FRST Additions Logfile: Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:29-08-2015
durchgeführt von Markus (2015-08-29 23:10:29)
Gestartet von C:\Users\Markus\Downloads
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3070450857-490765050-1371658872-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3070450857-490765050-1371658872-503 - Limited - Disabled)
Gast (S-1-5-21-3070450857-490765050-1371658872-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3070450857-490765050-1371658872-1004 - Limited - Enabled)
Markus (S-1-5-21-3070450857-490765050-1371658872-1000 - Administrator - Enabled) => C:\Users\Markus
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (32 Bit) (HKLM-x32\...\{7C25E7A0-A0A1-4B87-BB30-BF0FBDC37878}) (Version: 15.0 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4417 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.0.0.0054 - Disc Soft Ltd)
ETDWare X64 11.7.33.1_WHQL (HKLM\...\Elantech) (Version: 11.7.33.1 - ELAN Microelectronic Corp.)
ExpressCache (HKLM\...\{2EBEFDA8-F905-4C39-AC1C-D5ABE7B3E0AE}) (Version: 1.0.86 - Diskeeper Corporation)
Fast Flash Sleep Resume (x32 Version: 1.0.9 - Samsung) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Identity Protection Technology 1.2.22.0 (HKLM-x32\...\{387B63A5-5016-1015-B06B-A9A1030E3125}) (Version: 1.2.22.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2622 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.5.1001 - Intel Corporation)
Intel(R) WiDi (HKLM-x32\...\{E1B934BB-6AFA-429F-98E4-76F9CBC72BF6}) (Version: 2.2.14.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel® PROSet/Wireless Software (HKLM-x32\...\{a2a04474-104a-49b3-9bf5-33afee260030}) (Version: 17.14.0 - Intel Corporation)
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mumble 1.2.8 (HKLM-x32\...\{1BC144A3-20EF-49DD-8EBB-E421E128E30F}) (Version: 1.2.8 - Thorvald Natvig)
Napster 5 Beta (HKLM-x32\...\com.Rhapsody.Napster5) (Version: 1.0.65 - Rhapsody International, Inc)
Napster 5 Beta (x32 Version: 1.0.65 - Rhapsody International, Inc) Hidden
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
S Agent (Version: 1.1.52 - Samsung Electronics CO., LTD.) Hidden
SixaxisPairTool 0.3.0 (HKLM-x32\...\SixaxisPairTool_is1) (Version: 0.3.0 - Dancing Pixel Studios)
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
SolidWorks 2014 x64 Edition SP03 (HKLM-x32\...\SolidWorks Installation Manager 20140-40300-1100-100) (Version: 22.3.0.56 - SolidWorks Corporation)
SolidWorks 2014 x64 Edition SP03 (Version: 22.130.56 - SolidWorks) Hidden
SolidWorks 2014 x64 German Resources (Version: 22.130.56 - SolidWorks Corporation) Hidden
SolidWorks Composer Player 2014 SP03 x64 Edition (Version: 22.30.56 - Dassault Systemes SolidWorks) Hidden
SolidWorks eDrawings 2014 x64 Edition SP03 (Version: 14.3.107 - Dassault Systèmes SolidWorks Corp) Hidden
SolidWorks Explorer 2014 SP03 x64 Edition (Version: 22.30.56 - SolidWorks Corporation) Hidden
SolidWorks Plastics 2014 SP03 x64 Edition (Version: 22.30.56 - SolidWorks Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SW Update (HKLM-x32\...\{36427E02-1AED-48AB-81E7-4DD327934FD5}) (Version: 2.2.6 - Samsung Electronics CO., LTD.)
System Requirements Lab Detection (HKLM-x32\...\{4C191560-78A6-4943-83BB-6506C4705CFA}) (Version: 6.1.4.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.45862 - TeamViewer)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{CBCC2FD8-7DFE-4752-95B5-2E447C226F45}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3070450857-490765050-1371658872-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3070450857-490765050-1371658872-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3070450857-490765050-1371658872-1000_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3070450857-490765050-1371658872-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3070450857-490765050-1371658872-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3070450857-490765050-1371658872-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3070450857-490765050-1371658872-1000_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3070450857-490765050-1371658872-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3070450857-490765050-1371658872-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3070450857-490765050-1371658872-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3070450857-490765050-1371658872-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Wiederherstellungspunkte =========================
08-08-2015 23:10:28 Windows Modules Installer
17-08-2015 23:37:28 Windows Update
23-08-2015 20:22:11 PROPLUS
29-08-2015 22:12:28 Windows Update
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation)
Task: {02C310AE-A4A1-402A-947A-907806D0082E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {053B561B-A5A1-4EE8-A959-D83D3DC1E5F1} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation)
Task: {11FD6E50-50B9-4E06-AD21-BB605CB55D43} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {1829C1DA-8F55-4CE4-B1AE-D2C9046E04CA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {2575B8BF-CDE7-4A4F-BE98-C3ED9CF084CD} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {2C20B759-73F8-4139-B744-5CA5435277A2} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {3381B095-BEB1-4BAA-B397-158CE08F10CB} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation)
Task: {52B14B17-B51B-4511-B13B-1403B825FED0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {5B8356DC-C836-4A8B-B948-91DA0DFB5F82} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {5CEA93BC-6C78-4DA8-AA67-B93E89A10BC6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {6551DCB1-1402-48DD-9029-D29A1E158762} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {6799E8A4-8D6F-4282-A62F-5CFD185580A5} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {6AB254CB-C2A2-4EC3-ADAA-23F383C4CF79} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {6E2D48B8-7CFD-4C2F-B969-5C31A6C0C100} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {70BA4BBC-EAAB-4BA3-982D-9044099BFCDD} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {71829DF9-E10D-4650-85DD-36595A260BCF} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {72BE418A-F67E-4A3C-BA93-6937BB599556} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {75D33956-5F46-4ECC-85B0-052926C8B111} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance
Task: {7A91CFC4-CB98-4820-A065-F248EDB72BFA} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {7EFA9F27-06C0-4E61-AF3B-2DB601CB5DB8} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {8C957060-5A5C-4796-A801-674C1B532D7B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-29] (Google Inc.)
