Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
CPU auslastung plötzlich 100%

CPU auslastung plötzlich 100%


Plagegeister aller Art und deren Bekämpfung: CPU auslastung plötzlich 100%

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 25.05.2015, 17:14   #1
Zippo1337
 
CPU auslastung plötzlich 100% - Standard

CPU auslastung plötzlich 100%


FRST Part 6
Code:
ATTFilter
2015-04-26 18:57 - 2014-10-29 03:59 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2015-04-26 18:57 - 2014-10-29 03:58 - 00107008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\telephon.cpl
2015-04-26 18:57 - 2014-10-29 03:58 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\colorcpl.exe
2015-04-26 18:57 - 2014-10-29 03:58 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2015-04-26 18:57 - 2014-10-29 03:58 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzutil.exe
2015-04-26 18:57 - 2014-10-29 03:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cliconfg.exe
2015-04-26 18:57 - 2014-10-29 03:58 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msyuv.dll
2015-04-26 18:57 - 2014-10-29 03:58 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sort.exe
2015-04-26 18:57 - 2014-10-29 03:58 - 00015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hh.exe
2015-04-26 18:57 - 2014-10-29 03:58 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmdkey.exe
2015-04-26 18:57 - 2014-10-29 03:58 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsbyuv.dll
2015-04-26 18:57 - 2014-10-29 03:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TapiUnattend.exe
2015-04-26 18:57 - 2014-10-29 03:58 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dvdplay.exe
2015-04-26 18:57 - 2014-10-29 03:58 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsied.dll
2015-04-26 18:57 - 2014-10-29 03:58 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomcnfg.exe
2015-04-26 18:57 - 2014-10-29 03:58 - 00009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtprio.dll
2015-04-26 18:57 - 2014-10-29 03:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DDOIProxy.dll
2015-04-26 18:57 - 2014-10-29 03:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrnsave.scr
2015-04-26 18:57 - 2014-10-29 03:57 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RpcNs4.dll
2015-04-26 18:57 - 2014-10-29 03:56 - 00013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pstorec.dll
2015-04-26 18:57 - 2014-10-29 03:56 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscproxystub.dll
2015-04-26 18:57 - 2014-10-29 03:56 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcji32.dll
2015-04-26 18:57 - 2014-10-29 03:56 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odtext32.dll
2015-04-26 18:57 - 2014-10-29 03:56 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odpdx32.dll
2015-04-26 18:57 - 2014-10-29 03:56 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odfox32.dll
2015-04-26 18:57 - 2014-10-29 03:56 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oddbse32.dll
2015-04-26 18:57 - 2014-10-29 03:56 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odexl32.dll
2015-04-26 18:57 - 2014-10-29 03:55 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfime.ime
2015-04-26 18:57 - 2014-10-29 03:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ctfmon.exe
2015-04-26 18:57 - 2014-10-29 03:53 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\dpapimig.exe
2015-04-26 18:57 - 2014-10-29 03:53 - 00009728 _____ (Microsoft Corporation) C:\Windows\winhlp32.exe
2015-04-26 18:57 - 2014-10-29 03:52 - 00120320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsicpl.exe
2015-04-26 18:57 - 2014-10-29 03:52 - 00108032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msra.exe
2015-04-26 18:57 - 2014-10-29 03:52 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winver.exe
2015-04-26 18:57 - 2014-10-29 03:52 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\regedt32.exe
2015-04-26 18:57 - 2014-10-29 03:52 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\write.exe
2015-04-26 18:57 - 2014-10-29 03:51 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\runas.exe
2015-04-26 18:57 - 2014-10-29 03:51 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InfDefaultInstall.exe
2015-04-26 18:57 - 2014-10-29 03:51 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\systray.exe
2015-04-26 18:57 - 2014-10-29 03:46 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcad32.exe
2015-04-26 18:57 - 2014-10-29 03:45 - 00108032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resmon.exe
2015-04-26 18:57 - 2014-10-29 03:45 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\AxInstUI.exe
2015-04-26 18:57 - 2014-10-29 03:44 - 00094720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Narrator.exe
2015-04-26 18:57 - 2014-10-29 03:44 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationNotifications.exe
2015-04-26 18:57 - 2014-10-29 03:43 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wowreg32.exe
2015-04-26 18:57 - 2014-10-29 03:40 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Netplwiz.exe
2015-04-26 18:57 - 2014-10-29 03:39 - 00217088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartScreenSettings.exe
2015-04-26 18:57 - 2014-10-29 03:39 - 00097792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Fondue.exe
2015-04-26 18:57 - 2014-10-29 03:39 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceProperties.exe
2015-04-26 18:57 - 2014-10-29 03:39 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SystemPropertiesRemote.exe
2015-04-26 18:57 - 2014-10-29 03:39 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SystemPropertiesProtection.exe
