Zurück   Trojaner-Board > Web/PC > Alles rund um Windows

Alles rund um Windows: svchost.exe - 25% CPU Auslastung & kein WLAN für 2 min. bei Systemstart [FRST vorhanden]

Windows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8 und 8.1 - als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows.

Antwort
Alt 03.10.2016, 14:31   #1
trom
 
svchost.exe - 25% CPU Auslastung & kein WLAN für 2 min. bei Systemstart [FRST vorhanden] - Standard

Problem: svchost.exe - 25% CPU Auslastung & kein WLAN für 2 min. bei Systemstart [FRST vorhanden]



Hallo,
ich habe folgendes Problem:

Windows startet -> svchost.exe zeigt 25% CPU an -> WLAN ist verbunden und zeigt alle Balken an, jedoch werden keine Daten gesendet (kein Internet!). Nach einiger Zeit sinkt die CPU % und es gibt eine Internetverbindung.

Was kann ich tun? Bitte um Hilfe!

Bilder:
[spoiler]





[/]

FRST.txt
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 02-10-2016
durchgeführt von Alex (Administrator) auf ALEX-PC (03-10-2016 14:18:30)
Gestartet von C:\Users\Alex\Downloads
Geladene Profile: Alex (Verfügbare Profile: Alex)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Reflect\ReflectService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
() C:\Program Files (x86)\qBittorrent\qbittorrent.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Flux Software LLC) C:\Users\Alex\AppData\Local\FluxSoftware\Flux\flux.exe
(Winstep Software Technologies) C:\Program Files (x86)\Winstep\Nexus.exe
(ShareX Team) C:\Program Files\ShareX\ShareX.exe
(abelhadigital.com) C:\Program Files (x86)\HostsMan\hm.exe
(QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe
(QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exe
(The Chromium Authors) C:\Users\Alex\Desktop\chromium portable\bin\chrome.exe
(The Chromium Authors) C:\Users\Alex\Desktop\chromium portable\bin\chrome.exe
(The Chromium Authors) C:\Users\Alex\Desktop\chromium portable\bin\chrome.exe
(The Chromium Authors) C:\Users\Alex\Desktop\chromium portable\bin\chrome.exe
(The Chromium Authors) C:\Users\Alex\Desktop\chromium portable\bin\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(FlashPeak Inc.) C:\Users\Alex\Desktop\SlimJet 32\slimjet.exe
(FlashPeak Inc.) C:\Users\Alex\Desktop\SlimJet 32\slimjet.exe
(FlashPeak Inc.) C:\Users\Alex\Desktop\SlimJet 32\slimjet.exe
(FlashPeak Inc.) C:\Users\Alex\Desktop\SlimJet 32\slimjet.exe
(FlashPeak Inc.) C:\Users\Alex\Desktop\SlimJet 32\slimjet.exe
(FlashPeak Inc.) C:\Users\Alex\Desktop\SlimJet 32\slimjet.exe
(FlashPeak Inc.) C:\Users\Alex\Desktop\SlimJet 32\slimjet.exe
(FlashPeak Inc.) C:\Users\Alex\Desktop\SlimJet 32\slimjet.exe
(FlashPeak Inc.) C:\Users\Alex\Desktop\SlimJet 32\slimjet.exe
(FlashPeak Inc.) C:\Users\Alex\Desktop\SlimJet 32\slimjet.exe
(Piotr Pawlowski) C:\Program Files (x86)\foobar2000\foobar2000.exe
(The Chromium Authors) C:\Users\Alex\Desktop\chromium portable\bin\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\Alex\Downloads\FRST64 (1).exe


==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16697352 2016-08-26] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HostsMan] => C:\Program Files (x86)\HostsMan\hm.exe [8161280 2015-11-20] (abelhadigital.com)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
HKLM-x32\...\Run: [KeyScrambler] => C:\Program Files (x86)\KeyScrambler\keyscrambler.exe [515600 2016-04-01] (QFX Software Corporation)
HKU\S-1-5-21-2483748350-3972836390-758131696-1001\...\Run: [qBittorrent] => C:\Program Files (x86)\qBittorrent\qbittorrent.exe [15855104 2016-07-20] ()
HKU\S-1-5-21-2483748350-3972836390-758131696-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [797328 2016-06-15] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-2483748350-3972836390-758131696-1001\...\Run: [f.lux] => C:\Users\Alex\AppData\Local\FluxSoftware\Flux\flux.exe [1016712 2013-10-16] (Flux Software LLC)
HKU\S-1-5-21-2483748350-3972836390-758131696-1001\...\Run: [NeXuS] => C:\Program Files (x86)\Winstep\Nexus.exe [17016960 2015-07-27] (Winstep Software Technologies)
HKU\S-1-5-21-2483748350-3972836390-758131696-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [31744 2015-10-30] (Microsoft Corporation)
IFEO\taskmgr.exe: [Debugger] "C:\USERS\ALEX\DESKTOP\PROCESSEXPLORER\PROCEXP.EXE"
ShellExecuteHooks: QTTabBarLib.ExplorerProcessCaptor - {D2BF470E-ED1C-487F-AAAA-2BD8835EB6CE} - C:\Windows\System32\mscoree.dll [396288 2015-10-30] (Microsoft Corporation)
ShellExecuteHooks-x32: QTTabBarLib.ExplorerProcessCaptor - {D2BF470E-ED1C-487F-AAAA-2BD8835EB6CE} - C:\Windows\System32\mscoree.dll [396288 2015-10-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  Keine Datei
Startup: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk [2016-10-02]
ShortcutTarget: ShareX.lnk -> C:\Program Files\ShareX\ShareX.exe (ShareX Team)
GroupPolicy: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{ff55f818-daaa-4d2a-af2f-c078fd6c340a}: [DhcpNameServer] 192.168.0.1 192.168.0.2

Internet Explorer:
==================
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-12-23] (IObit)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-09-05] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-09-05] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: u29gi07d.default-1444673507436
FF ProfilePath: C:\Users\Alex\AppData\Roaming\Thunderbird\Profiles\85i0bxy0.default [2016-10-03]
FF Extension: (ColumnsWizard) - C:\Users\Alex\AppData\Roaming\Thunderbird\Profiles\85i0bxy0.default\Extensions\columnswizard@micz.it.xpi [2016-09-05] [ist nicht signiert]
FF Extension: (German Dictionary) - C:\Users\Alex\AppData\Roaming\Thunderbird\Profiles\85i0bxy0.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2016-01-17]
FF Extension: (United States English Spellchecker) - C:\Users\Alex\AppData\Roaming\Thunderbird\Profiles\85i0bxy0.default\Extensions\en-US@dictionaries.addons.mozilla.org [2016-03-18]
FF Extension: (Extra Folder Columns) - C:\Users\Alex\AppData\Roaming\Thunderbird\Profiles\85i0bxy0.default\Extensions\extra-cols@jminta_gmail.com.xpi [2015-08-25] [ist nicht signiert]
FF Extension: (Mail Merge) - C:\Users\Alex\AppData\Roaming\Thunderbird\Profiles\85i0bxy0.default\Extensions\mailmerge@example.net.xpi [2016-07-26] [ist nicht signiert]
FF Extension: (Lightning) - C:\Users\Alex\AppData\Roaming\Thunderbird\Profiles\85i0bxy0.default\Extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103} [2016-06-21] [ist nicht signiert]
FF ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436 [2016-10-03]
FF user.js: detected! => C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\user.js [2016-05-30]
FF NewTab: Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436 -> about:superstart
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436 -> DuckDuckStart
FF Session Restore: Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436 -> ist aktiviert.
FF Extension: (No Resource URI Leak) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\Extensions\@no-resource-uri-leak.xpi [2016-07-26]
FF Extension: (Simple Add-on Manager) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\Extensions\@simple-addon-manager.xpi [2016-09-07]
FF Extension: (Blender) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\Extensions\blender@meh.paranoid.pk.xpi [2016-04-27]
FF Extension: (Cleanest Addon Manager) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\Extensions\cam@sdrocking.com.xpi [2016-08-27]
FF Extension: (CanvasBlocker) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\Extensions\CanvasBlocker@kkapsner.de.xpi [2016-08-08]
FF Extension: (FindBar Tweak) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\Extensions\fbt@quicksaver.xpi [2016-06-02]
FF Extension: (YouTube Video and Audio Downloader) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2016-08-18]
FF Extension: (HTTPS by default) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\Extensions\https-by-default@robwu.nl.xpi [2016-08-28]
FF Extension: (HTTPS Everywhere) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\Extensions\https-everywhere-eff@eff.org.xpi [2016-09-22]
FF Extension: (Duplicate Tabs Closer) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\Extensions\jid0-RvYT2rGWfM8q5yWxIxAHYAeo5Qg@jetpack.xpi [2016-08-21]
FF Extension: (Google search link fix) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\Extensions\jid0-XWJxt5VvCXkKzQK99PhZqAn7Xbg@jetpack.xpi [2016-09-03]
FF Extension: (Decentraleyes) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\Extensions\jid1-BoFifL9Vbdl2zQ@jetpack.xpi [2016-07-02]
FF Extension: (Privacy Settings) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\Extensions\jid1-CKHySAadH4nL6Q@jetpack.xpi [2016-09-07]
FF Extension: (Policy Control (JavaScript, CSS, Media, ...)) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\Extensions\jid1-gHwvGmJ8Ii9oOq@jetpack.xpi [2016-02-12]
FF Extension: (Clean Uninstall) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\Extensions\jid1-gjJqQ12bh0olrR@jetpack.xpi [2016-07-07]
FF Extension: (Media Converter and Muxer) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\Extensions\jid1-kps5PrGBNtzSLQ@jetpack.xpi [2016-08-31]
FF Extension: (Speed Tweaks (SpeedyFox)) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\Extensions\jid1-wZqm19rJzRkZUA@jetpack.xpi [2016-09-20]
FF Extension: (Copy Extensions to Clipboard) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\Extensions\jid1-yaYZ8QXoULbGtw@jetpack.xpi [2016-09-21]
FF Extension: (SortTabs) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\Extensions\jid1-ybZYGXHcBi9FHA@jetpack.xpi [2016-04-27]
FF Extension: (Enhanced Steam) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\Extensions\jid1-YdiFiTEkQgInxA@jetpack.xpi [2016-10-02]
FF Extension: (KillSpinners) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\Extensions\killspinners@byo.co.il.xpi [2016-02-13]
FF Extension: (Kill Panel Animations) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\Extensions\kpa@caligonstudios.com.xpi [2016-04-29]
FF Extension: (Shoop.de Lieblings-Shop Assistent (LiSA)) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\Extensions\lisa@qipu.de.xpi [2016-08-27]
FF Extension: (Masking Agent) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\Extensions\maskingagent@basa.nl.xpi [2016-04-27]
FF Extension: (Disable Hello, Pocket & Reader+) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\Extensions\NoTrash@Off.JustOff.xpi [2016-09-23]
FF Extension: (Pure URL) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\Extensions\pure-url@jetpack.xpi [2016-04-28]
FF Extension: (Smaller Firefox) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\Extensions\smaller@firefox.com.xpi [2016-04-28]
FF Extension: (Super Start) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\Extensions\superstart@enjoyfreeware.org [2015-12-07]
FF Extension: (Tab Counter) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\Extensions\tabcounter@morac.xpi [2016-03-10]
FF Extension: (Tab Groups) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\Extensions\tabgroups@quicksaver.xpi [2016-06-03]
FF Extension: (Task Manager) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\Extensions\task-manager@TheLaGmAn.xpi [2016-09-11]
FF Extension: (uBlock Origin) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\Extensions\uBlock0@raymondhill.net.xpi [2016-09-26]
FF Extension: (uMatrix) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\Extensions\uMatrix@raymondhill.net.xpi [2016-06-24]
FF Extension: (Session Manager) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2016-03-18]
FF Extension: (NoScript) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-08-08]
FF Extension: (FireFTP) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2016-06-22]
FF Extension: (Video DownloadHelper) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-09-17]
FF Extension: (BetterPrivacy) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2016-05-05]
FF Extension: (DownThemAll!) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-09-30]
FF Extension: (Greasemonkey) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-08-20]
FF SearchPlugin: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\searchplugins\duckduckstart.xml [2016-03-02]
FF SearchPlugin: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\searchplugins\firefox-add-ons.xml [2015-10-12]
FF SearchPlugin: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\searchplugins\ixquick-https---deutsch.xml [2016-03-06]
FF SearchPlugin: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\u29gi07d.default-1444673507436\searchplugins\startpage-https---deutsch.xml [2016-03-06]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-09-05] (Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-09-05] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> D:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [Keine Datei]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> D:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-26] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-26] (Google Inc.)

