|
Log-Analyse und Auswertung: Windows 7 extreme: Pc stürzt andauernd ab und laggt.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
09.10.2014, 15:22 | #1 |
| Windows 7 extreme: Pc stürzt andauernd ab und laggt. Hallo Trojaner-Board Team, seit längerem stürzt mein Pc immer wieder ab. Mal fährt er von alleine runter, mal bekommt er einen bluescreen oder er hängt sich auf. Nachdem er abgestürzt ist, kann ich ihn auch meistens nicht wieder hochfahren, da dieser dann nicht mehr booten möchte oder der bluescreen wieder erscheint oder er sich beim Hochfahren direkt wieder aufhängt. In der Zeit wo mein Pc funktioniert, laggt dieser so stark, dass das Spielen auf ihm unmöglich ist. Außerdem findet mein Virenprogramm(Avast) immer wieder neue und alte Viren, die es nicht wieder runterbekommt. Habe echt keine Ahnung woran dies liegen kann, da ich mich auch nicht besonders mit Pc´s auskenne. Als Anhang einmal den am meisten auftretenden bluescreen Anhang 70033 Schon mal vielen Dank im Voraus! Grüße, Jennifer |
09.10.2014, 15:24 | #2 |
/// the machine /// TB-Ausbilder | Windows 7 extreme: Pc stürzt andauernd ab und laggt. Hi,
__________________Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke. So funktioniert es: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
09.10.2014, 15:44 | #3 |
| Windows 7 extreme: Pc stürzt andauernd ab und laggt.FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-10-2014 01 Ran by Jenny (administrator) on JENNY-PC on 09-10-2014 16:32:12 Running from C:\Users\Jenny\Downloads Loaded Profile: Jenny (Available profiles: Jenny) Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 8 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2439072 2010-05-24] (VIA) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-07-30] (Oracle Corporation) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-31] (AVAST Software) HKU\S-1-5-21-2176429021-1057270886-2413076650-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21645408 2014-07-24] (Skype Technologies S.A.) HKU\S-1-5-21-2176429021-1057270886-2413076650-1000\...\Policies\Explorer: [NoInternetOpenWith] 1 ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} SearchScopes: HKCU - {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation) Hosts: 127.0.0.1 validation.sls.microsoft.com Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default FF Homepage: www.google.de FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin-x32: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF user.js: detected! => C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default\user.js FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.) FF SearchPlugin: C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default\searchplugins\google-images.xml FF SearchPlugin: C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default\searchplugins\google-maps.xml FF SearchPlugin: C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default\searchplugins\search.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Avira Browser Safety - C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default\Extensions\abs@avira.com [2014-08-31] FF Extension: Cliqz Beta - C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default\Extensions\cliqz@cliqz.com [2014-09-26] FF Extension: Boost - C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default\Extensions\boost@boost.net.xpi [2014-08-31] FF Extension: Simple New Tab - C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default\Extensions\snt@dotlabs.co.xpi [2014-08-31] FF Extension: Adblock Plus - C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-31] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-31] FF HKCU\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default\extensions\cliqz@cliqz.com Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-31] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-31] (AVAST Software) R2 Themes; C:\Windows\system32\themeservice.dll [44544 2011-06-16] (Microsoft Corporation) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] () R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-31] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-31] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-31] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-31] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-31] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-31] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-31] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-31] () R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] () R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) R3 UHSfiltv; C:\Windows\System32\drivers\UHSfiltv.sys [23552 2013-07-19] (Creative Technology Ltd.) S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-09 16:32 - 2014-10-09 16:32 - 00009464 _____ () C:\Users\Jenny\Downloads\FRST.txt 2014-10-09 16:31 - 2014-10-09 16:32 - 00000000 ____D () C:\FRST 2014-10-09 16:30 - 2014-10-09 16:30 - 02109952 _____ (Farbar) C:\Users\Jenny\Downloads\FRST64.exe 2014-10-09 14:13 - 2014-10-09 14:13 - 00000000 _____ () C:\Users\Jenny\defogger_reenable 2014-10-02 21:21 - 2014-10-02 21:21 - 00000577 _____ () C:\Users\Jenny\Desktop\World of Tanks 0.9.3 ProMod.lnk 2014-09-27 19:30 - 2014-09-27 19:30 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-09-26 