Einige Funde mit Malwarebytes

cosinus · 28.10.2019, 10:51

Ich brauche neue FRST-Logs . Haken setzen bei addition.txt dann auf Untersuchen klicken.

Djchaos · 01.11.2019, 10:03

FRST.txt

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:28-07-2015
durchgeführt von Stefanie (Administrator) auf FINN (01-11-2019 09:51:18)
Gestartet von C:\Users\Stefanie\Desktop
Geladene Profile: Stefanie (Verfügbare Profile: Stefanie)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

konnte nicht auf den Prozess zugreifen -> Registry
(Microsoft Corporation) C:\Windows\System32\fontdrvhost.exe
konnte nicht auf den Prozess zugreifen -> Memory Compression
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(Microsoft Corporation) C:\Windows\System32\SecurityHealthService.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Corporation) C:\Windows\System32\SgrmBroker.exe
(Microsoft Corporation) C:\Windows\System32\fontdrvhost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\sihost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\taskhostw.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(Microsoft Corporation) C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe
(TOSHIBA) C:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TDUSrv64.exe
(RedFox) C:\Program Files (x86)\RedFox\CloneCD\CloneCDTray.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1910.4-0\MsMpEng.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1910.4-0\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\ApplicationFrameHost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19101.10711.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17134.1063_none_c3f457ba6965bb0b\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\taskhostw.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [179288 2014-01-05] (TOSHIBA Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\RedFox\CloneCD\CloneCDTray.exe [57344 2016-03-29] (RedFox)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [20488312 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [20488312 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-581088433-320290056-2638895184-1001\...\Run: [OneDrive] => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\OneDrive.exe [1593464 2019-10-25] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Windows\System32\osk.exe [623104 2018-10-21] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Windows\System32\osk.exe [623104 2018-10-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\FileSyncShell.dll [2019-10-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\FileSyncShell.dll [2019-10-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\FileSyncShell.dll [2019-10-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\FileSyncShell.dll [2019-10-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\FileSyncShell.dll [2019-10-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\FileSyncShell.dll [2019-10-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\FileSyncShell.dll [2019-10-25] (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ATTENTION

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-09b708085549b3cc
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-09b708085549b3cc
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-581088433-320290056-2638895184-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-09b708085549b3cc
HKU\S-1-5-21-581088433-320290056-2638895184-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TEJB
HKU\S-1-5-21-581088433-320290056-2638895184-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/symbaloo_c
SearchScopes: HKLM -> DefaultScope {4A7A7036-93FB-4B53-9434-2E9D0BDBBC8E} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-219b8a270528f977&q={searchTerms}
SearchScopes: HKLM -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = 
SearchScopes: HKLM -> {4A7A7036-93FB-4B53-9434-2E9D0BDBBC8E} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-219b8a270528f977&q={searchTerms}
SearchScopes: HKLM -> {bce42d98-b1cd-493f-a64c-107aae7521be} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {4A7A7036-93FB-4B53-9434-2E9D0BDBBC8E} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-219b8a270528f977&q={searchTerms}
SearchScopes: HKLM-x32 -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {4A7A7036-93FB-4B53-9434-2E9D0BDBBC8E} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-219b8a270528f977&q={searchTerms}
SearchScopes: HKLM-x32 -> {bce42d98-b1cd-493f-a64c-107aae7521be} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-581088433-320290056-2638895184-1001 -> DefaultScope {1b31c9d2-7135-442b-bb93-7c002172adc6} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-219b8a270528f977&q={searchTerms}
SearchScopes: HKU\S-1-5-21-581088433-320290056-2638895184-1001 -> {1b31c9d2-7135-442b-bb93-7c002172adc6} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-219b8a270528f977&q={searchTerms}
SearchScopes: HKU\S-1-5-21-581088433-320290056-2638895184-1001 -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-581088433-320290056-2638895184-1001 -> {bce42d98-b1cd-493f-a64c-107aae7521be} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-581088433-320290056-2638895184-1001 -> {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2019-08-20] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2019-10-24] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-10-22] (Microsoft Corporation)
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll [2018-06-08] (Microsoft Corporation)
Handler-x32: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2018-06-08] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{75013482-b294-4535-9c56-b2178f6e757f}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{a516b4d1-81c3-4daa-bf24-f5142955b826}: [DhcpNameServer] 192.168.2.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Stefanie\AppData\Roaming\Mozilla\Firefox\Profiles\h857aa1h.default
FF SelectedSearchEngine: Search Provided by Yahoo
FF DefaultSearchEngine: Search Provided by Yahoo
FF NewTab: about:newtab
FF Homepage: https://www.bing.com/search?FORM=INCOH1&PC=IC04&PTAG=ICO-eb682354
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll No File
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-10-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-02] (Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-02] (Google LLC)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No File
FF user.js: detected! => C:\Users\Stefanie\AppData\Roaming\Mozilla\Firefox\Profiles\h857aa1h.default\user.js [2014-10-20]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
StartMenuInternet: Firefox-308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\firefox.exe

Chrome: 
=======
CHR Profile: C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Slides) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-30]
CHR Extension: (Docs) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-30]
CHR Extension: (Google Drive) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-06-30]
CHR Extension: (YouTube) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-30]
CHR Extension: (Sheets) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-30]
CHR Extension: (Search Selector Beta) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gboaiodgdajeapekadgejlbmabjganof [2019-07-04]
CHR Extension: (Google Docs Offline) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-06-30]
CHR Extension: (Avast Online Security) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-09-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-30]
CHR Extension: (Gmail) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-06-30]
CHR Extension: (Chrome Media Router) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-30]
CHR HKLM\...\Chrome\Extension: [gboaiodgdajeapekadgejlbmabjganof] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-581088433-320290056-2638895184-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gboaiodgdajeapekadgejlbmabjganof] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gboaiodgdajeapekadgejlbmabjganof] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - https://clients2.google.com/service/update2/crx

==================== Services (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AJRouter; C:\Windows\System32\AJRouter.dll [25088 2018-04-12] (Microsoft Corporation)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-03-19] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R3 BTAGService; C:\Windows\System32\BTAGService.dll [514048 2018-11-09] (Microsoft Corporation)
R3 BthAvctpSvc; C:\Windows\System32\BthAvctpSvc.dll [399872 2018-11-09] (Microsoft Corporation)
R3 camsvc; C:\Windows\system32\CapabilityAccessManager.dll [266752 2019-01-09] (Microsoft Corporation)
R2 CDPSvc; C:\Windows\System32\CDPSvc.dll [632320 2018-10-21] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058256 2019-02-13] (Microsoft Corporation)
S3 ClipSVC; C:\Windows\System32\ClipSVC.dll [1033696 2019-06-13] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [885760 2018-12-08] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [567256 2018-12-08] (Microsoft Corporation)
S3 DevQueryBroker; C:\Windows\system32\DevQueryBroker.dll [33792 2018-04-12] (Microsoft Corporation)
S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [90112 2019-05-03] (Microsoft Corporation)
S3 diagsvc; C:\Windows\system32\DiagSvc.dll [219648 2018-04-12] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [827392 2019-04-19] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [593408 2019-04-19] (Microsoft Corporation)
S3 dmwappushservice; C:\Windows\system32\dmwappushsvc.dll [57856 2018-04-12] (Microsoft Corporation)
R2 DoSvc; C:\Windows\System32\svchost.exe [85472 2019-01-09] (Microsoft Corporation)
R2 DoSvc; C:\Windows\SysWOW64\svchost.exe [71456 2019-01-09] (Microsoft Corporation)
R3 DsSvc; C:\Windows\System32\DsSvc.dll [155136 2019-09-04] (Microsoft Corporation)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [21840 2014-03-03] ()
R2 DusmSvc; C:\Windows\System32\dusmsvc.dll [356352 2018-12-08] (Microsoft Corporation)
S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [167424 2018-04-12] (Microsoft Corporation)
S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [308736 2018-11-09] (Microsoft Corporation)
S3 FrameServer; C:\Windows\system32\FrameServer.dll [673792 2018-06-08] (Microsoft Corporation)
S3 GraphicsPerfSvc; C:\Windows\System32\GraphicsPerfSvc.dll [90624 2018-04-12] (Microsoft Corporation)
S3 HvHost; C:\Windows\System32\hvhostsvc.dll [61736 2018-08-03] (Microsoft Corporation)
S3 icssvc; C:\Windows\System32\tetheringservice.dll [241152 2018-11-01] (Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [337888 2016-08-31] (Intel Corporation)
S3 InstallService; C:\Windows\system32\InstallService.dll [1487360 2019-05-17] (Microsoft Corporation)
S3 InstallService; C:\Windows\SysWOW64\InstallService.dll [1110528 2019-05-17] (Microsoft Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
S3 IpxlatCfgSvc; C:\Windows\System32\IpxlatCfg.dll [63488 2018-04-12] (Microsoft Corporation)
R3 lfsvc; C:\Windows\System32\lfsvc.dll [44544 2018-04-12] (Microsoft Corporation)
R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [48640 2018-04-12] (Microsoft Corporation)
S3 LxpSvc; C:\Windows\System32\LanguageOverlayServer.dll [199680 2018-04-12] (Microsoft Corporation)
S2 MapsBroker; C:\Windows\System32\moshost.dll [91136 2018-07-06] (Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239696 2013-07-23] ()
S3 NaturalAuthentication; C:\Windows\System32\NaturalAuth.dll [824832 2018-04-12] (Microsoft Corporation)
S3 NetSetupSvc; C:\Windows\System32\NetSetupSvc.dll [335360 2019-07-09] (Microsoft Corporation)
R3 NgcCtnrSvc; C:\Windows\System32\NgcCtnrSvc.dll [582144 2019-07-09] (Microsoft Corporation)
R3 NgcSvc; C:\Windows\system32\ngcsvc.dll [784896 2019-04-19] (Microsoft Corporation)
S3 PhoneSvc; C:\Windows\System32\PhoneService.dll [835584 2018-11-01] (Microsoft Corporation)
S3 PushToInstall; C:\Windows\system32\PushToInstall.dll [262144 2018-07-14] (Microsoft Corporation)
S3 RetailDemo; C:\Windows\system32\RDXService.dll [681984 2018-04-12] (Microsoft Corporation)
S3 RmSvc; C:\Windows\System32\RMapi.dll [153600 2018-12-08] (Microsoft Corporation)
R2 SecurityHealthService; C:\Windows\system32\SecurityHealthService.exe [760888 2018-07-14] (Microsoft Corporation)
R2 sedsvc; C:\Program Files\rempl\sedsvc.exe [357680 2019-08-26] (Microsoft Corporation)
R3 SEMgrSvc; C:\Windows\system32\SEMgrSvc.dll [1248768 2018-04-12] (Microsoft Corporation)
S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1273344 2018-04-12] (Microsoft Corporation)
S3 SensorService; C:\Windows\system32\SensorService.dll [712192 2018-04-12] (Microsoft Corporation)
R2 SgrmBroker; C:\Windows\system32\SgrmBroker.exe [163336 2018-04-12] (Microsoft Corporation)
S3 SharedRealitySvc; C:\Windows\System32\SharedRealitySvc.dll [713216 2019-06-13] (Microsoft Corporation)
S4 shpamsvc; C:\Windows\system32\Windows.SharedPC.AccountManager.dll [195584 2018-04-12] (Microsoft Corporation)
S3 SmsRouter; C:\Windows\system32\SmsRouterSvc.dll [590336 2018-04-12] (Microsoft Corporation)
S3 spectrum; C:\Windows\system32\spectrum.exe [976384 2018-06-08] (Microsoft Corporation)
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [4970360 2018-06-08] (Microsoft Corporation)
R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [4469832 2018-06-08] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [287240 2018-03-28] (Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12135768 2019-09-24] (TeamViewer GmbH)
S3 TieringEngineService; C:\Windows\system32\TieringEngineService.exe [303616 2018-04-12] (Microsoft Corporation)
R3 TimeBrokerSvc; C:\Windows\System32\TimeBrokerServer.dll [176128 2018-04-12] (Microsoft Corporation)
R3 TokenBroker; C:\Windows\System32\TokenBroker.dll [1400832 2019-07-09] (Microsoft Corporation)
R3 TokenBroker; C:\Windows\SysWOW64\TokenBroker.dll [1003008 2019-07-09] (Microsoft Corporation)
S4 tzautoupdate; C:\Windows\system32\tzautoupdate.dll [92160 2018-11-09] (Microsoft Corporation)
S4 tzautoupdate; C:\Windows\SysWOW64\tzautoupdate.dll [72192 2018-04-12] (Microsoft Corporation)
R2 UserManager; C:\Windows\System32\usermgr.dll [1027584 2019-05-17] (Microsoft Corporation)
R2 UsoSvc; C:\Windows\system32\usocore.dll [1418240 2019-10-02] (Microsoft Corporation)
S3 VacSvc; C:\Windows\System32\vac.dll [411256 2018-04-12] (Microsoft Corporation)
S3 vmicrdv; C:\Windows\System32\icsvcext.dll [309760 2018-04-12] (Microsoft Corporation)
S3 vmicvmsession; C:\Windows\System32\icsvc.dll [289792 2018-04-12] (Microsoft Corporation)
S3 vmicvss; C:\Windows\System32\icsvcext.dll [309760 2018-04-12] (Microsoft Corporation)
S3 WaaSMedicSvc; C:\Windows\System32\WaaSMedicSvc.dll [392704 2019-01-09] (Microsoft Corporation)
S3 WalletService; C:\Windows\system32\WalletService.dll [427520 2018-04-12] (Microsoft Corporation)
S3 WarpJITSvc; C:\Windows\System32\Windows.WARP.JITService.dll [31744 2018-04-12] (Microsoft Corporation)
S3 WFDSConMgrSvc; C:\Windows\System32\wfdsconmgrsvc.dll [681984 2018-07-14] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-11-01] (Microsoft Corporation)
S3 wisvc; C:\Windows\system32\flightsettings.dll [858112 2018-06-08] (Microsoft Corporation)
S3 wisvc; C:\Windows\SysWOW64\flightsettings.dll [729088 2018-06-08] (Microsoft Corporation)
S3 wlpasvc; C:\Windows\System32\lpasvc.dll [1364992 2019-02-16] (Microsoft Corporation)
S3 WpcMonSvc; C:\Windows\System32\WpcDesktopMonSvc.dll [1456640 2018-06-06] (Microsoft Corporation)
R2 WpnService; C:\Windows\system32\WpnService.dll [280576 2018-04-12] (Microsoft Corporation)
S3 xbgm; C:\Windows\system32\xbgmsvc.exe [59512 2018-04-12] (Microsoft Corporation)
S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [1115648 2018-04-12] (Microsoft Corporation)
S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1308672 2018-04-12] (Microsoft Corporation)
S3 XboxGipSvc; C:\Windows\System32\XboxGipSvc.dll [58880 2018-04-12] (Microsoft Corporation)
S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1148928 2018-04-12] (Microsoft Corporation)
S2 GamesAppIntegrationService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe" [X]
S3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X]
S2 HPSupportSolutionsFrameworkService; "C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe" [X]
S3 TemproMonitoringService; "C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe" [X]
S3 TPCHSrv; "C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe" [X]
R3 WdNisSvc; "%ProgramData%\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe" [X]

