exe523d5a93-3b44-11e4-b55f-005056c00008


==================== Memory info =========================== 

Processor: Pentium(R) Dual-Core CPU E5200 @ 2.50GHz
Percentage of memory in use: 77%
Total physical RAM: 2046.18 MB
Available physical RAM: 467.79 MB
Total Pagefile: 4092.36 MB
Available Pagefile: 1878.98 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Windows 7) (Fixed) (Total:273.34 GB) (Free:132.33 GB) NTFS
Drive z: (Volume) (Fixed) (Total:75.13 GB) (Free:59.22 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 933BC6BB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=273.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=117.2 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=75.1 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Hallo

Bitte führe mal auf dem System Chkdsk aus und SFC, weisst du wie das geht oder brauchst du eine Anleitung?

Eine Anleitung wäre nett

Gerne

Drücken und links in der Taskliste auf "Start"
Dann gibst du bei der Suche cmd ein wie in dem Bild zu sehen, dann oben auf cmd.exe einen Rechtsklick machen und dann auf Als Administrator ausführen.

In dem neuen schwarzen Fenster gibst du ein:

Code: Alles auswählenAufklappen

ATTFilter

chkdsk c: /F
         

und drückst nun ENTER.

Das Ganze sollte dann wie folgt aussehen:


Wenn du gefragt wird ob das System beim nächsten Start geprüft werden soll, tippst du j ein, wie in dem Bild zu sehen.

Nachdem du dein System neugestartet hast, führst du die gleichen Schritte aus, ABER der Befehl ist nun dieser:

Code: Alles auswählenAufklappen

ATTFilter

sfc /scannow
         

und drückst wieder ENTER.

Bitte gebe bescheid ob Fehler gefunden wurden.

Hi,

Er sagte mir folgendes:

Zitat:

Der Windows-Ressourcenschutz hat beschädigte Dateien gefunden und erfolgreich repariert.

Auf den Log verweigert er mir allerdings den Zugriff für die Details.

Den Log musst du woanders hin kopieren, um darauf zuzugreifen - beispielsweise auf den Desktop.

Dieser Log ist normalerweise sehr lange, darum bitte wenndann als Anhang hier hochladen

*wieder verschwind*

Vielen Dank für die Info.

Joa, ca. etwas über 1,89 MB ist schon groß.

Ich lade den Log mal als Anhang hoch.

Also das Log weisst nur Fehler im DVD Maker und Windows Live Mail auf.

Wie siehts denn aktuell aus? Kannst du den Desktop unter deinem Benutzer sehen oder wirst du immernoch ausgeloggt?

Unter dem Aktuellen Konto (Administrator) ist alles ganz normal,

Beim Standard benutzer werde ich immer noch sofort abgemeldet

Ladekabel du hast deinen PC derzeit auch unter Plagegeister mit Warlord am bereinigen?

Hatte, ich hab das Abgebrochen da ich eigentlich vor hatte mein OS Win 7 neu Aufzuspielen, es dann aber letzendlich doch nicht passiert ist.

Aber bescheid hast du ihm nicht gegeben?

Doch, habe ihm eine Private Nachricht dies bezüglich geschickt.