| |
| |||||||
Log-Analyse und Auswertung: Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware ProblemWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
13.08.2015, 14:54
| #1 |
 |  Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem Hallo, seit ich vor einigen Tagen den Upgrade auf Win 10 durchgeführt habe, ist mir aufgefallen, dass im Taskmanager system.exe eine ständige Auslastung des Arbeitsspeichers mit 50-60% aufweist. Der Rechner ist allgemein sehr langsam und stockt immer wieder mal so, dass kaum noch etwas geht. Hin und wieder lässt er sich nicht runter fahren, das ist aber nicht bei jedem Versuch so. Darüber hinaus habe ich mir offensichtlich lästige Adware eingefangen, die beim Öffnen von neuen Tabs in Chrome einen zusätzlichen Tab mit Werbung öffnet. Scans mit Avira und Malwarebytes haben keine Ergebnisse geliefert. Die Schritte mit defogger und FRST waren kein Problem, allerdings konnte ich mit GMER keinen vollständigen Scan durchführen. Ich habe alle angegebenen Schritte exakt durchgeführt. Beim ersten Suchlauf erhielt ich einen Bluescreen, danach habe ich die Checkbox "Devices" deaktiviert, aber erneut Bluescreen. Auch das Ausführen im abgesicherten Modus führte zu einem Bluescreen. Darüber hinaus bekam ich beim Start von GMER die Fehlermeldung C:\WINDOWS\system32\config\system: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. FRST.txt musste ich leider anhängen, weil zu groß. Wenn das falsch war, tut es mir leid, dann bitte andere Anweisung. Addition.txt Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:12-08-2015
durchgeführt von Kris (2015-08-13 13:54:50)
Gestartet von C:\Users\Kris\Desktop
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2324392281-2098655948-2250387561-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2324392281-2098655948-2250387561-503 - Limited - Disabled)
Gast (S-1-5-21-2324392281-2098655948-2250387561-501 - Limited - Disabled) => C:\Users\Gast
Kris (S-1-5-21-2324392281-2098655948-2250387561-1002 - Administrator - Enabled) => C:\Users\Kris
UpdatusUser (S-1-5-21-2324392281-2098655948-2250387561-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adguard (HKLM-x32\...\{4188c793-ec87-4895-a722-e6fe841ca851}) (Version: 5.10.2010.6262 - Insoft LLC)
Adguard (x32 Version: 5.10.2051.6368 - Performix LLC) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.293 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
AllShare Framework DMS (HKLM\...\{83232C27-8C3F-44A5-9EB2-BB7161228ADD}) (Version: 1.3.23 - Samsung)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.2 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.8 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.0.4 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.5 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0004 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.4 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.26 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.9.120 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.10.168 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0022 - ASUS)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 3.8.5187 - DsNET Corp)
aTube Catcher Version 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avira (HKLM-x32\...\{a5e00a72-db4a-4f77-8874-d1265b8fcd7e}) (Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.408 - Avira Operations GmbH & Co. KG)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brütal Legend (HKLM-x32\...\Steam App 225260) (Version: - )
Canon MX350 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX350_series) (Version: - )
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.1.3868 - CDBurnerXP)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05160 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05160 - Cisco Systems, Inc.) Hidden
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version: - Colossal Order Ltd.)
Citrix Online Launcher (HKLM-x32\...\{6740FE60-43C1-4D15-8C4A-001624134B14}) (Version: 1.0.312 - Citrix)
CloudApp for Windows (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\Uploadinator) (Version: 3.0.0-dev - CloudApp)
CloudApp for Windows (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Uploadinator) (Version: 3.0.0-dev - CloudApp)
CloudApp for Windows (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Uploadinator) (Version: 3.0.0-dev - CloudApp)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\CopyTrans Suite) (Version: 3.003 - WindSolutions)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\CopyTrans Suite) (Version: 3.003 - WindSolutions)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\CopyTrans Suite) (Version: 3.003 - WindSolutions)
CyberLink LabelPrint 2.5 (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5415 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.2914 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dropbox (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\Dropbox) (Version: 3.8.6 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 3.8.6 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Dropbox) (Version: 3.8.6 - Dropbox, Inc.)
