FRST Logfile:
FRST Logfile:
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.11.2018
Ran by Karsten (administrator) on KARSTEN (18-11-2018 15:56:55)
Running from C:\Users\Karsten\Downloads
Loaded Profiles: Karsten (Available Profiles: Karsten)
Platform: Windows 10 Home Version 1803 17134.345 (X64) Language: Englisch (Vereinigte Staaten)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Program Files\TrueColor\TrueColorALS.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\avp.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\avpui.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1111\DSAPI.exe
() C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\nvapiw.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11001.20106.0_x64__8wekyb3d8bbwe\HxTsr.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Entertainment Experience) C:\Program Files\TrueColor\TrueColorUI.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files\TrueColor\DriverConsoleApp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRSync.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11001.20106.0_x64__8wekyb3d8bbwe\HxOutlook.exe
() C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\System32\OpenWith.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\VSSX64.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-03] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3859456 2014-09-05] (Dell Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2461504 2014-09-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [TrueColor UI] => C:\Program Files\TrueColor\TrueColorUI.exe [19491792 2014-12-25] (Entertainment Experience)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [DropboxOEM] => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [462160 2014-09-02] ()
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3785536 2018-11-06] (Dropbox, Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [217736 2016-12-20] (Geek Software GmbH)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409944 2018-06-22] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-4284109025-3256481740-195061855-1001\...\Run: [BingSvc] => C:\Users\Karsten\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-02-16] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-4284109025-3256481740-195061855-1001\...\MountPoints2: {a593148d-a48e-11e8-82ff-c48e8f65223a} - "F:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-4284109025-3256481740-195061855-1001\...\MountPoints2: {a59314aa-a48e-11e8-82ff-c48e8f65223a} - "F:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-4284109025-3256481740-195061855-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\Plane9.sCr [103528 2016-12-26] ()
Startup: C:\Users\Karsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HiDrive.lnk [2016-10-23]
ShortcutTarget: HiDrive.lnk -> C:\Users\Karsten\AppData\Roaming\STRATO\HiDrive\HiDrive.App.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a21a7a96-e836-4294-8b83-9b06d68d7d91}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{a34aab14-0408-4742-8791-b23213ebe4a3}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{da660574-e57b-4f49-be97-5da3ed325285}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-4284109025-3256481740-195061855-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-4284109025-3256481740-195061855-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKLM -> DefaultScope {260649B9-3CB3-432E-9E56-66636F24621B} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKLM -> {260649B9-3CB3-432E-9E56-66636F24621B} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-4284109025-3256481740-195061855-1001 -> {260649B9-3CB3-432E-9E56-66636F24621B} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: Kaspersky Protection -> {0E2877D3-2641-4970-B794-A553E295428D} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\IEExt\ie_plugin.dll [2018-07-30] (AO Kaspersky Lab)
BHO-x32: Kaspersky Protection -> {0E2877D3-2641-4970-B794-A553E295428D} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\IEExt\ie_plugin.dll [2018-07-30] (AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\IEExt\ie_plugin.dll [2018-07-30] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\IEExt\ie_plugin.dll [2018-07-30] (AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-4284109025-3256481740-195061855-1001 -> Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\IEExt\ie_plugin.dll [2018-07-30] (AO Kaspersky Lab)
FireFox:
========
FF DefaultProfile: utshxa6p.default-1485694399889-1505051777275
FF ProfilePath: C:\Users\Karsten\AppData\Roaming\Mozilla\Firefox\Profiles\utshxa6p.default-1485694399889-1505051777275 [2018-11-18]
FF Extension: (ImTranslator: Translator, Dictionary, TTS) - C:\Users\Karsten\AppData\Roaming\Mozilla\Firefox\Profiles\utshxa6p.default-1485694399889-1505051777275\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2018-09-25]
FF Extension: (Firefox Monitor) - C:\Users\Karsten\AppData\Roaming\Mozilla\Firefox\Profiles\utshxa6p.default-1485694399889-1505051777275\features\{3f340615-c588-4e3d-a5bd-8d8c5a9a23d4}\fxmonitor@mozilla.org.xpi [2018-11-13]
FF HKLM\...\Firefox\Extensions: [light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi [2018-07-30]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_31_0_0_148.dll [2018-11-13] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-06-22] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_148.dll [2018-11-13] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-20] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-06-22] (Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\Karsten\AppData\Local\Google\Chrome\User Data\Default [2018-11-18]
CHR Extension: (Präsentationen) - C:\Users\Karsten\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-29]
CHR Extension: (Docs) - C:\Users\Karsten\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-29]
CHR Extension: (Google Drive) - C:\Users\Karsten\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-06]
CHR Extension: (YouTube) - C:\Users\Karsten\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-06]
CHR Extension: (Tabellen) - C:\Users\Karsten\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-29]
CHR Extension: (Google Docs Offline) - C:\Users\Karsten\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-28]
CHR Extension: (Kaspersky Protection) - C:\Users\Karsten\AppData\Local\Google\Chrome\User Data\Default\Extensions\mchjnmdbdlkdbfliogedbnpnanfjnolk [2018-03-10]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Karsten\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-11]
CHR Extension: (Google Mail) - C:\Users\Karsten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-06]
CHR Extension: (Chrome Media Router) - C:\Users\Karsten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-13]
CHR HKLM\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
CHR HKLM-x32\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-06-22] (Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2910696 2018-09-10] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems, Incorporated)
R2 AVP18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\avp.exe [354672 2017-01-24] (AO Kaspersky Lab)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-10] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-10] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-11-06] (Dropbox, Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208792 2018-02-10] (Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3346320 2018-02-10] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217488 2018-02-10] (Dell Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2017-09-19] (Dell Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1111\DSAPI.exe [930112 2018-05-20] (PC-Doctor, Inc.)