==================== Drivers (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [20480 2018-04-12] (Microsoft Corporation)
R1 afunix; C:\Windows\system32\drivers\afunix.sys [39424 2018-04-12] (Microsoft Corporation)
S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [18432 2018-04-12] (Microsoft Corporation)
S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533912 2018-04-12] (QLogic Corporation)
R1 bam; C:\Windows\System32\drivers\bam.sys [60320 2018-04-12] (Microsoft Corporation)
S3 BcastDVRUserService; No ImagePath
S3 BcastDVRUserService_21f6f6; No ImagePath
S3 bindflt; C:\Windows\system32\drivers\bindflt.sys [92472 2019-10-02] (Microsoft Corporation)
S3 BluetoothUserService; No ImagePath
S3 BluetoothUserService_21f6f6; No ImagePath
R3 BthLEEnum; C:\Windows\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [86528 2018-04-12] (Microsoft Corporation)
S0 bttflt; C:\Windows\System32\drivers\bttflt.sys [38304 2018-04-12] (Microsoft Corporation)
S3 buttonconverter; C:\Windows\System32\drivers\buttonconverter.sys [39936 2018-04-12] (Microsoft Corporation)
R3 CAD; C:\Windows\System32\drivers\CAD.sys [60320 2018-04-12] (Microsoft Corporation)
S3 CapImg; C:\Windows\System32\drivers\capimg.sys [123392 2018-04-12] (Microsoft Corporation)
S2 CDPUserSvc; No ImagePath
R2 CDPUserSvc_21f6f6; No ImagePath
S0 cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [321432 2018-04-12] (Chelsio Communications)
S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [1836952 2018-04-12] (Chelsio Communications)
R2 CldFlt; C:\Windows\System32\drivers\cldflt.sys [414720 2019-07-09] (Microsoft Corporation)
S4 cnghwassist; C:\Windows\System32\DRIVERS\cnghwassist.sys [39328 2018-04-12] (Microsoft Corporation)
R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_bcb89b3386563bd7\CompositeBus.sys [40448 2018-04-12] (Microsoft Corporation)
S3 DevicePickerUserSvc; No ImagePath
S3 DevicePickerUserSvc_21f6f6; No ImagePath
S3 DevicesFlowUserSvc; No ImagePath
S3 DevicesFlowUserSvc_21f6f6; No ImagePath
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3419032 2018-04-12] (QLogic Corporation)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40872 2014-02-10] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40872 2014-02-10] (SlySoft, Inc.)
R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [55808 2018-04-12] (Microsoft Corporation)
S3 GENERICDRV; C:\Program Files (x86)\UEFI WinFlash\amifldrv64.sys [15640 2012-07-27] ()
S3 genericusbfn; C:\Windows\System32\drivers\genericusbfn.sys [20992 2018-04-12] (Microsoft Corporation)
R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2018-04-12] (Microsoft Corporation)
S3 hidinterrupt; C:\Windows\System32\drivers\hidinterrupt.sys [50592 2018-04-12] (Microsoft Corporation)
S4 hvcrash; C:\Windows\System32\drivers\hvcrash.sys [33184 2018-04-12] (Microsoft Corporation)
S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [76304 2019-06-07] (Microsoft Corporation)
S3 hwdatacard; C:\Windows\system32\DRIVERS\ewusbmdm.sys [115328 2015-02-26] (Huawei Technologies Co., Ltd.) [Datei ist nicht signiert]
S3 HwNClx0101; C:\Windows\System32\Drivers\mshwnclx.sys [27136 2018-04-12] (Microsoft Corporation)
S3 iagpio; C:\Windows\System32\drivers\iagpio.sys [36864 2018-04-12] (Intel(R) Corporation)
S3 iai2c; C:\Windows\System32\drivers\iai2c.sys [91648 2018-04-12] (Intel(R) Corporation)
S3 iaLPSS2i_GPIO2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [79360 2018-04-12] (Intel Corporation)
S3 iaLPSS2i_GPIO2_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [88576 2018-04-12] (Intel Corporation)
S3 iaLPSS2i_I2C; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [171520 2018-04-12] (Intel Corporation)
S3 iaLPSS2i_I2C_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [174592 2018-04-12] (Intel Corporation)
S0 iaStorAVC; C:\Windows\System32\drivers\iaStorAVC.sys [885144 2018-04-12] (Intel Corporation)
S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [526232 2018-04-12] (Mellanox)
S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [38912 2018-04-12] (Microsoft Corporation)
R0 iorate; C:\Windows\System32\drivers\iorate.sys [58168 2018-12-08] (Microsoft Corporation)
S3 IPT; C:\Windows\System32\drivers\ipt.sys [32256 2018-04-12] (Microsoft Corporation)
S0 ItSas35i; C:\Windows\System32\drivers\ItSas35i.sys [145816 2018-04-12] (Avago Technologies)
S0 LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [124312 2018-04-12] (LSI Corporation)
S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [128408 2018-04-12] (Avago Technologies)
S3 mausbhost; C:\Windows\System32\drivers\mausbhost.sys [505240 2018-04-12] (Microsoft Corporation)
S3 mausbip; C:\Windows\System32\drivers\mausbip.sys [56736 2018-04-12] (Microsoft Corporation)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-10-28] (Malwarebytes)
S0 megasas; C:\Windows\System32\drivers\megasas.sys [59800 2018-04-12] (Avago Technologies)
S0 megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [75160 2018-04-12] (Avago Technologies)
S0 megasas35i; C:\Windows\System32\drivers\megasas35i.sys [82328 2018-04-12] (Avago Technologies)
S3 MessagingService; No ImagePath
S3 MessagingService_21f6f6; No ImagePath
R3 Microsoft_Bluetooth_AvrcpTransport; C:\Windows\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation)
S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [842648 2018-04-12] (Mellanox)
R2 MMCSS; C:\Windows\system32\drivers\mmcss.sys [43008 2018-12-08] (Microsoft Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [29192 2016-03-17] (Marvell Semiconductor, Inc.)
S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [108952 2018-04-12] (Mellanox)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [175104 2018-04-12] (Microsoft Corporation)
S3 netvsc; C:\Windows\System32\drivers\netvsc.sys [197632 2018-04-12] (Microsoft Corporation)
S3 nvdimm; C:\Windows\System32\drivers\nvdimm.sys [104448 2018-04-12] (Microsoft Corporation)
S2 OneSyncSvc; No ImagePath
R2 OneSyncSvc_21f6f6; No ImagePath
S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58776 2018-04-12] (Avago Technologies)
S0 percsas3i; C:\Windows\System32\drivers\percsas3i.sys [61848 2018-04-12] (Avago Technologies)
S3 PimIndexMaintenanceSvc; No ImagePath
R3 PimIndexMaintenanceSvc_21f6f6; No ImagePath
S3 pmem; C:\Windows\System32\drivers\pmem.sys [105984 2018-04-12] (Microsoft Corporation)
S3 PrintWorkflowUserSvc; No ImagePath
S3 PrintWorkflowUserSvc_21f6f6; No ImagePath
S0 Ramdisk; C:\Windows\System32\DRIVERS\ramdisk.sys [39840 2018-04-12] (Microsoft Corporation)
S3 ReFSv1; C:\Windows\System32\Drivers\ReFSv1.sys [945464 2019-03-06] (Microsoft Corporation)
S3 rhproxy; C:\Windows\System32\drivers\rhproxy.sys [104448 2018-04-12] (Microsoft Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-09] (Realtek Semiconductor Corp.)
S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [128920 2018-08-03] (Microsoft Corporation)
S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [33176 2018-04-12] (Microsoft Corporation)
R0 SgrmAgent; C:\Windows\System32\drivers\SgrmAgent.sys [63896 2018-04-12] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [54792 2018-03-28] (Synaptics Incorporated)
S3 SpatialGraphFilter; C:\Windows\System32\drivers\SpatialGraphFilter.sys [57752 2018-04-12] (Microsoft Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [82432 2019-03-14] (Microsoft Corporation)
S0 storufs; C:\Windows\System32\drivers\storufs.sys [48544 2018-06-15] (Microsoft Corporation)
R3 swenum; C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_ea7b19c04e7a8136\swenum.sys [18336 2018-04-12] (Microsoft Corporation)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [54424 2015-07-29] (Toshiba Corporation)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [128512 2018-04-12] (Microsoft Corporation)
S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [152576 2018-04-12] (Microsoft Corporation)
S3 UcmUcsi; C:\Windows\System32\drivers\UcmUcsi.sys [57856 2018-04-12] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [45056 2018-04-12] (Microsoft Corporation)
S3 Ufx01000; C:\Windows\System32\drivers\ufx01000.sys [282008 2018-04-12] (Microsoft Corporation)
S3 UfxChipidea; C:\Windows\System32\drivers\UfxChipidea.sys [98200 2018-04-12] (Microsoft Corporation)
S3 ufxsynopsys; C:\Windows\System32\drivers\ufxsynopsys.sys [144288 2018-04-12] (Microsoft Corporation)
S3 UnistoreSvc; No ImagePath
R3 UnistoreSvc_21f6f6; No ImagePath
S3 UrsChipidea; C:\Windows\System32\drivers\urschipidea.sys [29088 2018-04-12] (Microsoft Corporation)
S3 UrsCx01000; C:\Windows\System32\drivers\urscx01000.sys [67992 2018-04-12] (Microsoft Corporation)
S3 UrsSynopsys; C:\Windows\System32\drivers\urssynopsys.sys [28064 2018-04-12] (Microsoft Corporation)
S3 UserDataSvc; No ImagePath
R3 UserDataSvc_21f6f6; No ImagePath
S3 vhf; C:\Windows\System32\drivers\vhf.sys [36352 2018-10-21] (Microsoft Corporation)
S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [10240 2018-08-03] (Microsoft Corporation)
R0 volume; C:\Windows\System32\drivers\volume.sys [16288 2018-04-12] (Microsoft Corporation)
R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [152072 2019-03-14] (Microsoft Corporation)
R3 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [83456 2018-12-08] (Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [46472 2019-11-01] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [351968 2019-11-01] (Microsoft Corporation)
S3 wdiwifi; C:\Windows\System32\DRIVERS\wdiwifi.sys [787968 2019-05-17] (Microsoft Corporation)
S3 WdmCompanionFilter; C:\Windows\System32\drivers\WdmCompanionFilter.sys [21408 2018-04-12] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [53984 2019-11-01] (Microsoft Corporation)
R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [72768 2018-06-15] (Microsoft Corporation)
R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [18472 2018-04-12] (Microsoft Corporation)
S3 WinMad; C:\Windows\System32\drivers\winmad.sys [32152 2018-04-12] (Mellanox)
S3 WinNat; C:\Windows\System32\drivers\winnat.sys [228864 2019-05-17] (Microsoft Corporation)
S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [64920 2018-04-12] (Mellanox)
S2 WpnUserService; No ImagePath
R2 WpnUserService_21f6f6; No ImagePath
S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [295424 2018-06-15] (Microsoft Corporation)
S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [46592 2018-04-12] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

NETSVC: InstallService -> C:\Windows\system32\InstallService.dll (Microsoft Corporation)
NETSVC: LxpSvc -> C:\Windows\System32\LanguageOverlayServer.dll (Microsoft Corporation)
NETSVC: shpamsvc -> C:\Windows\system32\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
NETSVC: PushToInstall -> C:\Windows\system32\PushToInstall.dll (Microsoft Corporation)
NETSVC: XblGameSave -> C:\Windows\System32\XblGameSave.dll (Microsoft Corporation)
NETSVC: DmEnrollmentSvc -> C:\Windows\system32\Windows.Internal.Management.dll (Microsoft Corporation)
NETSVC: XblAuthManager -> C:\Windows\System32\XblAuthManager.dll (Microsoft Corporation)
NETSVC: NaturalAuthentication -> C:\Windows\System32\NaturalAuth.dll (Microsoft Corporation)
NETSVC: NetSetupSvc -> C:\Windows\System32\NetSetupSvc.dll (Microsoft Corporation)
NETSVC: UserManager -> C:\Windows\System32\usermgr.dll (Microsoft Corporation)
NETSVC: XboxGipSvc -> C:\Windows\System32\XboxGipSvc.dll (Microsoft Corporation)
NETSVC: TokenBroker -> C:\Windows\System32\TokenBroker.dll (Microsoft Corporation)
NETSVC: dmwappushservice -> C:\Windows\system32\dmwappushsvc.dll (Microsoft Corporation)
NETSVC: wisvc -> C:\Windows\system32\flightsettings.dll (Microsoft Corporation)
NETSVC: WpnService -> C:\Windows\system32\WpnService.dll (Microsoft Corporation)
NETSVC: XboxNetApiSvc -> C:\Windows\system32\XboxNetApiSvc.dll (Microsoft Corporation)
NETSVC: UsoSvc -> C:\Windows\system32\usocore.dll (Microsoft Corporation)
NETSVCx32: TokenBroker -> C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation)
NETSVCx32: UserManager -> C:\Windows\SysWOW64\usermgr.dll ==> Keine Datei