Ekahau HeatMapper (HKLM\...\Heatmapper-1.1.4.39795) (Version: 1.1.4.39795 - Ekahau Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Fable III (HKLM-x32\...\Steam App 105400) (Version: - )
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free to Play (HKLM-x32\...\Steam App 245550) (Version: - Valve)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
GoToMeeting 7.2.4.3164 (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\GoToMeeting) (Version: 7.2.4.3164 - CitrixOnline)
GoToMeeting 7.2.4.3215 (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\GoToMeeting) (Version: 7.2.4.3215 - CitrixOnline)
GoToMeeting 7.2.4.3215 (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\GoToMeeting) (Version: 7.2.4.3215 - CitrixOnline)
Hippsoft hsWebCam 1.09.0000 (HKLM-x32\...\Hippsoft hsWebCam_is1) (Version: 1.09.0000 - Hippsoft)
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
ICQ7M (HKLM-x32\...\{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}) (Version: 7.8 - ICQ)
Inquisit 4 Web Player (HKLM\...\{E8620E4B-8567-4E07-8CDB-8432054BD5B2}) (Version: 4.0.8.0 - Millisecond Software)
inSSIDer 3 (HKLM-x32\...\{A80CEA4E-74C1-4F9F-806B-E1D9AFC01768}) (Version: 3.0.7.48 - MetaGeek, LLC)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
K-Lite Codec Pack 9.3.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.3.0 - )
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
MAGIX Video deluxe 2015 Premium (HKLM\...\MX.{EAC79752-A0A4-45DB-9F99-9F6445920F77}) (Version: 14.0.0.140 - MAGIX Software GmbH)
MAGIX Video deluxe 2015 Premium (Version: 14.0.0.140 - MAGIX Software GmbH) Hidden
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\OneDriveSetup.exe) (Version: 17.0.4041.0512 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\OneDriveSetup.exe) (Version: 17.0.4041.0512 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\OneDriveSetup.exe) (Version: 17.0.4041.0512 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.312.1 - Tracker Software Products Ltd)
Photobucket Desktop (HKLM-x32\...\{D0916F1D-236D-4B9A-BCEA-F535444DCA41}) (Version: 1.0.3.1552 - Photobucket)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version: - Sony Online Entertainment)
Plants vs. Zombies: Game of the Year (HKLM-x32\...\Steam App 3590) (Version: - PopCap)
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.6 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung Link 1.8.0.1403131552 (HKLM\...\8474-7877-9059-0204) (Version: 1.8.0.1403131552 - Copyright 2013 SAMSUNG)
Scanned Text Editor 1 (HKLM-x32\...\Scanned Text Editor 1) (Version: - )
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skillstraining für Borderline-Patienten, 2. Auflage (HKLM-x32\...\com.mmm.app.schattauer.skillstraining2) (Version: 2.0.17 - Schattauer GmbH)
Skillstraining für Borderline-Patienten, 2. Auflage (x32 Version: 2.0.17 - Schattauer GmbH) Hidden
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\Spotify) (Version: 1.0.11.134.ga37df67b - Spotify AB)
Spotify (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Spotify) (Version: 1.0.11.134.ga37df67b - Spotify AB)
Spotify (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Spotify) (Version: 1.0.11.134.ga37df67b - Spotify AB)
Spotydl 0.8.5 (HKLM-x32\...\Spotydl_is1) (Version: 0.8.5 - spotydl.com)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version: - )
Telegram Desktop version 0.8.48 (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.8.48 - Telegram Messenger LLP)
Telegram Desktop version 0.8.48 (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.8.48 - Telegram Messenger LLP)
Telegram Desktop version 0.8.48 (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.8.48 - Telegram Messenger LLP)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - )
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version: - )
Torchlight II (HKLM-x32\...\Steam App 200710) (Version: - Runic Games)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows-Treiberpaket - ASUS (ATP) Mouse (06/17/2015 1.0.0.262) (HKLM\...\14588A15B66655338DBCC021FFA81E31DC281859) (Version: 06/17/2015 1.0.0.262 - ASUS)
Windows-Treiberpaket - ASUS (ATP) Mouse (10/29/2012 1.0.0.148) (HKLM\...\C01F56FBD9B141017E63E2A1A141E59934D4DC67) (Version: 10/29/2012 1.0.0.148 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
WinRAR 5.11 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version: - Yahoo Inc.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Kris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1B}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Kris\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
==================== Wiederherstellungspunkte =========================
08-08-2015 12:18:30 Windows Update
08-08-2015 12:19:05 Windows Update
11-08-2015 14:55:19 Windows Update
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation)
Task: {031E4AB1-2202-4FAD-A5CE-88DCFD6FDE18} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-12] (Microsoft Corporation)
Task: {0A4DE283-A99E-41A5-B6EF-AEB919898071} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation)
Task: {0E19CB89-16F9-4A09-AA59-AF0DD52B8223} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2324392281-2098655948-2250387561-1002Core => C:\Users\Kris\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)
Task: {104796B1-AA38-4828-A53F-F124CF3EA43C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-26] (Google Inc.)
Task: {1641F54C-1E57-4902-AB65-EE2B65E5629D} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {1D3D099E-EE1E-4907-8BA2-BA8F12D11AA6} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe [2015-07-10] (Microsoft Corporation)
Task: {1D4CB878-79AC-41F5-9ADC-97ADFD7FBE30} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {1D647E6B-35A0-45DF-AFC0-A802D7EFDD50} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {2512C62A-D7BC-464C-A742-101BE9CCBB02} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2324392281-2098655948-2250387561-1002UA => C:\Users\Kris\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)
Task: {25E13BFD-1972-4FC1-8330-D28CA3DBBAC1} - System32\Tasks\Microsoft\Windows\RetailDemo\CleanupOfflineContent
Task: {2669C6B7-8F72-4023-AA16-74D4F82B6E3A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval => C:\WINDOWS\system32\MusNotification.exe [2015-08-07] (Microsoft Corporation)
Task: {2C97A00A-1C5C-4318-B5CC-8A1A126B77F9} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask
Task: {2E7C2783-C630-4450-92B0-5D148FAB3F6D} - \The weDownload Manager-codedownloader -> Keine Datei <==== ACHTUNG
Task: {335AC3E0-51C3-408A-BD1D-6BF68F3AE245} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2015-04-26] (Apple Inc.)