R2 Dell Help & Support; C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe [49864 2015-08-24] ()
S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [278568 2014-10-31] (Aviata, Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237016 2018-03-27] (Dell Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-09-17] (NVIDIA Corporation)
S2 HiDriveMaintenanceService; C:\Program Files (x86)\STRATO\HiDrive\Updater\MaintenanceService.exe [914096 2017-07-31] ()
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [382456 2017-02-16] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-09-03] (Intel Corporation)
S3 klvssbridge64_18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\vssbridge64.exe [426416 2018-03-06] (AO Kaspersky Lab)
R2 KSDE2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672 2017-01-24] (AO Kaspersky Lab)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19440960 2014-09-17] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [217736 2016-12-20] (Geek Software GmbH)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-30] (CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-08-03] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [2065808 2016-01-04] (SoftThinks SAS)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [43480 2018-05-11] (Dell Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [263264 2017-02-16] (Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11293936 2018-04-03] (TeamViewer GmbH)
R2 TrueColorALS; C:\Program Files\TrueColor\TrueColorALS.exe [94160 2014-12-25] ()
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\NisSrv.exe [3917016 2018-10-24] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MsMpEng.exe [114208 2018-10-24] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [247008 2016-12-26] (AO Kaspersky Lab)
R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [32960 2017-07-27] (Dell Inc.)
R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-02-10] (Dell Computer Corporation)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 HtcVCom32; C:\WINDOWS\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
S3 iaLPSS_SPI; C:\WINDOWS\System32\drivers\iaLPSS_SPI.sys [100856 2014-06-11] (Intel Corporation)
R3 iaLPSS_UART2; C:\WINDOWS\System32\drivers\iaLPSS_UART2.sys [143864 2014-06-11] (Intel Corporation)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554408 2016-10-01] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [70880 2017-12-24] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [119904 2018-10-18] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [85704 2018-07-30] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [29208 2018-10-18] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [207560 2018-05-05] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [1214752 2018-10-18] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP18.0.0\Bases\klids.sys [185576 2018-10-28] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1058616 2018-10-18] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57032 2018-05-05] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [57056 2016-12-23] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [58592 2016-12-07] (AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [50672 2017-12-24] (AO Kaspersky Lab)
S3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [45768 2018-10-18] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [238528 2018-11-02] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [100136 2018-11-18] (AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [289856 2018-11-02] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [110640 2018-11-02] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [193168 2018-11-18] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [93888 2018-03-10] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [141000 2018-07-30] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199392 2017-12-24] (AO Kaspersky Lab)
S3 LifeCamTrueColor; C:\WINDOWS\system32\DRIVERS\LifeCamTrueColor.sys [37928 2016-07-27] (Microsoft Corporation)
S3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvlddmkm.sys [13754936 2016-09-12] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20288 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [38048 2014-09-05] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [896744 2015-08-13] (Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [66136 2017-02-16] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46184 2018-10-24] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [328696 2018-10-24] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60408 2018-10-24] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-11-18 15:56 - 2018-11-18 15:58 - 000028418 _____ C:\Users\Karsten\Downloads\FRST.txt
2018-11-18 15:56 - 2018-11-18 15:56 - 000000000 ____D C:\FRST
2018-11-18 15:55 - 2018-11-18 15:55 - 002416128 _____ (Farbar) C:\Users\Karsten\Downloads\FRST64.exe
2018-11-18 14:41 - 2018-11-18 15:50 - 000000000 ____D C:\Users\Karsten\Desktop\Haushaltsbuch2017
2018-11-18 14:27 - 2018-11-18 14:27 - 000138748 _____ C:\Users\Karsten\Desktop\Haushaltsbuch2017.zip
2018-11-18 14:24 - 2018-11-18 14:24 - 001542152 _____ (CHIP Digital GmbH) C:\Users\Karsten\Downloads\Excel Haushaltsbuch - CHIP-Installer.exe
2018-11-18 14:14 - 2018-11-18 14:16 - 133291574 _____ (AckiSoft ) C:\Users\Karsten\Downloads\FinanzmanagerV8-Setup.exe
2018-11-13 17:33 - 2018-11-13 17:34 - 011545740 _____ C:\Users\Karsten\Desktop\Logistikstandort Bremen Endfassung.odp
2018-11-13 17:33 - 2018-11-13 17:33 - 000000109 ____H C:\Users\Karsten\Desktop\.~lock.Logistikstandort Bremen Endfassung.odp#
2018-11-13 17:29 - 2018-11-13 17:30 - 011674624 _____ C:\Users\Karsten\Downloads\Logistikstandort Bremen Endfassung.ppt
2018-11-13 17:25 - 2018-11-13 17:25 - 011674624 _____ C:\Users\Karsten\Desktop\Logistikstandort Bremen Endfassung.ppt
2018-11-13 16:59 - 2018-11-13 16:59 - 006296064 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2018-11-09 17:48 - 2018-11-09 17:48 - 000000000 ___HD C:\OneDriveTemp
2018-11-08 17:56 - 2018-11-18 12:59 - 000100136 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys
2018-11-08 17:53 - 2018-11-08 17:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-11-06 20:44 - 2018-11-06 20:44 - 000804546 _____ C:\Users\Karsten\Documents\Handout Bremen Unterweser.odt
2018-11-06 20:37 - 2018-11-06 20:37 - 000304630 _____ C:\Users\Karsten\Documents\Handout Bremen Unterweser.pdf
2018-11-06 14:06 - 2018-11-06 14:06 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2018-11-06 14:06 - 2018-11-06 14:06 - 000047768 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2018-11-06 14:06 - 2018-11-06 14:06 - 000047768 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2018-11-06 14:06 - 2018-11-06 14:06 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2018-11-05 21:10 - 2018-11-05 21:10 - 008087853 _____ C:\Users\Karsten\Documents\Logistikstandort Bremen.odp
2018-11-03 18:28 - 2018-11-03 18:28 - 000002039 _____ C:\Users\Karsten\AppData\Local\recently-used.xbel
2018-11-03 12:26 - 2018-11-13 17:22 - 011492654 ____T C:\Users\Karsten\Documents\Logistikstandort Bremen.pptx
2018-11-03 12:26 - 2018-11-03 12:25 - 000262104 ____T C:\Users\Karsten\Desktop\Logistikstandort Bremen.pptx