==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2019-11-01 08:43 - 2019-11-01 08:43 - 00000000 ___HD C:\OneDriveTemp
2019-10-28 06:42 - 2019-10-28 06:42 - 00275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-10-27 17:17 - 2019-10-28 06:44 - 00000276 _____ C:\WINDOWS\WindowsUpdate.log
2019-10-27 16:20 - 2019-10-27 16:20 - 00000000 ___HD C:\$WINDOWS.~BT
2019-10-27 16:08 - 2019-10-28 06:41 - 00000000 ____D C:\Program Files\Mozilla Firefox
2019-10-27 16:08 - 2019-10-27 16:59 - 00000000 ____D C:\AdwCleaner
2019-10-27 16:06 - 2019-10-27 16:06 - 07622344 _____ (Malwarebytes) C:\Users\Stefanie\Desktop\adwcleaner_7.4.2.exe
2019-10-26 10:00 - 2019-10-26 12:46 - 00000000 ____D C:\WINDOWS\UpdateAssistant
2019-10-24 11:00 - 2019-10-02 06:04 - 07519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-10-24 11:00 - 2019-10-02 05:47 - 06564368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-10-24 11:00 - 2019-10-02 05:40 - 25857024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-10-24 11:00 - 2019-10-02 05:32 - 22735872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-10-24 10:59 - 2019-10-02 12:10 - 04527072 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-10-24 10:59 - 2019-10-02 12:10 - 01616608 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-10-24 10:59 - 2019-10-02 11:53 - 04852736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-10-24 10:59 - 2019-10-02 11:52 - 12835840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-10-24 10:59 - 2019-10-02 11:52 - 08627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-10-24 10:59 - 2019-10-02 11:50 - 04491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-10-24 10:59 - 2019-10-02 11:47 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-10-24 10:59 - 2019-10-02 09:46 - 12037120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-10-24 10:59 - 2019-10-02 09:41 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-10-24 10:59 - 2019-10-02 06:20 - 03180080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2019-10-24 10:59 - 2019-10-02 06:04 - 02774120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-10-24 10:59 - 2019-10-02 06:04 - 01035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-10-24 10:59 - 2019-10-02 06:02 - 04404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-10-24 10:59 - 2019-10-02 06:02 - 01219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-10-24 10:59 - 2019-10-02 06:02 - 01027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-10-24 10:59 - 2019-10-02 06:01 - 02468048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-10-24 10:59 - 2019-10-02 06:00 - 09080632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-10-24 10:59 - 2019-10-02 06:00 - 02570824 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-10-24 10:59 - 2019-10-02 06:00 - 02371504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-10-24 10:59 - 2019-10-02 05:48 - 02331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-10-24 10:59 - 2019-10-02 05:48 - 01990056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-10-24 10:59 - 2019-10-02 05:47 - 04789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-10-24 10:59 - 2019-10-02 05:47 - 02260928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-10-24 10:59 - 2019-10-02 05:47 - 01979752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-10-24 10:59 - 2019-10-02 05:38 - 22016000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-10-24 10:59 - 2019-10-02 05:32 - 06661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-10-24 10:59 - 2019-10-02 05:31 - 08189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-10-24 10:59 - 2019-10-02 05:31 - 04388864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-10-24 10:59 - 2019-10-02 05:30 - 19385856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-10-24 10:59 - 2019-10-02 05:30 - 03403264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-10-24 10:59 - 2019-10-02 05:29 - 03392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-10-24 10:59 - 2019-10-02 05:29 - 02700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-10-24 10:59 - 2019-10-02 05:28 - 07573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-10-24 10:59 - 2019-10-02 05:28 - 04771840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-10-24 10:59 - 2019-10-02 05:28 - 01827328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-10-24 10:59 - 2019-10-02 05:27 - 05769728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-10-24 10:59 - 2019-10-02 05:27 - 02126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2019-10-24 10:59 - 2019-10-02 05:25 - 03091456 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-10-24 10:59 - 2019-10-02 05:25 - 02738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-10-24 10:59 - 2019-10-02 05:24 - 02379264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-10-24 10:59 - 2019-10-02 05:23 - 04938240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-10-24 10:59 - 2019-10-02 05:23 - 04517376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-10-24 10:59 - 2019-10-02 05:23 - 02166272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-10-24 10:59 - 2019-10-02 05:22 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-10-24 10:59 - 2019-09-10 08:17 - 23862272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-10-24 10:59 - 2019-09-10 08:16 - 19525632 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-10-24 10:58 - 2019-10-06 02:43 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-10-24 10:58 - 2019-10-06 02:43 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-10-24 10:58 - 2019-10-02 12:14 - 00349216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-10-24 10:58 - 2019-10-02 12:10 - 01640376 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-10-24 10:58 - 2019-10-02 12:08 - 02394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2019-10-24 10:58 - 2019-10-02 12:08 - 01047568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2019-10-24 10:58 - 2019-10-02 11:53 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-10-24 10:58 - 2019-10-02 11:50 - 02019840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2019-10-24 10:58 - 2019-10-02 11:50 - 00810496 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2019-10-24 10:58 - 2019-10-02 11:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2019-10-24 10:58 - 2019-10-02 11:48 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-10-24 10:58 - 2019-10-02 11:48 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2019-10-24 10:58 - 2019-10-02 11:48 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-10-24 10:58 - 2019-10-02 11:47 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-10-24 10:58 - 2019-10-02 11:47 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-10-24 10:58 - 2019-10-02 11:46 - 01364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-10-24 10:58 - 2019-10-02 11:46 - 01289216 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-10-24 10:58 - 2019-10-02 11:46 - 00740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2019-10-24 10:58 - 2019-10-02 11:46 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-10-24 10:58 - 2019-10-02 11:45 - 01180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-10-24 10:58 - 2019-10-02 11:45 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2019-10-24 10:58 - 2019-10-02 09:56 - 01628488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-10-24 10:58 - 2019-10-02 09:53 - 00917816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2019-10-24 10:58 - 2019-10-02 09:52 - 02206424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2019-10-24 10:58 - 2019-10-02 09:44 - 07991296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-10-24 10:58 - 2019-10-02 09:42 - 03397120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-10-24 10:58 - 2019-10-02 09:42 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-10-24 10:58 - 2019-10-02 09:41 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-10-24 10:58 - 2019-10-02 09:41 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-10-24 10:58 - 2019-10-02 06:21 - 02417744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2019-10-24 10:58 - 2019-10-02 06:19 - 00374584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-10-24 10:58 - 2019-10-02 06:05 - 00092472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-10-24 10:58 - 2019-10-02 06:04 - 01098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-10-24 10:58 - 2019-10-02 06:04 - 00494096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-10-24 10:58 - 2019-10-02 06:03 - 00778024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-10-24 10:58 - 2019-10-02 06:03 - 00193040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-10-24 10:58 - 2019-10-02 06:02 - 00568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-10-24 10:58 - 2019-10-02 06:02 - 00210448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2019-10-24 10:58 - 2019-10-02 06:02 - 00194352 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-10-24 10:58 - 2019-10-02 06:01 - 01288928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-10-24 10:58 - 2019-10-02 06:01 - 00723728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-10-24 10:58 - 2019-10-02 06:01 - 00722744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2019-10-24 10:58 - 2019-10-02 06:01 - 00527160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2019-10-24 10:58 - 2019-10-02 06:01 - 00491208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-10-24 10:58 - 2019-10-02 06:01 - 00439504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-10-24 10:58 - 2019-10-02 06:01 - 00435728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-10-24 10:58 - 2019-10-02 06:01 - 00159864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-10-24 10:58 - 2019-10-02 06:00 - 00433168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-10-24 10:58 - 2019-10-02 06:00 - 00248880 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2019-10-24 10:58 - 2019-10-02 06:00 - 00209936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-10-24 10:58 - 2019-10-02 06:00 - 00039032 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-10-24 10:58 - 2019-10-02 05:59 - 01784696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-10-24 10:58 - 2019-10-02 05:59 - 01459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-10-24 10:58 - 2019-10-02 05:59 - 01260776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-10-24 10:58 - 2019-10-02 05:59 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-10-24 10:58 - 2019-10-02 05:59 - 00983936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-10-24 10:58 - 2019-10-02 05:59 - 00930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2019-10-24 10:58 - 2019-10-02 05:59 - 00604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-10-24 10:58 - 2019-10-02 05:59 - 00260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-10-24 10:58 - 2019-10-02 05:49 - 00550512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-10-24 10:58 - 2019-10-02 05:49 - 00434728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-10-24 10:58 - 2019-10-02 05:49 - 00385000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-10-24 10:58 - 2019-10-02 05:49 - 00191800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-10-24 10:58 - 2019-10-02 05:49 - 00146712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-10-24 10:58 - 2019-10-02 05:48 - 00666248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-10-24 10:58 - 2019-10-02 05:48 - 00380216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-10-24 10:58 - 2019-10-02 05:48 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-10-24 10:58 - 2019-10-02 05:47 - 01380312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-10-24 10:58 - 2019-10-02 05:47 - 01130784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-10-24 10:58 - 2019-10-02 05:47 - 01020280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2019-10-24 10:58 - 2019-10-02 05:47 - 00829752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2019-10-24 10:58 - 2019-10-02 05:47 - 00607248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2019-10-24 10:58 - 2019-10-02 05:47 - 00129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-10-24 10:58 - 2019-10-02 05:29 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2019-10-24 10:58 - 2019-10-02 05:28 - 02929152 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2019-10-24 10:58 - 2019-10-02 05:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2019-10-24 10:58 - 2019-10-02 05:28 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-10-24 10:58 - 2019-10-02 05:28 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2019-10-24 10:58 - 2019-10-02 05:28 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-10-24 10:58 - 2019-10-02 05:28 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-10-24 10:58 - 2019-10-02 05:27 - 03554304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2019-10-24 10:58 - 2019-10-02 05:27 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-10-24 10:58 - 2019-10-02 05:27 - 00929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-10-24 10:58 - 2019-10-02 05:27 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-10-24 10:58 - 2019-10-02 05:27 - 00395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-10-24 10:58 - 2019-10-02 05:27 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-10-24 10:58 - 2019-10-02 05:27 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-10-24 10:58 - 2019-10-02 05:26 - 00908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2019-10-24 10:58 - 2019-10-02 05:26 - 00894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-10-24 10:58 - 2019-10-02 05:26 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-10-24 10:58 - 2019-10-02 05:26 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-10-24 10:58 - 2019-10-02 05:26 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-10-24 10:58 - 2019-10-02 05:26 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-10-24 10:58 - 2019-10-02 05:25 - 02258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-10-24 10:58 - 2019-10-02 05:25 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-10-24 10:58 - 2019-10-02 05:25 - 01862656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2019-10-24 10:58 - 2019-10-02 05:25 - 01540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-10-24 10:58 - 2019-10-02 05:25 - 01295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-10-24 10:58 - 2019-10-02 05:25 - 00808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-10-24 10:58 - 2019-10-02 05:25 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-10-24 10:58 - 2019-10-02 05:25 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-10-24 10:58 - 2019-10-02 05:25 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-10-24 10:58 - 2019-10-02 05:25 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2019-10-24 10:58 - 2019-10-02 05:24 - 01563648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-10-24 10:58 - 2019-10-02 05:24 - 01058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-10-24 10:58 - 2019-10-02 05:24 - 00857088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2019-10-24 10:58 - 2019-10-02 05:24 - 00582144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2019-10-24 10:58 - 2019-10-02 05:24 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-10-24 10:58 - 2019-10-02 05:23 - 01724928 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-10-24 10:58 - 2019-10-02 05:23 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-10-24 10:58 - 2019-10-02 05:23 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2019-10-24 10:58 - 2019-10-02 05:23 - 00735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-10-24 10:58 - 2019-10-02 05:23 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-10-24 10:58 - 2019-10-02 05:23 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-10-24 10:58 - 2019-10-02 05:22 - 01110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-10-24 10:58 - 2019-10-02 05:22 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-10-24 10:58 - 2019-10-02 05:22 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-10-24 10:58 - 2019-10-02 05:22 - 00532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-10-24 10:58 - 2019-10-02 05:22 - 00506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-10-24 10:58 - 2019-10-02 05:22 - 00345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-10-24 10:58 - 2019-10-02 05:22 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-10-24 10:58 - 2019-10-02 05:22 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-10-24 10:58 - 2019-10-02 04:05 - 00001312 _____ C:\WINDOWS\system32\tcbres.wim
2019-10-24 10:58 - 2019-09-19 08:02 - 00868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-10-24 10:58 - 2019-09-10 07:56 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-10-24 10:58 - 2019-09-10 02:20 - 00353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-10-24 10:58 - 2019-09-10 02:20 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-10-24 10:58 - 2019-08-13 15:42 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-10-07 18:03 - 2019-10-24 21:10 - 00153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-10-07 18:03 - 2019-10-07 18:03 - 00001923 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-10-07 18:03 - 2019-10-07 18:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-10-07 18:03 - 2019-06-26 12:00 - 00020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-10-06 14:25 - 2019-10-27 17:35 - 00001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-10-06 14:25 - 2019-10-06 14:25 - 00001004 _____ C:\Users\Public\Desktop\Firefox.lnk
2019-10-06 14:23 - 2019-10-06 14:24 - 49818008 _____ (Mozilla) C:\Users\Stefanie\Downloads\Firefox Setup 69.0.2.exe
2019-10-04 15:31 - 2019-10-06 16:36 - 00064685 _____ C:\Users\Stefanie\Desktop\Addition.txt
2019-10-04 15:27 - 2019-11-01 09:52 - 00043105 _____ C:\Users\Stefanie\Desktop\FRST.txt
2019-10-04 15:27 - 2019-11-01 09:51 - 00000000 ____D C:\FRST
2019-10-04 15:25 - 2019-10-04 15:25 - 02169856 _____ (Farbar) C:\Users\Stefanie\Desktop\FRST64.exe
2019-10-04 12:59 - 2019-09-13 11:57 - 21409376 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-10-04 12:59 - 2019-09-13 05:49 - 05627280 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-10-04 12:59 - 2019-09-13 05:47 - 07445856 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-10-04 12:58 - 2019-10-24 10:01 - 00000000 ____D C:\Users\Stefanie\AppData\Local\CrashDumps