2015-04-26 18:57 - 2014-10-29 03:39 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SystemPropertiesPerformance.exe
2015-04-26 18:57 - 2014-10-29 03:39 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SystemPropertiesHardware.exe
2015-04-26 18:57 - 2014-10-29 03:39 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SystemPropertiesDataExecutionPrevention.exe
2015-04-26 18:57 - 2014-10-29 03:39 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SystemPropertiesComputerName.exe
2015-04-26 18:57 - 2014-10-29 03:39 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SystemPropertiesAdvanced.exe
2015-04-26 18:57 - 2014-10-29 03:39 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DpiScaling.exe
2015-04-26 18:57 - 2014-10-29 03:39 - 00058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RunLegacyCPLElevated.exe
2015-04-26 18:57 - 2014-10-29 03:39 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ComputerDefaults.exe
2015-04-26 18:57 - 2014-10-29 03:32 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bthudtask.exe
2015-04-26 18:57 - 2014-10-29 03:32 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-04-26 18:57 - 2014-10-29 03:29 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\dpapi.dll
2015-04-26 18:57 - 2014-10-29 03:29 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mprext.dll
2015-04-26 18:57 - 2014-10-29 03:29 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\dabapi.dll
2015-04-26 18:57 - 2014-10-29 03:29 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\C_ISCII.DLL
2015-04-26 18:57 - 2014-10-29 03:28 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\C_G18030.DLL
2015-04-26 18:57 - 2014-10-29 03:28 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\mprmsg.dll
2015-04-26 18:57 - 2014-10-29 03:28 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\reg.exe
2015-04-26 18:57 - 2014-10-29 03:28 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\nshhttp.dll
2015-04-26 18:57 - 2014-10-29 03:28 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\sdhcinst.dll
2015-04-26 18:57 - 2014-10-29 03:28 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\fltLib.dll
2015-04-26 18:57 - 2014-10-29 03:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\mountvol.exe
2015-04-26 18:57 - 2014-10-29 03:28 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\wmsgapi.dll
2015-04-26 18:57 - 2014-10-29 03:28 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\C_IS2022.DLL
2015-04-26 18:57 - 2014-10-29 03:28 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\winrssrv.dll
2015-04-26 18:57 - 2014-10-29 03:28 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\whhelper.dll
2015-04-26 18:57 - 2014-10-29 03:28 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\fdBthProxy.dll
2015-04-26 18:57 - 2014-10-29 03:28 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\TCPSVCS.EXE
2015-04-26 18:57 - 2014-10-29 03:28 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\TcpipSetup.dll
2015-04-26 18:57 - 2014-10-29 03:28 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\backgroundTaskHost.exe
2015-04-26 18:57 - 2014-10-29 03:28 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2015-04-26 18:57 - 2014-10-29 03:27 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\lodctr.exe
2015-04-26 18:57 - 2014-10-29 03:27 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\unlodctr.exe
2015-04-26 18:57 - 2014-10-29 03:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\SecEdit.exe
2015-04-26 18:57 - 2014-10-29 03:27 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\cacls.exe
2015-04-26 18:57 - 2014-10-29 03:27 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\fltMC.exe
2015-04-26 18:57 - 2014-10-29 03:27 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\PING.EXE
2015-04-26 18:57 - 2014-10-29 03:27 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerClient.dll
2015-04-26 18:57 - 2014-10-29 03:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\TRACERT.EXE
2015-04-26 18:57 - 2014-10-29 03:27 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\finger.exe
2015-04-26 18:57 - 2014-10-29 03:27 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\HOSTNAME.EXE
2015-04-26 18:57 - 2014-10-29 03:27 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\TetheringIeProvider.dll
2015-04-26 18:57 - 2014-10-29 03:26 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appsruprov.dll
2015-04-26 18:57 - 2014-10-29 03:26 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\VaultCmd.exe
2015-04-26 18:57 - 2014-10-29 03:26 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\MRINFO.EXE
2015-04-26 18:57 - 2014-10-29 03:26 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\ProximityRtapiPal.dll
2015-04-26 18:57 - 2014-10-29 03:26 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wpcsvc.dll
2015-04-26 18:57 - 2014-10-29 03:24 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\procinst.dll
2015-04-26 18:57 - 2014-10-29 03:23 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Custom.ps.dll
2015-04-26 18:57 - 2014-10-29 03:23 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\AppxStreamingDataSourcePS.dll
2015-04-26 18:57 - 2014-10-29 03:21 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\perfctrs.dll
2015-04-26 18:57 - 2014-10-29 03:21 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\ipconfig.exe
2015-04-26 18:57 - 2014-10-29 03:21 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\CallButtons.ProxyStub.dll
2015-04-26 18:57 - 2014-10-29 03:21 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\ROUTE.EXE