2018-11-02 20:10 - 2018-11-02 20:10 - 000289856 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2018-11-02 20:09 - 2018-11-18 13:00 - 000193168 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2018-11-02 20:09 - 2018-11-02 20:09 - 000238528 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2018-11-02 20:09 - 2018-11-02 20:09 - 000110640 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
====================
--- --- ---
--- --- ---
--- --- ---
One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-11-18 15:53 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-11-18 15:44 - 2015-05-18 22:51 - 000000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2018-11-18 15:25 - 2018-06-08 11:43 - 000740936 _____ C:\WINDOWS\system32\perfh007.dat
2018-11-18 15:25 - 2018-06-08 11:43 - 000149400 _____ C:\WINDOWS\system32\perfc007.dat
2018-11-18 15:25 - 2018-06-08 02:31 - 001718588 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-11-18 15:25 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2018-11-18 14:41 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-11-18 14:41 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-11-18 14:40 - 2018-04-12 20:13 - 000000000 ____D C:\Program Files (x86)\AnyDesk
2018-11-18 14:38 - 2017-12-17 17:39 - 000000000 ____D C:\Users\Karsten\AppData\Local\Packages
2018-11-18 14:37 - 2018-06-08 02:14 - 000000000 ____D C:\Users\Karsten
2018-11-18 14:36 - 2018-04-08 15:43 - 000000000 ____D C:\Users\Karsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEmu
2018-11-18 14:36 - 2016-01-03 17:43 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2018-11-18 14:34 - 2017-10-01 19:49 - 000000000 ____D C:\Users\Karsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-11-18 14:31 - 2016-11-18 21:59 - 000000000 ____D C:\Users\Karsten\AppData\LocalLow\Mozilla
2018-11-18 14:29 - 2016-12-25 18:12 - 000000000 ____D C:\Users\Karsten\AppData\Roaming\Andy
2018-11-18 14:27 - 2016-01-04 21:00 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-11-18 14:03 - 2018-06-08 02:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-11-18 14:02 - 2017-08-27 16:13 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-11-18 14:02 - 2016-01-03 17:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-11-18 14:01 - 2017-08-27 16:13 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-11-18 14:00 - 2016-01-03 17:18 - 000000000 ___RD C:\Users\Karsten\OneDrive
2018-11-18 13:53 - 2016-01-04 21:00 - 137810048 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-11-18 13:48 - 2016-09-29 20:12 - 000000000 ____D C:\Users\Karsten\AppData\Local\HTC MediaHub
2018-11-18 13:47 - 2016-09-29 09:04 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-11-18 13:47 - 2016-01-03 17:13 - 000000000 __SHD C:\Users\Karsten\IntelGraphicsProfiles
2018-11-18 13:46 - 2016-05-11 19:04 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-11-18 13:45 - 2018-06-08 02:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-11-18 13:44 - 2018-04-11 22:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-11-18 13:44 - 2018-04-11 22:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-11-18 13:38 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-11-18 13:03 - 2017-02-18 23:13 - 000000000 ____D C:\Users\Karsten\AppData\Roaming\Plane9
2018-11-18 13:01 - 2017-08-01 11:50 - 000000000 ____D C:\Program Files\rempl
2018-11-13 17:00 - 2018-06-08 02:51 - 000004576 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-11-13 17:00 - 2018-06-08 02:51 - 000004440 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-11-13 16:59 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-11-13 16:59 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-11-10 17:01 - 2016-05-06 22:17 - 000002295 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-10 17:01 - 2016-05-06 22:17 - 000002254 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-11-09 17:47 - 2018-06-08 02:51 - 000003364 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4284109025-3256481740-195061855-1001
2018-11-09 17:47 - 2018-06-08 02:14 - 000002426 _____ C:\Users\Karsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-11-08 17:54 - 2015-05-18 22:57 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-11-06 17:57 - 2018-07-03 20:59 - 000000000 ____D C:\Users\Karsten\AppData\Local\babl-0.1
2018-11-03 23:25 - 2016-04-16 13:13 - 000000000 ____D C:\Users\Karsten\AppData\Roaming\vlc
2018-11-03 18:28 - 2016-01-09 23:52 - 000000000 ____D C:\Users\Karsten\AppData\Local\gtk-2.0
2018-10-24 10:40 - 2018-07-03 19:34 - 000000000 ____D C:\ProgramData\Packages
2018-10-24 10:34 - 2018-02-28 16:34 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
==================== Files in the root of some directories =======
2016-01-25 19:22 - 2016-01-25 19:22 - 000000268 ___RH () C:\Users\Karsten\AppData\Roaming\Comedy Noises
2016-01-25 19:22 - 2016-01-25 19:22 - 000000268 ___RH () C:\Users\Karsten\AppData\Roaming\Command Line Utility
2016-01-25 19:22 - 2016-01-25 19:22 - 000000268 ___RH () C:\Users\Karsten\AppData\Roaming\Commands
2016-01-25 19:17 - 2016-01-25 19:21 - 000000268 ___RH () C:\Users\Karsten\AppData\Roaming\Dance
2018-09-29 20:37 - 2018-09-29 20:37 - 000000000 _____ () C:\Users\Karsten\AppData\Local\oobelibMkey.log
2018-11-03 18:28 - 2018-11-03 18:28 - 000002039 _____ () C:\Users\Karsten\AppData\Local\recently-used.xbel
Some files in TEMP:
====================
2018-11-18 14:39 - 2018-10-12 19:31 - 002066632 _____ () C:\Users\Karsten\AppData\Local\Temp\AnyDeskUninst623a.exe
2018-11-18 14:36 - 2017-12-08 03:44 - 000036152 _____ () C:\Users\Karsten\AppData\Local\Temp\clearRemnants.exe
2018-11-18 14:28 - 2017-02-03 14:20 - 001342792 _____ (Andy OS, inc.) C:\Users\Karsten\AppData\Local\Temp\RemoveTemp.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-06-08 02:04
==================== End of FRST.txt ============================[/CODE]
Irgendwas ist da falsch gelaufen... abgesehen von der Tatsache das ich ein Jahr gebraucht habe^^
[CODE]Additional
FRST Logfile:
Code:
scan result of Farbar Recovery Scan Tool (x64) Version: 15.11.2018
Ran by Karsten (18-11-2018 15:59:31)
Running from C:\Users\Karsten\Downloads
Windows 10 Home Version 1803 17134.345 (X64) (2018-06-08 01:53:31)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4284109025-3256481740-195061855-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4284109025-3256481740-195061855-503 - Limited - Disabled)
Guest (S-1-5-21-4284109025-3256481740-195061855-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4284109025-3256481740-195061855-1005 - Limited - Enabled)
Karsten (S-1-5-21-4284109025-3256481740-195061855-1001 - Administrator - Enabled) => C:\Users\Karsten
WDAGUtilityAccount (S-1-5-21-4284109025-3256481740-195061855-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Total Security (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Total Security (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Enabled) {32888857-01C3-7AB6-E095-11CC1854D0A3}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.6.0.384 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.148 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.9 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_1) (Version: 18.1.1 - Adobe Systems Incorporated)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.9.2.8 - Dell Inc.)
