Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Einige Funde mit Malwarebytes (https://www.trojaner-board.de/196546-einige-funde-malwarebytes.html)

Djchaos 29.09.2019 12:26
Einige Funde mit Malwarebytes
 
Ich habe einen Laptop mit Malwarebytes gescannt und einige (127) Objekte gefunden.

Kann mir jemand bei der Reinigung helfen?

Habe einmal den Report von Malwarebytes beigefügt.

Code:
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 29.09.19
Scan-Zeit: 12:28
Protokolldatei: d21fcdce-e2a3-11e9-ba90-f8a963877fd0.json

-Softwaredaten-
Version: 3.6.1.2711
Komponentenversion: 1.0.519
Version des Aktualisierungspakets: 1.0.12693
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10 (Build 17134.1006)
CPU: x64
Dateisystem: NTFS
Benutzer: FINN\Stefanie

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 291332
Erkannte Bedrohungen: 127
In die Quarantäne verschobene Bedrohungen: 127
Abgelaufene Zeit: 12 Min., 53 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 32
PUP.Optional.Astromenda, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\WSE_Astromenda, In Quarantäne, [285], [175530],1.0.12693
PUP.Optional.Astromenda, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{038CC780-5E75-4C0D-8D8B-82BC0CB658DE}, In Quarantäne, [285], [175530],1.0.12693
PUP.Optional.Astromenda, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{038CC780-5E75-4C0D-8D8B-82BC0CB658DE}, In Quarantäne, [285], [175530],1.0.12693
PUP.Optional.IoloSC, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\IOLO SCU TASK ONE, In Quarantäne, [1209], [349240],1.0.12693
PUP.Optional.IoloSC, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{5E8D4DEB-BE65-448B-ABFA-01285579BD88}, In Quarantäne, [1209], [349240],1.0.12693
PUP.Optional.IoloSC, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{5E8D4DEB-BE65-448B-ABFA-01285579BD88}, In Quarantäne, [1209], [349240],1.0.12693
PUP.Optional.InstallCore, HKU\S-1-5-21-581088433-320290056-2638895184-1001\SOFTWARE\InstallCore, In Quarantäne, [453], [239563],1.0.12693
PUP.Optional.SysTweak, HKU\S-1-5-21-581088433-320290056-2638895184-1001\SOFTWARE\systweak, In Quarantäne, [738], [327156],1.0.12693
PUP.Optional.Astromenda, HKU\S-1-5-21-581088433-320290056-2638895184-1001\SOFTWARE\wse_astromenda, In Quarantäne, [285], [235611],1.0.12693
PUP.Optional.uTab, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\BPMMANDCADFLHNNAICLIPADOMFMDBJBP, In Quarantäne, [2194], [465110],1.0.12693
PUP.Optional.uTab, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\BPMMANDCADFLHNNAICLIPADOMFMDBJBP, In Quarantäne, [2194], [465110],1.0.12693
PUP.Optional.uTab, HKU\S-1-5-21-581088433-320290056-2638895184-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\bpmmandcadflhnnaiclipadomfmdbjbp, In Quarantäne, [2194], [465110],1.0.12693
PUP.Optional.RegCleanPro, HKU\S-1-5-21-581088433-320290056-2638895184-1001\SOFTWARE\REG\Clean, In Quarantäne, [4470], [347493],1.0.12693
PUP.Optional.SystemSpeedup, HKU\S-1-5-21-581088433-320290056-2638895184-1001\SOFTWARE\SYSTWEAK\ssd, In Quarantäne, [1601], [190781],1.0.12693
PUP.Optional.InstallCore, HKLM\SOFTWARE\WOW6432NODE\InstallCore, In Quarantäne, [453], [239564],1.0.12693
PUP.Optional.SysTweak, HKLM\SOFTWARE\WOW6432NODE\Systweak, In Quarantäne, [738], [327155],1.0.12693
PUP.Optional.IoloSC, HKLM\SOFTWARE\WOW6432NODE\IOLO\System Checkup, In Quarantäne, [1209], [349242],1.0.12693
PUP.Optional.CleanMyPC, HKLM\SOFTWARE\WOW6432NODE\REG\Clean, In Quarantäne, [3276], [348488],1.0.12693
PUP.Optional.SystemSpeedup, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\ssd, In Quarantäne, [1601], [190782],1.0.12693
PUP.Optional.Yontoo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Update Framed Display, In Quarantäne, [31], [253986],1.0.12693
PUP.Optional.Yontoo, HKLM\SOFTWARE\POLICIES\GOOGLE\CHROME, In Quarantäne, [31], [-1],0.0.0
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\CHROME, In Quarantäne, [31], [-1],0.0.0
PUP.Optional.WinYahoo.TskLnk, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5248BA88-02C8-6B08-B348-1B8863C8C808}, In Quarantäne, [820], [542290],1.0.12693
PUP.Optional.WinYahoo.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\{2B98FEB0-6DA7-A6C5-DCC0-4113E135866E}\productupdt, In Quarantäne, [218], [625617],1.0.12693
PUP.Optional.WinYahoo.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{60CD12CC-083B-4C1A-B5DC-FE8E11A8B11A}, In Quarantäne, [218], [625617],1.0.12693
PUP.Optional.WinYahoo.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{60CD12CC-083B-4C1A-B5DC-FE8E11A8B11A}, In Quarantäne, [218], [625617],1.0.12693
PUP.Optional.WinYahoo.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\{0C182351-B27D-9E7C-31EE-24E1077FF885}, In Quarantäne, [218], [521470],1.0.12693
PUP.Optional.WinYahoo.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E752AEC8-AC3D-4168-BA19-930CE67D97AE}, In Quarantäne, [218], [521470],1.0.12693
PUP.Optional.WinYahoo.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{E752AEC8-AC3D-4168-BA19-930CE67D97AE}, In Quarantäne, [218], [521470],1.0.12693
PUP.Optional.WinYahoo.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\{032FFC57-D991-AF4D-C890-0273D5EDC3FA}, In Quarantäne, [218], [521470],1.0.12693
PUP.Optional.WinYahoo.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E51CCA77-E57B-41A7-B83C-6A82FDD181C8}, In Quarantäne, [218], [521470],1.0.12693
PUP.Optional.WinYahoo.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{E51CCA77-E57B-41A7-B83C-6A82FDD181C8}, In Quarantäne, [218], [521470],1.0.12693