2019-10-04 12:58 - 2019-09-13 12:02 - 04040008 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-10-04 12:58 - 2019-09-13 11:57 - 01517480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-10-04 12:58 - 2019-09-13 11:47 - 06588416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-10-04 12:58 - 2019-09-13 11:41 - 01644032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2019-10-04 12:58 - 2019-09-13 11:40 - 03614208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-10-04 12:58 - 2019-09-13 10:16 - 01320128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-10-04 12:58 - 2019-09-13 10:15 - 20400656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-10-04 12:58 - 2019-09-13 10:15 - 03701184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-10-04 12:58 - 2019-09-13 10:05 - 05659136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-10-04 12:58 - 2019-09-13 10:00 - 02882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-10-04 12:58 - 2019-09-13 05:58 - 07900880 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2019-10-04 12:58 - 2019-09-13 05:58 - 01613096 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2019-10-04 12:58 - 2019-09-13 05:48 - 03290584 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-10-04 12:58 - 2019-09-13 05:36 - 02478152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-10-04 12:58 - 2019-09-13 05:35 - 06052272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-10-04 12:58 - 2019-09-13 05:27 - 16598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-10-04 12:58 - 2019-09-13 05:24 - 13878784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-10-04 12:58 - 2019-09-13 05:17 - 03148288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2019-10-04 12:58 - 2019-09-13 05:15 - 02913792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-10-04 12:58 - 2019-09-13 05:14 - 01854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-10-04 12:58 - 2019-09-13 05:14 - 01809408 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-10-04 12:58 - 2019-09-13 05:14 - 01222144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-10-04 12:58 - 2019-09-13 05:13 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-10-04 12:58 - 2019-09-13 05:12 - 01634304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-10-04 12:57 - 2019-09-13 12:03 - 00586680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-10-04 12:57 - 2019-09-13 11:57 - 01375456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-10-04 12:57 - 2019-09-13 11:56 - 00341392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2019-10-04 12:57 - 2019-09-13 11:44 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2019-10-04 12:57 - 2019-09-13 11:44 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2019-10-04 12:57 - 2019-09-13 11:41 - 01127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-10-04 12:57 - 2019-09-13 11:40 - 01725952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-10-04 12:57 - 2019-09-13 11:40 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2019-10-04 12:57 - 2019-09-13 11:40 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-10-04 12:57 - 2019-09-13 11:40 - 00402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2019-10-04 12:57 - 2019-09-13 11:40 - 00351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe
2019-10-04 12:57 - 2019-09-13 11:40 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2019-10-04 12:57 - 2019-09-13 11:39 - 02085888 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-10-04 12:57 - 2019-09-13 11:39 - 01262592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-10-04 12:57 - 2019-09-13 11:39 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2019-10-04 12:57 - 2019-09-13 10:18 - 00470512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2019-10-04 12:57 - 2019-09-13 10:17 - 01026280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-10-04 12:57 - 2019-09-13 10:01 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2019-10-04 12:57 - 2019-09-13 10:01 - 00622592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-10-04 12:57 - 2019-09-13 10:00 - 01530880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2019-10-04 12:57 - 2019-09-13 09:59 - 02017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-10-04 12:57 - 2019-09-13 05:56 - 05821448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2019-10-04 12:57 - 2019-09-13 05:56 - 01299472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2019-10-04 12:57 - 2019-09-13 05:49 - 00274792 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2019-10-04 12:57 - 2019-09-13 05:48 - 01659704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2019-10-04 12:57 - 2019-09-13 05:48 - 01363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-10-04 12:57 - 2019-09-13 05:48 - 00722744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-10-04 12:57 - 2019-09-13 05:48 - 00710240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-10-04 12:57 - 2019-09-13 05:48 - 00170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-10-04 12:57 - 2019-09-13 05:47 - 01947168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2019-10-04 12:57 - 2019-09-13 05:47 - 00713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-10-04 12:57 - 2019-09-13 05:47 - 00275768 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-10-04 12:57 - 2019-09-13 05:47 - 00081720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2019-10-04 12:57 - 2019-09-13 05:47 - 00039736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys
2019-10-04 12:57 - 2019-09-13 05:36 - 01252152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2019-10-04 12:57 - 2019-09-13 05:35 - 01559272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2019-10-04 12:57 - 2019-09-13 05:23 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2019-10-04 12:57 - 2019-09-13 05:21 - 00153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2019-10-04 12:57 - 2019-09-13 05:21 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2019-10-04 12:57 - 2019-09-13 05:21 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-10-04 12:57 - 2019-09-13 05:21 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpnotify.exe
2019-10-04 12:57 - 2019-09-13 05:21 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-10-04 12:57 - 2019-09-13 05:20 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-10-04 12:57 - 2019-09-13 05:20 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-10-04 12:57 - 2019-09-13 05:20 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2019-10-04 12:57 - 2019-09-13 05:20 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2019-10-04 12:57 - 2019-09-13 05:19 - 00514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-10-04 12:57 - 2019-09-13 05:18 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-10-04 12:57 - 2019-09-13 05:18 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2019-10-04 12:57 - 2019-09-13 05:17 - 00761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-10-04 12:57 - 2019-09-13 05:17 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-10-04 12:57 - 2019-09-13 05:17 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2019-10-04 12:57 - 2019-09-13 05:17 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2019-10-04 12:57 - 2019-09-13 05:17 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-10-04 12:57 - 2019-09-13 05:16 - 00910336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2019-10-04 12:57 - 2019-09-13 05:16 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2019-10-04 12:57 - 2019-09-13 05:15 - 01549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-10-04 12:57 - 2019-09-13 05:15 - 01023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2019-10-04 12:57 - 2019-09-13 05:15 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2019-10-04 12:57 - 2019-09-13 05:15 - 00517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-10-04 12:57 - 2019-09-13 05:15 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2019-10-04 12:57 - 2019-09-13 05:15 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\DavSyncProvider.dll
2019-10-04 12:57 - 2019-09-13 05:15 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-10-04 12:57 - 2019-09-13 05:14 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2019-10-04 12:57 - 2019-09-13 05:14 - 00602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-10-04 12:57 - 2019-09-13 05:14 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-10-04 12:57 - 2019-09-13 05:14 - 00257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2019-10-04 12:57 - 2019-09-13 05:13 - 02893312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2019-10-04 12:57 - 2019-09-13 05:13 - 01371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2019-10-04 12:57 - 2019-09-13 05:13 - 00927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2019-10-04 12:57 - 2019-09-13 05:13 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-10-04 12:57 - 2019-09-13 05:13 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-10-04 12:57 - 2019-09-13 05:13 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-10-04 12:57 - 2019-09-13 05:12 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2019-10-04 12:57 - 2019-09-13 05:12 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2019-10-04 12:57 - 2019-09-13 05:12 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-10-04 12:57 - 2019-09-13 05:11 - 00979456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2019-10-04 12:57 - 2019-09-13 05:11 - 00782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-10-04 12:57 - 2019-09-13 05:11 - 00735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2019-10-04 12:57 - 2019-09-13 05:11 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-10-04 12:57 - 2019-09-13 05:11 - 00536576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-10-04 12:57 - 2019-09-13 05:11 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DavSyncProvider.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2019-11-01 09:47 - 2018-06-06 20:39 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2019-11-01 09:41 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\system32\sru
2019-11-01 09:01 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\AppReadiness
2019-11-01 08:55 - 2018-02-14 02:05 - 00000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-11-01 08:43 - 2014-10-08 19:22 - 00000000 ___RD C:\Users\Stefanie\OneDrive
2019-10-28 06:49 - 2018-06-07 04:52 - 01718588 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-10-28 06:49 - 2018-04-12 17:13 - 00743096 _____ C:\WINDOWS\system32\perfh007.dat
2019-10-28 06:49 - 2018-04-12 17:13 - 00149732 _____ C:\WINDOWS\system32\perfc007.dat
2019-10-28 06:42 - 2019-09-29 14:50 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2019-10-28 06:41 - 2018-06-07 05:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-10-28 06:41 - 2016-12-02 19:29 - 00746616 _____ C:\WINDOWS\PFRO.log
2019-10-28 06:41 - 2014-10-08 20:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-10-28 06:40 - 2018-04-11 22:04 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2019-10-27 17:32 - 2017-12-09 09:53 - 00000000 ___RD C:\Users\Stefanie\3D Objects
2019-10-27 17:14 - 2019-09-29 10:51 - 00000000 ____D C:\ProgramData\AVAST Software
2019-10-27 17:14 - 2018-06-06 20:39 - 00281408 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\zu-ZA
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\yo-NG
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\xh-ZA
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\wo-SN
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\tn-ZA
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\ti-ET
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\rw-RW
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\nso-ZA
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\ig-NG
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\chr-CHER-US
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2019-10-27 17:09 - 2018-04-12 00:38 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2019-10-27 17:09 - 2018-04-12 00:38 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2019-10-27 17:09 - 2018-04-12 00:38 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2019-10-27 17:09 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\TextInput
2019-10-27 17:09 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\SysWOW64\sk-SK
2019-10-27 17:09 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-10-27 17:09 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-10-27 17:09 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2019-10-27 17:09 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\system32\sk-SK
2019-10-27 17:09 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\system32\oobe
2019-10-27 17:09 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\ShellExperiences
2019-10-27 17:09 - 2018-04-11 22:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2019-10-27 17:08 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\bcastdvr
2019-10-27 17:01 - 2017-02-08 18:37 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2019-10-27 17:01 - 2014-06-09 15:07 - 00000000 ____D C:\Program Files (x86)\TOSHIBA
2019-10-27 17:01 - 2014-05-22 01:03 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2019-10-27 17:01 - 2014-05-22 01:03 - 00000000 ____D C:\Program Files\TOSHIBA
2019-10-27 17:01 - 2014-05-22 00:54 - 00000000 ____D C:\ProgramData\TOSHIBA
2019-10-27 17:00 - 2017-07-03 20:33 - 00000000 ____D C:\Users\Stefanie\AppData\Roaming\Hewlett-Packard
2019-10-27 17:00 - 2017-02-10 16:56 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2019-10-27 16:21 - 2018-05-30 19:46 - 00000000 ___DC C:\WINDOWS\Panther
2019-10-25 10:09 - 2018-06-07 05:08 - 00003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-581088433-320290056-2638895184-1001
2019-10-25 10:09 - 2018-06-07 04:37 - 00002434 _____ C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-24 11:25 - 2018-04-12 00:38 - 00017800 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2019-10-24 11:18 - 2018-04-12 00:30 - 00000000 ____D C:\WINDOWS\CbsTemp
2019-10-24 10:56 - 2014-10-10 18:28 - 00000000 ____D C:\WINDOWS\system32\MRT
2019-10-24 10:50 - 2014-10-10 18:27 - 127230528 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-10-24 10:36 - 2014-10-10 11:41 - 00000000 ____D C:\Program Files\Microsoft Office 15
2019-10-20 18:18 - 2018-06-07 08:41 - 00000000 ____D C:\Users\Stefanie\AppData\Local\D3DSCache
2019-10-07 18:04 - 2019-09-29 11:10 - 00000000 ____D C:\ProgramData\Malwarebytes
2019-10-07 18:03 - 2018-04-12 00:38 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2019-10-06 14:27 - 2014-10-08 19:51 - 00000000 ____D C:\ProgramData\Mozilla
2019-10-06 14:22 - 2014-05-22 00:54 - 00000000 ____D C:\Program Files (x86)\Google
2019-10-06 14:13 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-10-06 14:13 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\system32\Macromed
2019-10-06 14:12 - 2016-08-02 16:58 - 00000000 ____D C:\Program Files (x86)\Adobe
2019-10-05 16:58 - 2014-10-22 11:12 - 00000000 ____D C:\Users\Stefanie\Documents\Steffi Bewerbungsunterlagen
2019-10-05 16:25 - 2018-06-07 07:10 - 00000000 ____D C:\Users\Stefanie\AppData\Local\PlaceholderTileLogoFolder
2019-10-05 16:19 - 2018-07-03 17:52 - 00000000 ____D C:\ProgramData\Packages
2019-10-05 16:19 - 2017-12-09 09:20 - 00000000 ____D C:\Users\Stefanie\AppData\Local\Packages
2019-10-02 21:38 - 2018-06-07 05:08 - 00003632 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-10-02 21:38 - 2018-06-07 05:08 - 00003508 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2019-08-05 23:42 - 2019-08-05 23:42 - 0361562 _____ () C:\Users\Stefanie\AppData\Roaming\Bepacecudeto
2019-09-01 19:42 - 2019-09-01 19:42 - 0307024 _____ () C:\Users\Stefanie\AppData\Roaming\Budadet
2019-09-27 23:42 - 2019-09-27 23:42 - 0325862 _____ () C:\Users\Stefanie\AppData\Roaming\Cerepelu
2019-03-16 00:42 - 2019-03-16 00:42 - 0329892 _____ () C:\Users\Stefanie\AppData\Roaming\Cureheleloci
2019-04-27 23:42 - 2019-04-27 23:42 - 0335229 _____ () C:\Users\Stefanie\AppData\Roaming\Dehacimusuma
2019-02-19 00:42 - 2019-02-19 00:42 - 0337202 _____ () C:\Users\Stefanie\AppData\Roaming\Dofanapopele
2019-02-10 00:42 - 2019-02-10 00:42 - 0133167 _____ () C:\Users\Stefanie\AppData\Roaming\Fufaboliko
2019-05-14 23:42 - 2019-05-14 23:42 - 0304458 _____ () C:\Users\Stefanie\AppData\Roaming\Gaheme
2019-05-22 23:42 - 2019-05-22 23:42 - 0302882 _____ () C:\Users\Stefanie\AppData\Roaming\Gopib
2019-07-04 12:42 - 2019-07-04 12:42 - 0168331 _____ () C:\Users\Stefanie\AppData\Roaming\Gubiparo
2019-06-17 23:42 - 2019-06-17 23:42 - 0347448 _____ () C:\Users\Stefanie\AppData\Roaming\Hepotoca
2019-09-09 23:42 - 2019-09-09 23:42 - 0128371 _____ () C:\Users\Stefanie\AppData\Roaming\Hesumo
2019-09-04 23:42 - 2019-09-04 23:42 - 0364531 _____ () C:\Users\Stefanie\AppData\Roaming\Hesusakolit
2019-08-14 23:42 - 2019-08-14 23:42 - 0212389 _____ () C:\Users\Stefanie\AppData\Roaming\Hoginig
2019-08-22 23:42 - 2019-08-22 23:42 - 0327657 _____ () C:\Users\Stefanie\AppData\Roaming\Honekineneba
2019-07-12 23:28 - 2019-07-12 23:28 - 0157795 _____ () C:\Users\Stefanie\AppData\Roaming\Kecareh
2019-06-25 23:42 - 2019-06-25 23:42 - 0246789 _____ () C:\Users\Stefanie\AppData\Roaming\Kehenat
2016-10-29 14:01 - 2016-10-29 14:01 - 0018833 _____ () C:\Users\Stefanie\AppData\Roaming\Kelalipob
2019-04-19 23:10 - 2019-04-19 23:10 - 0313260 _____ () C:\Users\Stefanie\AppData\Roaming\Kunesamafo
2019-07-20 23:42 - 2019-07-20 23:42 - 0362819 _____ () C:\Users\Stefanie\AppData\Roaming\Lurusuhat
2019-05-05 23:42 - 2019-05-05 23:42 - 0164250 _____ () C:\Users\Stefanie\AppData\Roaming\Matedanafika
2019-02-28 00:42 - 2019-02-28 00:42 - 0286382 _____ () C:\Users\Stefanie\AppData\Roaming\Nibug
2019-09-19 11:28 - 2019-09-19 11:28 - 0292078 _____ () C:\Users\Stefanie\AppData\Roaming\Ninibokekimi
2019-07-28 23:42 - 2019-07-28 23:42 - 0359966 _____ () C:\Users\Stefanie\AppData\Roaming\Nodikolib
2019-04-10 23:46 - 2019-04-10 23:46 - 0315693 _____ () C:\Users\Stefanie\AppData\Roaming\Pitacarobere
2019-03-25 00:29 - 2019-03-25 00:29 - 0340540 _____ () C:\Users\Stefanie\AppData\Roaming\Pufure
2019-03-08 00:42 - 2019-03-08 00:42 - 0146702 _____ () C:\Users\Stefanie\AppData\Roaming\Rukeraf
2019-06-08 23:42 - 2019-06-08 23:42 - 0220511 _____ () C:\Users\Stefanie\AppData\Roaming\Sosimofem
2019-05-31 23:42 - 2019-05-31 23:42 - 0137171 _____ () C:\Users\Stefanie\AppData\Roaming\Teritet
2019-04-02 23:42 - 2019-04-02 23:42 - 0151565 _____ () C:\Users\Stefanie\AppData\Roaming\Tetetuco
2014-10-10 11:42 - 2019-09-27 23:42 - 0001093 _____ () C:\Users\Stefanie\AppData\Roaming\WB.CFG
2017-12-15 09:26 - 2017-12-15 09:26 - 0000068 _____ () C:\Users\Stefanie\AppData\Local\5qe2nbznbz
2014-10-12 20:42 - 2014-12-20 18:43 - 0000001 _____ () C:\Users\Stefanie\AppData\Local\DSI.DAT
2016-12-11 16:04 - 2017-02-14 22:17 - 0000041 _____ () C:\ProgramData\.zreglib
2017-09-15 08:45 - 2017-09-15 08:45 - 0000000 _____ () C:\ProgramData\DP45977C.lfl
2017-12-29 19:29 - 2017-12-29 19:29 - 0000016 _____ () C:\ProgramData\mntemp
2017-12-29 19:29 - 2017-12-29 19:29 - 0004935 _____ () C:\ProgramData\vfiakfjk.zeu