Dell Customer Connect (HKLM-x32\...\{04A41EBC-AB30-4574-A14D-E0CDFE31AB70}) (Version: 1.5.1.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{BC8233D8-59BA-4D40-92B9-4FDE7452AA8B}) (Version: 3.0.3999.0 - Dell Products, LP)
Dell Hilfe und Support (HKLM\...\{A00269ED-FD88-4907-834B-60B70DCE82C5}) (Version: 2.0.366.0 - Dell Inc.) Hidden
Dell Hilfe und Support (HKLM-x32\...\InstallShield_{A00269ED-FD88-4907-834B-60B70DCE82C5}) (Version: 2.0.366.0 - Dell Inc.)
Dell Product Registration (HKLM-x32\...\{24F2AD94-CC1B-4294-B184-D4D31A3186A7}) (Version: 2.42.0012 - Aviata Inc.)
Dell SupportAssist (HKLM\...\{122666A9-2995-4E47-A75E-6423A827B7AF}) (Version: 2.2.0.253 - Dell Inc.)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.2.17.55 - Synaptics Incorporated)
Dell Update - SupportAssist Update Plugin (HKLM\...\{6DE68941-66DE-48DE-9C80-FE60C9DE0AD4}) (Version: 4.0.1.5857 - Dell Inc.) Hidden
Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{1dbe752f-b00e-4567-9276-141812b20d28}) (Version: 4.0.1.5857 - Dell Inc.)
Dell Update (HKLM-x32\...\{D8AE5F9D-647C-49B4-A666-1C20B44EC0E1}) (Version: 2.1.3.0 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
DMXControl 3.0 (HKLM-x32\...\DMXControl_3.0) (Version: 3.0 - DMXControl Projects e.V.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 61.4.95 - Dropbox, Inc.)
Dropbox 20 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Exif-Viewer 2.51 (HKLM-x32\...\Exif-Viewer) (Version: 2.51 - Ralf Bibinger)
GIMP 2.10.2 (HKLM\...\GIMP-2_is1) (Version: 2.10.2 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.102 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HiDrive (HKLM-x32\...\{05279062-3A01-48C6-9EDD-994C26646921}) (Version: 4.4.0.0 - STRATO AG)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.17.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.88.2 - HTC)
Intel(R) Chipset Device Software (HKLM-x32\...\{d370215a-d003-43ae-a3b6-1028af64d5a1}) (Version: 10.0.20 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.28.1006 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Kaspersky Secure Connection (HKLM-x32\...\{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab)
Kaspersky Total Security (HKLM-x32\...\{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4284109025-3256481740-195061855-1001\...\OneDriveSetup.exe) (Version: 18.192.0920.0015 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 63.0.3 (x64 de) (HKLM\...\Mozilla Firefox 63.0.3 (x64 de)) (Version: 63.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.8.0 - Nikon)
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
PDF24 Creator 8.0.4 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.4.15 - Nikon)
Plane9 v2.5.1.3 (HKLM-x32\...\Plane9) (Version: v2.5.1.3 - Joakim Dahl / Planestate Software)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.326 - Qualcomm Atheros Communications)
QuickSet64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.25 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 3.1.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 16.13.42 - NVIDIA Corporation) Hidden
SiudiDriver Version 2.3 (HKLM\...\SiudiDriver_is1) (Version: 2.3 - LightingSoft AG)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.1.3629 - TeamViewer)
True Color (HKLM\...\{33D499E3-73E8-44D5-8D1F-FEA39535E9F2}) (Version: 6.0.0.6 - Entertainment Experience LLC) Hidden
True Color (HKLM-x32\...\{55c734b2-fcff-447e-81cc-a6f04ebf09fc}) (Version: 6.0.0.6 - Entertainment Experience)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}) (Version: 2.51.0.0 - Microsoft Corporation)
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.8.2 - Nikon)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WhatsApp (HKU\S-1-5-21-4284109025-3256481740-195061855-1001\...\WhatsApp) (Version: 0.3.557 - WhatsApp)
Windows-Treiberpaket - LightingSoft AG (WinUSB) USB (12/03/2012 2.1) (HKLM\...\F1D48C84773E5373012B9BB16ADDB6946CE5182A) (Version: 12/03/2012 2.1 - LightingSoft AG)
WinRAR 5.31 Beta 1 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.1 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4284109025-3256481740-195061855-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-C632373643B0}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-4284109025-3256481740-195061855-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ HiDriveOverlayIconCheck] -> {fa8f3afe-6ea5-3352-a1b1-91b8cdcc5856} => C:\WINDOWS\system32\mscoree.dll [2018-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ HiDriveOverlayIconError] -> {b96ea5f1-499a-31a5-8260-39577b4c705d} => C:\WINDOWS\system32\mscoree.dll [2018-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ HiDriveOverlayIconSync] -> {368c9485-f797-3806-8421-9e6323374ed3} => C:\WINDOWS\system32\mscoree.dll [2018-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-07] (Cyberlink)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers1: [HiDriveCopyExtension] -> {b92d7504-d699-3a52-ac03-4c04c681bf20} => C:\WINDOWS\system32\mscoree.dll [2018-04-12] (Microsoft Corporation)
ContextMenuHandlers1: [HiDriveShareFileExtensionCreate] -> {bad9582f-d94d-3e61-adda-97717cf1b80b} => C:\WINDOWS\system32\mscoree.dll [2018-04-12] (Microsoft Corporation)
ContextMenuHandlers1: [HiDriveShareFileExtensionEdit] -> {e824652d-1b10-3cfd-8fc6-2b6ef23b1d06} => C:\WINDOWS\system32\mscoree.dll [2018-04-12] (Microsoft Corporation)
ContextMenuHandlers1: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2018-10-18] (AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-01-03] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-01-03] (Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-07] (Cyberlink)
ContextMenuHandlers2: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2018-10-18] (AO Kaspersky Lab)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers4: [HiDriveCopyExtension] -> {b92d7504-d699-3a52-ac03-4c04c681bf20} => C:\WINDOWS\system32\mscoree.dll [2018-04-12] (Microsoft Corporation)
ContextMenuHandlers4: [HiDriveShareFileExtensionCreate] -> {bad9582f-d94d-3e61-adda-97717cf1b80b} => C:\WINDOWS\system32\mscoree.dll [2018-04-12] (Microsoft Corporation)
ContextMenuHandlers4: [HiDriveShareFileExtensionEdit] -> {e824652d-1b10-3cfd-8fc6-2b6ef23b1d06} => C:\WINDOWS\system32\mscoree.dll [2018-04-12] (Microsoft Corporation)
ContextMenuHandlers4: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2018-10-18] (AO Kaspersky Lab)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-02-16] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-08-01] (NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ContextMenuHandlers6: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2018-10-18] (AO Kaspersky Lab)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-01-03] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-01-03] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {133BDE2B-DCE3-4FB4-8B34-B4899166F836} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-grenzwert-pix@outlook.de => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-09-10] (Adobe Systems, Incorporated)
Task: {344E4037-2E94-4C24-ADAE-75556BC8F825} - System32\Tasks\Dell\Dell Product Registration Update => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-10-31] (Aviata Inc)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3E560A98-9A42-46D5-8696-7421127F3A18} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {51AB4EB0-017E-4FAA-85E6-CC013579DA1B} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-22] (CyberLink Corp.)