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2980032 2016-09-05] (Microsoft Corporation)
S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-13] (Dropbox, Inc.)
S4 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-13] (Dropbox, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2779136 2016-08-18] (ESET)
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [0 2016-05-31] () <==== ACHTUNG (Null Byte Datei/Ordner)
R2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [3476432 2015-10-12] (Paramount Software UK Ltd)
S2 RTLDHCPService; C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe [261848 2013-11-12] (Realtek)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [197264 2016-06-15] (Sandboxie Holdings, LLC)
S4 VeeamEndpointBackupSvc; C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe [91648 2015-09-29] (Veeam Software AG) [Datei ist nicht signiert]
S4 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S1 anodlwf; C:\Windows\system32\DRIVERS\anodlwfx.sys [15872 2009-03-06] ()
R3 bcmsmbsp; C:\Windows\System32\drivers\bcmsmbsp.sys [54048 2015-09-10] (Broadcom Corporation.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [263296 2016-08-18] (ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15488 2016-08-18] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [197288 2016-08-18] (ESET)
S4 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [153248 2016-08-18] (ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [208552 2016-08-18] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [61608 2016-08-18] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [84640 2016-08-18] (ESET)
R3 ISCT; C:\Windows\System32\drivers\ISCTD.sys [44744 2014-02-03] ()
R3 KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [224720 2015-08-18] (QFX Software Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-03-30] (Malwarebytes)
S3 ptun0901; C:\Windows\System32\drivers\ptun0901.sys [27136 2014-08-08] (The OpenVPN Project)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [943112 2016-08-22] (Realtek                                            )
R3 RtlWlanu; C:\Windows\System32\drivers\rtwlanu.sys [5221144 2016-04-24] (Realtek Semiconductor Corporation                           )
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [204944 2016-06-15] (Sandboxie Holdings, LLC)
R1 VBoxNetAdp; C:\Windows\System32\drivers\VBoxNetAdp6.sys [117768 2015-07-09] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [146072 2015-07-09] (Oracle Corporation)
R2 VeeamFSR; C:\Program Files\Veeam\Endpoint Backup\VeeamFSR.sys [114120 2015-09-29] (Veeam Software AG)
S3 VirtualDK; C:\Program Files\Veeam\Endpoint Backup\vdk.sys [36808 2015-09-29] (Ken Kato)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U4 DiagTrack; kein ImagePath
U4 dmwappushsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-10-03 14:17 - 2016-10-03 14:18 - 02404864 _____ (Farbar) C:\Users\Alex\Downloads\FRST64 (1).exe
2016-10-03 12:55 - 2016-10-03 12:55 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-10-03 12:30 - 2016-10-03 12:30 - 00030912 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2016-10-03 12:30 - 2016-10-03 12:30 - 00029376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2016-10-03 12:30 - 2016-10-03 12:30 - 00018600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll
2016-10-03 12:30 - 2016-10-03 12:30 - 00018592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll
2016-10-03 12:27 - 2016-10-03 12:28 - 62008080 _____ (Microsoft Corporation) C:\Users\Alex\Downloads\NDP462-KB3151800-x86-x64-AllOS-ENU.exe
2016-10-03 12:13 - 2016-10-03 12:13 - 00067376 _____ C:\Users\Alex\Downloads\Addition.txt
2016-10-03 12:12 - 2016-10-03 14:19 - 00027745 _____ C:\Users\Alex\Downloads\FRST.txt
2016-10-03 12:12 - 2016-10-03 14:18 - 00000000 ____D C:\FRST
2016-10-03 12:12 - 2016-10-03 12:12 - 02404864 _____ (Farbar) C:\Users\Alex\Downloads\FRST64.exe
2016-10-03 11:54 - 2016-10-03 11:58 - 00042168 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2016-10-03 11:54 - 2016-10-03 11:54 - 00000000 ____D C:\Users\Alex\Desktop\ProcessExplorer
2016-10-03 11:53 - 2016-10-03 11:53 - 01270466 _____ C:\Users\Alex\Downloads\ProcessExplorer.zip
2016-10-03 11:40 - 2016-10-03 11:44 - 00000292 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_Alex.job
2016-10-03 11:40 - 2016-10-03 11:40 - 00002474 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Alex
2016-10-03 11:36 - 2016-10-03 11:36 - 02485677 _____ C:\WINDOWS\system32\Drivers\etc\HOSTS.tmp
2016-10-03 09:08 - 2016-10-03 09:08 - 02485677 _____ C:\WINDOWS\system32\Drivers\etc\HOSTS.bak
2016-10-02 15:24 - 2016-10-02 15:26 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Braid
2016-10-02 15:24 - 2016-10-02 15:24 - 00000000 ____D C:\Users\Alex\AppData\Roaming\fltk.org
2016-10-02 15:24 - 2016-10-02 15:24 - 00000000 ____D C:\ProgramData\fltk.org
2016-10-02 14:20 - 2016-10-02 14:20 - 00000000 ____D C:\Users\Alex\AppData\LocalLow\Funselektor Labs Inc_
2016-10-02 12:31 - 2016-10-02 12:31 - 00001083 _____ C:\Users\Public\Desktop\Mumble.lnk
2016-10-01 14:38 - 2016-10-01 14:38 - 00000000 ____D C:\Users\Alex\Documents\GUILD WARS
2016-10-01 11:11 - 2016-10-01 11:11 - 00006517 _____ C:\Users\Alex\Downloads\EnableDisable.smx
2016-09-27 17:12 - 2016-09-27 17:12 - 01684211 _____ C:\Users\Alex\Downloads\uBlock0.chromium (2).zip
2016-09-25 22:13 - 2016-09-25 22:13 - 00000000 ____D C:\Users\Alex\AppData\Local\Tempzxpsignbf2acbbe300ed7c0
2016-09-25 22:13 - 2016-09-25 22:13 - 00000000 ____D C:\Users\Alex\AppData\Local\Tempzxpsign85fa52ae00c4f6ef
2016-09-25 22:13 - 2016-09-25 22:13 - 00000000 ____D C:\Users\Alex\AppData\Local\Tempzxpsign4f24dd5e10ad4124
2016-09-25 22:05 - 2016-09-25 22:05 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Thinstall
2016-09-25 12:35 - 2016-09-25 12:35 - 00000000 ____D C:\Users\Alex\Desktop\vsh2
2016-09-25 02:32 - 2016-09-25 02:32 - 01684211 _____ C:\Users\Alex\Downloads\uBlock0.chromium (1).zip
2016-09-25 02:21 - 2016-09-25 02:21 - 00000000 ____D C:\Users\Alex\AppData\Local\Tempzxpsign639f00ad0b476218
2016-09-25 02:20 - 2016-09-25 02:20 - 00000000 ____D C:\Users\Alex\AppData\Local\Tempzxpsignddd4723792965cd8
2016-09-25 02:20 - 2016-09-25 02:20 - 00000000 ____D C:\Users\Alex\AppData\Local\Tempzxpsign508a433a447d7d58
2016-09-25 01:44 - 2016-09-25 01:44 - 00000000 ____D C:\Users\Alex\AppData\Local\Tempzxpsign5d116e06e7155b5a
2016-09-25 01:43 - 2016-09-25 01:43 - 00000000 ____D C:\Users\Alex\AppData\Local\Tempzxpsignddf006176b83be26
2016-09-25 01:43 - 2016-09-25 01:43 - 00000000 ____D C:\Users\Alex\AppData\Local\Tempzxpsign69c719b783a79d20
2016-09-25 01:42 - 2016-09-25 02:27 - 00000000 ____D C:\Users\Alex\Desktop\asd
2016-09-24 07:29 - 2016-09-09 20:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-09-24 07:29 - 2016-09-09 20:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-09-24 07:29 - 2016-09-09 20:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-09-24 07:29 - 2016-09-09 20:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-09-24 07:26 - 2016-09-20 06:53 - 14242872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-09-24 07:26 - 2016-09-17 02:45 - 40068544 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-09-24 07:26 - 2016-09-17 02:45 - 35182648 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-09-24 07:26 - 2016-09-17 02:45 - 34849336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-09-24 07:26 - 2016-09-17 02:45 - 28245048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-09-24 07:26 - 2016-09-17 02:45 - 23725352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-09-24 07:26 - 2016-09-17 02:45 - 20232240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-09-24 07:26 - 2016-09-17 02:45 - 17621512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-09-24 07:26 - 2016-09-17 02:45 - 14478624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-09-24 07:26 - 2016-09-17 02:45 - 10868288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-09-24 07:26 - 2016-09-17 02:45 - 10753576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-09-24 07:26 - 2016-09-17 02:45 - 10294720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-09-24 07:26 - 2016-09-17 02:45 - 09098352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-09-24 07:26 - 2016-09-17 02:45 - 08877480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-09-24 07:26 - 2016-09-17 02:45 - 08691848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-09-24 07:26 - 2016-09-17 02:45 - 02912192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-09-24 07:26 - 2016-09-17 02:45 - 02551352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-09-24 07:26 - 2016-09-17 02:45 - 01019328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-09-24 07:26 - 2016-09-17 02:45 - 00956864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-09-24 07:26 - 2016-09-17 02:45 - 00943672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-09-24 07:26 - 2016-09-17 02:45 - 00895032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-09-24 07:26 - 2016-09-17 02:45 - 00802768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-09-24 07:26 - 2016-09-17 02:45 - 00688784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-09-24 07:26 - 2016-09-17 02:45 - 00643928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-09-24 07:26 - 2016-09-17 02:45 - 00616648 _____ C:\WINDOWS\system32\nvmcumd.dll
2016-09-24 07:26 - 2016-09-17 02:45 - 00578240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-09-24 07:26 - 2016-09-17 02:45 - 00573424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-09-24 07:26 - 2016-09-17 02:45 - 00471424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-09-24 07:26 - 2016-09-17 02:45 - 00439352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-09-24 07:26 - 2016-09-17 02:45 - 00394704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-09-24 07:26 - 2016-09-17 02:45 - 00390200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-09-24 07:26 - 2016-09-17 02:45 - 00386104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-09-24 07:26 - 2016-09-17 02:45 - 00348728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-09-24 07:26 - 2016-09-17 02:45 - 00327408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-09-24 07:26 - 2016-09-17 02:45 - 00181488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-09-24 07:26 - 2016-09-17 02:45 - 00159536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-09-24 07:26 - 2016-09-17 02:45 - 00153368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-09-24 07:26 - 2016-09-17 02:45 - 00131536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-09-24 07:26 - 2016-09-17 02:45 - 00040826 _____ C:\WINDOWS\system32\nvinfo.pb
2016-09-24 07:25 - 2016-09-17 02:45 - 03907504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-09-24 07:25 - 2016-09-17 02:45 - 03449344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-09-24 07:25 - 2016-09-17 02:45 - 01922616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437290.dll
2016-09-24 07:25 - 2016-09-17 02:45 - 01585088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437290.dll
2016-09-23 23:48 - 2016-09-24 04:57 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-09-20 22:46 - 2016-09-20 22:46 - 13528376 _____ C:\Users\Alex\Downloads\sourcemod-1.8.0-git5929-windows.zip
2016-09-20 21:45 - 2014-08-08 18:31 - 00027136 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\ptun0901.sys
2016-09-18 19:39 - 2016-09-18 19:39 - 00027824 _____ C:\Users\Alex\Downloads\afk_manager.smx
2016-09-18 19:38 - 2016-09-18 19:38 - 00024413 _____ C:\Users\Alex\Downloads\morecolors.inc
2016-09-11 19:49 - 2016-09-11 19:49 - 00001496 _____ C:\Users\Alex\Downloads\Script_FalconPunch.zip
2016-09-10 22:03 - 2016-09-10 22:03 - 00000000 ____D C:\Users\Alex\AppData\Local\Tempzxpsignd7becccc986151d4
2016-09-10 22:03 - 2016-09-10 22:03 - 00000000 ____D C:\Users\Alex\AppData\Local\Tempzxpsign2a8d37f8e2c9e46b
2016-09-10 22:03 - 2016-09-10 22:03 - 00000000 ____D C:\Users\Alex\AppData\Local\Tempzxpsign064367fd5246296e
2016-09-09 20:25 - 2016-09-09 20:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1-1-0-26-0.dll
2016-09-09 20:25 - 2016-09-09 20:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1-1-0-26-0.dll
2016-09-09 20:25 - 2016-09-09 20:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-1-0-26-0.exe
2016-09-09 20:24 - 2016-09-09 20:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo-1-1-0-26-0.exe
2016-09-08 20:04 - 2016-08-26 01:27 - 01922616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437270.dll
2016-09-08 20:04 - 2016-08-26 01:27 - 01586560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437270.dll
2016-09-07 20:24 - 2016-09-07 20:24 - 06662856 _____ (Tim Kosse) C:\Users\Alex\Downloads\FileZilla_3.21.0_win64-setup.exe
2016-09-06 07:20 - 2016-08-03 13:14 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-09-06 07:20 - 2016-08-03 13:14 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-09-06 07:20 - 2016-08-03 13:14 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-09-06 07:20 - 2016-08-03 12:36 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-09-06 07:20 - 2016-08-03 12:36 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-09-06 07:20 - 2016-08-03 12:36 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-09-06 07:20 - 2016-08-03 12:30 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-09-06 07:20 - 2016-08-03 12:23 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-09-06 07:20 - 2016-08-03 12:23 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-09-06 07:20 - 2016-08-03 12:22 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-09-06 07:20 - 2016-08-03 12:22 - 00465248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-09-06 07:20 - 2016-08-03 12:22 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-09-06 07:20 - 2016-08-03 12:21 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-09-06 07:20 - 2016-08-03 12:21 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-09-06 07:20 - 2016-08-03 12:21 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-09-06 07:20 - 2016-08-03 12:20 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-09-06 07:20 - 2016-08-03 12:20 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-09-06 07:20 - 2016-08-03 12:19 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-09-06 07:20 - 2016-08-03 12:19 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-09-06 07:20 - 2016-08-03 12:13 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-09-06 07:20 - 2016-08-03 12:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-09-06 07:20 - 2016-08-03 12:13 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-09-06 07:20 - 2016-08-03 11:51 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-09-06 07:20 - 2016-08-03 11:51 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-09-06 07:20 - 2016-08-03 11:44 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-09-06 07:20 - 2016-08-03 11:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-09-06 07:20 - 2016-08-03 11:44 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-09-06 07:20 - 2016-08-03 11:43 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-09-06 07:20 - 2016-08-03 11:41 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-09-06 07:20 - 2016-08-03 11:41 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-09-06 07:20 - 2016-08-03 11:40 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-09-06 07:20 - 2016-08-03 11:40 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-09-06 07:20 - 2016-08-03 11:40 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-09-06 07:20 - 2016-08-03 11:39 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-09-06 07:20 - 2016-08-03 11:39 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-09-06 07:20 - 2016-08-03 11:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-09-06 07:20 - 2016-08-03 11:37 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-09-06 07:20 - 2016-08-03 11:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-09-06 07:20 - 2016-08-03 11:36 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-09-06 07:20 - 2016-08-03 11:35 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-09-06 07:20 - 2016-08-03 11:33 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-09-06 07:20 - 2016-08-03 11:31 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-09-06 07:20 - 2016-08-03 11:31 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2016-09-06 07:20 - 2016-08-03 11:30 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-09-06 07:20 - 2016-08-03 11:29 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-09-06 07:20 - 2016-08-03 11:29 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-09-06 07:20 - 2016-08-03 11:29 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-09-06 07:20 - 2016-08-03 11:28 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-09-06 07:20 - 2016-08-03 11:28 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-09-06 07:20 - 2016-08-03 11:27 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-09-06 07:20 - 2016-08-03 11:27 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-09-06 07:20 - 2016-08-03 11:18 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-09-06 07:20 - 2016-08-03 11:18 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-09-06 07:20 - 2016-08-03 11:18 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-09-06 07:20 - 2016-08-03 11:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-09-06 07:20 - 2016-08-03 11:16 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-09-06 07:20 - 2016-08-03 11:16 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-09-06 07:20 - 2016-08-03 11:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-09-06 07:20 - 2016-08-03 11:16 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-09-06 07:20 - 2016-08-03 11:14 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-09-06 07:20 - 2016-08-03 11:13 - 03025920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-09-06 07:20 - 2016-08-03 11:13 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-09-06 07:20 - 2016-08-03 11:12 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-09-06 07:20 - 2016-08-03 11:11 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-09-06 07:20 - 2016-08-03 07:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-09-06 07:20 - 2016-08-03 07:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-09-06 07:20 - 2016-08-03 07:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-09-06 07:20 - 2016-08-03 07:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-09-06 07:20 - 2016-08-03 07:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-09-06 07:20 - 2016-08-03 07:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-09-06 07:20 - 2016-08-03 07:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-09-06 07:20 - 2016-08-03 07:30 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-09-06 07:20 - 2016-08-03 07:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-09-06 07:20 - 2016-08-03 07:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-09-06 07:20 - 2016-08-03 06:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-09-06 07:20 - 2016-08-03 06:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-09-06 07:20 - 2016-08-03 06:47 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-09-06 07:20 - 2016-08-03 06:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-09-06 07:20 - 2016-08-03 06:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-09-06 07:20 - 2016-08-03 06:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-09-06 07:20 - 2016-08-03 06:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-09-06 07:20 - 2016-08-03 06:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2016-09-06 07:20 - 2016-08-03 06:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-09-06 07:20 - 2016-08-03 06:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-09-06 07:20 - 2016-08-03 06:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-09-06 07:20 - 2016-08-03 06:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-09-06 07:20 - 2016-08-03 06:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-09-06 07:20 - 2016-08-03 06:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-09-06 07:20 - 2016-08-03 06:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-09-06 07:20 - 2016-08-03 06:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-09-06 07:20 - 2016-08-03 06:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-09-06 07:20 - 2016-08-03 06:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-09-06 07:20 - 2016-08-03 06:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-09-06 07:20 - 2016-08-03 06:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-09-06 07:19 - 2016-08-03 12:22 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-09-06 07:19 - 2016-08-03 12:22 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-09-06 07:19 - 2016-08-03 12:21 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-09-06 07:19 - 2016-08-03 12:11 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-09-06 07:19 - 2016-08-03 11:46 - 22384128 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-09-06 07:19 - 2016-08-03 11:40 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2016-09-06 07:19 - 2016-08-03 11:38 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-09-06 07:19 - 2016-08-03 11:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-09-06 07:19 - 2016-08-03 11:35 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-09-06 07:19 - 2016-08-03 11:34 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-09-06 07:19 - 2016-08-03 11:33 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-09-06 07:19 - 2016-08-03 11:31 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-09-06 07:19 - 2016-08-03 11:30 - 24613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-09-06 07:19 - 2016-08-03 11:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-09-06 07:19 - 2016-08-03 11:29 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-09-06 07:19 - 2016-08-03 11:29 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-09-06 07:19 - 2016-08-03 11:28 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-09-06 07:19 - 2016-08-03 11:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-09-06 07:19 - 2016-08-03 11:27 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-09-06 07:19 - 2016-08-03 11:20 - 13390336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-09-06 07:19 - 2016-08-03 11:15 - 07833088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-09-06 07:19 - 2016-08-03 11:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-09-06 07:19 - 2016-08-03 06:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-09-06 07:19 - 2016-08-03 06:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-09-06 07:19 - 2016-08-03 06:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-09-06 07:19 - 2016-08-03 06:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-09-06 07:19 - 2016-08-03 06:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-09-06 07:19 - 2016-08-03 06:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-09-06 07:19 - 2016-08-03 06:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-09-06 07:19 - 2016-08-03 06:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-09-06 07:19 - 2016-08-03 06:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-09-06 07:19 - 2016-08-03 06:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-09-06 07:19 - 2016-08-03 06:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-09-06 07:19 - 2016-08-03 06:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-09-06 07:19 - 2016-08-03 06:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-09-04 14:27 - 2016-09-04 14:27 - 00183279 _____ C:\Users\Alex\Desktop\kuendigung.pdf
2016-09-04 12:53 - 2016-09-04 12:53 - 01680093 _____ C:\Users\Alex\Downloads\uBlock0.chromium.zip
2016-09-03 18:59 - 2016-09-03 18:59 - 01690138 _____ C:\Users\Alex\Downloads\q7spd0p1.bmp