Task: {3B5663D5-6339-4CBB-993F-812FDA19C5FC} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {3E80D279-51A5-4492-A52E-97400C42A5EE} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => C:\WINDOWS\system32\MusNotification.exe [2015-08-07] (Microsoft Corporation)
Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation)
Task: {43A92C06-5743-42FE-82D8-78F84BF269AA} - System32\Tasks\{4F236E2E-E3E7-4127-B77B-21F7F0B81AE2} => pcalua.exe -a C:\Users\Kris\Desktop\Downloads\scannedtxttrial.exe -d C:\Users\Kris\Desktop\Downloads
Task: {4454A8D0-2E4E-4A02-BF67-48DF6A7BFAB4} - System32\Tasks\Microsoft\Windows\Maps\MapsUpdateTask
Task: {474C979C-BD7C-44D6-BDD4-FB921C923250} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2324392281-2098655948-2250387561-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-07-27] (RealNetworks, Inc.)
Task: {51DD2E45-7CED-43FF-AD4D-1014E02F1DAB} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {5836D188-3464-44C3-899A-652A1AF32914} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-07-28] (AsusTek)
Task: {5D6FA184-23BA-40D8-8F70-8F1E9B0B251F} - System32\Tasks\{0E97361A-FDEE-49EC-90E5-8F380571B6BA} => Chrome.exe hxxp://ui.skype.com/ui/0/6.6.73.106.456/de/abandoninstall?page=tsProgressBar
Task: {5E5515C1-7D87-4904-B9CE-FD29EB2ADB72} - System32\Tasks\Microsoft\Windows\Sysmain\ResPriStaticDbSync
Task: {611C823C-437B-46E7-9683-5312DFFCFD7B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {65A9439B-C3B9-41DF-8CD3-00E534099737} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {66A08F4A-DFA8-4E7B-95ED-A104DFF17ADB} - \The weDownload Manager-enabler -> Keine Datei <==== ACHTUNG
Task: {68ECC007-5FD7-4103-9B31-3B2B9687674E} - System32\Tasks\Amazon Music Helper => C:\Users\Kris\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
Task: {697D23FF-67B3-4813-9529-6A93F5889B03} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-26] (Google Inc.)
Task: {6CF900C3-5515-44F6-A238-CB7167274D8E} - System32\Tasks\simplitec Service Provider => C:\Program Files (x86)\simplitec\simpliclean\ServiceProvider.exe
Task: {711EE2F9-A611-4773-AF8E-D4B278A6718D} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask
Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {744C9FEA-08B7-43E1-A729-0F94647D655C} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance
Task: {7A003965-A297-4DC6-B15B-852D798391E0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => C:\WINDOWS\system32\MusNotification.exe [2015-08-07] (Microsoft Corporation)
Task: {7F930D11-DD77-4A64-8EA7-09BBAB9E8B72} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {848DCC36-520C-4946-BF68-C7EFFEFA2F84} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot => C:\windows\system32\MusNotification.exe [2015-08-07] (Microsoft Corporation)
Task: {87669080-A729-46E0-AB6F-0A607F58611F} - System32\Tasks\{BF8034A5-5417-4372-B7B4-0A6F3B7AD8CE} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.73.105.457/de/abandoninstall?page=tsWLM
Task: {8A7D77A7-F103-4707-9AD4-CA90F85F1BB4} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-07-28] (AsusTek)
Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-08-07] (Microsoft Corporation)
Task: {8F767A30-3ED2-4C8B-ABEE-431F052B5EC3} - System32\Tasks\simplitec Power Suite => C:\Program Files (x86)\simplitec\simpliclean\PowerSuite.exe
Task: {953EF5EF-CBAD-44EA-B725-EA022DEC73EE} - \The weDownload Manager-firefoxinstaller -> Keine Datei <==== ACHTUNG
Task: {9B4FB267-A58C-48F9-8CA6-3E95F6670A94} - \The weDownload Manager-chromeinstaller -> Keine Datei <==== ACHTUNG
Task: {A364E297-00AD-490D-900E-22AC34598C71} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {A725B55C-71A1-4AF4-B04F-603E0905DBFF} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2324392281-2098655948-2250387561-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-07-27] (RealNetworks, Inc.)
Task: {AA30BCC5-0991-41B7-9BCF-1184E58B5952} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {AC29E64E-3271-47BA-B8F1-914523CF379B} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Automatic App Update
Task: {B5FFEBFC-4368-4CE8-8F44-72131E1ED87D} - System32\Tasks\G2MUpdateTask-S-1-5-21-2324392281-2098655948-2250387561-1002 => C:\Users\Kris\AppData\Local\Citrix\GoToMeeting\3215\g2mupdate.exe [2015-08-12] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {B73EB68E-D0AF-4FD7-9FC7-D4F80A769356} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-07-25] (ASUSTeK Computer Inc.)