2015-04-26 18:57 - 2014-10-29 03:21 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\dllhst3g.exe
2015-04-26 18:57 - 2014-10-29 03:19 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\raschapext.dll
2015-04-26 18:57 - 2014-10-29 03:19 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\rastlsext.dll
2015-04-26 18:57 - 2014-10-29 03:12 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\DsmUserTask.exe
2015-04-26 18:57 - 2014-10-29 03:06 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\C_ISCII.DLL
2015-04-26 18:57 - 2014-10-29 03:06 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dabapi.dll
2015-04-26 18:57 - 2014-10-29 03:05 - 00113152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprmsg.dll
2015-04-26 18:57 - 2014-10-29 03:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PATHPING.EXE
2015-04-26 18:57 - 2014-10-29 03:05 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TRACERT.EXE
2015-04-26 18:57 - 2014-10-29 03:05 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TCPSVCS.EXE
2015-04-26 18:57 - 2014-10-29 03:05 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\backgroundTaskHost.exe
2015-04-26 18:57 - 2014-10-29 03:05 - 00006144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2015-04-26 18:57 - 2014-10-29 03:04 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\CertEnrollCtrl.exe
2015-04-26 18:57 - 2014-10-29 03:04 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpcsvc.dll
2015-04-26 18:57 - 2014-10-29 03:03 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\LaunchTM.exe
2015-04-26 18:57 - 2014-10-29 03:03 - 00013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MRINFO.EXE
2015-04-26 18:57 - 2014-10-29 03:01 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TaskSchdPS.dll
2015-04-26 18:57 - 2014-10-29 03:01 - 00028160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdProxy.dll
2015-04-26 18:57 - 2014-10-29 03:01 - 00027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Enumeration.ps.dll
2015-04-26 18:57 - 2014-10-29 03:01 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Custom.ps.dll
2015-04-26 18:57 - 2014-10-29 03:01 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Background.ps.dll
2015-04-26 18:57 - 2014-10-29 03:00 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CallButtons.ProxyStub.dll
2015-04-26 18:57 - 2014-10-29 02:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\Startupscan.dll
2015-04-26 18:57 - 2014-10-29 02:58 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\bootim.exe
2015-04-26 18:57 - 2014-10-29 02:50 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LaunchTM.exe
2015-04-26 18:57 - 2014-10-07 05:30 - 00026112 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys
2015-04-26 18:57 - 2014-10-07 05:29 - 00107520 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys
2015-04-26 18:57 - 2014-10-07 05:29 - 00032256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2015-04-26 18:57 - 2014-10-07 05:29 - 00030208 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-25 17:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2015-05-25 16:58 - 2015-04-08 10:54 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-05-25 16:55 - 2015-01-30 10:56 - 01369447 _____ () C:\Windows\WindowsUpdate.log
2015-05-25 16:47 - 2015-01-30 11:51 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3038526025-980542920-868354946-1001
2015-05-25 16:43 - 2015-01-30 11:10 - 00006469 _____ () C:\Windows\SysWOW64\Gms.log
2015-05-25 16:42 - 2015-01-30 11:48 - 00000125 _____ () C:\Users\christoph\AppData\Roaming\sp_data.sys
2015-05-25 16:40 - 2015-04-19 13:31 - 00008505 _____ () C:\Windows\setupact.log
2015-05-25 16:40 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-25 16:37 - 2015-01-30 11:45 - 00000000 ____D () C:\Users\christoph
2015-05-25 16:36 - 2015-04-08 11:49 - 00000000 ____D () C:\ProgramData\MFAData
2015-05-25 12:36 - 2015-04-08 11:59 - 00000999 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2015-05-25 12:36 - 2015-04-08 11:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-05-25 12:30 - 2015-01-30 11:53 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{BDBC6CEF-F67E-46A8-B662-ED7F3C4DED8A}
2015-05-24 19:27 - 2015-04-10 13:19 - 00000000 ____D () C:\Users\christoph\AppData\Roaming\Skype
2015-05-24 18:39 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\LiveKernelReports
2015-05-24 18:13 - 2015-04-19 13:13 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-05-24 18:13 - 2014-10-29 08:25 - 00000000 ____D () C:\ProgramData\Skype
2015-05-22 13:14 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2015-05-22 11:26 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-05-22 11:24 - 2015-04-10 13:07 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-05-22 11:24 - 2015-04-10 13:07 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-21 10:03 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-05-21 09:53 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-05-18 22:02 - 2014-03-18 10:16 - 00029562 _____ () C:\Windows\PFRO.log
2015-05-18 16:25 - 2013-08-22 16:44 - 00508280 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-18 15:36 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2015-05-18 15:30 - 2014-10-29 14:33 - 00798848 _____ () C:\Windows\system32\perfh013.dat
2015-05-18 15:30 - 2014-10-29 14:33 - 00162412 _____ () C:\Windows\system32\perfc013.dat
2015-05-18 15:30 - 2014-10-29 14:12 - 00802830 _____ () C:\Windows\system32\perfh00C.dat
2015-05-18 15:30 - 2014-10-29 14:12 - 00159266 _____ () C:\Windows\system32\perfc00C.dat