Task: {8DC18310-E922-4A85-A001-E0E6FFA8A0CC} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-07-30] (Microsoft Corporation)
Task: {8F6682F1-2D95-4421-82B9-62A9A2F41EC0} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {94C1EAD9-657D-47BB-B49B-4CEEE1BCF830} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {9E092FA9-890D-4BC8-A772-73A19FD1DD69} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {AA3082E8-9498-4802-95B8-0DFDE19F4839} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {AE3B10F4-31CE-4BBD-A1CC-B94B6BC7CF2F} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {B2EBF0AF-B87B-4C13-BFCF-E37C863CE70D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {B7DA8CB5-C3F0-43D8-95FC-9B1EB6A34BC7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-29] (Google Inc.)
Task: {C110F59F-3DB7-4CEC-931E-E0665AD700FE} - System32\Tasks\{1B66D1F0-9EAF-48AF-AC5D-D12C5F5084A7} => pcalua.exe -a C:\Users\Markus\AppData\Roaming\oursurfing\UninstallManager.exe -c -ptid=smt
Task: {C260464F-C758-431A-B2BD-C5C57DAAD1CC} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {C2EAFD75-8ABA-48C2-9D2D-852F135BB52A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {C5CB8AD2-0A0C-4C77-8D7C-9E77B09C7478} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation)
Task: {C9077358-BEA4-414C-8E01-101816E1B0BB} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {CA050789-0AF1-456D-A5D9-1A5773E0A13E} - System32\Tasks\AutoKMSCustom => C:\WINDOWS\AutoKMS\AutoKMS.exe [2015-08-23] ()
Task: {CBE02FF3-6525-4CA5-B1E1-26F83F39944C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {CC2B7071-69F3-4941-B4BB-C84C1171B6A6} - System32\Tasks\SUPatchForW10Up => C:\ProgramData\Samsung\SamsungUpdatePatch\SUPatchForW10Up.exe [2015-07-02] (Samsung Electronics CO., LTD.)
Task: {CCDD4014-941E-4AB4-B288-6EBACD69361B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {D1431090-4427-471F-9AA4-4438DAA256CA} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {D40814E9-C518-4F53-B6C6-28CC2CF0C5AA} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {D5983BF4-2E35-4D33-8B51-0DBE1FDC9C57} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {E029F21E-25B7-452E-96D8-6F002A6D5B2C} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2015-02-04] (Samsung Electronics CO., LTD.)
Task: {EE4B7110-741B-456D-87F9-6FFD6DEF46FF} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {FBC8CCAF-A98F-489D-AB95-E4F411A6A7BD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {FE05FF02-3287-4428-85A1-163B034B5650} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {FEF2E31E-0429-47E6-8DCD-EA57AD3B6DEB} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-08-17] (CyberLink)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-07-30 23:21 - 2015-07-30 23:21 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-23 22:15 - 2015-08-11 11:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-08-17 23:04 - 2015-07-30 08:05 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-17 23:04 - 2015-07-30 08:05 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 12:59 - 2015-07-10 12:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-08-17 23:04 - 2015-08-03 03:11 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 13:00 - 2015-07-10 18:45 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-23 22:15 - 2015-08-11 10:58 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-17 23:04 - 2015-08-03 03:09 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 13:00 - 2015-07-10 18:45 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-06-01 21:00 - 2015-06-01 21:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-04-01 02:54 - 2014-04-01 02:54 - 00276008 _____ () C:\Program Files\SolidWorks Corp\SolidWorks\sldBodyDiffu.dll
2015-02-04 16:11 - 2015-02-04 16:11 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll
2015-06-05 00:28 - 2015-07-03 18:12 - 00778240 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-06-05 00:28 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-06-05 00:28 - 2015-08-19 22:39 - 02413248 _____ () C:\Program Files (x86)\Steam\video.dll
2015-06-05 00:28 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-06-05 00:28 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-06-05 00:28 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-06-05 00:28 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-06-05 00:28 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-06-05 00:28 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-06-05 00:28 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-06-05 00:28 - 2015-08-19 22:39 - 00704192 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-23 17:47 - 2015-07-27 03:13 - 00171008 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2015-06-05 00:28 - 2015-07-03 18:12 - 39553928 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-08-23 20:51 - 2015-08-18 07:23 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libglesv2.dll
2015-08-23 20:51 - 2015-08-18 07:23 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libegl.dll
2015-08-23 20:51 - 2015-08-18 07:23 - 16393032 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3070450857-490765050-1371658872-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Markus\Pictures\Windows_10_Art_Logo_uhd.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{CC023364-1CD9-426D-A37C-582FD5AE922B}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{DBFEC48C-7679-4975-BDBA-1E61ABBF9E31}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7AAAF48A-C436-48F3-BB44-BBD220D3F85D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{76DF0A55-2E1D-4B5F-A164-28F0797B1EDB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FC9EE7F8-F87C-4162-BB0A-75D5A83523B8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{698C2367-65C5-4338-97D0-744D4BCB1B31}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0B151A1B-DFEE-4A7E-B74C-2CE3A8E8EE1B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7E4EC473-735F-45C3-942A-B86AF933B4A8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6DA9200B-2FE9-421A-BAC9-752F1D189A33}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4A7C8771-B0D2-4AD2-B3CD-5957448547DE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{83372A6E-ECD7-420B-B9E9-9946B977100C}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{A0D04CC8-F2FE-45A6-908C-69B4A4EB07CF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{1F8EF60F-5445-4B37-8644-2B14E9A90838}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{3EB5168D-4BB0-4A23-A604-B85B52B865B9}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{170152F0-F825-4C44-A675-3F2E09D91763}] => (Allow) C:\Program Files (x86)\Battle.net\Hearthstone\Hearthstone.exe