Task: {5263730F-4199-44ED-9FB3-4BDE064344A4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-11-13] (Adobe Systems Incorporated)
Task: {549A12AE-A7AC-4032-A87D-178D8BF9AA56} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-06] (Google Inc.)
Task: {588346DD-2828-4D60-B026-FD929E68EE20} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_148_Plugin.exe [2018-11-13] (Adobe Systems Incorporated)
Task: {59DCEB02-E86B-4521-AD19-C31796F20009} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-grenzwert-pix@outlook.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2018-04-10] (Adobe Systems Incorporated)
Task: {5A0767DB-B32D-4409-B0A6-DC4EB1B5E939} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-05] (CyberLink)
Task: {5F228D38-86D5-452F-BDF3-FB642AB16899} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-10] (Dropbox, Inc.)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {736F2C1D-624B-42AE-8A7E-582D10EE8240} - System32\Tasks\Dell\Dell Product Registration => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-10-31] (Aviata Inc)
Task: {8D03DDEC-CD9F-4CDC-A57C-06D5DDC0E4E6} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-10] (Dropbox, Inc.)
Task: {8F5CCBDB-CA50-4098-94D1-9CEBA504DF7A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-06] (Google Inc.)
Task: {C9BCF31D-22FD-467E-B268-B0B72B2302C2} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-08-03] (Realtek Semiconductor)
Task: {D80EC46B-82BD-4A92-84A3-611086B8AC85} - System32\Tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeReminderTask => C:\WINDOWS\System32\GWX\GWX.exe
Task: {EC2FC800-61CE-4042-BA2C-215C29DBEF7B} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2017-02-16] (Synaptics Incorporated)
Task: {F65C5DD3-D66B-4279-887B-492C4EE7916D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {F8A8D4AE-6FD8-4AF5-A9A5-6CFE642E20C8} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2018-05-11] (Dell Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\RunDLC.job => cmd c sc start Dell Help SupportWORKGROUP KARSTEN
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2014-11-14 20:51 - 2014-11-14 20:51 - 000466432 _____ () C:\WINDOWS\system32\DPPPlugin.dll
2016-09-29 09:05 - 2016-08-01 13:54 - 000133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2016-01-23 17:58 - 2013-04-15 11:50 - 000065024 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HP1006PP.dll
2014-12-25 05:27 - 2014-12-25 05:27 - 000094160 _____ () C:\Program Files\TrueColor\TrueColorALS.exe
2013-10-17 14:27 - 2013-10-17 14:27 - 000166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2018-02-27 19:08 - 2018-02-27 19:08 - 000614856 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2017-02-16 00:21 - 2017-02-16 00:21 - 000410616 _____ () C:\WINDOWS\system32\igfxTray.exe
2018-05-20 12:23 - 2018-05-20 12:23 - 002587976 _____ () C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1111\libprotobuf.dll
2015-08-24 16:32 - 2015-08-24 16:32 - 000049864 _____ () C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe
2018-10-17 10:07 - 2018-09-20 04:38 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-10-24 10:33 - 2018-10-24 10:36 - 035118592 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-10-24 10:33 - 2018-10-24 10:35 - 000290816 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-10-24 10:33 - 2018-10-24 10:33 - 005987328 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-09-27 12:39 - 2017-09-27 12:59 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-10-24 10:33 - 2018-10-24 10:34 - 009064448 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\EntPlat.dll
2014-12-25 05:27 - 2014-12-25 05:27 - 000019408 _____ () C:\Program Files\TrueColor\DriverConsoleApp.exe
2018-11-18 13:12 - 2018-11-18 13:14 - 001434192 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11001.20106.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
2018-06-08 15:34 - 2018-06-08 15:34 - 035475912 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe
2018-11-18 13:14 - 2018-11-18 13:26 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-11-18 13:14 - 2018-11-18 13:25 - 066031104 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-11-18 13:14 - 2018-11-18 13:27 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-11-18 13:14 - 2018-11-18 13:25 - 003715072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2017-12-17 19:05 - 2017-12-17 19:08 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-11-18 13:14 - 2018-11-18 13:28 - 000036352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-08-22 12:30 - 2018-08-22 12:31 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll
2018-08-22 12:30 - 2018-08-22 12:31 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\opencv_core320.dll
2018-04-05 00:14 - 2018-04-05 00:17 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-11-18 13:14 - 2018-11-18 13:26 - 014097920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-11-18 13:14 - 2018-11-18 13:25 - 003569152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-11-18 13:13 - 2018-11-18 13:14 - 002863616 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-09-02 14:38 - 2018-09-02 15:03 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-30 11:33 - 2018-07-30 11:36 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-03-06 18:38 - 2018-03-06 18:38 - 000836968 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\kpcengine.2.3.dll
2016-06-03 14:36 - 2016-06-03 14:36 - 000030720 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2017-10-26 13:34 - 2017-10-26 13:34 - 000607016 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2016-06-03 14:38 - 2016-06-03 14:38 - 000059392 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2016-06-03 14:37 - 2016-06-03 14:37 - 000035864 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2016-06-03 14:39 - 2016-06-03 14:39 - 000079888 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2016-06-03 14:41 - 2016-06-03 14:41 - 000129016 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2016-06-03 14:44 - 2016-06-03 14:44 - 000223240 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2015-05-18 22:32 - 2013-03-05 04:40 - 000626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-03-05 17:41 - 2013-03-05 17:41 - 000015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2017-09-19 10:35 - 2017-09-19 10:35 - 000134008 _____ () C:\Program Files (x86)\Dell Customer Connect\ServiceTagPlusPlus.dll
2018-03-27 12:41 - 2018-03-27 12:41 - 000134616 _____ () C:\Program Files (x86)\Dell Update\ServiceTagPlusPlus.dll