Task: {B9B36D41-C776-424E-9A13-5387E17A2CEB} - System32\Tasks\Microsoft\Windows\WCM\WiFiTask => C:\Windows\System32\WiFiTask.exe [2015-07-10] (Microsoft Corporation)
Task: {BE9AB3C9-9786-4891-802A-B118CB1D708D} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2015-07-10] (Microsoft Corporation)
Task: {BFE1EFD0-042E-44CD-B930-6F585689AFFB} - \The weDownload Manager-updater -> Keine Datei <==== ACHTUNG
Task: {C2162702-FFEB-48C0-AA5F-2DA3A8887D61} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Installation
Task: {C385AEB4-2DA1-4ABA-824A-4E56A5A5F46A} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2324392281-2098655948-2250387561-1002 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe
Task: {C52CFDDE-F5EE-45FD-BA0F-3A62B0DA4470} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation)
Task: {D0B65B83-FDF8-4E32-8562-5999857EFA34} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {D2401052-A382-42DE-9C79-D1CF3563F654} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation
Task: {D5CD22C4-ACB4-4480-B9F6-57F4B6B759E2} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {DAF2BAE3-1C5B-4CB5-9F62-0911C031A15A} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics => C:\Windows\system32\disksnapshot.exe [2015-07-10] (Microsoft Corporation)
Task: {DE55E63E-2764-443C-AB91-4D7ABBD53464} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {DF3F8739-9A7B-4207-876F-3B7E9FFBFBE1} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-07-24] (ASUSTek Computer Inc.)
Task: {E054E324-49DD-4C98-9725-29C93074148A} - System32\Tasks\G2MUploadTask-S-1-5-21-2324392281-2098655948-2250387561-1002 => C:\Users\Kris\AppData\Local\Citrix\GoToMeeting\3215\g2mupload.exe [2015-08-12] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {E526415F-E5FC-4817-8093-017C035B2AF8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {EA3F661E-B31C-44A9-B40C-E3D5D56149D4} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display => C:\windows\system32\MusNotification.exe [2015-08-07] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2324392281-2098655948-2250387561-1002Core.job => C:\Users\Kris\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2324392281-2098655948-2250387561-1002UA.job => C:\Users\Kris\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2324392281-2098655948-2250387561-1002.job => 0x000A0100C0F7C7A81FA7D94FB9DF62F7B0FF13EE46000C02000000003C000A00200000000014730F000000000013040000208021DF07080004000D000D000800000015000000420043003A005C00550073006500720073005C004B007200690073005C0041007000700044006100740061005C004C006F00630061006C005C004300690074007200690078005C0047006F0054006F004D0065006500740069006E0067005C0033003200310035005C00670032006D007500700064006100740065002E0065007800650000000000340043003A005C00550073006500720073005C004B007200690073005C0041007000700044006100740061005C004C006F00630061006C005C004300690074007200690078005C0047006F0054006F004D0065006500740069006E0067005C00330032003100350000000E004D005500450045004D005500490049005C004B00720069007300000054004B006500650070007300200047006F0054006F004D0065006500740069006E006700200075007000200074006F00200064006100740065002E002000540068006900730020007400610073006B002000690073002000720065006D006F0076006500640020007700680065006E00200047006F0054006F004D0065006500740069006E006700200069007300200075006E0069006E007300740061006C006C00650064002E000000000008000000000000000000010030000000DF0708000C00000000000000170008009F0500003C0000000000000001000000010000000000000000000000
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2324392281-2098655948-2250387561-1002.job => 0x000A0100578B22E38E053F40BABCDCE56665993F46006C02000000003C000A00200000000014730F000000000013040000208021DF07080004000D000D002400000016000000420043003A005C00550073006500720073005C004B007200690073005C0041007000700044006100740061005C004C006F00630061006C005C004300690074007200690078005C0047006F0054006F004D0065006500740069006E0067005C0033003200310035005C00670032006D00750070006C006F00610064002E0065007800650000000000340043003A005C00550073006500720073005C004B007200690073005C0041007000700044006100740061005C004C006F00630061006C005C004300690074007200690078005C0047006F0054006F004D0065006500740069006E0067005C00330032003100350000000E004D005500450045004D005500490049005C004B0072006900730000008400550070006C006F00610064007300200064006900610067006E006F007300740069006300200069006E0066006F002000700072006500760069006F00750073006C00790020007200650063006F007200640065006400200062007900200047006F0054006F004D0065006500740069006E00670020007700690074006800200079006F0075007200200063006F006E00730065006E0074002E002000540068006900730020007400610073006B002000690073002000720065006D006F0076006500640020007700680065006E00200047006F0054006F004D0065006500740069006E006700200069007300200075006E0069006E007300740061006C006C00650064002E000000000008000000000000000000010030000000DF0708000C00000000000000170024009F050000780000000000000001000000010000000000000000000000
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\simplitec Power Suite.job => C:\Program Files (x86)\simplitec\simpliclean\PowerSuite.exe
Task: C:\WINDOWS\Tasks\simplitec Service Provider.job => C:\Program Files (x86)\simplitec\simpliclean\ServiceProvider.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-08-07 21:52 - 2015-08-07 21:52 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-07-13 20:45 - 2015-07-13 20:45 - 00011920 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-08-07 21:04 - 2015-07-13 19:37 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00403968 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-02-13 05:20 - 2015-02-13 05:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-08 12:18 - 2015-07-30 08:05 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-08 12:18 - 2015-07-30 08:05 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-08-08 12:18 - 2015-08-02 03:37 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 13:00 - 2015-07-10 18:45 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-08 12:18 - 2015-08-02 03:34 - 01806848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-08 12:18 - 2015-08-02 03:35 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2012-08-24 18:26 - 2012-08-24 18:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00642048 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2015-08-08 12:29 - 2015-08-08 12:29 - 07824896 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.8.3.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2015-08-08 12:29 - 2015-08-08 12:29 - 02062336 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.8.3.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2014-03-12 22:53 - 2014-03-12 22:53 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2015-07-03 20:00 - 2015-07-03 20:00 - 01406672 _____ () C:\Program Files (x86)\Adguard\AdguardNetApi.DLL