FirewallRules: [{BCD082ED-C613-422F-B280-67C42D2D5FCC}] => (Allow) C:\Program Files (x86)\Battle.net\Hearthstone\Hearthstone.exe
FirewallRules: [{97C6906F-0BCF-42E3-915D-08878252E399}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{1F5D98EA-2082-47A5-A2E6-3CAC087240F6}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{50FA7319-DE2A-4903-A63E-D06D982E9591}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{F8F45395-4DEC-44E1-8991-4E718E2DBF60}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{E4A8636E-3311-4274-B055-5B553248D076}] => (Allow) D:\Programme\Microsoft.Office.Professional.Plus.2013.SP1.x64.VL.Deutsch.VLSC.35984.Microsoft.Toolkit.v2.50.KMSpico.v9.2.3\Aktivierung.mit.KMSpico.v9.2.3.All-in-One\KMSpico.v9.2.3.All-in-One\KMSpico.v9.2.3.Portable\AutoPico.exe
FirewallRules: [{9D7DA7A6-ED65-476B-A0ED-E36F672549D9}] => (Allow) D:\Programme\Microsoft.Office.Professional.Plus.2013.SP1.x64.VL.Deutsch.VLSC.35984.Microsoft.Toolkit.v2.50.KMSpico.v9.2.3\Aktivierung.mit.KMSpico.v9.2.3.All-in-One\KMSpico.v9.2.3.All-in-One\KMSpico.v9.2.3.Portable\AutoPico.exe
FirewallRules: [{7D59B838-D862-404E-B27C-DB0E27CABEFA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{5B1A4327-E365-4429-87CD-DBEF6C900F36}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{E70E3043-7B7D-4E5E-A4A3-FE48B2E858BF}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{62945C61-4AB1-43F9-B8B3-2FEF707F51C4}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360.exe
FirewallRules: [{A3CD9747-839A-498D-AA15-837C401270DE}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360.exe
FirewallRules: [{EEB7E4A0-0244-4BB5-A093-3D77A81E77BC}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360_cl.exe
FirewallRules: [{9A38CB02-001A-44FC-A2EF-138EFF64348C}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360_cl.exe
FirewallRules: [{9CC14AD1-895A-4CBB-A7F3-ABE6E7D92EC5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B25BB2FA-2D7C-4EB5-9733-8B92157ACFFD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E33AEFF7-9961-409A-86BB-4DA68F824A18}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CD77DD53-D03F-469A-819A-3F483848E0BE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/29/2015 11:10:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MsMpEng.exe, Version: 4.8.10240.16384, Zeitstempel: 0x559f39a0
Name des fehlerhaften Moduls: mpsvc.dll, Version: 4.8.10240.16384, Zeitstempel: 0x559f39e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000004d35f
ID des fehlerhaften Prozesses: 0x9c8
Startzeit der fehlerhaften Anwendung: 0xMsMpEng.exe0
Pfad der fehlerhaften Anwendung: MsMpEng.exe1
Pfad des fehlerhaften Moduls: MsMpEng.exe2
Berichtskennung: MsMpEng.exe3
Vollständiger Name des fehlerhaften Pakets: MsMpEng.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MsMpEng.exe5
Error: (08/29/2015 10:28:39 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ubook)
Description: Bei der Aktivierung der App „Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (08/29/2015 10:15:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ubook)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (08/29/2015 10:12:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (08/29/2015 10:07:38 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418219
Error: (08/29/2015 09:59:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: OHub.exe, Version: 16.0.6106.2350, Zeitstempel: 0x55c40ea1
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10240.16430, Zeitstempel: 0x55c59f92
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ea28c
ID des fehlerhaften Prozesses: 0x1ebc
Startzeit der fehlerhaften Anwendung: 0xOHub.exe0
Pfad der fehlerhaften Anwendung: OHub.exe1
Pfad des fehlerhaften Moduls: OHub.exe2
Berichtskennung: OHub.exe3
Vollständiger Name des fehlerhaften Pakets: OHub.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: OHub.exe5
Error: (08/27/2015 01:13:26 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ubook)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (08/26/2015 11:13:20 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418219
Error: (08/26/2015 11:11:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: OHub.exe, Version: 16.0.6106.2350, Zeitstempel: 0x55c40ea1
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10240.16430, Zeitstempel: 0x55c59f92
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ea28c
ID des fehlerhaften Prozesses: 0x31c
Startzeit der fehlerhaften Anwendung: 0xOHub.exe0
Pfad der fehlerhaften Anwendung: OHub.exe1
Pfad des fehlerhaften Moduls: OHub.exe2
Berichtskennung: OHub.exe3
Vollständiger Name des fehlerhaften Pakets: OHub.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: OHub.exe5
Error: (08/26/2015 11:03:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ubook)
Description: Bei der Aktivierung der App „Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Systemfehler:
=============
Error: (08/29/2015 11:10:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Defender-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 100 Millisekunden durchgeführt: Aufführung des konfigurierten Wiederherstellungsp.