2014-09-03 17:03 - 2014-09-03 17:03 - 001241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2018-06-07 13:35 - 2018-06-07 13:35 - 081764304 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2018-06-07 13:35 - 2018-06-07 13:35 - 002257360 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\swiftshader\libglesv2.dll
2018-06-07 13:35 - 2018-06-07 13:35 - 000110544 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\swiftshader\libegl.dll
2016-01-05 17:17 - 2015-12-18 23:52 - 001607920 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2015-05-18 22:52 - 2012-11-26 04:19 - 001153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2015-05-18 22:51 - 2014-02-18 20:12 - 000117568 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll
2018-04-12 20:33 - 2018-04-12 20:33 - 000142376 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\fs-ext\build\Release\fs-ext.node
2018-04-12 20:33 - 2018-04-12 20:33 - 000271400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2018-04-12 20:33 - 2018-04-12 20:33 - 000141864 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\ref\build\Release\binding.node
2018-04-12 20:33 - 2018-04-12 20:33 - 000150568 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\ffi\build\Release\ffi_bindings.node
2018-04-12 20:33 - 2018-04-12 20:33 - 000097832 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2018-04-12 20:33 - 2018-04-12 20:33 - 000110120 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\idle-gc\build\Release\idle-gc.node
2015-10-21 15:50 - 2015-10-21 15:50 - 000988160 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxml2.dll
2015-10-21 15:49 - 2015-10-21 15:49 - 000170496 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxslt.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4284109025-3256481740-195061855-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Karsten\Downloads\kc.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "DropboxOEM"
HKLM\...\StartupApproved\Run32: => "Nikon Message Center 2"
HKU\S-1-5-21-4284109025-3256481740-195061855-1001\...\StartupApproved\Run: => "BingSvc"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{1013FB13-C5E8-42B1-8F36-A15F63A85952}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{FD63F976-6563-4042-B2A5-1756E88C5089}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{589A317A-36C9-478B-B6C7-41A08AF21D05}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{5AE74EFA-D849-4657-8482-1A30E9740BEF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{55E6867F-162A-452C-960A-C09D154CC39A}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe
FirewallRules: [{8E173011-A99E-4FF1-9F7A-4C1D89D92E9C}] => (Allow) C:\Program Files (x86)\Nox\bin\Nox.exe
FirewallRules: [{94579C6F-1F80-4AEA-A9E0-B6811C30000F}] => (Allow) C:\Program Files\Andy\SetupFiles\AndyDoctor.exe
FirewallRules: [{B1EE9A36-2A1E-429A-B71A-75E23AA6C6A9}] => (Allow) C:\Program Files\Andy\SetupFiles\AndyDoctor.exe
FirewallRules: [{4B280FA6-C4BA-487A-8D2C-1B7AB8E2BD51}] => (Allow) C:\Program Files\Andy\SetupFiles\VMwareCheck.exe
FirewallRules: [{930A4A08-0AE3-42A4-BF9E-3E85AAF5530F}] => (Allow) C:\Program Files\Andy\SetupFiles\VMwareCheck.exe
FirewallRules: [{2EDF8409-E1C0-444A-A0C9-94D6BDEE8098}] => (Allow) C:\Users\Karsten\AppData\Local\Temp\RemoveTemp.exe
FirewallRules: [{D5ED01E4-5501-4466-AAE1-711A6A3E5BE2}] => (Allow) C:\Users\Karsten\AppData\Local\Temp\RemoveTemp.exe
FirewallRules: [{14214C2B-D675-4E96-BAA2-A378EA9709D6}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe
FirewallRules: [{516C8665-95ED-4AF1-A2F6-AD0270174800}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe
FirewallRules: [{178854CC-D0BB-4F30-A094-C5F0B8E936A3}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{D3A31E42-0AD0-43FC-A05D-5DC8304F58B9}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{5DBDA3DC-E9C4-49C6-800F-4B6BE7827B77}] => (Allow) C:\Program Files\Andy\AndyConsole.exe
FirewallRules: [{023BDDEC-EA79-4963-947C-75E273E48123}] => (Allow) C:\Program Files\Andy\AndyConsole.exe
FirewallRules: [{1C97699C-DDC4-4C70-86BF-C5C8B0A4531A}] => (Allow) C:\Program Files\Andy\andy.exe
FirewallRules: [{CDDCC71A-2DB6-4B51-9D22-E64E35618E64}] => (Allow) C:\Program Files\Andy\andy.exe
FirewallRules: [{101E2D61-7A8D-49F6-B5E4-07E630E6E29F}] => (Allow) C:\Users\Karsten\AppData\Local\Temp\andy-x64\Setup.exe
FirewallRules: [{2D051F7B-C1F6-4F9D-8849-88B6A3C6708E}] => (Allow) C:\Users\Karsten\AppData\Local\Temp\andy-x64\Setup.exe
FirewallRules: [{C9AA40C1-6774-4B78-A390-1B91AF7A092A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{2D9EABAB-7F3F-4C82-95FE-AF08557966F8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{6555496E-5844-4243-A199-8A5C92386C21}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{61FDA651-D5D2-4BE4-B1CC-455761DD0E96}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2ED543BE-E039-4D09-80A1-C76AC12A7DE9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{D0F1684E-B4B6-43BD-9803-1B170657E53B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{B43AD8AF-3C61-4545-8A29-EC5524433CA4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6550826F-B927-4706-94F6-8E9484E9C639}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B49308F8-98DB-42BC-BFC9-90ED33D011D4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{81D880AE-895A-4D43-8B85-7ABFE372168C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7C6407F0-B6CD-4FE7-9E18-7CE708B08157}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{F1F9F38A-FB5B-4898-9D2C-A014CE3A534D}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{1C4D6052-2DD6-4373-9199-35C6AA720144}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{426CE29F-D9D5-4ADA-8E8F-9421E32C0EA9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3162B9C5-74E7-45F2-B39D-0FA4CB42724C}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{5EA9DDB8-BBF8-4B31-BCE2-440B7BB43914}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{27863A1F-4106-4487-9C9E-62C8AD127F65}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C92EC894-D3B5-4D6A-B2AD-C1921CFB6AD5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{544773A8-A9BB-41F8-9C23-E17209B17CE3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{00A367A6-1C59-47AD-B712-33048DB64F10}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{D367E0DD-5179-403F-95D8-42A8D0D7EAE5}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
FirewallRules: [{B73620BB-6D00-4E43-857C-8441CB0C5272}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
FirewallRules: [{081DD62A-50B1-4940-9607-A1785007B8C3}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{15E8401B-8881-45D7-96B1-E1EFE46EC1F5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{4103CC55-43F8-4B88-9874-46FDCA2BD23E}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