Registrierungswert: 6
PUP.Optional.Amazon1Button.AppFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, In Quarantäne, [2820], [-1],0.0.0
PUP.Optional.Amazon1Button.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, In Quarantäne, [2820], [-1],0.0.0
PUP.Optional.uTab, HKU\S-1-5-21-581088433-320290056-2638895184-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|BPMMANDCADFLHNNAICLIPADOMFMDBJBP, In Quarantäne, [2194], [465110],1.0.12693
PUP.Optional.NotChromeRun, HKU\S-1-5-21-581088433-320290056-2638895184-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|CHROMIUM, In Quarantäne, [6688], [391151],1.0.12693
PUP.Optional.Astromenda, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|APPPATH, In Quarantäne, [285], [235613],1.0.12693
PUP.Optional.Astromenda, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{038CC780-5E75-4C0D-8D8B-82BC0CB658DE}|PATH, In Quarantäne, [285], [348600],1.0.12693

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 18
PUP.Optional.Astromenda, C:\Program Files (x86)\WSE_Astromenda\BRS, In Quarantäne, [285], [174367],1.0.12693
PUP.Optional.Astromenda, C:\Program Files (x86)\WSE_Astromenda\bh, In Quarantäne, [285], [174367],1.0.12693
PUP.Optional.Astromenda, C:\PROGRAM FILES (X86)\WSE_Astromenda, In Quarantäne, [285], [174367],1.0.12693
PUP.Optional.Astromenda, C:\Users\Stefanie\AppData\Roaming\Astromenda\BRS, In Quarantäne, [285], [175529],1.0.12693
PUP.Optional.Astromenda, C:\USERS\STEFANIE\APPDATA\ROAMING\ASTROMENDA, In Quarantäne, [285], [175529],1.0.12693
PUP.Optional.Astromenda, C:\Users\Stefanie\AppData\Roaming\WSE_Astromenda\icons_3.5.1.2, In Quarantäne, [285], [175530],1.0.12693
PUP.Optional.Astromenda, C:\Users\Stefanie\AppData\Roaming\WSE_Astromenda\UpdateProc, In Quarantäne, [285], [175530],1.0.12693
PUP.Optional.Astromenda, C:\USERS\STEFANIE\APPDATA\ROAMING\WSE_ASTROMENDA, In Quarantäne, [285], [175530],1.0.12693
PUP.Optional.FramedDisplay, C:\PROGRAM FILES (X86)\FRAMED DISPLAY, In Quarantäne, [593], [177228],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\USERS\STEFANIE\APPDATA\LOCAL\{2B3B1D67-0F93-71DF-620B-54374663A8AF}, In Quarantäne, [820], [484244],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{94E1A2BD-B049-CE05-DDD1-EBEDF9B91775}\HowToRemove, In Quarantäne, [820], [484244],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\USERS\STEFANIE\APPDATA\LOCAL\{94E1A2BD-B049-CE05-DDD1-EBEDF9B91775}, In Quarantäne, [820], [484244],1.0.12693
PUP.Optional.SysTweak, C:\USERS\STEFANIE\APPDATA\ROAMING\SYSTWEAK, In Quarantäne, [738], [327152],1.0.12693
PUP.Optional.IoloSC, C:\PROGRAM FILES (X86)\IOLO\SYSTEM CHECKUP, In Quarantäne, [1209], [349237],1.0.12693
PUP.Optional.IoloSC, C:\PROGRAMDATA\IOLO\SCU, In Quarantäne, [1209], [349238],1.0.12693
PUP.Optional.Amazon1Button.AppFlsh, C:\PROGRAM FILES (X86)\AMAZON\AMAZON1BUTTONAPP, In Quarantäne, [2820], [464595],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{53AE65F2-7706-094A-1A9E-2CA23EF6D03A}\HowToRemove, In Quarantäne, [820], [542290],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\USERS\STEFANIE\APPDATA\LOCAL\{53AE65F2-7706-094A-1A9E-2CA23EF6D03A}, In Quarantäne, [820], [542290],1.0.12693