Error: (08/29/2015 10:15:48 PM) (Source: DCOM) (EventID: 10010) (User: ubook)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca
Error: (08/29/2015 10:15:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session3" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/29/2015 09:59:55 PM) (Source: DCOM) (EventID: 10016) (User: ubook)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}ubookMarkusS-1-5-21-3070450857-490765050-1371658872-1000LocalHost (unter Verwendung von LRPC)Microsoft.WindowsStore_2015.8.12.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157
Error: (08/27/2015 01:13:26 AM) (Source: DCOM) (EventID: 10010) (User: ubook)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca
Error: (08/27/2015 01:13:24 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session2" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/26/2015 11:56:53 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Xbox Live Authentifizierungs-Manager" wurde mit dem folgenden dienstspezifischen Fehler beendet:
%%0
Error: (08/25/2015 02:35:23 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/25/2015 01:46:48 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Xbox Live Authentifizierungs-Manager" wurde mit dem folgenden dienstspezifischen Fehler beendet:
%%0
Error: (08/25/2015 01:41:56 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Microsoft Office:
=========================
Error: (08/29/2015 11:10:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: MsMpEng.exe4.8.10240.16384559f39a0mpsvc.dll4.8.10240.16384559f39e7c0000005000000000004d35f9c801d0dec5351fc879C:\Program Files\Windows Defender\MsMpEng.exeC:\Program Files\Windows Defender\mpsvc.dll4dbc17ea-88d8-4ad3-8c74-a87cff4f9f78
Error: (08/29/2015 10:28:39 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ubook)
Description: Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp-2144927148
Error: (08/29/2015 10:15:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ubook)
Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2144927141
Error: (08/29/2015 10:12:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
Error: (08/29/2015 10:07:38 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418219
Error: (08/29/2015 09:59:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OHub.exe16.0.6106.235055c40ea1ntdll.dll10.0.10240.1643055c59f92c000037400000000000ea28c1ebc01d0e29544d24933C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbwe\OHub.exeC:\WINDOWS\SYSTEM32\ntdll.dlld194885a-0fd9-4671-9c85-5968b734190fMicrosoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbweMicrosoft.MicrosoftOfficeHub
Error: (08/27/2015 01:13:26 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ubook)
Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2144927141
Error: (08/26/2015 11:13:20 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418219
Error: (08/26/2015 11:11:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OHub.exe16.0.6106.235055c40ea1ntdll.dll10.0.10240.1643055c59f92c000037400000000000ea28c31c01d0e043bd2cd7f1C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbwe\OHub.exeC:\WINDOWS\SYSTEM32\ntdll.dll48d703d0-47af-48ef-aa04-07e2c5eb42eaMicrosoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbweMicrosoft.MicrosoftOfficeHub
Error: (08/26/2015 11:03:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ubook)
Description: Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp-2144927148
CodeIntegrity:
===================================
Date: 2015-08-26 23:43:13.904
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2015-08-26 23:43:13.803
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2015-08-26 23:43:13.706
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2015-08-26 23:43:13.577
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2015-08-26 23:43:13.541
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2015-08-26 23:43:13.504
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2015-08-26 23:43:11.292
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2015-08-26 23:43:11.106
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2015-08-26 23:42:07.789
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2015-08-26 23:42:07.710
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
Processor: Intel(R) Core(TM) i5-2467M CPU @ 1.60GHz
Prozentuale Nutzung des RAM: 50%
Installierter physikalischer RAM: 3990.23 MB
Verfügbarer physikalischer RAM: 1978.84 MB
Summe virtueller Speicher: 8086.23 MB
Verfügbarer virtueller Speicher: 6099.74 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:223.47 GB) (Free:124.63 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 2B2BDDA6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 14.9 GB) (Disk ID: 74F02DEA)
==================== Ende von Addition.txt ============================
--- --- --- Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:29-08-2015
durchgeführt von Markus (2015-08-29 23:10:29)
Gestartet von C:\Users\Markus\Downloads
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3070450857-490765050-1371658872-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3070450857-490765050-1371658872-503 - Limited - Disabled)
Gast (S-1-5-21-3070450857-490765050-1371658872-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3070450857-490765050-1371658872-1004 - Limited - Enabled)
Markus (S-1-5-21-3070450857-490765050-1371658872-1000 - Administrator - Enabled) => C:\Users\Markus
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (32 Bit) (HKLM-x32\...\{7C25E7A0-A0A1-4B87-BB30-BF0FBDC37878}) (Version: 15.0 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4417 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.0.0.0054 - Disc Soft Ltd)
ETDWare X64 11.7.33.1_WHQL (HKLM\...\Elantech) (Version: 11.7.33.1 - ELAN Microelectronic Corp.)