2015-06-03 16:07 - 2015-06-03 16:07 - 00128720 _____ () C:\Program Files (x86)\Adguard\AdguardNetLib.DLL
2013-12-11 17:46 - 2013-12-11 17:46 - 01114624 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DMSManager.dll
2013-10-24 17:53 - 2013-10-24 17:53 - 00107008 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMCDP.dll
2013-10-22 10:48 - 2013-10-22 10:48 - 00707072 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ContentDirectoryPresenter.dll
2013-12-11 17:46 - 2013-12-11 17:46 - 00102400 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\FolderCDP.dll
2013-04-19 17:38 - 2013-04-19 17:38 - 00055808 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RosettaAllShare.dll
2013-10-24 17:53 - 2013-10-24 17:53 - 00032768 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\Autobackup.dll
2013-07-23 20:18 - 2013-07-23 20:18 - 00227840 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_serialization-vc90-mt-1_47.dll
2013-07-23 20:18 - 2013-07-23 20:18 - 00038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_date_time-vc90-mt-1_47.dll
2013-07-23 20:18 - 2013-07-23 20:18 - 00012800 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_system-vc90-mt-1_47.dll
2013-07-23 20:18 - 2013-07-23 20:18 - 00046592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_thread-vc90-mt-1_47.dll
2013-12-11 17:46 - 2013-12-11 17:46 - 00077312 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MetadataFramework.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00520234 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\sqlite3.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 05717504 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMImgExtractor.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00028672 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AutoChaptering.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00450560 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MoodExtractor.dll
2013-10-25 20:49 - 2013-10-25 20:49 - 00028160 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AudioExtractor.dll
2013-10-25 20:53 - 2013-10-25 20:53 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageExtractor.dll
2013-12-11 17:45 - 2013-12-11 17:45 - 00017920 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoExtractor.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\TextExtractor.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00147456 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexpat.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoThumb.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00064000 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ID3Driver.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\photoDriver.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00023040 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RichInfoDriver.dll
2013-10-25 20:53 - 2013-10-25 20:53 - 00117248 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ThumbnailMaker.dll
2013-12-11 17:45 - 2013-12-11 17:45 - 00134144 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoMetadataDriver.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\SECMetaDriver.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 04671488 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avcodec-52.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00686080 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avformat-52.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00070656 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avutil-50.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00152064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\swscale-0.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00366592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\tag.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00289792 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libThumbnail.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00399826 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexif-12.dll.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00290816 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libKeyFrame.dll
2013-10-25 20:53 - 2013-10-25 20:53 - 01033728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageMagickWrapper.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00044032 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\us.dll
2012-08-24 18:17 - 2012-08-24 18:17 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2015-07-13 20:45 - 2015-07-13 20:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2015-05-15 16:27 - 2015-05-15 16:27 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-11 21:06 - 2015-08-11 21:06 - 00071168 _____ () c:\users\kris\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmobeht.dll
2015-03-04 23:45 - 2015-08-05 22:49 - 00012800 _____ () C:\Users\Kris\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 23:45 - 2015-08-05 22:49 - 00779776 _____ () C:\Users\Kris\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-08-03 12:46 - 2015-08-05 22:49 - 00056320 _____ () C:\Users\Kris\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-04 23:45 - 2015-08-05 22:49 - 00012288 _____ () C:\Users\Kris\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2011-03-09 14:21 - 2011-03-09 14:21 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2011-03-09 14:21 - 2011-03-09 14:21 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2015-08-06 13:41 - 2015-07-31 08:19 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\libglesv2.dll