==================== Bamital & volsnap Check =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\System32\winlogon.exe => Datei ist digital signiert
C:\Windows\System32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\System32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\System32\services.exe => Datei ist digital signiert
C:\Windows\System32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\System32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\System32\rpcss.dll => Datei ist digital signiert
C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2018-06-06 20:39

==================== Ende von log ============================

Djchaos · 01.11.2019, 10:04

Addition.txt

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:28-07-2015
durchgeführt von Stefanie (2019-11-01 09:54:56)
Gestartet von C:\Users\Stefanie\Desktop
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-581088433-320290056-2638895184-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-581088433-320290056-2638895184-503 - Limited - Disabled)
Gast (S-1-5-21-581088433-320290056-2638895184-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-581088433-320290056-2638895184-1005 - Limited - Enabled)
Stefanie (S-1-5-21-581088433-320290056-2638895184-1001 - Administrator - Enabled) => C:\Users\Stefanie
WDAGUtilityAccount (S-1-5-21-581088433-320290056-2638895184-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
AVI Media Player 1.0.2 (HKLM-x32\...\AVI Media Player_is1) (Version:  - vsevensoft.com)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CloneCD (HKLM-x32\...\CloneCD) (Version: 5.3.4.0 - SlySoft)
Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden
DTS Sound (HKLM-x32\...\{9B17BBEC-CF31-4C23-949E-E65A14365CE1}) (Version: 1.01.6100 - DTS, Inc.)
Enchanted Cavern 2 (x32 Version: 2.2.0.110 - WildTangent) Hidden
Evernote (HKLM-x32\...\Evernote) (Version: 1.0.0 - Evernote Launcher by Toshiba Europe GmbH)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.35.301 - Google LLC) Hidden
HP LaserJet Pro M11-M13 Series (HKLM\...\HP LaserJet Pro M11-M13 Series) (Version:  - )
HP Support Solutions Framework (HKLM-x32\...\{AAE126B3-95C5-49E1-A590-7B5F6EDC7D60}) (Version: 12.13.42.1 - HP Inc.)
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4425 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden
Malwarebytes Version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.5179.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-581088433-320290056-2638895184-1001\...\OneDriveSetup.exe) (Version: 19.174.0902.0013 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d07b0db5-8dad-40e1-be90-88026298a46b}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{2749c485-3a8b-4533-92ff-7cf6e8221cff}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.21.00.03 - Huawei Technologies Co.,Ltd)
Movavi Video Converter 18 Premium (HKLM-x32\...\Movavi Video Converter 18 Premium) (Version: 18.1.0 - Movavi)
Mozilla Firefox 70.0 (x64 de) (HKLM\...\Mozilla Firefox 70.0 (x64 de)) (Version: 70.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0.2 - Mozilla)
My Kingdom for the Princess 3 (x32 Version: 2.2.0.110 - WildTangent) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.5179.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.5179.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.5179.1000 - Microsoft Corporation) Hidden
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7173 - Realtek Semiconductor Corp.)
Symbaloo (HKLM-x32\...\Symbaloo) (Version: 1.0.0 - Symbaloo Launcher by Toshiba Europe GmbH)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.4.3.182 - Synaptics Incorporated)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.6.4835 - TeamViewer)
tiptoi® Manager 4.0.1 (HKLM\...\{833392BB-E8C0-4066-9408-3A30FA43972F}_is1) (Version: 4.0.1 - Ravensburger AG)
TOSHIBA Display Utility (HKLM\...\{F64E9295-E1B3-4EEA-86D3-AF44A0087B06}) (Version: 1.1.16.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{94D2A899-0C34-4420-880E-AE337E635AB0}) (Version: 2.4.2.6403 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{1844CFE2-EBA3-490A-8A5E-9BFC646342FD}) (Version: 1.1.5.6402 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.19 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{59358FD4-252B-4B38-AB81-955C491A494F}) (Version: 2.0.0.15C - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.2.00.56006005 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{E3FCDCBE-0A13-4F73-95C1-000A51CF1C8C}) (Version: 2.6.16.0 - Toshiba Corporation)
TOSHIBA Start Screen Option (HKLM\...\{06B71035-F19F-4F76-9875-FFCCD4FC3F83}) (Version: 1.00.01.6402 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0033 - Toshiba Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (Version: 1.24.0.0 - Microsoft Corporation) Hidden
Utility Common Driver (x32 Version: 1.0.53.3 - Compal) Hidden
Virtual Villagers 5 - New Believers (x32 Version: 3.0.2.32 - WildTangent) Hidden
Windows Phone app for desktop (HKLM-x32\...\{19773614-FC22-4ACC-AAA3-E6BDA81ACF92}) (Version: 1.1.2726.0 - Microsoft Corporation)
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}\localserver32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{389510b7-9e58-40d7-98bf-60b911cb0ea9}\localserver32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileCoAuthLib64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{94269C4E-071A-4116-90E6-52E557067E4E}\localserver32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{A926714B-7BFC-4D08-A035-80021395FFA8}\localserver32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll (Microsoft Corporation)

==================== Wiederherstellungspunkte =========================

06-10-2019 14:09:31 Removed Adobe Acrobat Reader DC - Deutsch.
24-10-2019 10:47:39 Windows Update
01-11-2019 09:14:30 Windows Update