ExpressCache (HKLM\...\{2EBEFDA8-F905-4C39-AC1C-D5ABE7B3E0AE}) (Version: 1.0.86 - Diskeeper Corporation)
Fast Flash Sleep Resume (x32 Version: 1.0.9 - Samsung) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Identity Protection Technology 1.2.22.0 (HKLM-x32\...\{387B63A5-5016-1015-B06B-A9A1030E3125}) (Version: 1.2.22.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2622 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.5.1001 - Intel Corporation)
Intel(R) WiDi (HKLM-x32\...\{E1B934BB-6AFA-429F-98E4-76F9CBC72BF6}) (Version: 2.2.14.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel® PROSet/Wireless Software (HKLM-x32\...\{a2a04474-104a-49b3-9bf5-33afee260030}) (Version: 17.14.0 - Intel Corporation)
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mumble 1.2.8 (HKLM-x32\...\{1BC144A3-20EF-49DD-8EBB-E421E128E30F}) (Version: 1.2.8 - Thorvald Natvig)
Napster 5 Beta (HKLM-x32\...\com.Rhapsody.Napster5) (Version: 1.0.65 - Rhapsody International, Inc)
Napster 5 Beta (x32 Version: 1.0.65 - Rhapsody International, Inc) Hidden
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
S Agent (Version: 1.1.52 - Samsung Electronics CO., LTD.) Hidden
SixaxisPairTool 0.3.0 (HKLM-x32\...\SixaxisPairTool_is1) (Version: 0.3.0 - Dancing Pixel Studios)
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
SolidWorks 2014 x64 Edition SP03 (HKLM-x32\...\SolidWorks Installation Manager 20140-40300-1100-100) (Version: 22.3.0.56 - SolidWorks Corporation)
SolidWorks 2014 x64 Edition SP03 (Version: 22.130.56 - SolidWorks) Hidden
SolidWorks 2014 x64 German Resources (Version: 22.130.56 - SolidWorks Corporation) Hidden
SolidWorks Composer Player 2014 SP03 x64 Edition (Version: 22.30.56 - Dassault Systemes SolidWorks) Hidden
SolidWorks eDrawings 2014 x64 Edition SP03 (Version: 14.3.107 - Dassault Systèmes SolidWorks Corp) Hidden
SolidWorks Explorer 2014 SP03 x64 Edition (Version: 22.30.56 - SolidWorks Corporation) Hidden
SolidWorks Plastics 2014 SP03 x64 Edition (Version: 22.30.56 - SolidWorks Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SW Update (HKLM-x32\...\{36427E02-1AED-48AB-81E7-4DD327934FD5}) (Version: 2.2.6 - Samsung Electronics CO., LTD.)
System Requirements Lab Detection (HKLM-x32\...\{4C191560-78A6-4943-83BB-6506C4705CFA}) (Version: 6.1.4.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.45862 - TeamViewer)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{CBCC2FD8-7DFE-4752-95B5-2E447C226F45}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3070450857-490765050-1371658872-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3070450857-490765050-1371658872-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3070450857-490765050-1371658872-1000_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3070450857-490765050-1371658872-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3070450857-490765050-1371658872-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3070450857-490765050-1371658872-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3070450857-490765050-1371658872-1000_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3070450857-490765050-1371658872-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3070450857-490765050-1371658872-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3070450857-490765050-1371658872-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3070450857-490765050-1371658872-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Markus\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Wiederherstellungspunkte =========================
08-08-2015 23:10:28 Windows Modules Installer
17-08-2015 23:37:28 Windows Update
23-08-2015 20:22:11 PROPLUS
29-08-2015 22:12:28 Windows Update
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation)
Task: {02C310AE-A4A1-402A-947A-907806D0082E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {053B561B-A5A1-4EE8-A959-D83D3DC1E5F1} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation)
Task: {11FD6E50-50B9-4E06-AD21-BB605CB55D43} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {1829C1DA-8F55-4CE4-B1AE-D2C9046E04CA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {2575B8BF-CDE7-4A4F-BE98-C3ED9CF084CD} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {2C20B759-73F8-4139-B744-5CA5435277A2} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {3381B095-BEB1-4BAA-B397-158CE08F10CB} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation)
Task: {52B14B17-B51B-4511-B13B-1403B825FED0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {5B8356DC-C836-4A8B-B948-91DA0DFB5F82} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {5CEA93BC-6C78-4DA8-AA67-B93E89A10BC6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {6551DCB1-1402-48DD-9029-D29A1E158762} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {6799E8A4-8D6F-4282-A62F-5CFD185580A5} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {6AB254CB-C2A2-4EC3-ADAA-23F383C4CF79} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {6E2D48B8-7CFD-4C2F-B969-5C31A6C0C100} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {70BA4BBC-EAAB-4BA3-982D-9044099BFCDD} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {71829DF9-E10D-4650-85DD-36595A260BCF} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {72BE418A-F67E-4A3C-BA93-6937BB599556} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {75D33956-5F46-4ECC-85B0-052926C8B111} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance
Task: {7A91CFC4-CB98-4820-A065-F248EDB72BFA} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {7EFA9F27-06C0-4E61-AF3B-2DB601CB5DB8} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {8C957060-5A5C-4796-A801-674C1B532D7B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-29] (Google Inc.)