2015-08-06 13:41 - 2015-07-31 08:19 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\libegl.dll
2012-10-13 11:38 - 2012-06-25 04:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-02-05 22:57 - 2013-02-05 22:57 - 00282112 _____ () C:\Program Files (x86)\Windows Live\Writer\de\WindowsLive.Writer.Localization.resources.dll
2015-03-14 18:16 - 2015-08-07 15:35 - 45066808 _____ () C:\Users\Kris\AppData\Roaming\Spotify\libcef.dll
2015-03-14 18:16 - 2015-08-07 15:35 - 01649208 _____ () C:\Users\Kris\AppData\Roaming\Spotify\libglesv2.dll
2015-03-14 18:16 - 2015-08-07 15:35 - 00080952 _____ () C:\Users\Kris\AppData\Roaming\Spotify\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Kris\Cookies:gs5sys
AlternateDataStreams: C:\Users\Kris\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Kris\Desktop\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\Kris\AppData\Local\Verlauf:gs5sys
AlternateDataStreams: C:\Users\Kris\Documents\desktop.ini:gs5sys
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\sony.com -> sony.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\123simsen.com -> www.123simsen.com
Da befinden sich 7777 mehr eingeschränkte Seiten.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2324392281-2098655948-2250387561-1001\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-2324392281-2098655948-2250387561-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-2324392281-2098655948-2250387561-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Kris\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\v5oltkqa.jpg
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Kris\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\v5oltkqa.jpg
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> C:\Users\Kris\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\v5oltkqa.jpg
HKU\S-1-5-21-2324392281-2098655948-2250387561-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg
HKU\S-1-5-21-2324392281-2098655948-2250387561-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg
DNS Servers: 192.168.0.1 - 192.168.0.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run: => "Samsung Link"
HKLM\...\StartupApproved\Run32: => "CStart8"
HKLM\...\StartupApproved\Run32: => "ApnTBMon"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\StartupApproved\Run: => "ICQ"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\StartupApproved\Run: => "SkyDrive"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\StartupApproved\Run: => "Pando Media Booster"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\StartupApproved\Run: => "Power2GoExpress"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\StartupApproved\Run: => "Amazon Cloud Player"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "ICQ"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "SkyDrive"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Pando Media Booster"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Power2GoExpress"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Amazon Cloud Player"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "ICQ"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "SkyDrive"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Pando Media Booster"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Power2GoExpress"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Amazon Cloud Player"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{B963D4E8-0596-49D1-A17A-ACE5734B9858}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [UDP Query User{4E7DD128-BD29-4140-8575-F4C37FCA0B96}C:\users\kris\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\kris\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{843576DE-923C-49A9-9C64-51CF9A45D14F}C:\users\kris\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\kris\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{6858DCA9-F18B-4022-ADD5-88AB08456E60}] => (Allow) C:\Users\Kris\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{1AA0B9B5-2B86-440C-B709-4B84BF7A062D}] => (Allow) C:\Users\Kris\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{619E8464-2A1B-4D50-B676-AE96A3A7BDC9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{84923353-FA41-40E1-85A2-14627F0561E3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{85ADBE5A-98B8-4C05-A38F-0162D646A2F6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0B495A10-A142-4643-B4B9-9482AA19202E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{542FBC9B-8A81-45F5-9F2E-BEBCB7B6FAB1}] => (Allow) C:\Program Files (x86)\Adguard\AdguardSvc.exe
FirewallRules: [{B5F4FD65-3272-4F2D-90A0-0810E1E55D76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{48FB5237-8178-453C-B6B9-8C6C1290C3E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{6871A71D-86AA-401D-89C9-9D9BED287A8D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{6D2B4719-30D1-4C15-B073-59263C2B7953}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{FB31179E-19B7-4987-B044-5DAB937DF954}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BB5AADD4-996F-4B75-A1BC-8307C1AAE95D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1CAD0C6E-4DCE-477A-BA20-B02D31577B5F}] => (Allow) C:\Program Files\MAGIX\Video deluxe 2015 Premium\Videodeluxe.exe
FirewallRules: [{6F17D50A-38E9-4079-A231-D29777D0AE29}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{0A95BAA1-91E5-4D14-8FCA-08A618D2AA21}] => (Allow) LPort=1900
FirewallRules: [{BC2AB512-A737-452F-9877-253EFDB51726}] => (Allow) LPort=2869
FirewallRules: [{74D988F6-1ED1-4C33-B4CF-134AC5882BD4}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B6CD84DF-C4CC-4A88-900E-4FAF3499915C}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{5FFBD1C5-8DFD-456C-B898-D7155D08EA87}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{22CDEB52-072B-4737-ADAE-373C1DB83F9C}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{4CEF2C69-2BBE-4E2D-889D-501DD7BDBAD7}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{D4EF1230-78BD-4676-8F27-AED533C5E147}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{FEF113D8-F5DE-434C-80BE-A188A1ED59E2}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{9A8E6A3B-47B8-4B2E-ACAA-82C04C44A922}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{EFB540E7-5534-4738-AD62-6E76C691F19F}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [UDP Query User{50EF2ABC-F030-48CB-8F31-5AFFF8A05D21}C:\users\kris\desktop\my mobile\mymobiler\mymobiler.exe] => (Allow) C:\users\kris\desktop\my mobile\mymobiler\mymobiler.exe