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-10-03 14:17 - 2015-07-30 18:18 - 00000000 ____D C:\Users\Alex\AppData\Roaming\qBittorrent
2016-10-03 14:11 - 2015-08-01 00:14 - 00000000 ____D C:\Users\Alex\AppData\Roaming\foobar2000
2016-10-03 13:38 - 2016-02-06 20:27 - 00000000 ____D C:\Users\Alex\Documents\ShareX
2016-10-03 13:07 - 2015-10-30 20:35 - 00776422 _____ C:\WINDOWS\system32\perfh007.dat
2016-10-03 13:07 - 2015-10-30 20:35 - 00155676 _____ C:\WINDOWS\system32\perfc007.dat
2016-10-03 13:07 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-10-03 13:07 - 2015-07-30 15:44 - 01801910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-10-03 13:03 - 2015-11-12 16:54 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-10-03 13:03 - 2015-10-30 08:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-10-03 12:55 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-10-03 12:55 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-10-03 12:55 - 2015-07-30 18:37 - 00000000 ____D C:\Program Files\Microsoft Office
2016-10-03 12:31 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-10-03 09:26 - 2015-07-30 17:26 - 00000000 ____D C:\Users\Alex\AppData\Roaming\HLSW
2016-10-03 09:08 - 2015-07-30 16:19 - 00004168 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F4A1D493-D0B3-4649-9843-77CB0E9D2828}
2016-10-03 09:07 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-10-02 20:45 - 2015-07-30 17:26 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Mumble
2016-10-02 20:06 - 2016-01-30 22:09 - 00000496 _____ C:\WINDOWS\Tasks\Macrium-Backup-{F154F2BC-3C8C-49D9-84D5-9ED5DAF0DDAE}.job
2016-10-02 19:23 - 2015-08-02 22:20 - 00000000 ____D C:\Users\Alex\AppData\Local\Sputnik
2016-10-02 17:06 - 2016-04-15 14:31 - 00000000 ____D C:\Users\Alex\AppData\Local\Battle.net
2016-10-02 17:00 - 2016-02-06 20:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShareX
2016-10-02 17:00 - 2016-02-06 20:27 - 00000000 ____D C:\Program Files\ShareX
2016-10-02 16:05 - 2015-07-30 17:26 - 00000000 ____D C:\Users\Alex\AppData\Roaming\OBS
2016-10-02 14:58 - 2015-07-31 03:21 - 00000000 ____D C:\Users\Alex\AppData\Local\CrashDumps
2016-10-02 12:31 - 2015-07-31 01:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mumble
2016-10-02 12:31 - 2015-07-31 01:33 - 00000000 ____D C:\Program Files (x86)\Mumble
2016-10-01 18:44 - 2016-01-30 23:11 - 00002432 _____ C:\WINDOWS\Sandboxie.ini
2016-10-01 13:54 - 2015-07-30 17:26 - 00000000 ____D C:\Users\Alex\AppData\Roaming\FileZilla
2016-10-01 12:59 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-10-01 12:58 - 2015-08-09 09:30 - 00000600 _____ C:\Users\Alex\AppData\Local\PUTTY.RND
2016-09-28 16:59 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-25 22:34 - 2015-11-06 18:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-25 22:15 - 2015-08-30 02:03 - 00001456 _____ C:\Users\Alex\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2016-09-25 22:13 - 2015-08-28 23:03 - 00001381 _____ C:\Users\Public\Desktop\Adobe Update Management Tool.lnk
2016-09-25 22:13 - 2015-07-30 16:29 - 00001149 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2016-09-25 01:43 - 2015-08-01 00:57 - 00000000 ____D C:\Users\Alex\AppData\Local\Adobe
2016-09-24 07:29 - 2016-08-10 01:46 - 00000000 ___HD C:\temp
2016-09-24 07:29 - 2016-03-18 13:39 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-09-24 07:29 - 2015-11-12 16:49 - 00000000 ____D C:\ProgramData\NVIDIA
2016-09-20 21:59 - 2016-07-16 14:40 - 00000000 ____D C:\Users\Alex\AppData\Local\MSfree Inc
2016-09-17 00:54 - 2016-08-27 19:09 - 01364024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-09-17 00:54 - 2015-12-23 00:39 - 00548408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-09-17 00:54 - 2015-12-23 00:39 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-09-17 00:54 - 2015-11-12 16:49 - 07379415 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-09-17 00:54 - 2015-11-12 16:49 - 06384064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-09-17 00:54 - 2015-11-12 16:49 - 02475064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-09-17 00:54 - 2015-11-12 16:49 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-09-17 00:54 - 2015-11-12 16:49 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-09-17 00:54 - 2015-11-12 16:49 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-09-16 21:46 - 2015-07-30 17:27 - 00001184 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk
2016-09-16 21:46 - 2015-07-30 17:27 - 00000000 ____D C:\Program Files (x86)\foobar2000
2016-09-08 20:11 - 2016-02-07 16:47 - 00000000 ____D C:\Users\Alex\Desktop\SlimJet 32
2016-09-07 20:24 - 2015-07-31 01:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2016-09-07 20:24 - 2015-07-31 01:34 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2016-09-06 21:44 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-09-06 07:41 - 2015-07-30 15:43 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-09-06 07:40 - 2015-10-30 20:47 - 00000000 ____D C:\Program Files\Windows Journal
2016-09-06 07:40 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-09-06 07:22 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-09-04 14:21 - 2016-02-13 14:04 - 00169402 _____ C:\Users\Alex\Desktop\kuendigung_dsb.pdf
2016-09-04 14:07 - 2015-11-06 18:58 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Mozilla