2015-05-18 15:30 - 2014-10-29 14:02 - 00767018 _____ () C:\Windows\system32\perfh007.dat
2015-05-18 15:30 - 2014-10-29 14:02 - 00159786 _____ () C:\Windows\system32\perfc007.dat
2015-05-18 15:30 - 2014-03-18 17:26 - 03696918 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-18 15:00 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-18 14:17 - 2015-04-16 09:26 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-05-18 14:17 - 2015-04-16 09:22 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-18 14:15 - 2015-04-10 13:06 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-18 14:12 - 2015-04-10 13:06 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-18 14:12 - 2013-08-22 15:25 - 00000199 _____ () C:\Windows\win.ini
2015-05-18 14:02 - 2014-03-18 17:10 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-18 09:27 - 2015-04-20 00:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-18 09:26 - 2015-04-09 00:06 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp
2015-05-16 21:55 - 2015-04-10 02:47 - 00000700 _____ () C:\Users\christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Gmail – kostenloser Speicherdienst und E-Mails von Google.website
2015-05-13 12:01 - 2014-10-29 08:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2015-05-13 12:01 - 2014-10-29 08:25 - 00000000 ____D () C:\Program Files (x86)\ASUS
2015-05-09 23:49 - 2015-04-08 12:57 - 00000000 ____D () C:\Users\christoph\Desktop\Ordner
2015-05-09 23:31 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-05-09 23:14 - 2015-04-16 11:37 - 00000000 ____D () C:\Users\christoph\Desktop\editra
2015-05-09 23:13 - 2015-04-19 01:32 - 00000000 ____D () C:\Users\christoph\AppData\Local\Avg
2015-05-08 18:41 - 2013-08-22 17:37 - 00004167 _____ () C:\Windows\DtcInstall.log
2015-05-08 18:35 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2015-05-08 18:35 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-08 18:35 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-08 18:35 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-08 18:35 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-08 18:35 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-08 18:35 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-08 18:35 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-08 18:35 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-08 18:35 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-08 18:35 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\MediaViewer
2015-05-08 18:35 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\FileManager
2015-05-08 18:35 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Camera
2015-05-08 18:34 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\sppui
2015-05-08 18:34 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
2015-05-08 18:34 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2015-05-08 18:34 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\Com
2015-05-08 18:34 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2015-05-08 18:34 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-05-08 18:34 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
2015-05-08 18:34 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-05-08 18:34 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2015-05-08 18:34 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-05-08 18:34 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\servicing
2015-05-08 18:33 - 2013-08-22 17:36 - 00000000 ___SD () C:\Windows\system32\dsc
2015-05-08 18:33 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns
2015-05-08 18:33 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform
2015-05-08 18:33 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sppui
2015-05-08 18:33 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\setup
2015-05-08 18:33 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\migwiz
2015-05-08 18:33 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\Com
2015-05-08 18:33 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\IME
2015-05-08 18:33 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2015-05-08 18:33 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\oobe
2015-05-08 18:33 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Dism
2015-05-08 18:31 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\WindowsPowerShell
2015-05-08 18:31 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2015-05-08 18:31 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-05-08 18:31 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform
2015-05-05 19:59 - 2015-04-10 01:20 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-05 19:59 - 2015-04-10 01:20 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-04 10:49 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-03 23:22 - 2015-01-30 11:46 - 00000000 ____D () C:\Users\christoph\AppData\Local\Packages
2015-05-03 16:11 - 2015-04-11 14:28 - 00000000 ____D () C:\Users\christoph\AppData\Local\Adobe
2015-05-03 16:11 - 2015-01-30 11:29 - 00000000 ____D () C:\ProgramData\McAfee
2015-05-03 14:38 - 2015-04-11 14:31 - 00000000 ____D () C:\Users\christoph\AppData\Roaming\Foxit Software
2015-05-03 02:43 - 2015-04-14 19:32 - 00000000 ____D () C:\Program Files (x86)\Google
2015-05-03 02:42 - 2015-04-14 19:32 - 00000000 ____D () C:\Users\christoph\AppData\Local\Google
2015-04-30 13:19 - 2015-04-08 12:23 - 00027750 _____ () C:\Windows\DirectX.log
2015-04-28 09:49 - 2013-08-22 17:36 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2015-04-28 09:49 - 2013-08-22 17:36 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll

==================== Files in the root of some directories =======

2015-01-30 11:48 - 2015-05-25 16:42 - 0000125 _____ () C:\Users\christoph\AppData\Roaming\sp_data.sys
2015-04-29 16:40 - 2015-04-29 16:40 - 0002196 _____ () C:\Users\christoph\AppData\Local\recently-used.xbel
2015-05-19 20:49 - 2015-05-19 20:49 - 0007597 _____ () C:\Users\christoph\AppData\Local\Resmon.ResmonCfg
2015-01-30 11:14 - 2015-01-30 11:14 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-10-29 08:25 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-10-29 08:25 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-10-29 08:25 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS


Some files in TEMP:
====================
C:\Users\christoph\AppData\Local\Temp\BSvcProcessor.exe
C:\Users\christoph\AppData\Local\Temp\BSvcUpdater.exe
C:\Users\christoph\AppData\Local\Temp\Foxit PhantomPDF Updater.exe
C:\Users\christoph\AppData\Local\Temp\ose00000.exe
C:\Users\christoph\AppData\Local\Temp\Quarantine.exe
C:\Users\christoph\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-20 15:28

==================== End of log ============================
Addition Part 1
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-05-2015 01
Ran by christoph at 2015-05-25 17:23:36
Running from C:\Users\christoph\AppData\Local\Microsoft\Windows\INetCache\IE\O8IBNCON
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3038526025-980542920-868354946-500 - Administrator - Disabled)
christoph (S-1-5-21-3038526025-980542920-868354946-1001 - Administrator - Enabled) => C:\Users\christoph
Gast (S-1-5-21-3038526025-980542920-868354946-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 2.0.8 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 3.0.8 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.03.0006 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.31 - ICEpower a/s)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5961 - AVG Technologies)
AVG 2015 (Version: 15.0.4347 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5961 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.1.0.411 - AVG Technologies)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Editra 0.7.20 (HKLM-x32\...\Editra) (Version: 0.7.20 - Cody Precord)
Foxit PhantomPDF (HKLM-x32\...\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}) (Version: 6.0.62.801 - Foxit Corporation)
GNU Privacy Guard (HKLM-x32\...\GnuPG) (Version: 2.1.1 - The GnuPG Project)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1017 - Intel Corporation)
Intel(R) Chipset Device Software (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.0.10100.71 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.30.1072 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4013 - Intel Corporation)
MAGIX PC Check & Tuning Free 2011 (HKLM-x32\...\MAGIX_MSI_PC_Check_Tuning_Free_2011) (Version: 6.0.403.1050 - MAGIX AG)
MAGIX PC Check & Tuning Free 2011 (x32 Version: 6.0.403.1050 - MAGIX AG) Hidden
MAGIX Screenshare (HKLM-x32\...\{B63DFA23-5C10-44B4-881D-45EFBF4A4761}) (Version: 4.3.6.1987 - MAGIX AG)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.2 - Mozilla)
NVIDIA Graphics Driver 333.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 333.60 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7383 - Realtek Semiconductor Corp.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.101 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{CBCC2FD8-7DFE-4752-95B5-2E447C226F45}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.14 - WildTangent)
Windows Driver Package - ASUS (ATP) Mouse  (07/02/2014 1.0.0.228) (HKLM\...\7504488B89E0121B0737D63957491C9CD2633065) (Version: 07/02/2014 1.0.0.228 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

03-05-2015 15:13:18 Installed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
09-05-2015 23:07:57 AVG PC TuneUp 2015 wird entfernt
18-05-2015 12:21:23 Geplanter Prüfpunkt
22-05-2015 11:23:37 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1A20FDD8-A679-4BA4-AFB3-824CE4A53E63} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {22D03CD0-C639-49F3-B839-6557685C3F4A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {275AE40B-C356-456D-8563-DA551529C614} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-05-18] (Microsoft Corporation)
Task: {2A05CFD9-4056-4CC4-965F-2120A4C206D2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {36E27157-D0DB-4D2D-A708-3BCE4417161E} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-02] (ASUSTek Computer Inc.)
Task: {3B3E1CAF-F8BC-4284-BCF2-FD487830FF8B} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-09-11] (ASUSTek Computer Inc.)
Task: {5194AFE5-B92C-4FEF-9F96-D55DD6781961} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-06-11] (ASUSTek Computer Inc.)
Task: {96F20D49-07AC-430F-9561-14BAEB9EDCFB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-03] (Adobe Systems Incorporated)
Task: {9A16798A-09F2-4459-B5E9-4C31C34A038C} - System32\Tasks\PCCT - MAGIX AG => C:\Program Files (x86)\MAGIX\PC_Check_Tuning_Free_2011\MxTray.exe [2010-11-08] ()
Task: {AB8665AE-8D5A-441A-8C90-2F45397B755A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {B05D0F34-5827-4AC9-BCB5-B5B6314A8B68} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {B39A53C6-4E58-43E4-9056-4ADD2CCE43D5} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-09-11] (ASUS)
Task: {B59AA510-AD31-4C58-B0CE-289718396942} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-09-19] (AsusTek)
Task: {F055A4DA-DCA2-4961-AC49-8741E8BDC869} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] ()
Task: {F81EDA35-C6F8-4398-861F-2F037A163362} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {FA4E6968-6506-4A40-88EE-9B064FE41217} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-10-23] (Realtek Semiconductor)
Task: {FEB109DD-4794-4FAA-8E38-68871CAF3B0A} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\PCCT - MAGIX AG.job => C:\Program Files (x86)\MAGIX\PC_Check_Tuning_Free_2011\MxTray.exe