Task: {8DC18310-E922-4A85-A001-E0E6FFA8A0CC} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-07-30] (Microsoft Corporation)
Task: {8F6682F1-2D95-4421-82B9-62A9A2F41EC0} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {94C1EAD9-657D-47BB-B49B-4CEEE1BCF830} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {9E092FA9-890D-4BC8-A772-73A19FD1DD69} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {AA3082E8-9498-4802-95B8-0DFDE19F4839} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {AE3B10F4-31CE-4BBD-A1CC-B94B6BC7CF2F} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {B2EBF0AF-B87B-4C13-BFCF-E37C863CE70D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {B7DA8CB5-C3F0-43D8-95FC-9B1EB6A34BC7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-29] (Google Inc.)
Task: {C110F59F-3DB7-4CEC-931E-E0665AD700FE} - System32\Tasks\{1B66D1F0-9EAF-48AF-AC5D-D12C5F5084A7} => pcalua.exe -a C:\Users\Markus\AppData\Roaming\oursurfing\UninstallManager.exe -c -ptid=smt
Task: {C260464F-C758-431A-B2BD-C5C57DAAD1CC} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {C2EAFD75-8ABA-48C2-9D2D-852F135BB52A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {C5CB8AD2-0A0C-4C77-8D7C-9E77B09C7478} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation)
Task: {C9077358-BEA4-414C-8E01-101816E1B0BB} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {CA050789-0AF1-456D-A5D9-1A5773E0A13E} - System32\Tasks\AutoKMSCustom => C:\WINDOWS\AutoKMS\AutoKMS.exe [2015-08-23] ()
Task: {CBE02FF3-6525-4CA5-B1E1-26F83F39944C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {CC2B7071-69F3-4941-B4BB-C84C1171B6A6} - System32\Tasks\SUPatchForW10Up => C:\ProgramData\Samsung\SamsungUpdatePatch\SUPatchForW10Up.exe [2015-07-02] (Samsung Electronics CO., LTD.)
Task: {CCDD4014-941E-4AB4-B288-6EBACD69361B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {D1431090-4427-471F-9AA4-4438DAA256CA} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {D40814E9-C518-4F53-B6C6-28CC2CF0C5AA} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {D5983BF4-2E35-4D33-8B51-0DBE1FDC9C57} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {E029F21E-25B7-452E-96D8-6F002A6D5B2C} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2015-02-04] (Samsung Electronics CO., LTD.)
Task: {EE4B7110-741B-456D-87F9-6FFD6DEF46FF} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {FBC8CCAF-A98F-489D-AB95-E4F411A6A7BD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {FE05FF02-3287-4428-85A1-163B034B5650} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {FEF2E31E-0429-47E6-8DCD-EA57AD3B6DEB} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-08-17] (CyberLink)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-07-30 23:21 - 2015-07-30 23:21 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-23 22:15 - 2015-08-11 11:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-08-17 23:04 - 2015-07-30 08:05 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-17 23:04 - 2015-07-30 08:05 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 12:59 - 2015-07-10 12:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-08-17 23:04 - 2015-08-03 03:11 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 13:00 - 2015-07-10 18:45 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-23 22:15 - 2015-08-11 10:58 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-17 23:04 - 2015-08-03 03:09 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 13:00 - 2015-07-10 18:45 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-06-01 21:00 - 2015-06-01 21:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-04-01 02:54 - 2014-04-01 02:54 - 00276008 _____ () C:\Program Files\SolidWorks Corp\SolidWorks\sldBodyDiffu.dll
2015-02-04 16:11 - 2015-02-04 16:11 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll
2015-06-05 00:28 - 2015-07-03 18:12 - 00778240 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-06-05 00:28 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-06-05 00:28 - 2015-08-19 22:39 - 02413248 _____ () C:\Program Files (x86)\Steam\video.dll
2015-06-05 00:28 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-06-05 00:28 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-06-05 00:28 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-06-05 00:28 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-06-05 00:28 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-06-05 00:28 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-06-05 00:28 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-06-05 00:28 - 2015-08-19 22:39 - 00704192 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-23 17:47 - 2015-07-27 03:13 - 00171008 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2015-06-05 00:28 - 2015-07-03 18:12 - 39553928 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-08-23 20:51 - 2015-08-18 07:23 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libglesv2.dll
2015-08-23 20:51 - 2015-08-18 07:23 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libegl.dll
2015-08-23 20:51 - 2015-08-18 07:23 - 16393032 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3070450857-490765050-1371658872-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Markus\Pictures\Windows_10_Art_Logo_uhd.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{CC023364-1CD9-426D-A37C-582FD5AE922B}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{DBFEC48C-7679-4975-BDBA-1E61ABBF9E31}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7AAAF48A-C436-48F3-BB44-BBD220D3F85D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{76DF0A55-2E1D-4B5F-A164-28F0797B1EDB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FC9EE7F8-F87C-4162-BB0A-75D5A83523B8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{698C2367-65C5-4338-97D0-744D4BCB1B31}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0B151A1B-DFEE-4A7E-B74C-2CE3A8E8EE1B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7E4EC473-735F-45C3-942A-B86AF933B4A8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6DA9200B-2FE9-421A-BAC9-752F1D189A33}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4A7C8771-B0D2-4AD2-B3CD-5957448547DE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{83372A6E-ECD7-420B-B9E9-9946B977100C}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{A0D04CC8-F2FE-45A6-908C-69B4A4EB07CF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{1F8EF60F-5445-4B37-8644-2B14E9A90838}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{3EB5168D-4BB0-4A23-A604-B85B52B865B9}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{170152F0-F825-4C44-A675-3F2E09D91763}] => (Allow) C:\Program Files (x86)\Battle.net\Hearthstone\Hearthstone.exe