Datei: 71
PUP.Optional.Astromenda, C:\Program Files (x86)\WSE_Astromenda\BRS\Sqlite3.dll, In Quarantäne, [285], [174367],1.0.12693
PUP.Optional.Astromenda, C:\Program Files (x86)\WSE_Astromenda\astcnfg.dat, In Quarantäne, [285], [174367],1.0.12693
PUP.Optional.Astromenda, C:\Program Files (x86)\WSE_Astromenda\FavIcon.ico, In Quarantäne, [285], [174367],1.0.12693
PUP.Optional.Astromenda, C:\Program Files (x86)\WSE_Astromenda\Sqlite3.dll, In Quarantäne, [285], [174367],1.0.12693
PUP.Optional.Astromenda, C:\Program Files (x86)\WSE_Astromenda\uninst.dat, In Quarantäne, [285], [174367],1.0.12693
PUP.Optional.Astromenda, C:\WINDOWS\TASKS\WSE_Astromenda.job, In Quarantäne, [285], [235604],1.0.12693
PUP.Optional.Astromenda, C:\Users\Stefanie\AppData\Roaming\Astromenda\BRS\stats, In Quarantäne, [285], [175529],1.0.12693
PUP.Optional.Astromenda, C:\Users\Stefanie\AppData\Roaming\WSE_Astromenda\icons_3.5.1.2\ctr.ico, In Quarantäne, [285], [175530],1.0.12693
PUP.Optional.Astromenda, C:\Users\Stefanie\AppData\Roaming\WSE_Astromenda\UpdateProc\config.dat, In Quarantäne, [285], [175530],1.0.12693
PUP.Optional.Astromenda, C:\Users\Stefanie\AppData\Roaming\WSE_Astromenda\UpdateProc\info.dat, In Quarantäne, [285], [175530],1.0.12693
PUP.Optional.Astromenda, C:\Users\Stefanie\AppData\Roaming\WSE_Astromenda\UpdateProc\STTL.DAT, In Quarantäne, [285], [175530],1.0.12693
PUP.Optional.Astromenda, C:\Users\Stefanie\AppData\Roaming\WSE_Astromenda\UpdateProc\TTL.DAT, In Quarantäne, [285], [175530],1.0.12693
PUP.Optional.Astromenda, C:\Users\Stefanie\AppData\Roaming\WSE_Astromenda\UpdateProc\UpdateTask.exe, In Quarantäne, [285], [175530],1.0.12693
PUP.Optional.Astromenda, C:\WINDOWS\SYSTEM32\TASKS\WSE_Astromenda, In Quarantäne, [285], [175530],1.0.12693
PUP.Optional.IoloSC, C:\WINDOWS\SYSTEM32\TASKS\IOLO SCU TASK ONE, In Quarantäne, [1209], [349240],1.0.12693
PUP.Optional.SysTweak, C:\WINDOWS\SYSTEM32\ROBOOT64.EXE, In Quarantäne, [738], [395666],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\USERS\STEFANIE\APPDATA\LOCAL\{2B3B1D67-0F93-71DF-620B-54374663A8AF}\cete, In Quarantäne, [820], [484244],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\USERS\STEFANIE\APPDATA\LOCAL\{94E1A2BD-B049-CE05-DDD1-EBEDF9B91775}\sila, In Quarantäne, [820], [484244],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{94E1A2BD-B049-CE05-DDD1-EBEDF9B91775}\HowToRemove\chromium-min.jpg, In Quarantäne, [820], [484244],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{94E1A2BD-B049-CE05-DDD1-EBEDF9B91775}\HowToRemove\control panel-min-min.JPG, In Quarantäne, [820], [484244],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{94E1A2BD-B049-CE05-DDD1-EBEDF9B91775}\HowToRemove\down.png, In Quarantäne, [820], [484244],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{94E1A2BD-B049-CE05-DDD1-EBEDF9B91775}\HowToRemove\ff menu.JPG, In Quarantäne, [820], [484244],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{94E1A2BD-B049-CE05-DDD1-EBEDF9B91775}\HowToRemove\ff