FirewallRules: [TCP Query User{59420389-29C1-4656-8B43-90A7CC7D414D}C:\users\kris\desktop\my mobile\mymobiler\mymobiler.exe] => (Allow) C:\users\kris\desktop\my mobile\mymobiler\mymobiler.exe
FirewallRules: [{4F055D11-68A8-412B-B530-C366E3FAB015}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{FE5A6458-0FB7-4275-B9D7-60D567A1F391}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{0BD90C11-BF3D-44EC-A4A2-E918DB5A2BFB}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{FFE4DD29-B178-4C15-96BE-A63A900F2E69}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{3D9C31FF-290A-4AAC-9577-436FCE4522F3}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{FB767992-495F-433D-9BEE-000EEB8A2AEE}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{721A160E-E27E-40CE-8313-1653BBF27600}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{14A7C010-7E3C-410D-9FCE-4F52B012E927}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{FC41E34E-F42E-4CE1-B3EA-9B0F3BB12575}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{165BA8A6-E9A1-456E-BAC7-3D90AE1221AC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{0F66E732-F6B9-4E6D-AD0A-ED5A18CFD265}] => (Allow) C:\Users\Kris\Desktop\Steam.exe
FirewallRules: [{3D2ED212-BFFB-470C-A088-3B30FCBF4D82}] => (Allow) C:\Users\Kris\Desktop\Steam.exe
FirewallRules: [{1BD39CED-79E1-4EC7-A850-F08D152FBA36}] => (Allow) C:\Program Files (x86)\ICQ7M\ICQ.exe
FirewallRules: [{D98B604D-3142-4FF6-B06E-A627B133F2A0}] => (Allow) C:\Program Files (x86)\ICQ7M\ICQ.exe
FirewallRules: [{E0DFE5FA-3D0B-4927-B0EC-D13D1759C56D}] => (Allow) C:\Program Files (x86)\ICQ7M\ICQ.exe
FirewallRules: [{8BD34831-1DAF-4247-BDE1-A1D9382771B7}] => (Allow) C:\Program Files (x86)\ICQ7M\ICQ.exe
FirewallRules: [{1EE74EFD-C683-4D18-AE66-CE3ACB5BA4E5}] => (Allow) C:\Program Files (x86)\ICQ7M\ICQ.exe
FirewallRules: [{F9086F40-8CB7-46DC-A4E8-708871CD64A4}] => (Allow) C:\Program Files (x86)\ICQ7M\ICQ.exe
FirewallRules: [{C22271DE-228F-424E-A830-1693AE84ABD8}] => (Allow) C:\Users\Kris\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{CC8CE6E5-CC87-41A6-9486-F5C4A3644911}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{E059CE8F-ACBB-461D-9459-219D3698BF21}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{27DBFE4D-2861-41DA-A67D-D2F1FFAF6E6D}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{74F15513-63CD-493C-AF6B-9B85F20275E4}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{9F7D7D97-1C28-437E-BAF1-4B6C0FA6B0EE}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{9D6BA3FA-8390-4230-B639-0DC4E36E54D8}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [TCP Query User{2EEEB531-80FC-4709-9080-B93426F22E1F}C:\users\kris\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kris\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{72F6B3F3-563D-4291-AC38-51258375973D}C:\users\kris\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kris\appdata\roaming\spotify\spotify.exe
FirewallRules: [{27CACAA6-2EB6-42A6-AA74-4AC069C70A08}] => (Allow) C:\Users\Kris\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{C9D05B5F-3F5D-483E-B4A3-F4D441453F5E}] => (Allow) C:\Users\Kris\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{676D4C05-A020-4A67-BE87-A8BC8593B412}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0317FB8D-1A6D-4968-B06A-F19012A58BF3}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{7506BC7C-CF6C-4FCD-8FD3-B817CB2267A2}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{845F72AF-62B1-4EFF-BB87-44FA277E8A84}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.09\AllShareFrameworkDMS.exe
FirewallRules: [{8A0C58DF-0547-40A4-835F-171AA37E4E26}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.09\AllShareFrameworkDMS.exe
FirewallRules: [{A9BFFA9A-B660-4CDC-8F64-6342C6345D25}] => (Allow) LPort=8743
FirewallRules: [{3409EF46-2AF6-47BC-892B-54F4436AAA0F}] => (Allow) LPort=8643
FirewallRules: [{118505E1-A12A-4882-9643-0B424B7A07DD}] => (Allow) LPort=7676
FirewallRules: [{2727D636-2AFD-46F4-9EFC-FADBA3B3A305}] => (Allow) LPort=7679
FirewallRules: [{22EF1AAA-2526-4122-87A6-A5A3024BDE33}] => (Allow) LPort=24234
FirewallRules: [{A93F4ADE-E8A2-4D75-BE4C-148D45440E00}] => (Allow) LPort=7900
FirewallRules: [{1E7EA12A-D424-49AB-A150-083835984C42}] => (Allow) LPort=1900
FirewallRules: [{7E1FA767-8BF1-4B44-BFC2-8C2E18E74F09}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{C8D8FD9F-74C7-475C-9CC3-4A664D175EC6}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{169052D1-C4E8-46FD-AA94-6E46B907786E}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{7B0B2083-1D08-4FC3-9175-1DD14830A7DF}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{C88C9C53-41EF-4565-9145-7D7F22AD7520}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.15\AllShareFrameworkDMS.exe
FirewallRules: [{938F67F6-220B-4C8F-BB85-F8D23390394B}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.15\AllShareFrameworkDMS.exe
FirewallRules: [{D3810960-10D3-46B6-A4AE-F91DA39AE033}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{B71FE656-06B6-4D87-B8B7-2375D234AD2B}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{D1E2F964-7612-445A-BA4C-F7D45246D0A0}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{99B93DA0-9ACC-4B51-92CA-FCF7865A8219}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{5026BBEB-B474-4494-8CED-1A59C61BE372}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\AllShareFrameworkDMS.exe
FirewallRules: [{66C3F60F-5D46-420B-9CB7-46B59A9527E6}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\AllShareFrameworkDMS.exe
FirewallRules: [{8C45E5D4-21C1-465A-AD66-884CA137B78B}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{29EB4D36-0172-4367-AD72-AEB9CF454450}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{B8B5F145-4279-4843-A0FE-A52E848EF6F2}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{5B1B44FB-53E8-453C-BD99-26FD88DA4A8D}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{20481332-1393-41F1-B5CD-AC79EF294872}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\AllShareFrameworkDMS.exe