==================== Loaded Modules (Whitelisted) ==============

2015-05-18 09:26 - 2015-05-18 09:26 - 00620056 ____N () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2015-01-30 11:10 - 2014-09-15 01:19 - 00117568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-11-08 18:08 - 2010-11-08 18:08 - 02644248 _____ () C:\Program Files (x86)\MAGIX\PC_Check_Tuning_Free_2011\MxTray.exe
2014-11-24 05:38 - 2014-11-19 09:26 - 00457616 _____ () C:\Windows\system32\igfxTray.exe
2015-04-08 12:08 - 2015-05-23 12:39 - 00289672 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
2014-09-11 20:31 - 2014-09-11 20:31 - 00037424 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2014-09-11 20:31 - 2014-09-11 20:31 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2014-09-11 20:31 - 2014-09-11 20:31 - 00018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll
2014-09-11 20:31 - 2014-09-11 20:31 - 00020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll
2010-11-04 12:21 - 2010-11-04 12:21 - 00635904 _____ () C:\Program Files (x86)\MAGIX\PC_Check_Tuning_Free_2011\MFL_u_VC9.dll
2007-09-05 16:42 - 2007-09-05 16:42 - 00638976 _____ () C:\Program Files (x86)\MAGIX\PC_Check_Tuning_Free_2011\PlayRIpl.dll
2015-04-08 11:03 - 2015-04-16 19:40 - 00776192 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-04-08 11:03 - 2015-04-23 04:16 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-04-08 11:03 - 2015-05-15 03:58 - 02396352 _____ () C:\Program Files (x86)\Steam\video.dll
2015-04-08 11:03 - 2015-04-23 04:16 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-04-08 11:03 - 2015-04-23 04:16 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-04-08 11:03 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-04-08 11:03 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-04-08 11:03 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-04-08 11:03 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-04-08 11:03 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-04-08 11:03 - 2015-05-15 03:57 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-04-09 00:06 - 2015-05-18 09:26 - 01711128 _____ () C:\Program Files (x86)\AVG Web TuneUp\TBAPI.dll
2015-04-08 11:03 - 2015-05-11 21:01 - 36302728 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-10-10 11:37 - 2014-10-10 11:37 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-05-16 10:21 - 2015-05-11 21:01 - 08958344 _____ () C:\Program Files (x86)\Steam\bin\pdf.dll
2015-04-08 12:14 - 2015-05-23 12:39 - 00224136 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\bin\launcher.dll
2015-04-08 12:08 - 2015-05-23 12:40 - 00415624 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\bin\tier0.dll
2015-04-08 12:08 - 2015-05-23 12:40 - 00344968 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\bin\vstdlib.dll
2015-04-08 12:08 - 2015-05-23 12:39 - 00402312 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\bin\filesystem_stdio.dll
2015-04-08 12:08 - 2015-05-23 12:39 - 05954952 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\engine.dll
2015-04-08 12:08 - 2015-05-23 12:40 - 01078664 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\networksystem.dll
2015-04-08 12:08 - 2015-05-23 12:39 - 00905096 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\inputsystem.dll
2015-04-08 12:08 - 2015-05-23 12:40 - 01179016 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\materialsystem.dll
2015-04-08 12:08 - 2015-05-23 12:39 - 00496008 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\datacache.dll
2015-04-08 12:08 - 2015-05-23 12:40 - 00638344 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\studiorender.dll
2015-04-08 12:14 - 2015-05-23 12:40 - 00179592 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\soundemittersystem.dll
2015-04-08 12:08 - 2015-05-23 12:40 - 01184136 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\vphysics.dll
2015-04-08 12:08 - 2015-05-23 12:40 - 00928648 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\vscript.dll
2015-04-08 12:08 - 2015-05-23 12:40 - 01442184 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\vguimatsurface.dll
2015-04-08 12:08 - 2015-05-23 12:40 - 00475528 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\vgui2.dll
2015-04-08 12:08 - 2015-05-23 12:40 - 05618056 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\scaleformui_4.dll
2015-04-08 12:08 - 2015-05-23 12:39 - 00978312 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\bin\shaderapidx9.dll
2015-04-08 12:14 - 2015-05-23 12:39 - 00158600 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\localize.dll
2015-04-08 12:14 - 2015-05-23 12:39 - 00244616 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\stdshader_dbg.dll
2015-04-08 12:08 - 2015-05-23 12:40 - 01142152 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\stdshader_dx9.dll
2015-04-08 12:08 - 2015-05-23 12:40 - 22324616 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota\bin\client.dll
2015-04-08 12:08 - 2015-05-23 12:40 - 19570056 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota\bin\server.dll
2015-04-08 12:14 - 2015-05-23 12:39 - 00196488 _____ () C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\bin\scenefilecache.dll
2015-04-08 12:14 - 2015-05-23 12:40 - 00113544 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\vaudio_miles.dll
2015-04-08 12:14 - 2015-04-08 12:14 - 00071680 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\mssmp3.asi
2015-04-08 12:14 - 2015-04-08 12:14 - 00153088 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\mssvoice.asi
2015-04-08 12:14 - 2015-04-08 12:14 - 00013312 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\mssds3d.flt
2015-04-08 12:14 - 2015-04-08 12:14 - 00055808 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\msseax.flt
2015-04-08 12:14 - 2015-05-23 12:40 - 00188808 _____ () c:\program files (x86)\steam\steamapps\common\dota 2 beta\bin\vaudio_celt.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Facebook.website:TASKICON_0news684619179
AlternateDataStreams: C:\Users\christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Facebook.website:TASKICON_1messages-1319269234
AlternateDataStreams: C:\Users\christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Facebook.website:TASKICON_2events2139358615
AlternateDataStreams: C:\Users\christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Facebook.website:TASKICON_3friends628411981