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {042D8A51-5878-4000-9C10-C04AFF122A1F} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand
Task: {04B3E894-DE5B-4C4A-9AA7-CA8F7CE43583} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Cellular => C:\Windows\system32\ProvTool.exe [2018-04-12] (Microsoft Corporation)
Task: {05C3BAB1-68F8-4EAF-B4AF-8C21E2478533} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime No Task File <==== ATTENTION
Task: {05E09776-F708-4694-949B-E8993608CC2B} - System32\Tasks\Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate
Task: {09131E27-3793-4B1E-A11E-77D3EAC118D1} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask
Task: {0A7AA876-862F-4F81-AA4B-B73950FA632C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates
Task: {0BA33681-9D00-4B31-9A87-01683672BFEF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d No Task File <==== ATTENTION
Task: {0E55C40D-83F8-4F39-838C-C1D3707EA86A} - System32\Tasks\Microsoft\Windows\DUSM\dusmtask => C:\Windows\System32\dusmtask.exe [2018-11-01] (Microsoft Corporation)
Task: {10A37F08-4ACD-47E1-AAB4-6ECDE6DDDE8A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {175463A3-4AF2-4959-8504-C36C4397C393} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\IntegrityCheck
Task: {1BE936D4-EE40-4F04-84E0-18FFD27C0A6A} - System32\Tasks\Microsoft\Windows\Chkdsk\SyspartRepair => C:\Windows\system32\bcdboot.exe [2018-04-12] (Microsoft Corporation)
Task: {1C7A907A-6B30-4164-8565-B0A88C877376} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2019-02-13] (Microsoft Corporation)
Task: {1FAE791A-9736-4412-823B-80AE3EE2C1CB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d No Task File <==== ATTENTION
Task: {2231CAFE-FABE-41F5-A0B3-842D9319DBF9} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\Windows\system32\AppHostRegistrationVerifier.exe [2018-06-06] (Microsoft Corporation)
Task: {226C52BC-0F62-4E67-A70D-74C22932AC02} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload => C:\Windows\system32\dmclient.exe [2018-04-12] (Microsoft Corporation)
Task: {23ACACF5-2E96-4ECC-BE70-94CFCB2EF6DE} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Installation
Task: {257A47C0-FECE-4A8E-BB35-161852DFF727} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-01-20] (Realtek Semiconductor)
Task: {289D68A0-E96F-491B-9498-B0B602C5C53A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess No Task File <==== ATTENTION
Task: {28C75830-5752-4F41-A94B-BFD5E8A0D7C8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d No Task File <==== ATTENTION
Task: {294EF281-56B6-4F71-8115-BAC2919EF034} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task
Task: {29F3A47A-C0DC-48D8-ACAF-89413EE0731D} - System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr => C:\Windows\System32\UNP\UpdateNotificationMgr.exe [2019-07-09] (Microsoft Corporation)
Task: {2BB692C1-F60F-479E-ADC2-1CAF9422A2AC} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask
Task: {2DBD790D-172A-4CFA-B3F7-824D7509680F} - System32\Tasks\Microsoft\Windows\PushToInstall\Registration => Sc.exe start pushtoinstall registration
Task: {2E2E003A-9792-4956-8F12-92797F584AB8} - System32\Tasks\Microsoft\Windows\License Manager\TempSignedLicenseExchange
Task: {3137ADB6-515F-4020-9DB9-0F91106BB27F} - \WPD\SqmUpload_S-1-5-21-581088433-320290056-2638895184-1001 No Task File <==== ATTENTION
Task: {3199A9F7-0492-4FC9-9EC1-A59CC69A8F52} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe
Task: {3790297B-C317-4FEB-9E8D-3B4C85520240} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig No Task File <==== ATTENTION
Task: {3C1365A1-11E1-4629-9B25-7D6A932E6B60} - System32\Tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Management Initialization
Task: {3DF2FF36-8A3E-4F15-9221-D68F365A7872} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe
Task: {407E1879-1F5E-42B2-BA7F-53BCEF433805} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe [2018-04-12] (Microsoft Corporation)
Task: {430852CB-A87C-492E-A659-075C7BF1710C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates
Task: {46DDFBEA-7B80-499F-8D16-8FB7836BEBDC} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan => C:\Windows\system32\usoclient.exe [2019-09-13] (Microsoft Corporation)
Task: {4CB53382-6FBB-4666-B563-0ABC6429D301} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceSettingChange
Task: {4F662F7F-D75F-455E-A03A-8AD0D8313218} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B No Task File <==== ATTENTION
Task: {51B7FB15-4DCB-400E-9A98-10E802F21FB3} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceScreenOnOff
Task: {51D31EBF-545E-411D-A21A-CB34004CC384} - System32\Tasks\Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh
Task: {5294EF9E-88CD-432B-A10B-C3AC2FB364AC} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe [2019-08-26] (Microsoft Corporation)
Task: {536E4522-B726-480C-9063-126E74EEA4A4} - System32\Tasks\Microsoft\Windows\Maps\MapsUpdateTask
Task: {541BA5BF-1736-4A3E-B1E5-CE1C9EE13043} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates
Task: {577C3956-E492-42A5-AEFB-FDC54A537C64} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange
Task: {57A7E0DF-F70E-43B1-AA2C-5BA67DBBE753} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask
Task: {5BE358DF-C2F0-43BC-BA5A-77E36BF54A02} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics => C:\Windows\system32\disksnapshot.exe [2018-04-12] (Microsoft Corporation)
Task: {5DB4FD20-4FF2-4C58-9801-ADD6F0149633} - System32\Tasks\Microsoft\Windows\EDP\EDP Inaccessible Credentials Task
Task: {60C269FF-448A-4F10-886E-2C70F5086A5F} - System32\Tasks\Microsoft\Windows\Sysmain\ResPriStaticDbSync
Task: {62331915-A3E9-4B6E-9686-86034377E8CF} - System32\Tasks\Microsoft\Windows\USB\Usb-Notifications
Task: {65A34F07-723D-4150-B109-13BD1AE3DFAA} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6BFE7106-601B-4B34-8F8E-87B9A0DA6ACE} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterUserDevice
Task: {6DE4F7DC-0B8D-404A-A6C9-83241658F8CA} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\Windows\system32\AppHostRegistrationVerifier.exe [2018-06-06] (Microsoft Corporation)
Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => C:\Windows\system32\MusNotification.exe [2019-10-02] (Microsoft Corporation)
Task: {7138D0D3-1873-4A77-86CF-4840F491C90F} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\Windows\System32\XblGameSaveTask.exe [2018-04-12] (Microsoft Corporation)
Task: {749AC711-AA62-4D1D-B314-EF1C97E1CA56} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2018-04-12] (Microsoft Corporation)
Task: {749E286C-C205-4C7C-B742-BE5023BF06DE} - System32\Tasks\Microsoft\Windows\PushToInstall\LoginCheck => Sc.exe start pushtoinstall login
Task: {75522E26-6BE6-4F53-A0FA-14470ECAACAB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2019-07-09] (Microsoft Corporation)
Task: {7558573E-8172-4712-ACF4-9749EC2BE926} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation
Task: {78BABCCD-20B8-49B7-B4F8-87490C41C875} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser
Task: {7E964508-4868-4DB6-A10A-B96FAE223F77} - \Microsoft\Windows\UNP\RunCampaignManager No Task File <==== ATTENTION
Task: {7EAE5A6B-00F4-4B9F-A255-E1C163B587A1} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession
Task: {836F749C-D064-4E3A-8EEB-A8C21F65A018} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [2019-11-01] (Microsoft Corporation)
Task: {88ACDE4D-32A9-43B2-8AFA-B40952AA4881} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [2019-11-01] (Microsoft Corporation)
Task: {8B4471CE-BE6B-4E3E-ACA5-46DEE1BBC895} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater – Install HPSA => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe
Task: {8CCDCCC3-88F0-4860-84BE-5AC16A1C6FA9} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => Rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
Task: {8D87C19D-6DCD-4EFE-B479-BA3F07C807AB} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2018-03-28] (Synaptics Incorporated)
Task: {8DD63C04-476E-493C-861A-32E304334E76} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistant => C:\Windows\UpdateAssistant\UpdateAssistant.exe [2019-10-16] (Microsoft Corporation)
Task: {8E7BB9A3-956E-4C6A-AE87-4F175197704F} - System32\Tasks\Microsoft\Windows\NlaSvc\WiFiTask => C:\Windows\System32\WiFiTask.exe [2018-04-12] (Microsoft Corporation)
Task: {8F255F88-A87A-495F-B828-A4AFEC70BDB0} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\Windows\system32\dxgiadaptercache.exe [2018-04-12] (Microsoft Corporation)
Task: {91AF4E1B-193C-48CF-9F8C-4E86CB77B10B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime No Task File <==== ATTENTION
Task: {931758D8-2EC2-4EAE-B3BA-A98DAEC67332} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {94C0F2F9-98DF-415E-BDC9-AAFF75D5EF69} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2018-04-12] (Microsoft Corporation)
Task: {95301ABB-6B78-4DEE-8319-BD138F73F8D3} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2018-04-12] (Microsoft Corporation)
Task: {97A565C8-93ED-4888-94AF-BAFA03F733FE} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantWakeupRun => C:\Windows\UpdateAssistant\UpdateAssistant.exe [2019-10-16] (Microsoft Corporation)
Task: {97E8D66D-0085-423C-BA11-DD777A1258AB} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\Windows\system32\MDMAgent.exe [2019-06-13] (Microsoft Corporation)
Task: {9BD44F9F-0C01-4F78-9644-4C7596CD1E0A} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceAccountChange
Task: {9D6319E1-E88F-4D35-AD66-C4EED376E93E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d No Task File <==== ATTENTION
Task: {9E135150-470F-49FC-941B-E284A56AEDD1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [2019-11-01] (Microsoft Corporation)
Task: {9E1DD7B4-6A7B-4AD3-B4AA-B4741028631C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent No Task File <==== ATTENTION
Task: {9ED04639-82DC-496B-85A2-58B3C48CA3F3} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback
Task: {A19CD75C-08C3-42D5-9EB4-AE76B91A5550} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2018-04-12] (Microsoft Corporation)
Task: {A2E97D0A-9C58-44AB-89DC-55128ACA73C4} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {A305A840-EC8B-4C66-8EA8-5FF15F129CD2} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe [2018-04-12] (Microsoft Corporation)
Task: {A5FE6B52-974F-492F-81F3-472223AD09D5} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\Windows\system32\ClipRenew.exe [2018-04-12] (Microsoft Corporation)
Task: {B0952E0A-C54F-4E8B-95E9-90E560086B37} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand
Task: {B14C88F4-4AAC-4F00-A94E-8EA180D7AEDC} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense
Task: {B2D1D0E5-4670-4493-9360-C9DD0E832A9D} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\CryptoPolicyTask
Task: {B2F4AC84-A8D0-4524-9363-BFF5A5911A00} - System32\Tasks\Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask
Task: {B320E058-C6FA-413F-876B-0C9B4428AE66} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic6
Task: {B3433942-FE11-4C11-839D-9C7589B6C5CB} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\Windows\system32\ClipRenew.exe [2018-04-12] (Microsoft Corporation)
Task: {B57429E8-8CBF-47A8-89FA-B5219D8376E3} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2019-02-13] (Microsoft Corporation)
Task: {B6DCBB4A-0292-47AE-B9DC-F81CF086D721} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-581088433-320290056-2638895184-1001 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {B76ECE88-27B3-4CEC-9B37-1314B4602CAA} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic24
Task: {BD924DA8-2073-4BD4-8BCB-118ED4EDEB2C} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\AC Power Install => C:\Windows\system32\usoclient.exe [2019-09-13] (Microsoft Corporation)
Task: {C2098BE2-A29A-4EB1-97F6-F0C57E086D4F} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\Windows\system32\speech_onecore\common\SpeechRuntime.exe [2018-06-06] (Microsoft Corporation)
Task: {C48D50E5-71A9-48D8-B7C1-3DA9AECBDEC3} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2019-05-17] (Microsoft Corporation)
Task: {C6B2579B-4962-4D12-883D-BBD420573A6C} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic1
Task: {C9B34E7E-3A1B-4940-B011-BF7F34B31D20} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2014-04-03] (TOSHIBA Corporation)
Task: {CB7F3B8F-F794-47DD-A8D2-AD8051F45A55} - System32\Tasks\Microsoft\Windows\WwanSvc\NotificationTask => C:\Windows\System32\WiFiTask.exe [2018-04-12] (Microsoft Corporation)
Task: {CCEF2C54-86E8-4168-B918-53DA443D8D00} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe
Task: {CD5CE6F3-171C-4C0F-8629-3F2126A0FB72} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => C:\Windows\system32\MusNotification.exe [2019-10-02] (Microsoft Corporation)
Task: {CDA5D686-5D6C-4730-9907-B66710DC3670} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange
Task: {D010978C-B666-4072-B7F3-DD6340CDD629} - System32\Tasks\Microsoft\Windows\EDP\StorageCardEncryption Task
Task: {D0300741-03C7-49FE-ABAC-C520084F6E67} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [2019-11-01] (Microsoft Corporation)
Task: {D19A2726-897E-4F7D-9CE4-0773B449CE9E} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceConnectedToNetwork
Task: {D1CC320B-9A47-4DB4-AFE4-2BCE1A964E7A} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources
Task: {D49C81A2-855C-417E-825F-1DC2AA1443D3} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon => C:\Windows\System32\XblGameSaveTask.exe [2018-04-12] (Microsoft Corporation)
Task: {D4A9B4EC-1635-4B25-9E3B-1C9BE9D98D00} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattelrunner.exe [2019-09-04] (Microsoft Corporation)
Task: {D8436F3C-DDFE-4877-A05C-2337758E98E9} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {DC3C4041-27B3-4040-9DE1-FA5EE922AA3B} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {DD710A69-86C6-4932-97B1-01FB13ACFEF1} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged
Task: {E047CF5C-4040-476F-8737-408E3BA4B0B6} - System32\Tasks\Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate
Task: {E0862994-9083-482D-A921-27B4860FFA21} - System32\Tasks\Microsoft\Windows\Printing\EduPrintProv => C:\Windows\system32\eduprintprov.exe [2019-04-19] (Microsoft Corporation)
Task: {E1CA9B6B-2358-49EA-9722-19B254DC558E} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantCalendarRun => C:\Windows\UpdateAssistant\UpdateAssistant.exe [2019-10-16] (Microsoft Corporation)
Task: {E82177E3-E19A-4321-84F6-90AA57815013} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2019-09-04] (Microsoft Corporation)
Task: {E8411C63-4393-40B6-9A25-7D31CD4897BE} - System32\Tasks\Microsoft\Windows\WCM\WiFiTask => C:\Windows\System32\WiFiTask.exe [2018-04-12] (Microsoft Corporation)
Task: {E907704E-6225-4B0A-A428-3ECE7F8277BE} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask
Task: {E9474EE3-C9D7-4FA3-9B3E-353E37D5814D} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Logon => C:\Windows\system32\ProvTool.exe [2018-04-12] (Microsoft Corporation)
Task: {E9A40C11-F4D4-498B-B441-C0B6110AC9A4} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantAllUsersRun => C:\Windows\UpdateAssistant\UpdateAssistant.exe [2019-10-16] (Microsoft Corporation)
Task: {EE263E86-FF16-45EE-94C8-2327B81F98CE} - System32\Tasks\Microsoft\Windows\Workplace Join\Recovery-Check => C:\Windows\System32\dsregcmd.exe [2018-04-12] (Microsoft Corporation)
Task: {EF7CFDCE-C0DD-449F-9DF2-CCEB2CE3AE8B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent No Task File <==== ATTENTION
Task: {EFA86FF7-22AE-4997-AFD9-E89E1BF9B7D6} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\Windows\system32\devicecensus.exe [2019-09-04] (Microsoft Corporation)
Task: {F084544B-322F-4CED-B874-EC696339C19E} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceManagerTask => C:\Windows\system32\spaceman.exe [2018-04-12] (Microsoft Corporation)
Task: {F35ACE16-1E96-431C-B189-F2F82BA8A4F9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d No Task File <==== ATTENTION
Task: {F955A09C-E83A-4AD5-9ABC-7D5D7A055117} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task
Task: {FC779438-B7FD-4774-AA55-4DE2A4B098A4} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh
Task: {FD0C7C89-E963-41B3-A6DE-3D6B2644A94D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {FE702A37-B3C1-4A15-B59D-86935E5097A7} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation
Task: {FEBC9EFC-F9E9-420F-AA49-0491E2CA5639} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install => C:\Windows\system32\usoclient.exe [2019-09-13] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2018-04-12 00:34 - 2018-04-12 00:34 - 00491744 _____ () C:\Windows\System32\InputHost.dll
2017-02-08 21:51 - 2016-02-25 15:39 - 00074240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HPM11M13PP.DLL
2014-10-10 11:41 - 2017-01-17 03:25 - 00117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-03-03 21:30 - 2014-03-03 21:30 - 00021840 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2015-03-01 12:37 - 2013-07-23 04:47 - 00239696 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
2018-04-12 00:34 - 2018-04-12 00:34 - 00472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2019-09-11 04:21 - 2019-09-04 05:39 - 02759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 00491744 _____ () C:\WINDOWS\SYSTEM32\InputHost.dll
2019-10-24 10:59 - 2019-10-02 05:23 - 02184192 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 00491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2019-09-25 19:24 - 2019-09-25 19:25 - 00484352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2019-09-25 19:24 - 2019-09-25 19:25 - 80811520 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2019-09-25 19:24 - 2019-09-25 19:25 - 00011264 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2019-05-03 17:52 - 2019-05-03 17:53 - 03707904 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2017-10-05 08:13 - 2017-10-05 08:15 - 02523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2019-09-25 19:24 - 2019-09-25 19:25 - 13444096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2019-09-25 19:24 - 2019-09-25 19:24 - 03027968 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2019-05-03 17:52 - 2019-05-03 17:53 - 01014784 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2019-09-25 19:24 - 2019-09-25 19:25 - 00123904 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\AppSettingsCppCX.dll
2019-08-24 21:39 - 2019-08-24 21:40 - 01418240 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll
2019-08-24 21:39 - 2019-08-24 21:40 - 01398784 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2019-09-25 19:24 - 2019-09-25 19:25 - 00881664 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\OnlineMediaComponent.dll
2019-11-01 08:52 - 2019-11-01 08:54 - 23313408 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19101.10711.0_x64__8wekyb3d8bbwe\Music.UI.exe
2019-11-01 08:52 - 2019-11-01 08:54 - 00289280 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19101.10711.0_x64__8wekyb3d8bbwe\SharedUI.dll
2017-12-03 18:33 - 2017-12-03 18:33 - 00902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19101.10711.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-11-28 22:15 - 2018-11-28 22:15 - 04202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19101.10711.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-11-01 08:52 - 2019-11-01 08:54 - 05704704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19101.10711.0_x64__8wekyb3d8bbwe\EntCommon.dll
2019-10-24 11:04 - 2019-10-24 11:09 - 95419808 _____ () C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\libcef.dll
2019-10-24 11:04 - 2019-10-24 11:09 - 05865888 _____ () C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\libglesv2.dll
2019-10-24 11:04 - 2019-10-24 11:09 - 00320416 _____ () C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Program Files\Microsoft Office 15:Win32App_1
AlternateDataStreams: C:\Program Files\UNP:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Atheros:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\AVI Media Player:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Bluetooth Suite:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Spotify:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Windows Phone:Win32App_1
AlternateDataStreams: C:\ProgramData\Compal:Win32App_1
AlternateDataStreams: C:\Users\Stefanie\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity
AlternateDataStreams: C:\Users\Stefanie\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Stefanie\Documents\Ravensburger tiptoi:Win32App_1