FirewallRules: [{F211526D-D90B-4EC9-ACCC-AC5252970E1E}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\AllShareFrameworkDMS.exe
FirewallRules: [{E7B83BD5-8527-470C-AE2B-E43BDBA84097}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{8987667C-BA27-47D2-BBCF-E7E0A5BBC79C}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{A219F493-C0F8-45BA-ACDA-FB68C06294EC}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{8331FE32-8F6A-4439-9264-46B53445B7C5}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{0B81803D-8FCF-4664-8841-87E948561EC5}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.20\AllShareFrameworkDMS.exe
FirewallRules: [{E93AC718-F501-44DC-98AB-27C1911C18AF}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.20\AllShareFrameworkDMS.exe
FirewallRules: [{9380331E-FCC2-49B3-AECA-C9AAA829D082}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{3EDAF441-01AC-4524-B741-5B64470FD09D}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{C99126D8-4683-48C0-B469-665369767333}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{1475E550-DD21-4272-8D35-01421407E95A}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{470E08A3-9031-4593-843C-1181C39B423C}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.21\AllShareFrameworkDMS.exe
FirewallRules: [{50EB759D-3CC8-4FB2-980D-E769C147C835}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.21\AllShareFrameworkDMS.exe
FirewallRules: [{B460C516-6A48-4C64-85B2-C49F62C7B825}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/13/2015 03:31:41 AM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (5748) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
Error: (08/13/2015 03:31:41 AM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (5748) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.
Error: (08/13/2015 03:31:31 AM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (5748) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
Error: (08/13/2015 03:31:31 AM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (5748) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.
Error: (08/13/2015 03:31:21 AM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (5748) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
Error: (08/13/2015 03:31:21 AM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (5748) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.
Error: (08/13/2015 03:31:10 AM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (5748) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
Error: (08/13/2015 03:31:10 AM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (5748) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.
Error: (08/13/2015 03:31:00 AM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (5748) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
Error: (08/13/2015 03:31:00 AM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (5748) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.
Systemfehler:
=============
Error: (08/13/2015 01:29:38 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {BFE18E9C-6D87-4450-B37C-E02F0B373803}
Error: (08/12/2015 05:13:40 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246013 fehlgeschlagen: ASUS driver update for Asus Support Device
Error: (08/12/2015 04:17:55 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {BFE18E9C-6D87-4450-B37C-E02F0B373803}
Error: (08/12/2015 11:12:06 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {BFE18E9C-6D87-4450-B37C-E02F0B373803}
Error: (08/11/2015 10:23:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Samsung Link Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/11/2015 09:55:29 PM) (Source: DCOM) (EventID: 10010) (User: MUEEMUII)
Description: CortanaUI.AppXn73w0hsq3g4wx1h9fhf7q02vw2wta6qc.mca
Error: (08/11/2015 09:25:25 PM) (Source: DCOM) (EventID: 10010) (User: MUEEMUII)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca
Error: (08/11/2015 09:23:25 PM) (Source: DCOM) (EventID: 10010) (User: MUEEMUII)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca
Error: (08/11/2015 09:21:24 PM) (Source: DCOM) (EventID: 10010) (User: MUEEMUII)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca
Error: (08/11/2015 09:19:24 PM) (Source: DCOM) (EventID: 10010) (User: MUEEMUII)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca
Microsoft Office:
=========================
CodeIntegrity:
===================================
Date: 2015-08-08 11:12:57.202
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-08 11:12:57.139
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-08 11:12:57.068
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-08 11:12:57.007
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-08 11:12:56.919
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-08 11:12:56.856
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-08 11:12:56.794
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-08 11:12:56.731
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-08 11:12:56.669
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-08 11:12:56.606
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 62%
Installierter physikalischer RAM: 8069.53 MB
Verfügbarer physikalischer RAM: 3037.45 MB
Summe virtueller Speicher: 12026.51 MB
Verfügbarer virtueller Speicher: 1954.04 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:444.41 GB) (Free:242.34 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive d: (Skillstraining_2) (CDROM) (Total:0.66 GB) (Free:0 GB) CDFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: B2973CD1)
Partition: GPT.
==================== Ende von Ergebnis ============================
Geändert von Itkuraita (13.08.2015 um 14:59 Uhr) |
| Themen zu Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem |
| adware, antivirus, auslastung, avira, bluescreen, computer, excel, feedback, helper, hängen, installation, internet, internet explorer, langsam, onedrive, problem, prozess, registry, rundll, safer networking, server, software, taskmanager, tracker, updates, usb, werbung, win 10, windows, windowsapps, zugriff verweigert |
Baum-Darstellung