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
Addition Part 2
Code:
ATTFilter
==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3038526025-980542920-868354946-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\christoph\Desktop\Ordner\url.png
DNS Servers: 172.20.10.1

==================== MSCONFIG/TASK MANAGER Error getting ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{D48F6F7F-BD46-41F0-BD6B-37F58504FF32}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{10E7ABC7-246F-49ED-9ED9-9BF14241B171}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8F4B1CA4-580C-4619-B76A-B2AEFB5A0DE5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A9A90879-4921-4C74-8CFE-4B99A51FA119}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FDD3C6F4-3D46-448F-8AD2-4B7040FDA4EB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B9EAE910-5054-4D8D-B1AE-C5F666C50CA7}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4139470D-37E8-48EA-8AE4-B97B2CEC94CF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{154485FC-09F3-4421-B1DD-D5BE47B8DEB6}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{10066CD5-763A-4DF8-A8EF-96FF01AF372C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{9FAF861D-7A67-4E81-B214-DA2ADA60D0AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{FE48F8C6-15E0-4C68-B968-DD868328A888}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{6861B6DC-41CD-4B62-82B4-A0E94EC829E2}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{F235F36C-67CB-4352-82D2-64B061804BCB}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{15AA3C03-38A1-42C5-AC19-633E1B2419DB}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{5FD5EA7E-C7CA-4B1E-8DFB-1A3554B23694}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{3FC61E55-CD1E-46F0-98B6-FBED2CC0EE49}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{DE5D6780-E9E7-44FE-9069-BA9830E6EE7D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{BC3D08E0-D10B-462C-A4ED-B630A1625DB0}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{C0A1BBD4-8F28-4DF6-AAAC-A646A4329A49}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{D74858C1-0C92-4166-82F9-F4E08C65A0BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{9A8E0000-356C-4B17-9FD0-9CC8024EAB27}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{244A12CE-1FB1-4F3E-B8EC-37C419ED35CD}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{A8B213FC-AFA2-416E-982D-F3F978E5639F}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{E91EBC8B-3B0E-4921-ADE0-00C559AD7A84}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{96F3BC04-D8DE-4375-A72B-61882ECBBBF8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BA2D1653-FAC3-484D-BEBD-CE5F48B20164}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{52586310-DC44-45A2-BE09-97D97846AFA7}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{F1F8DB89-18B1-4601-8B4E-01DEE924CF65}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{1FEC483F-0464-4ECC-9C73-902501C103B1}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{8F3506A6-1959-4729-B3E9-54D928938290}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{B2E04655-F013-4364-888F-08668D240C80}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/25/2015 01:01:33 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database

Error: (05/25/2015 00:13:53 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418231

Error: (05/24/2015 02:03:27 PM) (Source: PerfNet) (EventID: 2006) (User: )
Description: 

Error: (05/24/2015 01:57:37 PM) (Source: PerfNet) (EventID: 2005) (User: )
Description: 

Error: (05/24/2015 01:57:30 PM) (Source: PerfNet) (EventID: 2006) (User: )
Description: 

Error: (05/24/2015 01:55:23 PM) (Source: PerfNet) (EventID: 2005) (User: )
Description: 

Error: (05/24/2015 02:19:47 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418231

Error: (05/23/2015 01:02:29 PM) (Source: PerfNet) (EventID: 2006) (User: )
Description: 

Error: (05/23/2015 00:56:30 PM) (Source: PerfNet) (EventID: 2005) (User: )
Description: 

Error: (05/23/2015 00:56:30 PM) (Source: PerfNet) (EventID: 2006) (User: )
Description: 


System errors:
=============
Error: (05/25/2015 04:40:24 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.

Error: (05/25/2015 04:40:53 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎25.‎05.‎2015 um 16:37:08 unerwartet heruntergefahren.

Error: (05/25/2015 03:38:07 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (05/25/2015 03:38:07 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (05/25/2015 00:03:35 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎24.‎05.‎2015 um 19:20:28 unerwartet heruntergefahren.