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52} => ""="Firmware"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52} => ""="Firmware"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer trusted/restricted ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-581088433-320290056-2638895184-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Stefanie\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\DSCN0705.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [WirelessDisplay-Infra-In-TCP] => (Allow) %systemroot%\system32\CastSrv.exe
FirewallRules: [{43F0A6BA-6580-4322-976C-3526326A1F5B}] => (Allow) LPort=161
FirewallRules: [{79DCE212-6583-418B-98D3-5BC300532550}] => (Allow) LPort=427
FirewallRules: [{C25042E1-630B-4AD4-A979-6FFE4140A5A5}] => (Allow) LPort=9100
FirewallRules: [{DD929EDE-1337-40E5-9E5D-0A0723880007}] => (Allow) C:\Program Files\HP\HP LaserJet Pro M11-M13 Series\wificonfig.exe
FirewallRules: [{FB50C379-0382-4110-B384-6355710DB51D}] => (Allow) C:\Program Files\HP\HP LaserJet Pro M11-M13 Series\wificonfig.exe
FirewallRules: [{5EE32BE0-2A09-4972-B8EA-D82C4B0BB0A3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{7F78D69A-2287-4026-8902-716FAD84865A}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{6BCFBC3B-73FA-437C-A0F0-B6BD0DBA46E5}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{2518B1F5-B266-462C-967E-1FE500565A1D}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{B8CD2042-38C7-4279-BDC6-2D3F0B7950AB}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{EC3E7A9C-1F3E-4496-9679-41A8BB2070C8}] => (Allow) C:\Users\Stefanie\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{DD5C4696-91CB-4D58-A8CB-611D9AFE6647}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{4996D0CA-46A7-4EE4-9126-AEFF8C204305}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{48F144F7-DE7A-4999-AC43-DAC45F28266E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{BB53FFB9-F70E-4372-BD56-29255A0AA6F2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{C1FFB7C0-CB49-405F-AAFB-075A914B021F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E45C0CBB-AE89-4F63-838D-67945D8AB01B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{5DE48DF5-3D61-404A-B2C9-F07C1F539A97}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{2E5306FB-6E3C-412B-B791-7D5446BF4330}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{58E5ED33-30E1-44CF-9884-71D7CB4DE6F7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{39C630F8-E86D-4709-AAF2-80D42663BE65}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{05433D25-F9D2-47BF-A6B8-239999187D56}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{30EB44EC-BD4F-4017-91E2-5904E4563256}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{3BB607EF-D19F-42B0-8EB5-6A0CFCB2C0D4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{29DAA745-1F95-400A-8E60-B93D822FCCED}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{B0BDDE87-16E7-459C-88B2-A1065D8D0764}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{4ACEC861-5733-451B-B4A9-E444522920C9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{3D4B3F98-002F-4641-88AF-35D314E01FAC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{CC0F69FA-6D86-4AB9-85A1-6C9D39F74A6F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{CE69EE57-F033-4D46-8854-FBE98B18D62E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{73A3BF34-A4EC-405F-BE8C-FA3899A84833}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{F9147934-B002-4CE2-BC0D-3E4ABE117951}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{A19A7D11-CF1C-4937-ADE6-9FF3BF77E7F0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{3D7324D6-AB05-4CD1-8453-6946CE24AA27}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{13A4CEF4-3B93-40DA-B2D0-1088F7375CFD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{319681FC-6A8D-4626-8CA8-0756C33578F7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{A342A1BA-5BBF-407D-BF14-59BF45ADE7AC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{08E7051B-889F-48BA-ABE4-04BF0438AF8E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{CA4D3ECA-8BDD-44F4-9332-9D723CB92B42}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{BEDE9B37-22B7-4B59-BB89-C4CBA1FD0A14}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E28FA4B3-61C9-4D7D-9D60-B73453BD3562}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{525158E3-7566-43A6-AA60-3A84DB9E2F5C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{F573BB4D-92E7-487C-8926-CE508D81D643}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{BD851E31-E1EE-4436-B1A9-B9DBE0B47B22}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{7C78242F-04B7-48C3-A87F-36834A7182A1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{AB0E1EF2-2758-4CCD-A7DA-18C62BA12DC1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{8C65DC10-A379-40E3-AA3E-6B5C9D39AB24}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{33A23490-514E-4A49-BDE0-79C8E1FB0410}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{6B9F3EDA-CA0E-4155-B74F-EBD9FD892B32}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{8D1990B1-2BF9-40B1-A47F-71A9F90D6B41}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{4E9F3EFA-8D84-4DA4-B67F-AE764E7A5D6B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{1764FA75-2F99-4692-9946-5BBC226DE11B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{5E386AEE-D841-473C-81FC-96C8163FC521}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{B728E216-134F-4D62-B5D4-A44ED6DC4EC0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{80E4337B-4555-44C3-B4C3-2AA671E2A20A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E5FB16D9-00BB-452C-A48E-3FF586352F82}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{0A212600-E0C3-49F1-836A-0968CEC685C7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{244B592A-D1CF-4E06-949E-B6849142FCC4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{794F5D4C-6F6B-4235-B06F-606000888ED5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{92ADB20F-3803-45B0-AFCB-8FC6A46AEB3F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{7334221C-39EC-42D6-9044-4CCC81F543AA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{063DD2C7-3803-471C-B64B-E262140A0A11}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C47BC493-BC55-4AE9-8E92-F7CA888F688C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{09E8295D-C252-4219-9869-E210EA8B3AB0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{DFFB18C3-019D-42CD-9AB1-3A8EC7BCFE8E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{5D97C3F7-6412-4C57-8BFA-2289D1AEE544}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{6CC13204-DBC1-4456-87A8-EAEEE46968EC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E155A94C-01EA-42BB-BC5C-7366458AD490}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{7646AA3B-92AD-431F-996A-91ABC915ECFA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{72CB5C21-7D66-468E-83CA-819BEC90EB2A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{A4C1EF6E-B165-420C-A3C6-0F2A9020AE81}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{AAB7BD92-4570-43B8-97F0-A68B8A9E54FE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{407C1A7D-0FFC-4340-809D-61403D8703E9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{96995451-F6EB-4D08-9DA4-A1CA07B526A6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{64D53E24-B1EA-4C9C-9AEB-6C9528E03D3C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{FA0CA4FF-D002-4B60-B284-109F09D44703}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{55D5E618-2CA3-49BA-9379-61146CB3AEF9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{3EF6F584-A247-40B3-B574-932F6A9635EA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{4C97CA9A-BABE-4452-B607-AF99A96EA30D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{A0D7B789-B835-45A8-AAC0-CEEC4E2D9BF2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{7FB6BC8F-3D97-469D-A437-5FF319660C17}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{50998D75-C944-4DBF-8AFE-064E167AD044}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{7363A9AF-BDEE-4370-8DD7-39EF7289A9D3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{545AF423-F6B8-40BC-85ED-EE6B31C3EEEB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{B4F7E179-C922-43EB-BE83-D5CC2CB7BF24}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{ECC4D9EF-B77A-4CE5-A6DD-F56BD1024C2D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E4346D0F-393C-4029-BC6D-337629F64BA2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{B6E59659-3FF8-45C9-9ADD-AFD91AEB9937}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{EAB17B20-2A2B-4E37-B92B-DFB2454F595E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (10/28/2019 06:45:43 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SearchUI.exe, Version 10.0.17134.1067 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 360

Startzeit: 01d58d52af172ac6

Beendigungszeit: 4294967295

Anwendungspfad: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe

Berichts-ID: 1696ef40-c99d-44e8-9ce6-afa210466031

Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Cortana_1.10.8.17134_neutral_neutral_cw5n1h2txyewy

Auf das fehlerhafte Paket bezogene Anwendungs-ID: CortanaUI

Error: (10/27/2019 05:01:26 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.


Vorgang:
   Asynchroner Vorgang wird ausgeführt

Kontext:
   Aktueller Status: DoSnapshotSet

Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service Avast Antivirus since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service aswbIDSAgent since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary aswVmm.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSP.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSnx.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary aswRvrt.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary aswRdr.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary aswMonFlt.

System Error:
Das System kann die angegebene Datei nicht finden.
.


Systemfehler:
=============
Error: (11/01/2019 08:57:07 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d02 fehlgeschlagen: 9NCBCSZSJRSB-SpotifyAB.SpotifyMusic

Error: (11/01/2019 08:48:35 AM) (Source: DCOM) (EventID: 10016) (User: FINN)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}FinnStefanieS-1-5-21-581088433-320290056-2638895184-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewyS-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723

Error: (11/01/2019 08:48:23 AM) (Source: DCOM) (EventID: 10016) (User: FINN)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}FinnStefanieS-1-5-21-581088433-320290056-2638895184-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewyS-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723

Error: (11/01/2019 08:44:16 AM) (Source: DCOM) (EventID: 10016) (User: FINN)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}FinnStefanieS-1-5-21-581088433-320290056-2638895184-1001LocalHost (unter Verwendung von LRPC)SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0Nicht verfügbar

Error: (11/01/2019 08:43:56 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (11/01/2019 08:42:26 AM) (Source: DCOM) (EventID: 10016) (User: FINN)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}FinnStefanieS-1-5-21-581088433-320290056-2638895184-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewyS-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723

Error: (11/01/2019 08:40:56 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (11/01/2019 08:40:56 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (11/01/2019 08:40:54 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/28/2019 06:48:05 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStartWindows.SecurityCenter.WscBrokerManagerNicht verfügbarNT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar


Microsoft Office:
=========================
Error: (10/28/2019 06:45:43 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SearchUI.exe10.0.17134.106736001d58d52af172ac64294967295C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe1696ef40-c99d-44e8-9ce6-afa210466031Microsoft.Windows.Cortana_1.10.8.17134_neutral_neutral_cw5n1h2txyewyCortanaUI

Error: (10/27/2019 05:01:26 PM) (Source: VSS) (EventID: 8193) (User: )
Description: QueryFullProcessImageNameW0x80070006, Das Handle ist ungültig.


Vorgang:
   Asynchroner Vorgang wird ausgeführt

Kontext:
   Aktueller Status: DoSnapshotSet

Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service Avast Antivirus since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service aswbIDSAgent since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswVmm.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSP.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSnx.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswRvrt.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswRdr.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswMonFlt.

System Error:
Das System kann die angegebene Datei nicht finden.