20:53 - 2014-09-26 20:53 - 00000000 ____D () C:\Users\Jenny\Documents\Abelssoft 2014-09-26 20:50 - 2014-09-27 19:31 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-09-26 20:50 - 2014-09-26 20:50 - 00000000 ____D () C:\Users\Jenny\AppData\Roaming\Opera Software 2014-09-26 20:50 - 2014-09-26 20:50 - 00000000 ____D () C:\Users\Jenny\AppData\Local\Opera Software 2014-09-26 20:49 - 2014-09-26 20:49 - 00000000 ____D () C:\Users\Jenny\AppData\Roaming\TuneUp Software 2014-09-26 20:49 - 2014-09-26 20:49 - 00000000 ____D () C:\Users\Jenny\AppData\Local\TuneUp Software 2014-09-26 20:48 - 2014-09-26 21:10 - 00000000 ____D () C:\ProgramData\TuneUp Software 2014-09-26 20:48 - 2014-09-26 20:48 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} 2014-09-26 20:38 - 2014-09-26 20:38 - 00000973 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk 2014-09-26 20:38 - 2014-09-26 20:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2014-09-26 20:37 - 2014-09-26 20:49 - 00000000 ____D () C:\Users\Jenny\AppData\Roaming\RHEng 2014-09-26 20:37 - 2014-09-26 20:37 - 00000000 ____D () C:\Users\Jenny\AppData\Roaming\OpenCandy 2014-09-26 20:36 - 2014-09-26 20:38 - 00000000 ____D () C:\Users\Jenny\AppData\Roaming\DVDVideoSoft 2014-09-26 20:13 - 2014-09-26 20:13 - 00000000 ____D () C:\Users\Jenny\AppData\Local\Abelssoft 2014-09-26 20:12 - 2011-05-13 12:16 - 00493056 _____ ( datenhaus GmbH) C:\Windows\SysWOW64\dhRichClient3.dll 2014-09-26 20:12 - 2011-03-25 20:42 - 00338432 _____ () C:\Windows\SysWOW64\sqlite36_engine.dll 2014-09-26 20:11 - 2014-09-26 20:11 - 01101648 _____ () C:\Users\Jenny\Downloads\YouTube Song Downloader 2014 - CHIP-Installer.exe 2014-09-25 20:52 - 2014-09-27 19:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-09-24 19:54 - 2014-10-09 11:05 - 00000483 _____ () C:\Users\Jenny\Desktop\MrFishIt.config.xml 2014-09-19 15:30 - 2014-09-19 15:30 - 00000577 _____ () C:\Users\Jenny\Desktop\World of Tanks 0.9.2 ProMod.lnk 2014-09-19 15:22 - 2014-10-02 21:19 - 00155136 _____ () C:\Windows\SysWOW64\unrar.dll 2014-09-19 15:22 - 2014-10-02 21:19 - 00034308 _____ () C:\Windows\SysWOW64\bassmod.dll 2014-09-19 15:22 - 2014-09-19 15:22 - 02406912 _____ (OldSkool) C:\Users\Jenny\Downloads\ProMod.exe 2014-09-19 15:22 - 2014-09-19 15:22 - 01931296 _____ (Codejock Software) C:\Windows\Codejock.Controls.v15.3.1.ocx 2014-09-19 15:22 - 2014-09-19 15:22 - 01931296 _____ (Codejock Software) C:\Windows\CODEJO~2.OCX 2014-09-19 15:22 - 2014-09-19 15:22 - 01070152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomctl.ocx 2014-09-19 15:22 - 2014-09-19 15:22 - 00136008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinet.ocx 2014-09-19 15:22 - 2014-09-19 15:22 - 00136008 _____ (Microsoft Corporation) C:\Windows\msinet.ocx 2014-09-13 19:21 - 2014-09-27 19:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-09-13 19:21 - 2014-09-13 19:21 - 00000000 ____D () C:\ProgramData\Mozilla 2014-09-09 15:38 - 2014-09-09 15:38 - 00000658 _____ () C:\Users\Public\Desktop\Hearthstone.lnk 2014-09-09 15:38 - 2014-09-09 15:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone 2014-09-09 14:05 - 2014-09-09 14:05 - 00000743 _____ () C:\Users\Public\Desktop\World of Warcraft.lnk 2014-09-09 14:04 - 2014-09-09 14:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-09 16:31 - 2014-08-31 12:39 - 00000000 ____D () C:\Users\Jenny\AppData\Roaming\Skype 2014-10-09 15:52 - 2014-09-05 17:15 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-10-09 14:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration 2014-10-09 14:13 - 2014-08-31 11:54 - 00000000 ____D () C:\Users\Jenny 2014-10-09 13:38 - 2009-07-14 06:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-10-09 13:38 - 2009-07-14 06:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-10-09 13:37 - 2011-04-12 09:43 - 00696620 _____ () C:\Windows\system32\perfh007.dat 2014-10-09 13:37 - 2011-04-12 09:43 - 00147916 _____ () C:\Windows\system32\perfc007.dat 2014-10-09 13:37 - 2009-07-14 07:13 - 01612484 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-10-09 13:34 - 2014-08-31 11:53 - 01932422 _____ () C:\Windows\WindowsUpdate.log 2014-10-09 13:30 - 2014-08-31 12:23 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-10-09 13:30 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-10-09 13:30 - 2009-07-14 06:51 - 00028476 _____ () C:\Windows\setupact.log 2014-10-09 13:22 - 2014-08-31 13:04 - 00001974 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk 2014-10-09 13:22 - 2014-08-31 13:03 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-10-06 19:14 - 2014-08-31 13:02 - 389557557 _____ () C:\Windows\MEMORY.DMP 2014-10-06 19:14 - 2014-08-31 13:02 - 00000000 ____D () C:\Windows\Minidump 2014-10-02 20:23 - 2014-08-31 12:40 - 00000000 ____D () C:\Users\Jenny\AppData\Local\Battle.net 2014-10-02 20:23 - 2014-08-31 12:22 - 00000000 ____D () C:\Program Files (x86)\Battle.net 2014-09-28 11:42 - 2010-11-21 05:47 - 00006408 _____ () C:\Windows\PFRO.log 2014-09-27 19:31 - 2014-08-31 11:54 - 00001465 _____ () C:\Users\Jenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-09-27 19:31 - 2014-08-31 11:54 - 00001425 _____ () C:\Users\Jenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk 2014-09-09 19:52 - 2014-09-05 17:15 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-09-09 19:52 - 2014-09-05 17:15 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-09-09 19:52 - 2014-09-05 17:15 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-09-09 14:05 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games Some content of TEMP: ==================== C:\Users\Jenny\AppData\Local\Temp\DseShExt-x64.dll C:\Users\Jenny\AppData\Local\Temp\DseShExt-x86.dll C:\Users\Jenny\AppData\Local\Temp\SDShelEx-win32.dll C:\Users\Jenny\AppData\Local\Temp\SDShelEx-x64.