FirewallRules: [{EF27B484-0052-44F0-A53A-D164C75667B4}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
FirewallRules: [{9D6F021B-F68F-44BE-9FC4-C097107F39BF}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
FirewallRules: [{7BD47F98-9C00-4E0E-AE99-5F2472606CC3}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
FirewallRules: [{016E9DAC-4938-4807-9A99-BA931C7DBB27}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{919AEAD7-BEE8-4A6C-9EBE-570173C9BE22}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
==================== Restore Points =========================
06-11-2018 20:49:39 Windows Modules Installer
08-11-2018 18:45:34 Windows Modules Installer
10-11-2018 16:42:28 Windows Modules Installer
13-11-2018 17:04:30 Windows Modules Installer
18-11-2018 12:53:24 Windows Modules Installer
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/18/2018 02:19:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: backgroundTaskHost.exe, Version: 10.0.17134.1, Zeitstempel: 0xcb43d9c5
Name des fehlerhaften Moduls: twinapi.appcore.dll, Version: 10.0.17134.137, Zeitstempel: 0xb5d50228
Ausnahmecode: 0xc000027b
Fehleroffset: 0x000000000009cad5
ID des fehlerhaften Prozesses: 0x20b0
Startzeit der fehlerhaften Anwendung: 0x01d47f3e220403b7
Pfad der fehlerhaften Anwendung: C:\WINDOWS\system32\backgroundTaskHost.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\twinapi.appcore.dll
Berichtskennung: f4082a33-1054-47a0-a445-7ef33449e5b2
Vollständiger Name des fehlerhaften Pakets: DellInc.DellSupportAssistforPCs_3.1.15.0_x64__htrsf667h5kn2
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (11/18/2018 02:08:40 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: KARSTEN)
Description: httphttp-2147467263
Error: (11/18/2018 02:00:39 PM) (Source: TrueColorALS) (EventID: 4) (User: )
Description: Event-ID 4
Error: (11/18/2018 01:56:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HiDrive.App.exe, Version: 4.3.2.0, Zeitstempel: 0x593fa309
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.17134.319, Zeitstempel: 0x5ea0e53d
Ausnahmecode: 0xe0434352
Fehleroffset: 0x001117d2
ID des fehlerhaften Prozesses: 0x2f10
Startzeit der fehlerhaften Anwendung: 0x01d47f3e1f9583db
Pfad der fehlerhaften Anwendung: C:\Users\Karsten\AppData\Roaming\STRATO\HiDrive\HiDrive.App.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 26060dfe-ea47-4ec3-90ff-52c48b916e2f
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (11/18/2018 01:56:32 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: HiDrive.App.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.IO.FileNotFoundException
bei HiDrive.App.Program.Main(System.String[])
Error: (11/18/2018 01:42:42 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1
Error: (11/18/2018 01:42:36 PM) (Source: SupportAssistAgent) (EventID: 0) (User: )
Description: An exception occurred in session change of service start: Object reference not set to an instance of an object.
Error: (11/13/2018 05:26:19 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: KARSTEN)
Description: httphttp-2147467263
System errors:
=============
Error: (11/18/2018 02:33:26 PM) (Source: DCOM) (EventID: 10016) (User: KARSTEN)
Description: Durch die Berechtigungseinstellungen für "application-specific" wird dem Benutzer "Karsten\Karsten" (SID: S-1-5-21-4284109025-3256481740-195061855-1001) unter der Adresse "LocalHost (Using LRPC)" keine Berechtigung vom Typ "Local Activation" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Unavailable" (SID: Unavailable) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/18/2018 02:06:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Durch die Berechtigungseinstellungen für "application-specific" wird dem Benutzer "NT AUTHORITY\LOCAL SERVICE" (SID: S-1-5-19) unter der Adresse "LocalHost (Using LRPC)" keine Berechtigung vom Typ "Local Activation" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Unavailable" (SID: Unavailable) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/18/2018 02:05:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (11/18/2018 02:05:08 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (11/18/2018 02:05:01 PM) (Source: DCOM) (EventID: 10016) (User: KARSTEN)
Description: Durch die Berechtigungseinstellungen für "application-specific" wird dem Benutzer "Karsten\Karsten" (SID: S-1-5-21-4284109025-3256481740-195061855-1001) unter der Adresse "LocalHost (Using LRPC)" keine Berechtigung vom Typ "Local Activation" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Unavailable" (SID: Unavailable) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/18/2018 01:58:23 PM) (Source: DCOM) (EventID: 10016) (User: KARSTEN)
Description: Durch die Berechtigungseinstellungen für "application-specific" wird dem Benutzer "Karsten\Karsten" (SID: S-1-5-21-4284109025-3256481740-195061855-1001) unter der Adresse "LocalHost (Using LRPC)" keine Berechtigung vom Typ "Local Activation" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Unavailable" (SID: Unavailable) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/18/2018 01:57:50 PM) (Source: DCOM) (EventID: 10010) (User: KARSTEN)
Description: Der Server "Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/18/2018 01:56:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Durch die Berechtigungseinstellungen für "application-specific" wird dem Benutzer "NT AUTHORITY\LOCAL SERVICE" (SID: S-1-5-19) unter der Adresse "LocalHost (Using LRPC)" keine Berechtigung vom Typ "Local Activation" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Unavailable" (SID: Unavailable) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Windows Defender:
===================================
Date: 2018-11-06 16:13:26.003
Description:
Die Windows Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {ACAF51FC-30DF-41C7-A2C1-F23DF87BBE9B}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT AUTHORITY\SYSTEM
Date: 2018-11-05 20:38:18.324
Description:
Die Windows Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {03E17C68-F59B-4E22-80F1-566CF9081240}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT AUTHORITY\SYSTEM
Date: 2018-10-28 16:16:34.906
Description:
Die Windows Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {D8627C23-889D-444E-A80E-2399AE49B909}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT AUTHORITY\SYSTEM
Date: 2018-10-19 22:33:47.178
Description:
Von Windows Defender Antivirus wurde verdächtiges Verhalten erkannt.