FirewallRules: [{BCD082ED-C613-422F-B280-67C42D2D5FCC}] => (Allow) C:\Program Files (x86)\Battle.net\Hearthstone\Hearthstone.exe
FirewallRules: [{97C6906F-0BCF-42E3-915D-08878252E399}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{1F5D98EA-2082-47A5-A2E6-3CAC087240F6}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{50FA7319-DE2A-4903-A63E-D06D982E9591}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{F8F45395-4DEC-44E1-8991-4E718E2DBF60}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{E4A8636E-3311-4274-B055-5B553248D076}] => (Allow) D:\Programme\Microsoft.Office.Professional.Plus.2013.SP1.x64.VL.Deutsch.VLSC.35984.Microsoft.Toolkit.v2.50.KMSpico.v9.2.3\Aktivierung.mit.KMSpico.v9.2.3.All-in-One\KMSpico.v9.2.3.All-in-One\KMSpico.v9.2.3.Portable\AutoPico.exe
FirewallRules: [{9D7DA7A6-ED65-476B-A0ED-E36F672549D9}] => (Allow) D:\Programme\Microsoft.Office.Professional.Plus.2013.SP1.x64.VL.Deutsch.VLSC.35984.Microsoft.Toolkit.v2.50.KMSpico.v9.2.3\Aktivierung.mit.KMSpico.v9.2.3.All-in-One\KMSpico.v9.2.3.All-in-One\KMSpico.v9.2.3.Portable\AutoPico.exe
FirewallRules: [{7D59B838-D862-404E-B27C-DB0E27CABEFA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{5B1A4327-E365-4429-87CD-DBEF6C900F36}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{E70E3043-7B7D-4E5E-A4A3-FE48B2E858BF}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{62945C61-4AB1-43F9-B8B3-2FEF707F51C4}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360.exe
FirewallRules: [{A3CD9747-839A-498D-AA15-837C401270DE}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360.exe
FirewallRules: [{EEB7E4A0-0244-4BB5-A093-3D77A81E77BC}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360_cl.exe
FirewallRules: [{9A38CB02-001A-44FC-A2EF-138EFF64348C}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360_cl.exe
FirewallRules: [{9CC14AD1-895A-4CBB-A7F3-ABE6E7D92EC5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B25BB2FA-2D7C-4EB5-9733-8B92157ACFFD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E33AEFF7-9961-409A-86BB-4DA68F824A18}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CD77DD53-D03F-469A-819A-3F483848E0BE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/29/2015 11:10:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MsMpEng.exe, Version: 4.8.10240.16384, Zeitstempel: 0x559f39a0
Name des fehlerhaften Moduls: mpsvc.dll, Version: 4.8.10240.16384, Zeitstempel: 0x559f39e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000004d35f
ID des fehlerhaften Prozesses: 0x9c8
Startzeit der fehlerhaften Anwendung: 0xMsMpEng.exe0
Pfad der fehlerhaften Anwendung: MsMpEng.exe1
Pfad des fehlerhaften Moduls: MsMpEng.exe2
Berichtskennung: MsMpEng.exe3
Vollständiger Name des fehlerhaften Pakets: MsMpEng.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MsMpEng.exe5
Error: (08/29/2015 10:28:39 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ubook)
Description: Bei der Aktivierung der App „Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (08/29/2015 10:15:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ubook)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (08/29/2015 10:12:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (08/29/2015 10:07:38 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418219
Error: (08/29/2015 09:59:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: OHub.exe, Version: 16.0.6106.2350, Zeitstempel: 0x55c40ea1
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10240.16430, Zeitstempel: 0x55c59f92
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ea28c
ID des fehlerhaften Prozesses: 0x1ebc
Startzeit der fehlerhaften Anwendung: 0xOHub.exe0
Pfad der fehlerhaften Anwendung: OHub.exe1
Pfad des fehlerhaften Moduls: OHub.exe2
Berichtskennung: OHub.exe3
Vollständiger Name des fehlerhaften Pakets: OHub.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: OHub.exe5
Error: (08/27/2015 01:13:26 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ubook)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (08/26/2015 11:13:20 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418219
Error: (08/26/2015 11:11:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: OHub.exe, Version: 16.0.6106.2350, Zeitstempel: 0x55c40ea1
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10240.16430, Zeitstempel: 0x55c59f92
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ea28c
ID des fehlerhaften Prozesses: 0x31c
Startzeit der fehlerhaften Anwendung: 0xOHub.exe0
Pfad der fehlerhaften Anwendung: OHub.exe1
Pfad des fehlerhaften Moduls: OHub.exe2
Berichtskennung: OHub.exe3
Vollständiger Name des fehlerhaften Pakets: OHub.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: OHub.exe5
Error: (08/26/2015 11:03:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ubook)
Description: Bei der Aktivierung der App „Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Systemfehler:
=============
Error: (08/29/2015 11:10:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Defender-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 100 Millisekunden durchgeführt: Aufführung des konfigurierten Wiederherstellungsp.