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe [2011-06-16 19:09] - [2011-06-18 01:30] - 2871808 ____A (Microsoft Corporation) 5740B1555D51D56547043181789027A5 C:\Windows\SysWOW64\explorer.exe [2011-06-16 19:09] - [2011-06-18 01:35] - 2616320 ____A (Microsoft Corporation) 88B413E78ADB75A062AB947C1BF6D49A C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-10-07 15:35 ==================== End Of Log ============================ Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2014 01 Ran by Jenny at 2014-10-09 16:34:14 Running from C:\Users\Jenny\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated) ATI Catalyst Install Manager (HKLM\...\{62140B07-129A-2BD0-81D2-2A1A7408ADC8}) (Version: 3.0.762.0 - ATI Technologies, Inc.) avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software) Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com) EPU-4 Engine (HKLM-x32\...\{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}) (Version: 1.02.01 - ) Free YouTube to MP3 Converter version 3.12.44.922 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.44.922 - DVDVideoSoft Ltd.) HashCheck Shell Extension (x86-64) (HKLM\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Java 8 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218020F0}) (Version: 8.0.200 - Oracle Corporation) Java Auto Updater (x32 Version: 2.8.20.26 - Oracle Corporation) Hidden Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.1 - Mozilla) NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation) NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden NVIDIA Systemsteuerung 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0009 - Realtek) Skype™ 6.18 (HKLM-x32\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 6.18.106 - Skype Technologies S.A.) TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.275 - TuneUp Software) Hidden Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939v3) (Version: 3 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2836939v3) (Version: 3 - Microsoft Corporation) VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.) World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 07-10-2014 13:42:50 Geplanter Prüfpunkt 09-10-2014 11:21:39 avast! antivirus system restore point ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2014-08-31 12:51 - 00000864 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 validation.sls.microsoft.com ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe Task: {AB515481-34F6-4AAD-BFF2-58879529AE5A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated) Task: {AC5E3041-9A57-49EF-B588-14950E0EC184} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe [2010-02-03] (ASUSTeK Computer Inc.) Task: {C4E8B14A-4159-4C58-BDAD-281DBBFC97E8} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => d:\program files\windows defender\MpCmdRun.exe Task: {D71D4684-5660-4F65-9ED2-092D84C6687F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-31] (AVAST Software) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============= 2014-08-31 12:22 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-08-31 12:07 - 2010-03-15 12:28 - 00166400 _____ () C:\Program Files (x86)\Zubehör\WinRAR\rarext.dll 2014-08-31 12:09 - 2010-05-24 17:10 - 00076192 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll 2014-08-31 12:09 - 2010-05-24 17:10 - 00383904 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll 2014-08-31 12:09 - 2010-05-24 17:10 - 00103328 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\VMicApi.dll 2014-08-31 12:09 - 2010-05-24 17:10 - 64641440 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll 2014-08-31 13:03 - 2014-08-31 13:03 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll 2014-10-09 13:22 - 2014-10-09 13:22 - 02859008 _____ () C:\Program Files\AVAST Software\Avast\defs\14100900\algo.dll 2014-08-31 13:03 - 2014-08-31 13:03 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-08-31 12:41 - 2009-03-19 22:35 - 00208896 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\AiNap.dll 2014-08-31 12:41 - 2009-03-19 22:35 - 00008704 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\vvc.dll 2014-08-31 12:41 - 2009-01-15 14:55 - 00565248 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll 2014-08-31 12:41 - 2009-03-25 16:53 - 00053248 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\AsSpindownTimeout.dll 2014-09-25 20:52 - 2014-09-25 20:52 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== Administrator (S-1-5-21-2176429021-1057270886-2413076650-500 - Administrator - Disabled) Gast (S-1-5-21-2176429021-1057270886-2413076650-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2176429021-1057270886-2413076650-1002 - Limited - Enabled) Jenny (S-1-5-21-2176429021-1057270886-2413076650-1000 - Administrator - Enabled) => C:\Users\Jenny ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (10/09/2014 01:31:08 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/09/2014 01:22:21 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/09/2014 00:43:15 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/09/2014 10:56:29 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/08/2014 10:02:56 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/08/2014 07:01:01 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/08/2014 04:17:58 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/08/2014 04:05:43 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/08/2014 01:31:33 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/08/2014 02:05:47 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (10/09/2014 01:30:56 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 09.10.2014 um 13:28:27 unerwartet heruntergefahren. Error: (10/09/2014 10:56:22 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 08.10.2014 um 22:05:41 unerwartet heruntergefahren. Error: (10/08/2014 10:02:49 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 08.10.2014 um 22:01:34 unerwartet heruntergefahren. Error: (10/08/2014 10:01:34 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 08.10.2014 um 21:59:47 unerwartet heruntergefahren. Error: (10/08/2014 07:00:54 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 08.10.2014 um 18:38:44 unerwartet heruntergefahren. Error: (10/08/2014 04:17:51 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 08.10.2014 um 16:15:44 unerwartet heruntergefahren. Error: (10/08/2014 04:05:36 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 08.10.2014 um 16:02:18 unerwartet heruntergefahren. Error: (10/06/2014 07:14:16 PM) (Source: BugCheck) (EventID: 1005) (User: ) Description: Error: (10/06/2014 07:14:15 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 06.10.2014 um 18:42:20 unerwartet heruntergefahren. Error: (10/06/2014 04:00:41 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 05.10.2014 um 17:25:53 unerwartet heruntergefahren. Microsoft Office Sessions: ========================= Error: (10/09/2014 01:31:08 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/09/2014 01:22:21 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/09/2014 00:43:15 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/09/2014 10:56:29 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/08/2014 10:02:56 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/08/2014 07:01:01 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/08/2014 04:17:58 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/08/2014 04:05:43 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/08/2014 01:31:33 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/08/2014 02:05:47 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 CodeIntegrity Errors: =================================== Date: 2014-10-09 16:12:09.017 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-09 16:10:35.461 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-09 14:58:50.610 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-09 14:58:38.908 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-09 14:58:21.012 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-09 13:31:11.424 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-09 13:21:48.964 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-09 12:43:24.251 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-09 10:56:38.993 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-08 22:03:03.810 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Processor: AMD Athlon(tm) II X3 445 Processor Percentage of memory in use: 67% Total physical RAM: 2046.11 MB Available physical RAM: 656.54 MB Total Pagefile: 4092.23 MB Available Pagefile: 2321.3 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: (Win7) (Fixed) (Total:55.8 GB) (Free:32.57 GB) NTFS Drive d: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.05 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive e: (Spiele) (Fixed) (Total:504.62 GB) (Free:338.32 GB) NTFS Drive f: (Sicherung) (Fixed) (Total:138.8 GB) (Free:86.05 GB) NTFS Drive g: (Win8) (Fixed) (Total:54.87 GB) (Free:35.26 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: F61D68C9) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=54.9 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=643.4 GB) - (Type=OF Extended) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 55.9 GB) (Disk ID: 6ACBC97C) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=55.8 GB) - (Type=07 NTFS) ==================== End Of Log ============================ Danke für den Hinweis und die so schnelle Antwort |
09.10.2014, 23:57 | #4 | |
/// the machine /// TB-Ausbilder | Windows 7 extreme: Pc stürzt andauernd ab und laggt.Zitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
11.10.2014, 19:50 | #5 |
| Windows 7 extreme: Pc stürzt andauernd ab und laggt. Davon wusste ich bisher noch nichts :O allerdings fährt mein Pc momentan überhaupt nicht mehr hoch, sodass ich auch keine weiteren Schritte mehr am Pc befolgen kann. Was soll ich tun? |
12.10.2014, 13:55 | #6 |
/// the machine /// TB-Ausbilder | Windows 7 extreme: Pc stürzt andauernd ab und laggt. Geht das ein wenig genauer? Ich sitze nit vor dem Gerät.