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-07-20 20:32 - 2016-07-20 20:32 - 0000033 _____ () C:\Users\Alex\AppData\Roaming\AdobeWLCMCache.dat
2016-05-31 00:53 - 2016-05-31 00:53 - 0000112 _____ () C:\Users\Alex\AppData\Roaming\JP2K CS6 Prefs
2015-08-16 17:20 - 2015-08-16 17:21 - 0000600 _____ () C:\Users\Alex\AppData\Roaming\PUTTY.RND
2015-08-01 01:39 - 2015-08-01 01:39 - 0000020 ___SH () C:\Users\Alex\AppData\Roaming\Sys11965 DataCollection.dat
2015-08-01 01:39 - 2015-08-01 01:39 - 0000020 ___SH () C:\Users\Alex\AppData\Roaming\System413_DataDB.ind
2015-11-18 03:10 - 2015-11-18 03:10 - 0002615 _____ () C:\Users\Alex\AppData\Local\ACCCx3_3_0_151.zip.aamdownload.aamd
2015-08-30 02:03 - 2016-09-25 22:15 - 0001456 _____ () C:\Users\Alex\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2015-11-03 19:14 - 2016-03-29 18:20 - 1065984 _____ () C:\Users\Alex\AppData\Local\file__0.localstorage
2015-08-09 09:30 - 2016-10-01 12:58 - 0000600 _____ () C:\Users\Alex\AppData\Local\PUTTY.RND
2015-12-31 17:28 - 2015-12-31 17:28 - 0007626 _____ () C:\Users\Alex\AppData\Local\Resmon.ResmonCfg
2015-11-12 16:49 - 2015-11-12 16:49 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-09-25 21:01

==================== Ende von FRST.txt ============================
         

Alt 03.10.2016, 19:28   #2
trom
 
svchost.exe - 25% CPU Auslastung & kein WLAN für 2 min. bei Systemstart [FRST vorhanden] - Standard

svchost.exe - 25% CPU Auslastung & kein WLAN für 2 min. bei Systemstart [FRST vorhanden] Anleitung / Hilfe



Addition.txt
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02-10-2016
durchgeführt von Alex (03-10-2016 14:19:04)
Gestartet von C:\Users\Alex\Downloads
Windows 10 Pro Version 1511 (X64) (2015-11-12 14:55:27)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2483748350-3972836390-758131696-500 - Administrator - Disabled)
Alex (S-1-5-21-2483748350-3972836390-758131696-1001 - Administrator - Enabled) => C:\Users\Alex
DefaultAccount (S-1-5-21-2483748350-3972836390-758131696-503 - Limited - Disabled)
Gast (S-1-5-21-2483748350-3972836390-758131696-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Smart Security 9.0.402.1 (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Smart Security 9.0.402.1 (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

1001 Spikes (HKLM-x32\...\Steam App 260790) (Version:  - Nicalis, Inc.)
Abomination Tower (HKLM-x32\...\Steam App 340390) (Version:  - Amethyst Quarter)
Absolute Drift (HKLM\...\Steam App 320140) (Version:  - Funselektor Labs Inc.)
Action! (HKLM-x32\...\Mirillis Action!) (Version: 1.30.0 - Mirillis)
Adobe After Effects CC 2015.3 (HKLM-x32\...\AEFT_13_8_0) (Version: 13.8.0 - Adobe Systems Incorporated)
Adobe Animate CC 2015.2 (HKLM-x32\...\FLPR_15_2) (Version: 15.2 - Adobe Systems Incorporated)
Adobe Illustrator CC 2015.3 (HKLM-x32\...\ILST_20_0_0) (Version: 20.0.0 - Adobe Systems Incorporated)
Adobe InDesign CC 2015 (HKLM-x32\...\{DBFD0312-6E55-1014-8952-E78D43BC0147}) (Version: 11.4.0.090 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015.3 (HKLM-x32\...\AME_10_3_0) (Version: 10.3.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015.5 (HKLM-x32\...\PHSP_17_0) (Version: 17.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015.3 (HKLM-x32\...\PPRO_10_3_0) (Version: 10.3.0 - Adobe Systems Incorporated)
Adobe Update Management Tool (HKLM-x32\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 8.0 - PainteR)
Awesomenauts (HKLM\...\Steam App 204300) (Version:  - Ronimo Games)
bomi (HKU\S-1-5-21-2483748350-3972836390-758131696-1001\...\{2fefec53-b756-46db-b1f6-48b8e7e3426f}) (Version: 0.9.11 - xylosper)
Distance (HKLM-x32\...\Steam App 233610) (Version:  - Refract)
Downwell (HKLM-x32\...\Steam App 360740) (Version:  - Moppin)
Dr. Langeskov, The Tiger, and The Terribly Cursed Emerald: A Whirlwind Heist (HKLM-x32\...\Steam App 409160) (Version:  - Crows Crows Crows)
Dr.Green (HKLM-x32\...\Steam App 340290) (Version:  - Johan Aronsson)
Dropbox (HKLM-x32\...\Dropbox) (Version: 4.4.29 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.35 - Dropbox, Inc.) Hidden
Dungeons & Dragons: Chronicles of Mystara (HKLM-x32\...\Steam App 229480) (Version:  - Iron Galaxy Studios)
ESET Smart Security (HKLM\...\{74682D6B-2A0D-4095-902C-BA0BCB496D5D}) (Version: 9.0.318.20 - ESET, spol. s r.o.)
f.lux (HKU\S-1-5-21-2483748350-3972836390-758131696-1001\...\Flux) (Version:  - )
Fallout 4 (HKLM\...\Steam App 377160) (Version:  - Bethesda Game Studios)
FileZilla Client 3.21.0 (HKLM-x32\...\FileZilla Client) (Version: 3.21.0 - Tim Kosse)
First Impression (HKU\S-1-5-21-2483748350-3972836390-758131696-1001\...\FirstImpression) (Version:  - )
foobar2000 v1.3.12 (HKLM-x32\...\foobar2000) (Version: 1.3.12 - Peter Pawlowski)
Forge of Gods (RPG) (HKLM\...\Steam App 461910) (Version:  - Panoramik Inc)
Google Update Helper (x32 Version: 1.3.25.3 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM\...\Steam App 271590) (Version:  - Rockstar North)
Grand Theft Auto V Update (HKLM-x32\...\R3JhbmRUaGVmdEF1dG9W_is1) (Version: 1 - )
GUILD WARS (HKLM-x32\...\Guild Wars) (Version:  - )
Hell Yeah! (HKLM-x32\...\Steam App 205230) (Version:  - Arkedo)
HLSW v1.4.0.5 (HKLM-x32\...\HLSW_is1) (Version:  - Stripf Software)
HostsMan 4.6.103 (HKLM-x32\...\{1A3DD1A9-7B7B-4ECA-AD2F-98466F49F62C}_is1) (Version: 4.6.103.0 - abelhadigital.com)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.4.0.118 - IObit)
Jet Set Radio (HKLM-x32\...\Steam App 205950) (Version:  - Blit Software)
JumpJet Rex (HKLM\...\Steam App 329460) (Version:  - TreeFortress Games)
KeyScrambler (HKLM-x32\...\KeyScrambler) (Version: 3.9.0.3 - QFX Software Corporation)
Kodi (HKU\S-1-5-21-2483748350-3972836390-758131696-1001\...\Kodi) (Version:  - XBMC-Foundation)
Little Racers STREET (HKLM-x32\...\Steam App 262690) (Version:  - Milkstone Studios)
Love (HKLM-x32\...\Steam App 269270) (Version:  - Fred Wood)
Macrium Reflect Workstation Edition (HKLM\...\MacriumReflect) (Version: 6.1 - Paramount Software (UK) Ltd.)
Macrium Reflect Workstation Edition (Version: 6.1.887 - Paramount Software (UK) Ltd.) Hidden
Macrium Reflect Workstation Version 6.1.887 (HKLM-x32\...\{81628F0B-90E2-4B85-BF13-492539C1BD00}_is1) (Version: 6.1.887 - .I. -.- .I.)
Microsoft Office Professional 2016 - de-de (HKLM\...\ProfessionalRetail - de-de) (Version: 16.0.7167.2060 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{E4A1FDA3-689D-44DA-9B39-86BD2270F522}) (Version: 11.2.5058.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{99AC7F47-A4E0-4706-9C65-8948775C2652}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 49.0.1 (x64 de) (HKLM\...\Mozilla Firefox 49.0.1 (x64 de)) (Version: 49.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.1.6109 - Mozilla)
Mozilla Thunderbird 47.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 47.0 (x86 de)) (Version: 47.0 - Mozilla)
MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD)
MSI Kombustor 3.5.1 (HKLM\...\{9598DA62-2AE8-426D-9C86-BEA96AC6721E}_is1) (Version:  - MSI Co., LTD)
Mumble 1.2.16 (HKLM-x32\...\{E938AC6B-A1EB-40C7-8FFE-D4A325C1EA5D}) (Version: 1.2.16 - Thorvald Natvig)
Mumble 1.3.0 (HKLM\...\{88EBAF5D-7A0E-45EB-B919-65E94FE3141A}) (Version: 1.3.0 - The Mumble Developers)
Nexus 15.7 (HKLM-x32\...\Winstep Xtreme_is1) (Version:  - )
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
NVIDIA Grafiktreiber 372.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 372.90 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NVIDIA Update 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.4.0 - NVIDIA Corporation)
Oddworld: Abe's Oddysee (HKLM-x32\...\Steam App 15700) (Version:  - Oddworld Inhabitants)
Office 16 Click-to-Run Extensibility Component (Version: 16.0.7167.2060 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7167.2060 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.7167.2060 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Oracle VM VirtualBox 5.0.0 (HKLM\...\{FCD0B365-2189-45F3-9AF2-2BCED86C121A}) (Version: 5.0.0 - Oracle Corporation)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
photoFXlab (HKLM-x32\...\photoFXlab) (Version: 1.2.10 - Topaz Labs)
Pink Heaven (HKLM-x32\...\Steam App 409690) (Version:  - Studio Pixel)
Pink Hour (HKLM-x32\...\Steam App 409670) (Version:  - Studio Pixel)
Princess Remedy in a World of Hurt (HKLM-x32\...\Steam App 407900) (Version:  - Ludosity)
Prompt (HKLM\...\Steam App 366590) (Version:  - Peter Gutenko)
Python 3.5.1 (64-bit) (HKU\S-1-5-21-2483748350-3972836390-758131696-1001\...\{b8440650-9dbe-4b7d-8167-6e0e3dcdf5d0}) (Version: 3.5.1150.0 - Python Software Foundation)
Python 3.5.1 Core Interpreter (64-bit) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Development Libraries (64-bit) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Documentation (64-bit) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Executables (64-bit) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Launcher (32-bit) (HKLM-x32\...\{EC00AEF9-6544-4FEC-8152-C8949CDDCC85}) (Version: 3.5.150.0 - Python Software Foundation)
Python 3.5.1 pip Bootstrap (64-bit) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Standard Library (64-bit) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Tcl/Tk Support (64-bit) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Test Suite (64-bit) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Utility Scripts (64-bit) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
qBittorrent 3.3.6 (HKLM-x32\...\qBittorrent) (Version: 3.3.6 - The qBittorrent project)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7917 - Realtek Semiconductor Corp.)
Relic Hunters Zero (HKLM-x32\...\Steam App 382490) (Version:  - Rogue Snail)
Rex Rocket (HKLM-x32\...\Steam App 288020) (Version:  - Castle Pixel, LLC.)
RivaTuner Statistics Server 6.4.1 (HKLM-x32\...\RTSS) (Version: 6.4.1 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.9.6 - Rockstar Games)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.9.7 - Samsung Electronics)
Sandboxie 5.12 (64-bit) (HKLM\...\Sandboxie) (Version: 5.12 - Sandboxie Holdings, LLC)
SEGA Genesis & Mega Drive Classics (HKLM-x32\...\Steam App 34270) (Version:  - Sega)
ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 11.3.0 - ShareX Team)
StepMania 5 (HKLM-x32\...\StepMania 5) (Version: 5.0.9 - StepMania)
Team Fortress 2 (HKLM\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Topaz Adjust 5 (HKLM-x32\...\Topaz Adjust 5) (Version: 5.1.0 - Topaz Labs, LLC)
Topaz B&W Effects (HKLM-x32\...\Topaz BW Effects 2) (Version: 2.1.0 - Topaz Labs, LLC)
Topaz Clarity (HKLM-x32\...\Topaz Clarity) (Version: 1.0.0 - Topaz Labs, LLC)
Topaz Clean 3 (HKLM-x32\...\Topaz Clean 3) (Version: 3.1.0 - Topaz Labs, LLC)
Topaz DeJpeg 4 (HKLM-x32\...\Topaz DeJpeg 4) (Version: 4.0.2 - Topaz Labs, LLC)
Topaz DeNoise 6 (HKLM-x32\...\Topaz DeNoise 6) (Version: 6.0.1 - Topaz Labs, LLC)
Topaz Detail 3 (HKLM-x32\...\Topaz Detail 3) (Version: 3.2.0 - Topaz Labs, LLC)
Topaz Fusion Express 2 (HKLM-x32\...\Topaz Fusion Express 2) (Version: 2.1.3 - Topaz Labs, LLC)
Topaz InFocus (HKLM-x32\...\Topaz InFocus) (Version: 1.0.0 - Topaz Labs, LLC)
Topaz Lens Effects (HKLM-x32\...\Topaz Lens Effects) (Version: 1.2.0 - Topaz Labs, LLC)
Topaz ReMask 5 (HKLM-x32\...\Topaz ReMask 5) (Version: 5.0.1 - Topaz Labs, LLC)
Topaz ReStyle (HKLM-x32\...\Topaz ReStyle) (Version: 1.0.0 - Topaz Labs, LLC)
Topaz Simplify 4 (HKLM-x32\...\Topaz Simplify 4) (Version: 4.1.1 - Topaz Labs, LLC)
Topaz Star Effects (HKLM-x32\...\Topaz Star Effects) (Version: 1.1.0 - Topaz Labs, LLC)
TrackMania Nations Forever (HKLM\...\Steam App 11020) (Version:  - Nadeo)
TrackMania² Stadium (HKLM\...\Steam App 232910) (Version:  - Nadeo)
Unreal Development Kit: 2015-01 (HKLM\...\UDK-75782b03-b9b6-433f-b93e-6e94a6283f17) (Version:  - Epic Games, Inc.)
Veeam Endpoint Backup (HKLM\...\{A3F8904A-0B9F-4E78-ACA5-590894D38FEA}) (Version: 1.1.2.119 - Veeam Software AG)
Velocibox (HKLM-x32\...\Steam App 317710) (Version:  - Shawn Beck)
Visual Studio 2010 SP1 Runtime x64 (HKLM\...\{F6305232-7952-4CCE-BDCD-9B2E66591C4A}) (Version: 1.0.0 - Microsoft Corporation)
Visual Studio 2010 SP1 Runtime x86 (HKLM-x32\...\{AEA163A5-BA2F-4E63-9529-DE8606AC82A4}) (Version: 1.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
WebP Codec for Windows 0.19 (HKLM\...\{9D2F4EB8-98AD-4C8B-A0C5-4C114B3F1287}) (Version: 0.19.9 - Google Inc)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2483748350-3972836390-758131696-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-07726D647F07}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0DC649CF-F5D2-492F-8460-5DAC50E055A6} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2016-05-13] (Samsung Electronics.)
Task: {1B313627-4357-49EE-9106-0E3D5D143D19} - System32\Tasks\AdobeAAMUpdater-1.0-ALEX-PC-Alex => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {2280E15D-1C32-4D8C-B6CC-F32785B43E9C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-09-05] (Microsoft Corporation)
Task: {389025AF-1F6A-4789-BC39-40D6DFAB1185} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-09-13] (Dropbox, Inc.)
Task: {3CAE252A-9C84-48B4-8F96-C77EDEE81C31} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-26] (Google Inc.)
Task: {7B85CA3B-DCA2-4D77-908A-8C5649FFFB50} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-09-05] (Microsoft Corporation)
Task: {7F387FF6-7E1D-42F3-905D-039913D8ADE2} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-09-13] (Dropbox, Inc.)
Task: {A927D08B-12D9-40B7-AA74-058BA06FC2E7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-26] (Google Inc.)
Task: {E10D654E-688E-4628-9016-7B8A423A880D} - System32\Tasks\Uninstaller_SkipUac_Alex => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-05-26] (IObit)
Task: {EC68CDC2-72FC-4DCF-8E10-1DAADC4F2266} - System32\Tasks\Macrium-Backup-{F154F2BC-3C8C-49D9-84D5-9ED5DAF0DDAE} => C:\Program Files\Macrium\Reflect\Reflect.exe [2015-10-26] (Paramount Software UK Ltd)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Macrium-Backup-{F154F2BC-3C8C-49D9-84D5-9ED5DAF0DDAE}.job => C:\Program Files\Macrium\Reflect\Reflect.exeg-e -w C:\Users\Alex\Documents\Reflect\Alex Backup.xml
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Alex.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\First Impression\Website.lnk -> hxxp://www.utilhaven.com/