Error: (08/29/2015 10:15:48 PM) (Source: DCOM) (EventID: 10010) (User: ubook)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca
Error: (08/29/2015 10:15:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session3" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/29/2015 09:59:55 PM) (Source: DCOM) (EventID: 10016) (User: ubook)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}ubookMarkusS-1-5-21-3070450857-490765050-1371658872-1000LocalHost (unter Verwendung von LRPC)Microsoft.WindowsStore_2015.8.12.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157
Error: (08/27/2015 01:13:26 AM) (Source: DCOM) (EventID: 10010) (User: ubook)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca
Error: (08/27/2015 01:13:24 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session2" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/26/2015 11:56:53 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Xbox Live Authentifizierungs-Manager" wurde mit dem folgenden dienstspezifischen Fehler beendet:
%%0
Error: (08/25/2015 02:35:23 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/25/2015 01:46:48 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Xbox Live Authentifizierungs-Manager" wurde mit dem folgenden dienstspezifischen Fehler beendet:
%%0
Error: (08/25/2015 01:41:56 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Microsoft Office:
=========================
Error: (08/29/2015 11:10:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: MsMpEng.exe4.8.10240.16384559f39a0mpsvc.dll4.8.10240.16384559f39e7c0000005000000000004d35f9c801d0dec5351fc879C:\Program Files\Windows Defender\MsMpEng.exeC:\Program Files\Windows Defender\mpsvc.dll4dbc17ea-88d8-4ad3-8c74-a87cff4f9f78
Error: (08/29/2015 10:28:39 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ubook)
Description: Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp-2144927148
Error: (08/29/2015 10:15:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ubook)
Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2144927141
Error: (08/29/2015 10:12:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
Error: (08/29/2015 10:07:38 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418219
Error: (08/29/2015 09:59:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OHub.exe16.0.6106.235055c40ea1ntdll.dll10.0.10240.1643055c59f92c000037400000000000ea28c1ebc01d0e29544d24933C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbwe\OHub.exeC:\WINDOWS\SYSTEM32\ntdll.dlld194885a-0fd9-4671-9c85-5968b734190fMicrosoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbweMicrosoft.MicrosoftOfficeHub
Error: (08/27/2015 01:13:26 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ubook)
Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2144927141
Error: (08/26/2015 11:13:20 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418219
Error: (08/26/2015 11:11:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OHub.exe16.0.6106.235055c40ea1ntdll.dll10.0.10240.1643055c59f92c000037400000000000ea28c31c01d0e043bd2cd7f1C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbwe\OHub.exeC:\WINDOWS\SYSTEM32\ntdll.dll48d703d0-47af-48ef-aa04-07e2c5eb42eaMicrosoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbweMicrosoft.MicrosoftOfficeHub
Error: (08/26/2015 11:03:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ubook)
Description: Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp-2144927148
CodeIntegrity:
===================================
Date: 2015-08-26 23:43:13.904
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2015-08-26 23:43:13.803
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2015-08-26 23:43:13.706
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2015-08-26 23:43:13.577
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2015-08-26 23:43:13.541
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2015-08-26 23:43:13.504
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2015-08-26 23:43:11.292
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2015-08-26 23:43:11.106
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2015-08-26 23:42:07.789
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2015-08-26 23:42:07.710
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
Processor: Intel(R) Core(TM) i5-2467M CPU @ 1.60GHz
Prozentuale Nutzung des RAM: 50%
Installierter physikalischer RAM: 3990.23 MB
Verfügbarer physikalischer RAM: 1978.84 MB
Summe virtueller Speicher: 8086.23 MB
Verfügbarer virtueller Speicher: 6099.74 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:223.47 GB) (Free:124.63 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 2B2BDDA6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 14.9 GB) (Disk ID: 74F02DEA)
==================== Ende von Addition.txt ============================
|
FRST 32-Bit | FRST 64-Bit