__________________ --> Windows 7 extreme: Pc stürzt andauernd ab und laggt. |
12.10.2014, 15:38 | #7 |
| Windows 7 extreme: Pc stürzt andauernd ab und laggt. Der Pc startet jedoch bleibt der Bildschirm schwarz und man hört auch nicht mehr das Windows startet. |
13.10.2014, 13:09 | #8 |
/// the machine /// TB-Ausbilder | Windows 7 extreme: Pc stürzt andauernd ab und laggt. Bildschirm und Rechner komplett aus. Bildschirm an, dieser geht nach einiger Zeit in Standby und zeigt "Kein Signal". Rechner jetzt einschalten. Geht das Standy Licht am Bildschirm weg und verändert sich?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
13.10.2014, 17:23 | #9 |
| Windows 7 extreme: Pc stürzt andauernd ab und laggt. Der Monitor bleibt im standby modus. Kabel sind alle richtig drin die habe ich schon überprüft. |
14.10.2014, 10:12 | #10 |
/// the machine /// TB-Ausbilder | Windows 7 extreme: Pc stürzt andauernd ab und laggt. Kabel tauschen, oder Graka defekt. Hat der ne Grafikkarte und noch zusätzlich ne Onboard Graka? Wenn ja Graka raus, Kabel an On Board graka anschliessen, testen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
18.10.2014, 15:23 | #11 |
| Windows 7 extreme: Pc stürzt andauernd ab und laggt. Ja lag an der graka. Habe nun eine neue drin und der pc geht wieder an, allerdings laggt dieser immernoch obwohl er dies nicht sollte, weshalb ich ihn gerne noch weiter von euch testen und untersuchen lassen würde. Tut mir leid das ich erst so spät geantwortet habe. |
19.10.2014, 08:35 | #12 |
/// the machine /// TB-Ausbilder | Windows 7 extreme: Pc stürzt andauernd ab und laggt. Dann mal los: Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
19.10.2014, 10:34 | #13 |
| Windows 7 extreme: Pc stürzt andauernd ab und laggt.FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-10-2014 01 Ran by Jenny (administrator) on JENNY-PC on 19-10-2014 11:28:55 Running from C:\Users\Jenny\Downloads Loaded Profile: Jenny (Available profiles: Jenny) Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 8 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe (VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Blizzard Entertainment) E:\World of Warcraft Stormblade\Wow.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Farbar) C:\Users\Jenny\Downloads\FRST64(1).exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2439072 2010-05-24] (VIA) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-07-30] (Oracle Corporation) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-31] (AVAST Software) HKU\S-1-5-21-2176429021-1057270886-2413076650-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21645408 2014-07-24] (Skype Technologies S.A.) HKU\S-1-5-21-2176429021-1057270886-2413076650-1000\...\Policies\Explorer: [NoInternetOpenWith] 1 ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} SearchScopes: HKCU - {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation) Hosts: 127.0.0.1 validation.sls.microsoft.com Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default FF DefaultSearchUrl: hxxp://wisersearch.com/search.php?channel=de&q= FF Homepage: www.google.de FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin-x32: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF user.js: detected! => C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default\user.js FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.) FF SearchPlugin: C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default\searchplugins\google-images.xml FF SearchPlugin: C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default\searchplugins\google-maps.xml FF SearchPlugin: C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default\searchplugins\search.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Avira Browser Safety - C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default\Extensions\abs@avira.com [2014-08-31] FF Extension: Cliqz Beta - C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default\Extensions\cliqz@cliqz.com [2014-09-26] FF Extension: Boost - C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default\Extensions\boost@boost.net.xpi [2014-08-31] FF Extension: Simple New Tab - C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default\Extensions\snt@dotlabs.co.xpi [2014-08-31] FF Extension: Adblock Plus - C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-31] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-31] FF HKCU\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\pmhotvzj.default\extensions\cliqz@cliqz.com Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-31] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-31] (AVAST Software) R2 Themes; C:\Windows\system32\themeservice.dll [44544 2011-06-16] (Microsoft Corporation) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] () R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-31] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-31] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-31] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-31] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-31] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-31] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-31] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-31] () R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] () R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) R3 UHSfiltv; C:\Windows\System32\drivers\UHSfiltv.sys [23552 2013-07-19] (Creative