ShortcutWithArgument: C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\62d757ab9d1d0be\FlashPeak Slimjet.lnk -> C:\Users\Alex\Desktop\SlimJet 32\slimjet.exe (FlashPeak Inc.) -> --profile-directory=Default

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-08-09 17:48 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-08-09 17:48 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-12-18 03:23 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-08-09 17:49 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-08-09 17:49 - 2016-07-01 05:49 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2016-08-09 17:48 - 2016-07-01 05:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-08-09 17:48 - 2016-07-01 05:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-08-09 17:48 - 2016-07-01 05:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-08-09 17:48 - 2016-07-01 05:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-07-20 18:29 - 2016-07-20 18:29 - 15855104 _____ () C:\Program Files (x86)\qBittorrent\qbittorrent.exe
2016-05-21 14:04 - 2016-09-24 20:15 - 02485760 _____ () C:\Users\Alex\Desktop\chromium portable\bin\libglesv2.dll
2016-05-21 14:04 - 2016-09-24 20:15 - 00092672 _____ () C:\Users\Alex\Desktop\chromium portable\bin\libegl.dll
2015-08-01 03:18 - 2012-06-08 20:40 - 01086176 _____ () C:\Program Files (x86)\Winstep\wodTelnetDLX.dll
2016-09-08 19:51 - 2016-08-24 04:01 - 01734656 _____ () C:\Users\Alex\Desktop\SlimJet 32\libglesv2.dll
2016-09-08 19:51 - 2016-08-24 04:01 - 00080384 _____ () C:\Users\Alex\Desktop\SlimJet 32\libegl.dll
2016-04-04 09:42 - 2016-04-04 09:42 - 00095696 _____ () C:\Program Files (x86)\foobar2000\zlib1.dll
2016-09-16 12:41 - 2016-09-16 12:41 - 00156160 _____ () C:\Program Files (x86)\foobar2000\shared.dll
2016-03-30 13:45 - 2016-03-30 13:45 - 00307200 _____ () C:\Program Files (x86)\foobar2000\components\foo_freedb2.dll
2016-09-16 12:42 - 2016-09-16 12:42 - 00309760 _____ () C:\Program Files (x86)\foobar2000\components\foo_cdda.dll
2016-09-16 12:42 - 2016-09-16 12:42 - 00276480 _____ () C:\Program Files (x86)\foobar2000\components\foo_unpack.dll
2016-09-16 12:42 - 2016-09-16 12:42 - 00296448 _____ () C:\Program Files (x86)\foobar2000\components\foo_fileops.dll
2016-09-16 12:42 - 2016-09-16 12:42 - 00536576 _____ () C:\Program Files (x86)\foobar2000\components\foo_converter.dll
2016-09-16 12:43 - 2016-09-16 12:43 - 01423360 _____ () C:\Program Files (x86)\foobar2000\components\foo_input_std.dll
2016-03-30 13:44 - 2016-03-30 13:44 - 00375296 _____ () C:\Program Files (x86)\foobar2000\components\foo_rgscan.dll
2016-09-16 12:43 - 2016-09-16 12:43 - 00205312 _____ () C:\Program Files (x86)\foobar2000\components\foo_dsp_eq.dll
2016-09-16 12:43 - 2016-09-16 12:43 - 01083392 _____ () C:\Program Files (x86)\foobar2000\components\foo_ui_std.dll
2016-09-16 12:43 - 2016-09-16 12:43 - 00250880 _____ () C:\Program Files (x86)\foobar2000\components\foo_dsp_std.dll
2016-03-30 13:46 - 2016-03-30 13:46 - 00356352 _____ () C:\Program Files (x86)\foobar2000\components\foo_albumlist.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PAexec => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\S-1-5-21-2483748350-3972836390-758131696-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2483748350-3972836390-758131696-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2483748350-3972836390-758131696-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2483748350-3972836390-758131696-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2483748350-3972836390-758131696-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2483748350-3972836390-758131696-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2483748350-3972836390-758131696-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2483748350-3972836390-758131696-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2483748350-3972836390-758131696-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2483748350-3972836390-758131696-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2483748350-3972836390-758131696-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2483748350-3972836390-758131696-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2483748350-3972836390-758131696-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2483748350-3972836390-758131696-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2483748350-3972836390-758131696-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2483748350-3972836390-758131696-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2483748350-3972836390-758131696-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-2483748350-3972836390-758131696-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-2483748350-3972836390-758131696-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-2483748350-3972836390-758131696-1001\...\100sexlinks.com -> 100sexlinks.com

Da befinden sich 4788 mehr Seiten.


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-10-03 11:35 - 2016-10-03 11:35 - 02485677 ____A C:\WINDOWS\system32\Drivers\etc\hosts

0.0.0.0 localhost
0.0.0.0 137.116.81.24
0.0.0.0 204.79.197.200
0.0.0.0 23.218.212.69
0.0.0.0 65.39.117.230
0.0.0.0 65.55.108.23
0.0.0.0 a-0001.a-msedge.net
0.0.0.0 a-0002.a-msedge.net
0.0.0.0 a-0003.a-msedge.net
0.0.0.0 a-0004.a-msedge.net
0.0.0.0 a-0005.a-msedge.net
0.0.0.0 a-0006.a-msedge.net
0.0.0.0 a-0007.a-msedge.net
0.0.0.0 a-0008.a-msedge.net
0.0.0.0 a-0009.a-msedge.net
0.0.0.0 a-msedge.net
0.0.0.0 ac3.msn.com
0.0.0.0 adnexus.net
0.0.0.0 apps.skype.com
0.0.0.0 az361816.vo.msecnd.net
0.0.0.0 az512334.vo.msecnd.net
0.0.0.0 bingads.microsoft.com
0.0.0.0 ca.telemetry.microsoft.com
0.0.0.0 cache.datamart.windows.com
0.0.0.0 cds26.ams9.msecn.net
0.0.0.0 choice.microsoft.com.nsatc.net
0.0.0.0 clients2.google.com
0.0.0.0 compatexchange.cloudapp.net
0.0.0.0 corp.sts.microsoft.com
0.0.0.0 cs1.wpc.v0cdn.net