CodeIntegrity:
===================================
  Date: 2019-10-07 19:05:43.488
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2018-09-25 09:26:00.839
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-09-25 09:26:00.604
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-09-25 09:26:00.245
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

Processor: Intel(R) Celeron(R) CPU N2830 @ 2.16GHz
Percentage of memory in use: 57%
Total physical RAM: 3982.88 MB
Available physical RAM: 1685.45 MB
Total Virtual: 4686.88 MB
Available Virtual: 1690.15 MB

==================== Drives ================================

Drive c: (TI31338300A) (Fixed) (Total:453.31 GB) (Free:318.02 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== Ende von log ============================

cosinus · 01.11.2019, 11:03

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ATTENTION
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll No File
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll No File
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No File
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
Task: {05C3BAB1-68F8-4EAF-B4AF-8C21E2478533} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime No Task File <==== ATTENTION
Task: {0BA33681-9D00-4B31-9A87-01683672BFEF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d No Task File <==== ATTENTION
Task: {1FAE791A-9736-4412-823B-80AE3EE2C1CB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d No Task File <==== ATTENTION
Task: {289D68A0-E96F-491B-9498-B0B602C5C53A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess No Task File <==== ATTENTION
Task: {28C75830-5752-4F41-A94B-BFD5E8A0D7C8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d No Task File <==== ATTENTION
Task: {3137ADB6-515F-4020-9DB9-0F91106BB27F} - \WPD\SqmUpload_S-1-5-21-581088433-320290056-2638895184-1001 No Task File <==== ATTENTION
Task: {3790297B-C317-4FEB-9E8D-3B4C85520240} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig No Task File <==== ATTENTION
Task: {4F662F7F-D75F-455E-A03A-8AD0D8313218} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B No Task File <==== ATTENTION
Task: {7E964508-4868-4DB6-A10A-B96FAE223F77} - \Microsoft\Windows\UNP\RunCampaignManager No Task File <==== ATTENTION
Task: {91AF4E1B-193C-48CF-9F8C-4E86CB77B10B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime No Task File <==== ATTENTION
Task: {9D6319E1-E88F-4D35-AD66-C4EED376E93E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d No Task File <==== ATTENTION
Task: {9E1DD7B4-6A7B-4AD3-B4AA-B4741028631C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent No Task File <==== ATTENTION
Task: {EF7CFDCE-C0DD-449F-9DF2-CCEB2CE3AE8B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent No Task File <==== ATTENTION
Task: {F35ACE16-1E96-431C-B189-F2F82BA8A4F9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d No Task File <==== ATTENTION
C:\Program Files (x86)\McAfee
C:\Program Files\McAfee
emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Djchaos · 01.11.2019, 12:12

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:28-07-2015
durchgeführt von Stefanie (2019-11-01 11:57:06) Run:1
Gestartet von C:\Users\Stefanie\Desktop
Geladene Profile: Stefanie (Verfügbare Profile: Stefanie)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ATTENTION
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll No File
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll No File
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No File
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
Task: {05C3BAB1-68F8-4EAF-B4AF-8C21E2478533} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime No Task File <==== ATTENTION
Task: {0BA33681-9D00-4B31-9A87-01683672BFEF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d No Task File <==== ATTENTION
Task: {1FAE791A-9736-4412-823B-80AE3EE2C1CB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d No Task File <==== ATTENTION
Task: {289D68A0-E96F-491B-9498-B0B602C5C53A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess No Task File <==== ATTENTION
Task: {28C75830-5752-4F41-A94B-BFD5E8A0D7C8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d No Task File <==== ATTENTION
Task: {3137ADB6-515F-4020-9DB9-0F91106BB27F} - \WPD\SqmUpload_S-1-5-21-581088433-320290056-2638895184-1001 No Task File <==== ATTENTION
Task: {3790297B-C317-4FEB-9E8D-3B4C85520240} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig No Task File <==== ATTENTION
Task: {4F662F7F-D75F-455E-A03A-8AD0D8313218} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B No Task File <==== ATTENTION
Task: {7E964508-4868-4DB6-A10A-B96FAE223F77} - \Microsoft\Windows\UNP\RunCampaignManager No Task File <==== ATTENTION
Task: {91AF4E1B-193C-48CF-9F8C-4E86CB77B10B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime No Task File <==== ATTENTION
Task: {9D6319E1-E88F-4D35-AD66-C4EED376E93E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d No Task File <==== ATTENTION
Task: {9E1DD7B4-6A7B-4AD3-B4AA-B4741028631C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent No Task File <==== ATTENTION
Task: {EF7CFDCE-C0DD-449F-9DF2-CCEB2CE3AE8B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent No Task File <==== ATTENTION
Task: {F35ACE16-1E96-431C-B189-F2F82BA8A4F9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d No Task File <==== ATTENTION
C:\Program Files (x86)\McAfee
C:\Program Files\McAfee
emptytemp:
*****************

"HKLM\SOFTWARE\Policies\Google" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Schlüssel erfolgreich entfernt
"HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10" => Schlüssel erfolgreich entfernt
"HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/MSC,version=10" => Schlüssel erfolgreich entfernt
C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll nicht gefunden.
"HKLM\Software\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0" => Schlüssel erfolgreich entfernt
C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll nicht gefunden.
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\msktbird@mcafee.com => Wert erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{05C3BAB1-68F8-4EAF-B4AF-8C21E2478533}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05C3BAB1-68F8-4EAF-B4AF-8C21E2478533}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0BA33681-9D00-4B31-9A87-01683672BFEF}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0BA33681-9D00-4B31-9A87-01683672BFEF}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1FAE791A-9736-4412-823B-80AE3EE2C1CB}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1FAE791A-9736-4412-823B-80AE3EE2C1CB}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{289D68A0-E96F-491B-9498-B0B602C5C53A}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{289D68A0-E96F-491B-9498-B0B602C5C53A}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{28C75830-5752-4F41-A94B-BFD5E8A0D7C8}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{28C75830-5752-4F41-A94B-BFD5E8A0D7C8}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3137ADB6-515F-4020-9DB9-0F91106BB27F}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3137ADB6-515F-4020-9DB9-0F91106BB27F}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-581088433-320290056-2638895184-1001" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3790297B-C317-4FEB-9E8D-3B4C85520240}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3790297B-C317-4FEB-9E8D-3B4C85520240}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4F662F7F-D75F-455E-A03A-8AD0D8313218}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F662F7F-D75F-455E-A03A-8AD0D8313218}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7E964508-4868-4DB6-A10A-B96FAE223F77}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E964508-4868-4DB6-A10A-B96FAE223F77}" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => Schlüssel nicht gefunden. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{91AF4E1B-193C-48CF-9F8C-4E86CB77B10B}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{91AF4E1B-193C-48CF-9F8C-4E86CB77B10B}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9D6319E1-E88F-4D35-AD66-C4EED376E93E}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9D6319E1-E88F-4D35-AD66-C4EED376E93E}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9E1DD7B4-6A7B-4AD3-B4AA-B4741028631C}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9E1DD7B4-6A7B-4AD3-B4AA-B4741028631C}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EF7CFDCE-C0DD-449F-9DF2-CCEB2CE3AE8B}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EF7CFDCE-C0DD-449F-9DF2-CCEB2CE3AE8B}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F35ACE16-1E96-431C-B189-F2F82BA8A4F9}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F35ACE16-1E96-431C-B189-F2F82BA8A4F9}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => Schlüssel erfolgreich entfernt
"C:\Program Files (x86)\McAfee" => Datei/Ordner nicht gefunden.
"C:\Program Files\McAfee" => Datei/Ordner nicht gefunden.
EmptyTemp: => 6.5 GB temporäre Dateien entfernt.


Das System musste neu gestartet werden.. 

==== Ende von Fixlog 11:58:40 ====

cosinus · 01.11.2019, 12:13

Kontrollscans mit Malwarebytes + ESET Online Scanner bitte.

Djchaos · 01.11.2019, 17:34

ESET Online Scanner

Code:

ATTFilter

12:34:31 # product=EOS
# version=8
# ESETOnlineScanner_DEU.exe=3.1.10.0
# country="Germany"
# lang=1031
12:35:20 Updating
12:35:20 Update Init
12:35:23 Update Download
12:41:55 esets_scanner_reload returned 0
12:41:55 g_uiModuleBuild: 43300
12:41:55 Update Finalize
12:41:55 Call m_esets_charon_send
12:41:55 Call m_esets_charon_destroy
12:41:55 Updated modules version: 43300
12:42:16 Call m_esets_charon_setup_create
12:42:16 Call m_esets_charon_create
12:42:16 m_esets_charon_create OK
12:42:17 Call m_esets_charon_start_send_thread
12:42:17 Call m_esets_charon_setup_set
12:42:17 m_esets_charon_setup_set OK
12:42:17 Scanner engine: 43300
16:55:43 # product=EOS
# version=8
# flags=0
# av=0
# fw=7
# admin=1
# ESETOnlineScanner_DEU.exe=3.1.10.0
# EOSSerial=14e6e202ebea79429ec08cb90afe4a97
# engine=43300
# end=finished
# bannerClicked=0
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# sfx_checked=true
# utc_time=2019-11-01 15:55:42
# local_time=2019-11-01 16:55:42 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=10.0.17134 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 28733 49134104 0 0
# scanned=280304
# found=6
# cleaned=6
# scan_time=15144
# scan_type=2
# flow=2019-11-01 12:34:35|scr|eula|2019-11-01 12:34:42|scr|welcome|2019-11-01 12:34:50|scr|consents|2019-11-01 12:34:56|scr|scan_type|2019-11-01 12:35:00|scr|pua|2019-11-01 12:35:20|scr|updating|2019-11-01 12:36:31|promo|eis|2019-11-01 12:41:56|scr|scanning|2019-11-01 13:09:51|click|minimize|2019-11-01 16:54:22|scr|all_cleaned|2019-11-01 16:55:15|scr|periodic_offer|2019-11-01 16:55:24|scr|upsell|2019-11-01 16:55:29|scr|thanks
# periodic=0,1
# stats_enabled=1
sh=F8E1E9F41C0F75101ECF97F739CAD15867ED9906 ft=0 fh=0000000000000fbf vn="JS/Adware.Chromex.Agent.M Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\Stefanie\AppData\Local\Chromium\User Data\Default\Extensions\bpmmandcadflhnnaiclipadomfmdbjbp\2.4.1_0\stats.js"
sh=57109D3ACFAC8456F6C83466E3FA48B7A29C2230 ft=1 fh=00000000020d3428 vn="Win32/OpenCandy potenziell unsichere Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\Stefanie\Documents\sicherung\FreeYouTubeToMP3-35Converter.exe"
sh=EDCF4EA293DD0C7475D73797276FBE9E45EBBC29 ft=1 fh=00000000005906f8 vn="Variante von Win32/FileTypeAdvisor.A potenziell unerwünschte Anwendung,Win32/Somoto.E potenziell unerwünschte Anwendung,Variante von Win32/Somoto.V potenziell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\Stefanie\Documents\sicherung\m4a-to80-mp3-converter.exe"
sh=70554D4FA9BB0357E867B9D8F5FD4170D6556D9B ft=1 fh=00000000000a9d60 vn="Variante von MSIL/DownloadGuide.D potenziell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\Stefanie\Documents\sicherung\showcreator142-Downloader.exe"
sh=510F9ECCDEF59D5A22F78C368FF1C0782778DCF2 ft=1 fh=0000000000c7c728 vn="Win32/OpenCandy potenziell unsichere Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\Stefanie\Documents\sicherung\winamp563_full_emusic-7plus_de-de.exe"
sh=A70840939A26D36FAC9DDEEB93D7E6EA3C159477 ft=1 fh=000000000cc8f748 vn="Variante von MSIL/Toshiba3rdParty.A potenziell unerwünschte Anwendung (gelöscht)" ac=C fn="C:\Users\Stefanie\Downloads\TCA0114800E.exe"
16:55:43 RecursiveRemoveDirectoryAndAllFiles: C:\Users\Stefanie\AppData\Local\ESET\ESETOnlineScanner\Modules\
16:55:43 RecursiveRemoveDirectoryAndAllFiles: C:\Users\Stefanie\AppData\Local\ESET\ESETOnlineScanner\OldModules\
16:55:43 DeleteEstsApi: C:\Users\Stefanie\AppData\Local\ESET\ESETOnlineScanner
16:55:44 DeleteApiStgFile: C:\Users\Stefanie\AppData\Local\ESET\ESETOnlineScanner
16:55:44 DeletePeriodicNotifyFiles: C:\Users\Stefanie\AppData\Local\ESET\ESETOnlineScanner
16:55:44 RecursiveRemoveDirectoryAndAllFiles: C:\Users\Stefanie\AppData\Local\ESET\ESETOnlineScanner\Char_Cache\
16:55:45 Call m_esets_charon_send
16:55:45 Call m_esets_charon_destroy

Code:

ATTFilter

Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 01.11.19
Scan-Zeit: 16:59
Protokolldatei: a4ab3b12-fcc0-11e9-a9c5-f8a963877fd0.json

-Softwaredaten-
Version: 3.8.3.2965
Komponentenversion: 1.0.629
Version des Aktualisierungspakets: 1.0.13141
Lizenz: Kostenlos

-Systemdaten-
Betriebssystem: Windows 10 (Build 17134.1069)
CPU: x64
Dateisystem: NTFS
Benutzer: FINN\Stefanie

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 294399
Erkannte Bedrohungen: 0
In die Quarantäne verschobene Bedrohungen: 0
Abgelaufene Zeit: 15 Min., 10 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)

WMI: 0
(keine bösartigen Elemente erkannt)


(end)

cosinus · 01.11.2019, 19:52

Dann wären wir durch!

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...

und/oder das Forum mit einer kleinen Spende unterstützen.

Abschließend bitte noch einen Cleanup mit unserem TB-Cleanup-Script durchführen und unbedingt die Sicherheitsmaßnahmen lesen und umsetzen - beides ist in folgendem Lesestoff verlinkt:

Lesestoff:
Anleitung: Cleanup & Maßnahmen zur Absicherung des Rechners

Djchaos · 02.11.2019, 09:52

Dann vielen Danke für deine Hilfe

28.10.2019, 10:51	#16
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Einige Funde mit Malwarebytes Ich brauche neue FRST-Logs . Haken setzen bei addition.txt dann auf Untersuchen klicken. __________________ Logfiles bitte immer in CODE-Tags posten

01.11.2019, 12:13	#21
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Einige Funde mit Malwarebytes Kontrollscans mit Malwarebytes + ESET Online Scanner bitte. __________________ --> Einige Funde mit Malwarebytes

Einige Funde mit Malwarebytes

Plagegeister aller Art und deren Bekämpfung: Einige Funde mit Malwarebytes