Technology Ltd.) S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-19 11:20 - 2014-10-19 11:20 - 02112000 _____ (Farbar) C:\Users\Jenny\Downloads\FRST64(1).exe 2014-10-16 12:02 - 2014-10-16 12:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2014-10-16 11:51 - 2014-07-02 19:44 - 00609240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2014-10-09 16:34 - 2014-10-09 16:35 - 00021216 _____ () C:\Users\Jenny\Downloads\Addition.txt 2014-10-09 16:32 - 2014-10-19 11:29 - 00009678 _____ () C:\Users\Jenny\Downloads\FRST.txt 2014-10-09 16:31 - 2014-10-19 11:28 - 00000000 ____D () C:\FRST 2014-10-09 16:30 - 2014-10-09 16:30 - 02109952 _____ (Farbar) C:\Users\Jenny\Downloads\FRST64.exe 2014-10-09 14:13 - 2014-10-09 14:13 - 00000000 _____ () C:\Users\Jenny\defogger_reenable 2014-10-02 21:21 - 2014-10-02 21:21 - 00000577 _____ () C:\Users\Jenny\Desktop\World of Tanks 0.9.3 ProMod.lnk 2014-09-27 19:30 - 2014-09-27 19:30 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-09-26 20:53 - 2014-09-26 20:53 - 00000000 ____D () C:\Users\Jenny\Documents\Abelssoft 2014-09-26 20:50 - 2014-09-27 19:31 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-09-26 20:50 - 2014-09-26 20:50 - 00000000 ____D () C:\Users\Jenny\AppData\Roaming\Opera Software 2014-09-26 20:50 - 2014-09-26 20:50 - 00000000 ____D () C:\Users\Jenny\AppData\Local\Opera Software 2014-09-26 20:49 - 2014-09-26 20:49 - 00000000 ____D () C:\Users\Jenny\AppData\Roaming\TuneUp Software 2014-09-26 20:49 - 2014-09-26 20:49 - 00000000 ____D () C:\Users\Jenny\AppData\Local\TuneUp Software 2014-09-26 20:48 - 2014-09-26 21:10 - 00000000 ____D () C:\ProgramData\TuneUp Software 2014-09-26 20:48 - 2014-09-26 20:48 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} 2014-09-26 20:38 - 2014-09-26 20:38 - 00000973 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk 2014-09-26 20:38 - 2014-09-26 20:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2014-09-26 20:37 - 2014-09-26 20:49 - 00000000 ____D () C:\Users\Jenny\AppData\Roaming\RHEng 2014-09-26 20:37 - 2014-09-26 20:37 - 00000000 ____D () C:\Users\Jenny\AppData\Roaming\OpenCandy 2014-09-26 20:36 - 2014-09-26 20:38 - 00000000 ____D () C:\Users\Jenny\AppData\Roaming\DVDVideoSoft 2014-09-26 20:13 - 2014-09-26 20:13 - 00000000 ____D () C:\Users\Jenny\AppData\Local\Abelssoft 2014-09-26 20:12 - 2011-05-13 12:16 - 00493056 _____ ( datenhaus GmbH) C:\Windows\SysWOW64\dhRichClient3.dll 2014-09-26 20:12 - 2011-03-25 20:42 - 00338432 _____ () C:\Windows\SysWOW64\sqlite36_engine.dll 2014-09-26 20:11 - 2014-09-26 20:11 - 01101648 _____ () C:\Users\Jenny\Downloads\YouTube Song Downloader 2014 - CHIP-Installer.exe 2014-09-25 20:52 - 2014-09-27 19:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-09-24 19:54 - 2014-10-09 11:05 - 00000483 _____ () C:\Users\Jenny\Desktop\MrFishIt.config.xml 2014-09-19 15:30 - 2014-09-19 15:30 - 00000577 _____ () C:\Users\Jenny\Desktop\World of Tanks 0.9.2 ProMod.lnk 2014-09-19 15:22 - 2014-10-02 21:19 - 00155136 _____ () C:\Windows\SysWOW64\unrar.dll 2014-09-19 15:22 - 2014-10-02 21:19 - 00034308 _____ () C:\Windows\SysWOW64\bassmod.dll 2014-09-19 15:22 - 2014-09-19 15:22 - 02406912 _____ (OldSkool) C:\Users\Jenny\Downloads\ProMod.exe 2014-09-19 15:22 - 2014-09-19 15:22 - 01931296 _____ (Codejock Software) C:\Windows\Codejock.Controls.v15.3.1.ocx 2014-09-19 15:22 - 2014-09-19 15:22 - 01931296 _____ (Codejock Software) C:\Windows\CODEJO~2.OCX 2014-09-19 15:22 - 2014-09-19 15:22 - 01070152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomctl.ocx 2014-09-19 15:22 - 2014-09-19 15:22 - 00136008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinet.ocx 2014-09-19 15:22 - 2014-09-19 15:22 - 00136008 _____ (Microsoft Corporation) C:\Windows\msinet.ocx ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-19 11:25 - 2009-07-14 06:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-10-19 11:25 - 2009-07-14 06:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-10-19 11:24 - 2011-04-12 09:43 - 00696620 _____ () C:\Windows\system32\perfh007.dat 2014-10-19 11:24 - 2011-04-12 09:43 - 00147916 _____ () C:\Windows\system32\perfc007.dat 2014-10-19 11:24 - 2009-07-14 07:13 - 01612484 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-10-19 11:22 - 2014-08-31 11:53 - 01752740 _____ () C:\Windows\WindowsUpdate.log 2014-10-19 11:18 - 2014-08-31 12:39 - 00000000 ____D () C:\Users\Jenny\AppData\Roaming\Skype 2014-10-19 11:18 - 2014-08-31 12:23 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-10-19 11:18 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-10-19 11:18 - 2009-07-14 06:51 - 00032332 _____ () C:\Windows\setupact.log 2014-10-19 06:52 - 2014-09-05 17:15 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-10-19 02:43 - 2014-08-31 13:02 - 221609478 _____ () C:\Windows\MEMORY.DMP 2014-10-19 02:43 - 2014-08-31 13:02 - 00000000 ____D () C:\Windows\Minidump 2014-10-19 01:30 - 2014-08-31 12:40 - 00000000 ____D () C:\Users\Jenny\AppData\Local\Battle.net 2014-10-19 01:21 - 2014-08-31 12:22 - 00000000 ____D () C:\Program Files (x86)\Battle.net 2014-10-19 01:01 - 2014-08-31 13:03 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-10-16 11:51 - 2014-08-31 12:22 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-10-09 14:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration 2014-10-09 14:13 - 2014-08-31 11:54 - 00000000 ____D () C:\Users\Jenny 2014-10-09 13:22 - 2014-08-31 13:04 - 00001974 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk 2014-09-28 11:42 - 2010-11-21 05:47 - 00006408 _____ () C:\Windows\PFRO.log 2014-09-27 19:31 - 2014-08-31 11:54 - 00001465 _____ () C:\Users\Jenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-09-27 19:31 - 2014-08-31 11:54 - 00001425 _____ () C:\Users\Jenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk 2014-09-27 19:29 - 2014-09-13 19:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service Some content of TEMP: ==================== C:\Users\Jenny\AppData\Local\Temp\DseShExt-x64.dll C:\Users\Jenny\AppData\Local\Temp\DseShExt-x86.dll C:\Users\Jenny\AppData\Local\Temp\SDShelEx-win32.dll C:\Users\Jenny\AppData\Local\Temp\SDShelEx-x64.