Da befinden sich 69005 zusätzliche Einträge.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2483748350-3972836390-758131696-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Alex\Desktop\1470770154987.jpg
DNS Servers: 192.168.0.1 - 192.168.0.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupreg: Adobe Creative Cloud => "c:\program files (x86)\adobe\adobe creative cloud\acc\creative cloud.exe" --showwindow=false --onosstartup=true
MSCONFIG\startupreg: Dropbox => "c:\program files (x86)\dropbox\client\dropbox.exe" /systemstartup
MSCONFIG\startupreg: OneDrive.exe => "C:\Users\Alex\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Veeam.EndPoint.Tray.exe"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run32: => "vmware-tray.exe"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "CAM"
HKU\S-1-5-21-2483748350-3972836390-758131696-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2483748350-3972836390-758131696-1001\...\StartupApproved\Run: => "Advanced SystemCare 8"
HKU\S-1-5-21-2483748350-3972836390-758131696-1001\...\StartupApproved\Run: => "BlueStacks Agent"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{6490AEF9-4A9D-47E2-B7FA-9F9858A9308D}] => (Allow) E:\Games\Steam\SteamApps\common\Pink Hour\PinkHour.exe
FirewallRules: [{36080946-29D0-499C-ACD9-868F5191EB97}] => (Allow) E:\Games\Steam\SteamApps\common\Pink Hour\PinkHour.exe
FirewallRules: [{FCC2AF5F-50BA-4757-B1F4-847FA4FDA362}] => (Allow) D:\games\steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{F7C89466-F676-40C6-80C0-D64491762BE0}] => (Allow) D:\games\steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{7EF8AB58-69D8-4967-98F6-7C0E45C96CFE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3DBBB961-2180-42C0-B46D-FEFD7E685A53}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{0D1C8958-0092-4268-8D9C-62400608E233}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\VeeamDeploymentSvc.exe
FirewallRules: [{35250DC3-EEE0-4186-A7E5-8B027C39E648}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\VeeamDeploymentSvc.exe
FirewallRules: [{B92E938D-B1FF-4886-AA0E-5F751217457D}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x86\VeeamAgent.exe
FirewallRules: [{AD6B82EE-8526-4CF7-B19B-03112641167D}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x86\VeeamAgent.exe
FirewallRules: [{0D1352AC-58A7-45AC-8C77-6619AEDD306C}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x64\VeeamAgent.exe
FirewallRules: [{E29F9070-804E-4A11-837D-ECCFFC50170E}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x64\VeeamAgent.exe
FirewallRules: [{89AC490D-F783-4BC6-9E66-CC1E8DD7307A}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe
FirewallRules: [{95F8D76F-1C4D-4B8C-BA29-2B845BA5475E}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe
FirewallRules: [{FD64343E-ACBF-4201-80EC-2AA548AB807F}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Recovery.exe
FirewallRules: [{D9F4495E-5650-45B2-BE3D-5631D726107D}] => (Allow) E:\Games\Steam\SteamApps\common\Volgarr\Volgarr.exe
FirewallRules: [{56C9A3AD-CE36-47A8-A5C3-1464F8E017C3}] => (Allow) E:\Games\Steam\SteamApps\common\Volgarr\Volgarr.exe
FirewallRules: [{E932C988-8F86-4917-9568-44BBE70BFFC0}] => (Allow) E:\Games\Steam\SteamApps\common\Natural Selection 2\ns2.exe
FirewallRules: [{6E6B076F-733D-4C27-8EF4-6301F84E2284}] => (Allow) E:\Games\Steam\SteamApps\common\Natural Selection 2\ns2.exe
FirewallRules: [{FFFBCEFD-5784-4CE1-8B39-18B99B9BFAFD}] => (Allow) E:\Games\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{459E6354-8144-4D35-86AA-3D57ED8B15D9}] => (Allow) E:\Games\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{45E25BAF-5663-4085-8F85-63466DF72CA1}] => (Allow) E:\Games\Steam\SteamApps\common\Synergy\hl2.exe
FirewallRules: [{54F7D824-FE3D-49CE-BC9B-B9CA1EC96A2B}] => (Allow) E:\Games\Steam\SteamApps\common\Synergy\hl2.exe
FirewallRules: [{B91FF26E-A56A-4398-8BD0-56CCF6E9D1A8}] => (Allow) E:\Games\Steam\SteamApps\common\Oddworld Abes Oddysee\AbeWin.exe
FirewallRules: [{99151908-B97F-48D6-82A0-DF8A134D9A90}] => (Allow) E:\Games\Steam\SteamApps\common\Oddworld Abes Oddysee\AbeWin.exe
FirewallRules: [{CC376E11-CD19-46BA-B13D-57A8B31E95A4}] => (Allow) E:\Games\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{84F08A49-C529-4655-A084-0619D8BB4FD0}] => (Allow) E:\Games\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{A5F4D614-00B8-4890-A2C8-3A1C389E4356}] => (Allow) E:\Games\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{E2BAD689-C9E8-4573-9ABA-6DE8B7F26B2A}] => (Allow) E:\Games\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{829F7038-0921-488A-AF1F-C61DD9D3EFF8}] => (Allow) E:\Games\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{A222B4EE-399F-4722-B472-0F67732B345E}] => (Allow) E:\Games\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{CCA45BFE-2782-4973-9CA1-7D3A3689CB90}] => (Allow) E:\Games\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{33256C9C-472B-4278-8479-D0ED6705F80B}] => (Allow) E:\Games\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{0450CEE7-34CC-44F9-9AF3-467D24B82464}] => (Allow) E:\Games\Steam\SteamApps\common\Portal Stories Mel\portal2.exe
FirewallRules: [{05A1EBCD-3369-41EF-8553-E22F063BC65A}] => (Allow) E:\Games\Steam\SteamApps\common\Portal Stories Mel\portal2.exe
FirewallRules: [{BD70BDAB-F4DD-4474-8D79-4FEFEE91C348}] => (Allow) E:\Games\Steam\SteamApps\common\Relic Hunters Zero\RelicHuntersZero.exe
FirewallRules: [{EA9B0B4E-52F7-4476-A658-0CE147A5B898}] => (Allow) E:\Games\Steam\SteamApps\common\Relic Hunters Zero\RelicHuntersZero.exe
FirewallRules: [{D2BABB2B-822A-4F76-A007-DBECBADB10B3}] => (Allow) LPort=53
FirewallRules: [{3B29DEAB-6A0A-4AA9-8AD4-E28AC315E5BD}] => (Allow) E:\Games\Steam\Steam.exe
FirewallRules: [{1505B97F-1445-417C-9BD6-056C466228D6}] => (Allow) E:\Games\Steam\Steam.exe
FirewallRules: [{7AD415DE-53F7-4644-9CDF-DA49697AD589}] => (Allow) E:\Games\Steam\bin\steamwebhelper.exe
FirewallRules: [{0C9ADF8A-3C3A-4AC7-9A65-27E575F18B05}] => (Allow) E:\Games\Steam\bin\steamwebhelper.exe
FirewallRules: [{15255779-C812-43D8-B45F-BFE79BEA5DB6}] => (Allow) E:\Games\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{10F47697-79B3-46DE-861A-E11CF8AA3676}] => (Allow) E:\Games\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{60FBE34D-98A4-4320-B22E-C66A6B89B335}] => (Allow) E:\Games\Steam\SteamApps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{A60C2001-595F-41B4-98AA-395E11C2B195}] => (Allow) E:\Games\Steam\SteamApps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{A30760A1-FD70-4983-9201-966BCEBE2879}] => (Allow) E:\Games\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{54AD116D-03B7-4D81-878C-04A4EA5A6EC9}] => (Allow) E:\Games\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{DF7A7990-3116-45BC-AD13-8D721839D540}] => (Allow) E:\Games\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{899646CF-715B-491D-A3E1-A0123D511C09}] => (Allow) E:\Games\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{0D1EDF0A-DBB6-40EF-A78E-FF07B9C86D2A}] => (Allow) E:\Games\Steam\SteamApps\common\Fistful of Frags\sdk\hl2.exe
FirewallRules: [{57A61628-6E25-43F9-B4AE-C2BD28BEFBD5}] => (Allow) E:\Games\Steam\SteamApps\common\Fistful of Frags\sdk\hl2.exe
FirewallRules: [{9712E555-B5B0-4E64-9ECB-C8D981CC8F59}] => (Allow) E:\Games\Steam\SteamApps\common\Thinking with Time Machine\portal2.exe
FirewallRules: [{95AFCD82-3509-43DB-B524-4377C86E9246}] => (Allow) E:\Games\Steam\SteamApps\common\Thinking with Time Machine\portal2.exe
FirewallRules: [{4452CABE-AF18-4BD7-8B6D-F0FADD2C89E7}] => (Allow) E:\Games\Steam\SteamApps\common\Thinking with Time Machine\bin\SDKLauncher.exe
FirewallRules: [{384EDE21-9931-46A0-931A-014D79AD0FF2}] => (Allow) E:\Games\Steam\SteamApps\common\Thinking with Time Machine\bin\SDKLauncher.exe
FirewallRules: [TCP Query User{12E88E80-965F-4A59-A353-699D09345D45}C:\users\alex\desktop\sdi_r401\sdi_x64_r420.exe] => (Allow) C:\users\alex\desktop\sdi_r401\sdi_x64_r420.exe
FirewallRules: [UDP Query User{1EE0B32E-5125-4ACC-B236-77D5B9826BAE}C:\users\alex\desktop\sdi_r401\sdi_x64_r420.exe] => (Allow) C:\users\alex\desktop\sdi_r401\sdi_x64_r420.exe
FirewallRules: [TCP Query User{7848D393-4DF3-4F72-A7CC-CD279695B34F}C:\users\alex\desktop\snappy driver installer\sdi_x64_r420.exe] => (Allow) C:\users\alex\desktop\snappy driver installer\sdi_x64_r420.exe
FirewallRules: [UDP Query User{9583E9DB-5039-4C4C-9AF0-A6D839E12F30}C:\users\alex\desktop\snappy driver installer\sdi_x64_r420.exe] => (Allow) C:\users\alex\desktop\snappy driver installer\sdi_x64_r420.exe
FirewallRules: [TCP Query User{AA0581B4-0C19-438F-AEE6-717E70E2FC9D}E:\games\steam\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) E:\games\steam\steamapps\common\awesomenauts\awesomenauts.exe
FirewallRules: [UDP Query User{EB809BC4-49B1-4357-B390-470ED1BFC032}E:\games\steam\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) E:\games\steam\steamapps\common\awesomenauts\awesomenauts.exe
FirewallRules: [{5E068214-47ED-4C00-8256-F3D5A81DD9BE}] => (Allow) E:\Games\Steam\SteamApps\common\Rex Rocket\Rex Rocket.exe
FirewallRules: [{6E723DA7-F1E2-4DA2-8B11-116E0902103B}] => (Allow) E:\Games\Steam\SteamApps\common\Rex Rocket\Rex Rocket.exe
FirewallRules: [{D6E87DE4-8688-4DD6-A838-21FEC972A185}] => (Allow) E:\Games\Steam\SteamApps\common\Pink Heaven\PinkHeaven.exe
FirewallRules: [{8B4F7A06-99B1-4C4F-B110-C1ABD010B604}] => (Allow) E:\Games\Steam\SteamApps\common\Pink Heaven\PinkHeaven.exe
FirewallRules: [{7B48B7D1-068A-40ED-BE2E-723ACCDC1A87}] => (Allow) E:\Games\Steam\SteamApps\common\Dr.Green\Dr.Green.exe
FirewallRules: [{B87D5E16-1467-48BF-AD43-D1B27383518C}] => (Allow) E:\Games\Steam\SteamApps\common\Dr.Green\Dr.Green.exe
FirewallRules: [{3314210D-15EB-45BA-AE74-FF5E4289A0E7}] => (Allow) E:\Games\Steam\SteamApps\common\Little Racers STREET\LittleRacersStreet.exe
FirewallRules: [{0F652822-1220-45AC-89AE-09948C21E9D8}] => (Allow) E:\Games\Steam\SteamApps\common\Little Racers STREET\LittleRacersStreet.exe
FirewallRules: [{8C6BE836-B5C3-4A55-980B-3C1182979BF2}] => (Allow) E:\Games\Steam\SteamApps\common\Dr Langeskov, The Tiger, and The Terribly Cursed Emerald A Whirlwind Heist\DrLangeskov.exe
FirewallRules: [{3E7A1ED5-3D50-4274-9B31-B45F2A56747C}] => (Allow) E:\Games\Steam\SteamApps\common\Dr Langeskov, The Tiger, and The Terribly Cursed Emerald A Whirlwind Heist\DrLangeskov.exe
FirewallRules: [TCP Query User{B4D6610B-3996-4F23-8BF5-683E46530658}C:\users\alex\desktop\snappy driver installer\sdi_x64_r423.exe] => (Allow) C:\users\alex\desktop\snappy driver installer\sdi_x64_r423.exe
FirewallRules: [UDP Query User{CC3AD0CD-C8FB-4165-B443-13EC0BBB766A}C:\users\alex\desktop\snappy driver installer\sdi_x64_r423.exe] => (Allow) C:\users\alex\desktop\snappy driver installer\sdi_x64_r423.exe
FirewallRules: [{ED1661D4-3134-4EFE-97DC-CE84408BFB0E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{47E3296E-0B28-471D-8498-3A29FFAE4F1D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{91E874FC-4E99-4AC9-9EF4-740682373C60}] => (Allow) E:\Games\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{B232E165-125B-44F4-8D90-7B445260E8F8}] => (Allow) E:\Games\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [TCP Query User{BE257AC2-8B59-4429-85C1-3A6218159F80}C:\program files (x86)\hlsw\hlsw.exe] => (Allow) C:\program files (x86)\hlsw\hlsw.exe
FirewallRules: [UDP Query User{D29F03C2-FF70-42F8-AAB4-1523ABA76350}C:\program files (x86)\hlsw\hlsw.exe] => (Allow) C:\program files (x86)\hlsw\hlsw.exe
FirewallRules: [{19F3B0A6-5006-4791-B774-2C67D763125A}] => (Allow) E:\Games\Steam\SteamApps\common\Velocibox\Velocibox.exe
FirewallRules: [{CA6AF4D4-A461-42AA-8182-46B881B51460}] => (Allow) E:\Games\Steam\SteamApps\common\Velocibox\Velocibox.exe
FirewallRules: [{0244A05A-D90F-46CD-9C66-14918DDDE770}] => (Allow) E:\Games\Steam\SteamApps\common\Dungeons & Dragons HD\ManaGame.exe
FirewallRules: [{8B4D1D0A-23EA-466E-9D1C-FC1F258C596C}] => (Allow) E:\Games\Steam\SteamApps\common\Dungeons & Dragons HD\ManaGame.exe
FirewallRules: [{E1C92109-A2B5-4478-A995-D69E4BE6B148}] => (Allow) LPort=53