Name: Informational:Behavior/ModifiedKernel
ID: 4194477561
Schweregrad: Low
Kategorie: Suspicious Behavior
Gefundener Pfad: process:_0
Erkennungsursprung: Unbekannt
Erkennungstyp: Verdächtig
Erkennungsquelle: Echtzeitschutz
Status: Vorgang wird ausgeführt
Benutzer: Unknown\Unknown
Prozessname: Unknown
Signatur-ID: 717259538435
Signaturversion: AV: 1.279.102.0, AS: 1.279.102.0
Modulversion: 1.1.15400.4
Genauigkeitsbezeichnung: Niedrig
Zieldateiname:
Date: 2018-10-18 18:07:02.029
Description:
Die Windows Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {5DFC40EE-C294-4965-AC99-56B4BBE1A86D}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT AUTHORITY\SYSTEM
Date: 2018-11-13 17:24:08.405
Description:
Fehler von Windows Defender Antivirus beim Aktualisieren von Signaturen.
Neue Signaturversion:
Vorherige Signaturversion: 1.279.1635.0
Updatequelle: Microsoft Center zum Schutz vor Schadsoftware
Signaturtyp: AntiVirus
Updatetyp: Voll
Benutzer: NT AUTHORITY\NETWORK SERVICE
Aktuelle Modulversion:
Vorherige Modulversion: 1.1.15400.5
Fehlercode: 0x80070652
Fehlerbeschreibung: Another installation is already in progress. Complete that installation before proceeding with this install.
Date: 2018-11-13 17:24:08.404
Description:
Fehler von Windows Defender Antivirus beim Aktualisieren von Signaturen.
Neue Signaturversion:
Vorherige Signaturversion: 1.279.1635.0
Updatequelle: Microsoft Center zum Schutz vor Schadsoftware
Signaturtyp: AntiSpyware
Updatetyp: Voll
Benutzer: NT AUTHORITY\NETWORK SERVICE
Aktuelle Modulversion:
Vorherige Modulversion: 1.1.15400.5
Fehlercode: 0x80070652
Fehlerbeschreibung: Another installation is already in progress. Complete that installation before proceeding with this install.
Date: 2018-11-13 17:24:08.404
Description:
Fehler von Windows Defender Antivirus beim Aktualisieren von Signaturen.
Neue Signaturversion:
Vorherige Signaturversion: 1.279.1635.0
Updatequelle: Microsoft Center zum Schutz vor Schadsoftware
Signaturtyp: AntiVirus
Updatetyp: Voll
Benutzer: NT AUTHORITY\NETWORK SERVICE
Aktuelle Modulversion:
Vorherige Modulversion: 1.1.15400.5
Fehlercode: 0x80070652
Fehlerbeschreibung: Another installation is already in progress. Complete that installation before proceeding with this install.
Date: 2018-11-13 17:23:52.328
Description:
Fehler von Windows Defender Antivirus beim Aktualisieren von Signaturen.
Neue Signaturversion:
Vorherige Signaturversion:
Updatequelle: Benutzer
Signaturtyp:
Updatetyp:
Benutzer: NT AUTHORITY\NETWORK SERVICE
Aktuelle Modulversion:
Vorherige Modulversion:
Fehlercode: 0x80070652
Fehlerbeschreibung: Another installation is already in progress. Complete that installation before proceeding with this install.
Date: 2018-11-13 17:23:52.324
Description:
Fehler von Windows Defender Antivirus beim Aktualisieren von Signaturen.
Neue Signaturversion:
Vorherige Signaturversion:
Updatequelle: Benutzer
Signaturtyp:
Updatetyp:
Benutzer: NT AUTHORITY\NETWORK SERVICE
Aktuelle Modulversion:
Vorherige Modulversion:
Fehlercode: 0x80070652
Fehlerbeschreibung: Another installation is already in progress. Complete that installation before proceeding with this install.
CodeIntegrity:
===================================
Date: 2018-11-13 17:03:33.684
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll that did not meet the Microsoft signing level requirements.
Date: 2018-11-13 17:03:33.652
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll that did not meet the Microsoft signing level requirements.
Date: 2018-11-13 17:03:33.458
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll that did not meet the Microsoft signing level requirements.
Date: 2018-11-13 17:03:33.317
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll that did not meet the Microsoft signing level requirements.
Date: 2018-11-13 17:03:33.047
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll that did not meet the Microsoft signing level requirements.
Date: 2018-11-13 17:03:33.033
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll that did not meet the Microsoft signing level requirements.
Date: 2018-11-13 17:03:32.968
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll that did not meet the Microsoft signing level requirements.
Date: 2018-11-13 17:03:32.918
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 50%
Total physical RAM: 8103.24 MB
Available physical RAM: 4017.62 MB
Total Virtual: 10407.24 MB
Available Virtual: 5076.55 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:917.74 GB) (Free:236.09 GB) NTFS
Drive e: (ESP) (Fixed) (Total:0.48 GB) (Free:0.43 GB) FAT32
Drive w: () (Fixed) (Total:0.81 GB) (Free:0.34 GB) NTFS
Drive x: (PBR Image) (Fixed) (Total:10.31 GB) (Free:0.69 GB) NTFS
\\?\Volume{1fb610a5-ad42-40b1-9365-ee0c7ac34582}\ (WINRETOOLS) (Fixed) (Total:2 GB) (Free:1.67 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: D66005E4)
Partition: GPT.
==================== End of Addition.txt ============================
--- --- ---