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe [2011-06-16 19:09] - [2011-06-18 01:30] - 2871808 ____A (Microsoft Corporation) 5740B1555D51D56547043181789027A5 C:\Windows\SysWOW64\explorer.exe [2011-06-16 19:09] - [2011-06-18 01:35] - 2616320 ____A (Microsoft Corporation) 88B413E78ADB75A062AB947C1BF6D49A C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-10-16 18:54 ==================== End Of Log ============================ Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-10-2014 01 Ran by Jenny at 2014-10-19 11:30:12 Running from C:\Users\Jenny\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated) ATI Catalyst Install Manager (HKLM\...\{62140B07-129A-2BD0-81D2-2A1A7408ADC8}) (Version: 3.0.762.0 - ATI Technologies, Inc.) avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software) Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com) EPU-4 Engine (HKLM-x32\...\{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}) (Version: 1.02.01 - ) Free YouTube to MP3 Converter version 3.12.44.922 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.44.922 - DVDVideoSoft Ltd.) HashCheck Shell Extension (x86-64) (HKLM\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Java 8 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218020F0}) (Version: 8.0.200 - Oracle Corporation) Java Auto Updater (x32 Version: 2.8.20.26 - Oracle Corporation) Hidden Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.1 - Mozilla) NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation) NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden NVIDIA Systemsteuerung 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0009 - Realtek) Skype™ 6.18 (HKLM-x32\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 6.18.106 - Skype Technologies S.A.) TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.275 - TuneUp Software) Hidden Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939v3) (Version: 3 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2836939v3) (Version: 3 - Microsoft Corporation) VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.) World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 09-10-2014 11:21:39 avast! antivirus system restore point 16-10-2014 17:01:49 Geplanter Prüfpunkt ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2014-08-31 12:51 - 00000864 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 validation.sls.microsoft.com ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe Task: {AB515481-34F6-4AAD-BFF2-58879529AE5A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated) Task: {AC5E3041-9A57-49EF-B588-14950E0EC184} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe [2010-02-03] (ASUSTeK Computer Inc.) Task: {C4E8B14A-4159-4C58-BDAD-281DBBFC97E8} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => d:\program files\windows defender\MpCmdRun.exe Task: {D71D4684-5660-4F65-9ED2-092D84C6687F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-31] (AVAST Software) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============= 2014-08-31 12:22 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-08-31 12:09 - 2010-05-24 17:10 - 00076192 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll 2014-08-31 12:09 - 2010-05-24 17:10 - 00383904 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll 2014-08-31 12:09 - 2010-05-24 17:10 - 00103328 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\VMicApi.dll 2014-08-31 12:09 - 2010-05-24 17:10 - 64641440 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll 2014-08-31 13:03 - 2014-08-31 13:03 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll 2014-10-18 23:53 - 2014-10-18 23:53 - 02896384 _____ () C:\Program Files\AVAST Software\Avast\defs\14101801\algo.dll 2014-10-19 11:18 - 2014-10-19 11:18 - 02896384 _____ () C:\Program Files\AVAST Software\Avast\defs\14101900\algo.dll 2014-08-31 12:41 - 2009-03-19 22:35 - 00208896 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\AiNap.dll 2014-08-31 12:41 - 2009-03-19 22:35 - 00008704 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\vvc.dll 2014-08-31 12:41 - 2009-01-15 14:55 - 00565248 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll 2014-08-31 12:41 - 2009-03-25 16:53 - 00053248 _____ () C:\Program Files (x86)\ASUS\EPU-4 Engine\AsSpindownTimeout.dll 2014-08-31 13:03 - 2014-08-31 13:03 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2012-10-31 15:58 - 2011-04-16 19:56 - 00413696 _____ () E:\World of Warcraft Stormblade\DivxDecoder.dll 2014-09-25 20:52 - 2014-09-25 20:52 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== Administrator (S-1-5-21-2176429021-1057270886-2413076650-500 - Administrator - Disabled) Gast (S-1-5-21-2176429021-1057270886-2413076650-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2176429021-1057270886-2413076650-1002 - Limited - Enabled) Jenny (S-1-5-21-2176429021-1057270886-2413076650-1000 - Administrator - Enabled) => C:\Users\Jenny ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (10/19/2014 11:18:17 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/19/2014 02:43:46 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/19/2014 01:35:04 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/19/2014 01:01:45 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/18/2014 07:53:39 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/18/2014 04:19:20 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/18/2014 00:28:33 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/17/2014 07:33:18 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/17/2014 01:00:07 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/17/2014 04:51:59 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (10/19/2014 11:18:11 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: cdrom Error: (10/19/2014 02:43:36 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: cdrom Error: (10/19/2014 02:43:35 AM) (Source: BugCheck) (EventID: 1005) (User: ) Description: Error: (10/19/2014 02:43:34 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 19.10.2014 um 02:40:47 unerwartet heruntergefahren. Error: (10/19/2014 01:34:58 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: cdrom Error: (10/19/2014 01:34:55 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 19.10.2014 um 01:31:29 unerwartet heruntergefahren. Error: (10/19/2014 01:01:40 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: cdrom Error: (10/18/2014 07:53:34 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: cdrom Error: (10/18/2014 04:19:14 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: cdrom Error: (10/18/2014 04:13:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Sicherheitscenter" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts. Microsoft Office Sessions: ========================= Error: (10/19/2014 11:18:17 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/19/2014 02:43:46 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/19/2014 01:35:04 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/19/2014 01:01:45 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/18/2014 07:53:39 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/18/2014 04:19:20 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/18/2014 00:28:33 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/17/2014 07:33:18 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/17/2014 01:00:07 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/17/2014 04:51:59 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 CodeIntegrity Errors: =================================== Date: 2014-10-19 11:28:33.265 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-19 11:28:09.147 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-19 11:25:22.476 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-19 11:24:06.223 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-19 11:23:02.869 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-19 11:22:59.746 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-19 11:22:58.210 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-19 11:22:51.187 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-19 11:19:42.026 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-10-19 11:19:36.530 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Processor: AMD Athlon(tm) II X3 445 Processor Percentage of memory in use: 39% Total physical RAM: 4094.11 MB Available physical RAM: 2474.72 MB Total Pagefile: 8186.42 MB Available Pagefile: 6348.64 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: (Win7) (Fixed) (Total:55.8 GB) (Free:28.42 GB) NTFS Drive d: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.05 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive e: (Spiele) (Fixed) (Total:504.62 GB) (Free:340.08 GB) NTFS Drive f: (Sicherung) (Fixed) (Total:138.8 GB) (Free:86.05 GB) NTFS Drive g: (Win8) (Fixed) (Total:54.87 GB) (Free:35.26 GB) NTFS Drive h: (System-reserviert) (Fixed) (Total:0.34 GB) (Free:0.09 GB) NTFS ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 55.9 GB) (Disk ID: 6ACBC97C) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=55.8 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: F61D68C9) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=54.9 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=643.4 GB) - (Type=OF Extended) ==================== End Of Log ============================ |
20.10.2014, 07:31 | #14 | |
/// the machine /// TB-Ausbilder | Windows 7 extreme: Pc stürzt andauernd ab und laggt.Zitat:
Installier mal ein legales Windows, vielleicht wirds dann besser
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
20.10.2014, 20:03 | #15 |
| Windows 7 extreme: Pc stürzt andauernd ab und laggt. Ok danke wusste nicht, dass ich kein legales windows auf meinem pc habe Werde mir morgen ein neues legales windows drauf machen und hoffentlich geht dann alles wieder |
Themen zu Windows 7 extreme: Pc stürzt andauernd ab und laggt. |
ahnung, anhang, avast, besonders, bluescreen, booten, dauernd, direkt, erscheint, funktioniert, hochfahren, hängt, laggs, laggt, neue, nicht mehr, programm, runter, spiele, spielen, stark, stürzt, troja, unmöglich, viren, windows, windows 7, woran |