search engine-min.png, In Quarantäne, [820], [484244],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{94E1A2BD-B049-CE05-DDD1-EBEDF9B91775}\HowToRemove\HowToRemove.html, In Quarantäne, [820], [484244],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{94E1A2BD-B049-CE05-DDD1-EBEDF9B91775}\HowToRemove\hp-min ff.png, In Quarantäne, [820], [484244],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{94E1A2BD-B049-CE05-DDD1-EBEDF9B91775}\HowToRemove\hp-min ie.png, In Quarantäne, [820], [484244],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{94E1A2BD-B049-CE05-DDD1-EBEDF9B91775}\HowToRemove\search engine.gif, In Quarantäne, [820], [484244],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{94E1A2BD-B049-CE05-DDD1-EBEDF9B91775}\HowToRemove\setup pages.gif, In Quarantäne, [820], [484244],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{94E1A2BD-B049-CE05-DDD1-EBEDF9B91775}\HowToRemove\sp-min.png, In Quarantäne, [820], [484244],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{94E1A2BD-B049-CE05-DDD1-EBEDF9B91775}\HowToRemove\start-min.jpg, In Quarantäne, [820], [484244],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{94E1A2BD-B049-CE05-DDD1-EBEDF9B91775}\HowToRemove\up.png, In Quarantäne, [820], [484244],1.0.12693
PUP.Optional.IoloSC, C:\ProgramData\iolo\SCU\fileinfo.dll, In Quarantäne, [1209], [349238],1.0.12693
PUP.Optional.IoloSC, C:\ProgramData\iolo\SCU\scuebhtml.dll, In Quarantäne, [1209], [349238],1.0.12693
PUP.Optional.IoloSC, C:\ProgramData\iolo\SCU\sculnch.lnk, In Quarantäne, [1209], [349238],1.0.12693
PUP.Optional.IoloSC, C:\ProgramData\iolo\SCU\scutstr.dll, In Quarantäne, [1209], [349238],1.0.12693
PUP.Optional.IoloSC, C:\ProgramData\iolo\SCU\smscn.dll, In Quarantäne, [1209], [349238],1.0.12693
PUP.Optional.uTab, C:\USERS\STEFANIE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Ersetzt, [2194], [465110],1.0.12693
PUP.Optional.Yontoo, C:\DOCUMENTS AND SETTINGS\ALL USERS\NTUSER.POL, In Quarantäne, [31], [-1],0.0.0
PUP.Optional.Yontoo, C:\PROGRAMDATA\NTUSER.POL, In Quarantäne, [31], [-1],0.0.0
PUP.Optional.Yontoo, C:\WINDOWS\SYSTEM32\GROUPPOLICY\MACHINE\REGISTRY.POL, In Quarantäne, [31], [-1],0.0.0
PUP.Optional.WinYahoo.TskLnk, C:\PROGRAMDATA\Microsoft\Windows\Start Menu\Programs\HowToRemove.lnk, In Quarantäne, [820], [542290],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\USERS\STEFANIE\APPDATA\ROAMING\Microsoft\Windows\Start Menu\Programs\HowToRemove.lnk, In Quarantäne, [820], [542290],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\USERS\STEFANIE\APPDATA\LOCAL\{53AE65F2-7706-094A-1A9E-2CA23EF6D03A}\HOWTOREMOVE\HOWTOREMOVE.HTML, In Quarantäne, [820], [542290],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{53AE65F2-7706-094A-1A9E-2CA23EF6D03A}\HowToRemove\chromium-min.jpg, In Quarantäne, [820], [542290],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{53AE65F2-7706-094A-1A9E-2CA23EF6D03A}\HowToRemove\control panel-min-min.JPG, In