FirewallRules: [{844ECD56-25E7-4789-B517-585A7E69A78A}] => (Allow) C:\PROGRA~2\netis\USB Wireless LAN Utility\RtWlan.exe
FirewallRules: [{D936315D-A8A2-4D1A-BFF8-434F6FF1E4A8}] => (Allow) LPort=1542
FirewallRules: [{E6A9F87F-1EB1-48BD-B895-7AD56801EC78}] => (Allow) LPort=1542
FirewallRules: [{8785EE22-1E8F-4BAB-A833-33727DE65D4F}] => (Allow) LPort=53
FirewallRules: [{C0609653-B60A-4109-8253-78315C3CC5D4}] => (Allow) C:\PROGRA~2\netis\USB Wireless LAN Utility\Rtldhcp.exe
FirewallRules: [{C24D3C84-A200-4E57-859D-E85E1505AA34}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe
FirewallRules: [{0950C022-519A-4E2A-91BE-8FCBCED85E62}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe
FirewallRules: [{4E4F91FF-FC83-4A2C-9595-0922DD2A18AA}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe
FirewallRules: [{88761B9A-179A-4295-80A1-516EABEAEA08}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe
FirewallRules: [{B5250A9D-4BC7-4AF7-BB5E-DF0A18AC027C}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe
FirewallRules: [{81C476A3-48DE-4794-BE89-8A668ECC4762}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe
FirewallRules: [{8F3BCCF8-7DA6-46BE-9582-68A785A22C10}] => (Allow) E:\Games\Steam\SteamApps\common\Distance\Distance.exe
FirewallRules: [{0F2349FE-F070-4EA4-AAB4-47CE808C5249}] => (Allow) E:\Games\Steam\SteamApps\common\Distance\Distance.exe
FirewallRules: [{3F425BD1-F682-457A-9739-3E2C08689ADA}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{88757D6A-DD8E-40BA-83B2-101E2FB1C451}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{70332F43-50CE-420A-8AB8-70A8AB242A92}] => (Block) C:\Windows\explorer.exe
FirewallRules: [{7E137DA9-1F7D-435F-B8E9-2683EADD3A3F}] => (Allow) E:\Games\Steam\SteamApps\common\Love\Love.exe
FirewallRules: [{87375281-6223-4440-B13E-E7DF8D34C995}] => (Allow) E:\Games\Steam\SteamApps\common\Love\Love.exe
FirewallRules: [{EB596C1A-0E92-4165-9C59-75FA11C206B3}] => (Allow) E:\Games\Steam\SteamApps\common\Princess Remedy\remedy_gm7.exe
FirewallRules: [{149D4020-9CA0-4A90-B394-6ABA23E90E31}] => (Allow) E:\Games\Steam\SteamApps\common\Princess Remedy\remedy_gm7.exe
FirewallRules: [{BF125CB7-2C55-4076-B4A5-F248D8B48BD3}] => (Allow) E:\Games\Steam\SteamApps\common\Princess Remedy\remedy_gm5.exe
FirewallRules: [{C50946A9-0FED-403E-AF9F-FD34879AE3FF}] => (Allow) E:\Games\Steam\SteamApps\common\Princess Remedy\remedy_gm5.exe
FirewallRules: [{5CA9E828-2000-4EA7-B3D3-5D60A66040EE}] => (Allow) E:\Games\Steam\SteamApps\common\Downwell\Downwell.exe
FirewallRules: [{3015C0CA-9548-4274-AD5B-6191E06AA459}] => (Allow) E:\Games\Steam\SteamApps\common\Downwell\Downwell.exe
FirewallRules: [{8B286336-EB78-4853-95B5-B8DA7CB4B61A}] => (Allow) E:\Games\Steam\SteamApps\common\Abomination Tower\AbominationTower.exe
FirewallRules: [{FE0AD0ED-5BF9-4C6B-8B2D-689CD10EA9CF}] => (Allow) E:\Games\Steam\SteamApps\common\Abomination Tower\AbominationTower.exe
FirewallRules: [{7F50CF65-6329-4F48-B9D4-C902FC26FD1B}] => (Allow) E:\Games\Steam\SteamApps\common\1001 Spikes\1001 Spikes.exe
FirewallRules: [{DA305839-293E-49AA-BD73-62F33EB53E45}] => (Allow) E:\Games\Steam\SteamApps\common\1001 Spikes\1001 Spikes.exe
FirewallRules: [{7516F700-B23B-4268-B9A5-25C6D1D07124}] => (Allow) E:\Games\Steam\SteamApps\common\Sega Classics\SEGAGenesisClassics.exe
FirewallRules: [{4F20D257-3BA1-45B6-935B-B3F8B3F97AEF}] => (Allow) E:\Games\Steam\SteamApps\common\Sega Classics\SEGAGenesisClassics.exe
FirewallRules: [{7498DFA9-7A8E-4E05-8134-D89B4CD238A7}] => (Allow) E:\Games\Steam\SteamApps\common\Hell Yeah\HELLYEAH.exe
FirewallRules: [{CD11ED13-801B-43C3-8A9E-0853AC4C9BC2}] => (Allow) E:\Games\Steam\SteamApps\common\Hell Yeah\HELLYEAH.exe
FirewallRules: [{806DD2CF-C5AD-4C13-900D-E360A68738C5}] => (Allow) E:\Games\Steam\SteamApps\common\Jet Set Radio\jsrsetup.exe
FirewallRules: [{65B55875-D4D4-4790-B282-92C6B431468A}] => (Allow) E:\Games\Steam\SteamApps\common\Jet Set Radio\jsrsetup.exe
FirewallRules: [{3E15E3A9-E872-4D53-93DF-54E8564564B7}] => (Allow) E:\Games\Steam\SteamApps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{EC67EBAB-4AA3-43A3-804E-3DCDE1E7A563}] => (Allow) E:\Games\Steam\SteamApps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{B4FC6430-43D4-4222-86A7-9979B3890A37}] => (Allow) E:\Games\Steam\SteamApps\common\ManiaPlanet_TMStadium\ManiaPlanetLauncher.exe
FirewallRules: [{00B44047-8A17-4287-9683-64519CAA0609}] => (Allow) E:\Games\Steam\SteamApps\common\ManiaPlanet_TMStadium\ManiaPlanetLauncher.exe
FirewallRules: [{F29C8414-A781-4DA5-86D8-206A795EE376}] => (Allow) E:\Games\Steam\SteamApps\common\ManiaPlanet_TMStadium\ManiaPlanet.exe
FirewallRules: [{785007B9-732F-40AC-BD5B-97167A5115C6}] => (Allow) E:\Games\Steam\SteamApps\common\ManiaPlanet_TMStadium\ManiaPlanet.exe
FirewallRules: [{E922666A-F124-4908-8C0D-DD61ED11CAD6}] => (Allow) LPort=9143
FirewallRules: [{015095E1-5B39-4FA6-A13C-6EF80998E5F5}] => (Allow) LPort=2333
FirewallRules: [TCP Query User{D8239C8E-1C1F-41A5-9DCF-46CC43B8AE19}C:\program files (x86)\hlsw\hlsw.exe] => (Block) C:\program files (x86)\hlsw\hlsw.exe
FirewallRules: [UDP Query User{75B08C4F-FD48-46DD-A080-2AEB46259A29}C:\program files (x86)\hlsw\hlsw.exe] => (Block) C:\program files (x86)\hlsw\hlsw.exe
FirewallRules: [TCP Query User{8F9C6281-F13F-456C-9215-06059F7C4C35}E:\games\steam\steamapps\common\awesomenauts\awesomenauts.exe] => (Block) E:\games\steam\steamapps\common\awesomenauts\awesomenauts.exe
FirewallRules: [UDP Query User{97D6ED01-32F6-4E50-B1BE-629064897409}E:\games\steam\steamapps\common\awesomenauts\awesomenauts.exe] => (Block) E:\games\steam\steamapps\common\awesomenauts\awesomenauts.exe
FirewallRules: [TCP Query User{A70DECAB-9D3E-48D2-AA86-673C7F392A31}E:\programme\portableapps\snappy driver installer\sdi_x64_r439.exe] => (Block) E:\programme\portableapps\snappy driver installer\sdi_x64_r439.exe
FirewallRules: [UDP Query User{3C74DC4E-E571-43F9-A6AC-75D5EA3DFDE5}E:\programme\portableapps\snappy driver installer\sdi_x64_r439.exe] => (Block) E:\programme\portableapps\snappy driver installer\sdi_x64_r439.exe
FirewallRules: [{A2ACC95A-9B0D-4177-84A0-DA399E912BE1}] => (Allow) E:\Games\Steam\SteamApps\common\Sega Classics\SEGAGameRoom.exe
FirewallRules: [{F243A061-4336-4482-8735-4F36397BC4B7}] => (Allow) E:\Games\Steam\SteamApps\common\Sega Classics\SEGAGameRoom.exe
FirewallRules: [{D2864D49-23B5-470B-8875-94893D5A1E06}] => (Allow) E:\Games\Steam\SteamApps\common\Risk of Rain\Risk of Rain.exe
FirewallRules: [{D29C36F5-1D92-4FE3-A6C6-2073B1E1D862}] => (Allow) E:\Games\Steam\SteamApps\common\Risk of Rain\Risk of Rain.exe
FirewallRules: [{7BC4E624-4786-445C-88D6-7DB65A8EF6F2}] => (Allow) E:\Games\Steam\SteamApps\common\JumpJetRex\JumpJetRex.exe
FirewallRules: [{90EE7560-F578-4420-B747-6E3344D2B311}] => (Allow) E:\Games\Steam\SteamApps\common\JumpJetRex\JumpJetRex.exe
FirewallRules: [{2E7F38CE-98D6-4A52-AB79-8717F3D78AF8}] => (Allow) E:\Games\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{05275F9D-9714-4399-87B1-B2C9C83B04F7}] => (Allow) E:\Games\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{328EDFEC-FB0C-4D95-96EF-6F90CC78632B}] => (Allow) E:\Games\Steam\SteamApps\common\Coin Crypt\PC\CoinCrypt-win.exe
FirewallRules: [{DDCF42D9-02D7-4817-873C-C79928C5F459}] => (Allow) E:\Games\Steam\SteamApps\common\Coin Crypt\PC\CoinCrypt-win.exe
FirewallRules: [{584BFE2D-04B7-4EC4-B8C1-4DE7AFB06550}] => (Allow) E:\Games\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{C210E2CD-3DA5-4021-BF7B-340EB7F1EC54}] => (Allow) E:\Games\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{3A27B2CA-8EFE-4D5E-A8C5-1A5423559BA8}] => (Allow) E:\Games\Steam\SteamApps\common\Absolute Drift\AbsoluteDrift.exe
FirewallRules: [{A0A548A8-2347-483A-B526-F961E15602CE}] => (Allow) E:\Games\Steam\SteamApps\common\Absolute Drift\AbsoluteDrift.exe
FirewallRules: [{B54B6A0E-DD45-4DFE-8B10-EA0D6EAE5DC6}] => (Allow) E:\Games\Steam\SteamApps\common\Forge of Gods (RPG)\fog.exe
FirewallRules: [{437BB7A5-467C-4062-A74B-DEEF7D4FAA13}] => (Allow) E:\Games\Steam\SteamApps\common\Forge of Gods (RPG)\fog.exe
FirewallRules: [{1DA51694-BFA7-40DB-8EEA-249B291EE38C}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{39E4A211-5410-44AB-A210-0B60EDCC8A5F}] => (Allow) E:\Games\Steam\SteamApps\common\Prompt\Prompt.exe
FirewallRules: [{482C6A35-3D4F-4494-A612-EC0A099EC688}] => (Allow) E:\Games\Steam\SteamApps\common\Prompt\Prompt.exe
FirewallRules: [{28CE0834-9D43-4E2A-A712-293C46220376}] => (Allow) E:\Games\Steam\SteamApps\common\TrackMania Nations Forever\TmForever.exe
FirewallRules: [{FA0EAC93-07DA-4CC2-82C4-D5AA88EFD321}] => (Allow) E:\Games\Steam\SteamApps\common\TrackMania Nations Forever\TmForever.exe
FirewallRules: [{9507981B-9A61-42B6-B637-6945DA99DB45}] => (Allow) E:\Games\Steam\SteamApps\common\TrackMania Nations Forever\TmForeverLauncher.exe
FirewallRules: [{58A56C7C-849A-4738-9466-06ED7E44F973}] => (Allow) E:\Games\Steam\SteamApps\common\TrackMania Nations Forever\TmForeverLauncher.exe
FirewallRules: [{581F9AF4-E9E8-4416-A5CE-03778DD39C46}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{89C0D9EA-2C2C-4B84-A951-949226921E12}] => (Allow) E:\Games\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{1CED7354-F562-4E89-AFC1-C7937D12B2CD}] => (Allow) E:\Games\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{A5C8467A-E3AB-4B78-8370-3B1555BBECEC}] => (Allow) E:\Games\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{BF69DEA0-0B9A-4F25-B492-0F0C5E976C97}] => (Allow) E:\Games\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{85ED2473-5897-4778-ADC5-5B165E38E3FC}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{F8140A37-E25D-45A8-AE93-31D79EE20DD3}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{996C46F7-5990-447B-A0E8-0F9ED2307F6A}] => (Allow) E:\Games\Steam\SteamApps\common\Starbound\win32\mod_uploader.exe
FirewallRules: [{AC5A548B-59F5-40E3-AC04-B91DFCD4C45F}] => (Allow) E:\Games\Steam\SteamApps\common\Starbound\win32\mod_uploader.exe
FirewallRules: [{A513E2D1-4364-4FD3-B3DA-51A27E743E71}] => (Allow) E:\Games\Steam\SteamApps\common\FEZ\FEZ.exe
FirewallRules: [{B9A84720-7F3E-47FC-B8A7-FAB8CA40821F}] => (Allow) E:\Games\Steam\SteamApps\common\FEZ\FEZ.exe
FirewallRules: [{ED540DC7-6AF4-4CE2-919D-5A6293A6D391}] => (Allow) E:\Games\Steam\SteamApps\common\TOXIKK\Binaries\ToxikkLauncher.exe
FirewallRules: [{FA009468-E19E-45DE-9A6B-F4F3AAF940F4}] => (Allow) E:\Games\Steam\SteamApps\common\TOXIKK\Binaries\ToxikkLauncher.exe
FirewallRules: [{66F99389-DDE8-46E5-88EE-187B4D79BD3E}] => (Allow) E:\Games\Steam\SteamApps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{275E35C2-B9CF-4E86-9659-3088988BE2C3}] => (Allow) E:\Games\Steam\SteamApps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{19F366FB-EE7E-4C6C-BAC2-7F924F8882BF}] => (Allow) E:\Games\Steam\SteamApps\common\Starbound\win64\starbound.exe
FirewallRules: [{190C2216-9EBF-4B8C-9A6A-FC75C648844C}] => (Allow) E:\Games\Steam\SteamApps\common\Starbound\win64\starbound.exe
FirewallRules: [{5E200001-E65F-4F96-A8B1-067457283004}] => (Allow) E:\Games\Steam\SteamApps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{62EF1270-4952-4C07-91CA-20ED78430BC0}] => (Allow) E:\Games\Steam\SteamApps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{D6756D7E-67DC-475D-A436-A33B29A44180}] => (Allow) E:\Games\Steam\SteamApps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{1130222E-B10A-406D-A0EE-3B8753207FE9}] => (Allow) E:\Games\Steam\SteamApps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{77540BD8-E7A9-4B71-B1D8-76196B0A6703}] => (Allow) E:\Games\Steam\SteamApps\common\Starbound\win32\starbound.exe
FirewallRules: [{93605871-5B91-407F-9313-915B1AE6B224}] => (Allow) E:\Games\Steam\SteamApps\common\Starbound\win32\starbound.exe
FirewallRules: [{240D8B3F-17BA-41AC-AC6A-2816679CD46B}] => (Allow) E:\Games\Steam\SteamApps\common\Awesomenauts\Beta\AwesomenautsLauncher.exe
FirewallRules: [{3E45C846-D231-4F46-ADDD-E880D2F252A4}] => (Allow) E:\Games\Steam\SteamApps\common\Awesomenauts\Beta\AwesomenautsLauncher.exe