Error: (05/24/2015 06:12:30 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (05/24/2015 06:12:30 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (05/24/2015 06:12:30 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (05/24/2015 05:20:28 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (05/24/2015 05:20:28 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.


Microsoft Office:
=========================
Error: (05/25/2015 01:01:33 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: -2147024883

Error: (05/25/2015 00:13:53 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418231

Error: (05/24/2015 02:03:27 PM) (Source: PerfNet) (EventID: 2006) (User: )
Description: 

Error: (05/24/2015 01:57:37 PM) (Source: PerfNet) (EventID: 2005) (User: )
Description: 

Error: (05/24/2015 01:57:30 PM) (Source: PerfNet) (EventID: 2006) (User: )
Description: 

Error: (05/24/2015 01:55:23 PM) (Source: PerfNet) (EventID: 2005) (User: )
Description: 

Error: (05/24/2015 02:19:47 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418231

Error: (05/23/2015 01:02:29 PM) (Source: PerfNet) (EventID: 2006) (User: )
Description: 

Error: (05/23/2015 00:56:30 PM) (Source: PerfNet) (EventID: 2005) (User: )
Description: 

Error: (05/23/2015 00:56:30 PM) (Source: PerfNet) (EventID: 2006) (User: )
Description: 


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 29%
Total physical RAM: 12190.8 MB
Available physical RAM: 8636.96 MB
Total Pagefile: 24478.8 MB
Available Pagefile: 20507.19 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:275.34 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:542.8 GB) (Free:542.63 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 97578715)

Partition: GPT Partition Type.

==================== End of log ============================

Antwort

Themen zu CPU auslastung plötzlich 100%
100%, absturz, asus, auslastung, bewusst, cpu, cpu 100%, cpu auslastung, gelöst, laptop, malware, manager, miteinander, neu, nichts, plötzlich, problem, programm, programme, programmen, ram, task manager, tiere, windows, woche, wochen, ähnliches


« Dolby Audiotreiber Meldung | Browser extrem langsam »


Ähnliche Themen: CPU auslastung plötzlich 100%


  1. Hohe, schwankende GPU Auslastung im Desktopbetrieb. WIN 8.1. Plötzlich nur noch 30 statt 60 FPS in Games
    Log-Analyse und Auswertung - 30.08.2015 (9)
  2. Plötzlich Blackscreen. Win 8.1
    Plagegeister aller Art und deren Bekämpfung - 31.05.2015 (12)
  3. 100 Prozent CPU Auslastung; PC spielt plötzlich Sounds und Geräusche ab
    Plagegeister aller Art und deren Bekämpfung - 27.01.2015 (13)
  4. CPU-Auslastung 100% durch sychost.exe -> sehr lahmer PC (->plötzlich) - "ADWARE/Adppeeps.A" gefunden
    Log-Analyse und Auswertung - 14.11.2013 (1)
  5. Pc plötzlich schrecklich langsam, CPU Auslastung bis 100%
    Log-Analyse und Auswertung - 18.12.2011 (1)
  6. Plötzlich hohe Cpu auslastung, ohne erkennbaren Grund
    Plagegeister aller Art und deren Bekämpfung - 19.11.2010 (36)
  7. plötzlich hohe cpu auslastung
    Log-Analyse und Auswertung - 30.04.2010 (0)
  8. pc plötzlich langsam, hohe auslastung!
    Log-Analyse und Auswertung - 21.06.2009 (6)
  9. Bildschirm wurde plötzlich Schwarz/ Service.exe zeigt eine starke CPU-Auslastung!
    Log-Analyse und Auswertung - 27.04.2009 (0)
  10. PC stürzt plötzlich ab- HJT-Log
    Log-Analyse und Auswertung - 11.02.2009 (1)
  11. CPU-Auslastung plötzlich auf 100%
    Log-Analyse und Auswertung - 24.08.2007 (2)
  12. IE7 plötzlich mit hoher CPU-Auslastung
    Log-Analyse und Auswertung - 16.06.2007 (6)
  13. Favoriten im IE plötzlich weg
    Log-Analyse und Auswertung - 09.11.2005 (2)
  14. plötzlich was auf deskop
    Plagegeister aller Art und deren Bekämpfung - 11.06.2005 (2)
  15. CPU-Auslastung plötzlich 100%
    Plagegeister aller Art und deren Bekämpfung - 17.12.2004 (21)
  16. CPU auslastung plötzlich auf 100%
    Log-Analyse und Auswertung - 17.12.2004 (5)
  17. plötzlich pop-ups?
    Plagegeister aller Art und deren Bekämpfung - 11.02.2004 (5)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema CPU auslastung plötzlich 100% - FRST Part 6 Code: Alles auswählen Aufklappen ATTFilter 2015-04-26 18:57 - 2014-10-29 03:59 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll 2015-04-26 18:57 - 2014-10-29 03:58 - 00107008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\telephon.cpl - CPU auslastung plötzlich 100%...
Archiv
Du betrachtest: CPU auslastung plötzlich 100% auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131