==================== Wiederherstellungspunkte =========================

03-10-2016 12:29:22 Windows Modules Installer

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (10/03/2016 12:07:57 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst ".NETFramework" in der DLL "C:\WINDOWS\system32\mscoree.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (10/03/2016 11:45:36 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm egui.exe, Version 9.0.395.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 11fc

Startzeit: 01d21d5acc9b0dea

Beendigungszeit: 4294967295

Anwendungspfad: C:\Program Files\ESET\ESET Smart Security\egui.exe

Berichts-ID: 1cfe6c4c-894e-11e6-9cfb-068d38ab59cf

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (10/03/2016 11:44:22 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 49.0.1.6109 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 25b8

Startzeit: 01d21d4db309890e

Beendigungszeit: 4294967295

Anwendungspfad: C:\Program Files\Mozilla Firefox\firefox.exe

Berichts-ID: f58da541-894d-11e6-9cfa-d0509910ed48

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (10/02/2016 08:06:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (10/02/2016 08:02:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (10/02/2016 02:58:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Love.exe, Version: 1.0.0.5, Zeitstempel: 0x56cdc38d
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x2534
Startzeit der fehlerhaften Anwendung: 0x01d21ca7a50407c7
Pfad der fehlerhaften Anwendung: E:\Games\Steam\steamapps\common\Love\Love.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 3a61679e-9d22-4f91-a0b7-fd6ef84fb9d6
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (10/02/2016 12:31:37 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (09/28/2016 04:58:58 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (09/25/2016 10:34:23 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ALEX-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024865. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/25/2016 10:34:23 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ALEX-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (10/03/2016 01:05:11 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Dnscache erreicht.

Error: (10/03/2016 01:04:23 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Dnscache erreicht.

Error: (10/03/2016 01:03:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Realtek DHCP Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (10/03/2016 12:35:12 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Dnscache erreicht.

Error: (10/03/2016 12:34:42 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Dnscache erreicht.

Error: (10/03/2016 12:34:12 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Dnscache erreicht.

Error: (10/03/2016 12:33:53 PM) (Source: DCOM) (EventID: 10016) (User: ALEX-PC)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "ALEX-PC\Alex" (SID: S-1-5-21-2483748350-3972836390-758131696-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (10/03/2016 12:33:53 PM) (Source: DCOM) (EventID: 10016) (User: ALEX-PC)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "ALEX-PC\Alex" (SID: S-1-5-21-2483748350-3972836390-758131696-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (10/03/2016 12:33:53 PM) (Source: DCOM) (EventID: 10016) (User: ALEX-PC)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "ALEX-PC\Alex" (SID: S-1-5-21-2483748350-3972836390-758131696-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (10/03/2016 12:33:53 PM) (Source: DCOM) (EventID: 10016) (User: ALEX-PC)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "ALEX-PC\Alex" (SID: S-1-5-21-2483748350-3972836390-758131696-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


CodeIntegrity:
===================================
  Date: 2016-10-03 12:55:26.017
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-10-03 12:38:52.450
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-09-29 15:29:42.458
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-09-19 15:59:55.662
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-09-18 10:38:23.251
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-09-16 19:32:24.901
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-09-16 06:37:36.929
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-09-13 18:21:19.673
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-09-12 18:14:07.980
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-09-11 12:11:50.350
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2500 CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 46%
Installierter physikalischer RAM: 8134.13 MB
Verfügbarer physikalischer RAM: 4322.41 MB
Summe virtueller Speicher: 12998.13 MB
Verfügbarer virtueller Speicher: 8407.3 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:111.3 GB) (Free:14.77 GB) NTFS
Drive d: (Windows) (Fixed) (Total:150.07 GB) (Free:104.89 GB) NTFS
Drive e: (Programme) (Fixed) (Total:1024.1 GB) (Free:81.59 GB) NTFS
Drive f: (Daten) (Fixed) (Total:1619.83 GB) (Free:72.6 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 18933830)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 2794.5 GB) (Disk ID: E48DA330)

Partition: GPT.

==================== Ende von Addition.txt ============================
         
Das selber passiert übrigens auch, wenn der PC aus dem Standby hochfährt. Kein Internet und gleiche Prozessorauslastung. Nach 2 Minuten geht alles wieder.

lag an hostsman / hosts list (70k einträge), muss schauen was ich dagegen machen kann.
__________________


Alt 03.10.2016, 21:40   #3
felix1
/// Helfer-Team
 
svchost.exe - 25% CPU Auslastung & kein WLAN für 2 min. bei Systemstart [FRST vorhanden] - Standard

svchost.exe - 25% CPU Auslastung & kein WLAN für 2 min. bei Systemstart [FRST vorhanden] Details



Für die geposteten Farbars-Logs ist hier erst mal die Malwarefration zuständig. Versuche erst mal dort Dein Glück.
__________________
__________________

Antwort

Themen zu svchost.exe - 25% CPU Auslastung & kein WLAN für 2 min. bei Systemstart [FRST vorhanden]
auslastung, balken, bilder, cpu, cpu auslastung, daten, einiger, folge, folgendes, gesendet, inter, interne, internet, kein internet, problem, sinkt, spoiler, starte, startet, svchost.exe, systems, systemstart, ublock, verbunden, vorhanden, wlan



Ähnliche Themen: svchost.exe - 25% CPU Auslastung & kein WLAN für 2 min. bei Systemstart [FRST vorhanden]


  1. Hohe CPU-Auslastung durch svchost.exe und Leerlaufprozesse(ram-auslastung)
    Plagegeister aller Art und deren Bekämpfung - 06.07.2016 (11)
  2. Kann im TB mit Androit nicht mehr ins Internet rein; WLan ist vorhanden und gesichert.
    Plagegeister aller Art und deren Bekämpfung - 10.01.2016 (2)
  3. Prozesse conhost.exe svchost.exe reg.exe mehrmals vorhanden. Verdacht auf Infektion
    Log-Analyse und Auswertung - 08.11.2015 (4)
  4. GVU Virus - Bundesamt für Sicherheit und Informationstechnik - kein abgesicherter Modus möglich FRST.txt vorhanden
    Log-Analyse und Auswertung - 02.04.2015 (25)
  5. Systemstart dauert ca. 7 Minuten, zudem kommt eine konstante CPU Auslastung von 98-100% - Windows 7 SP1
    Log-Analyse und Auswertung - 18.01.2015 (5)
  6. Windows XP | svchost.exe -k netsvcs auf 100% CPU => Verhindert LAN und WLAN
    Log-Analyse und Auswertung - 19.11.2013 (23)
  7. KOBIK-Trojaner eingefangen.. FRST-Logfile bereits vorhanden
    Plagegeister aller Art und deren Bekämpfung - 03.10.2013 (12)
  8. Win7: GVU Trojaner, Abgesicherter Modus sowie Booten von USB und CD nicht möglich, FRST Logfile vorhanden
    Log-Analyse und Auswertung - 29.08.2013 (21)
  9. Trojaner...weißer Bildschirm...FRST.txt vorhanden (bricht ab)
    Log-Analyse und Auswertung - 24.06.2013 (5)
  10. (2x) GEMA-Trojaner, kein Zugriff möglich, kein Laufwerk vorhanden
    Mülltonne - 25.03.2012 (1)
  11. 50 euro virus! was tun? kein systemstart mehr möglich
    Log-Analyse und Auswertung - 18.02.2012 (46)
  12. Hab ich einen Virus auf dem PC? 13x svchost.exe und ca 93 Prozesse offen bei Systemstart.
    Log-Analyse und Auswertung - 12.12.2011 (1)
  13. CPU Auslastung fast immer bei 100 %/ Vista / HijackThis Log vorhanden
    Log-Analyse und Auswertung - 01.07.2011 (1)
  14. Systemstart : Svchost/WinUPDT32
    Log-Analyse und Auswertung - 28.08.2010 (36)
  15. svchost.exe in Logfileliste von HJT nicht vorhanden ?
    Log-Analyse und Auswertung - 20.09.2009 (1)
  16. Kein Lan kein Wlan funkt mehr beim laptop!
    Log-Analyse und Auswertung - 27.07.2007 (5)
  17. SVCHost 100 % Auslastung / Kein Start
    Log-Analyse und Auswertung - 28.02.2007 (1)

Zum Thema svchost.exe - 25% CPU Auslastung & kein WLAN für 2 min. bei Systemstart [FRST vorhanden] - Hallo, ich habe folgendes Problem: Windows startet -> svchost.exe zeigt 25% CPU an -> WLAN ist verbunden und zeigt alle Balken an, jedoch werden keine Daten gesendet (kein Internet!). Nach - svchost.exe - 25% CPU Auslastung & kein WLAN für 2 min. bei Systemstart [FRST vorhanden]...
Archiv
Du betrachtest: svchost.exe - 25% CPU Auslastung & kein WLAN für 2 min. bei Systemstart [FRST vorhanden] auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.