Quarantäne, [820], [542290],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{53AE65F2-7706-094A-1A9E-2CA23EF6D03A}\HowToRemove\down.png, In Quarantäne, [820], [542290],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{53AE65F2-7706-094A-1A9E-2CA23EF6D03A}\HowToRemove\ff menu.JPG, In Quarantäne, [820], [542290],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{53AE65F2-7706-094A-1A9E-2CA23EF6D03A}\HowToRemove\ff search engine-min.png, In Quarantäne, [820], [542290],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{53AE65F2-7706-094A-1A9E-2CA23EF6D03A}\HowToRemove\hp-min ff.png, In Quarantäne, [820], [542290],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{53AE65F2-7706-094A-1A9E-2CA23EF6D03A}\HowToRemove\hp-min ie.png, In Quarantäne, [820], [542290],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{53AE65F2-7706-094A-1A9E-2CA23EF6D03A}\HowToRemove\search engine.gif, In Quarantäne, [820], [542290],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{53AE65F2-7706-094A-1A9E-2CA23EF6D03A}\HowToRemove\setup pages.gif, In Quarantäne, [820], [542290],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{53AE65F2-7706-094A-1A9E-2CA23EF6D03A}\HowToRemove\sp-min.png, In Quarantäne, [820], [542290],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{53AE65F2-7706-094A-1A9E-2CA23EF6D03A}\HowToRemove\start-min.jpg, In Quarantäne, [820], [542290],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{53AE65F2-7706-094A-1A9E-2CA23EF6D03A}\HowToRemove\up.png, In Quarantäne, [820], [542290],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{53AE65F2-7706-094A-1A9E-2CA23EF6D03A}\teserol, In Quarantäne, [820], [542290],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{53AE65F2-7706-094A-1A9E-2CA23EF6D03A}\torelom, In Quarantäne, [820], [542290],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{53AE65F2-7706-094A-1A9E-2CA23EF6D03A}\uninst.exe, In Quarantäne, [820], [542290],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{53AE65F2-7706-094A-1A9E-2CA23EF6D03A}\uninstp.dat, In Quarantäne, [820], [542290],1.0.12693
Generic.Malware/Suspicious, C:\USERS\STEFANIE\APPDATA\LOCAL\DSISETUP19777226252.EXE, In Quarantäne, [0], [392686],1.0.12693
PUP.Optional.WinYahoo, C:\USERS\STEFANIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H857AA1H.DEFAULT\SEARCHPLUGINS\SEARCH.YAHOO.COM.XML, In Quarantäne, [239], [388384],1.0.12693
Generic.Malware/Suspicious, C:\USERS\STEFANIE\APPDATA\LOCAL\DSISETUP10769842.EXE, In Quarantäne, [0], [392686],1.0.12693
PUP.Optional.WinYahoo.Generic, C:\WINDOWS\SYSTEM32\TASKS\{2B98FEB0-6DA7-A6C5-DCC0-4113E135866E}\productupdt, In Quarantäne, [218], [625617],1.0.12693
PUP.Optional.WinYahoo.Generic, C:\WINDOWS\TASKS\{0C182351-B27D-9E7C-31EE-24E1077FF885}.job, In Quarantäne, [218], [521470],1.0.12693
PUP.Optional.WinYahoo.Generic, C:\WINDOWS\SYSTEM32\TASKS\{0C182351-B27D-9E7C-31EE-24E1077FF885}, In Quarantäne, [218], [521470],1.0.12693
PUP.Optional.WinYahoo.Generic, C:\WINDOWS\TASKS\{032FFC57-D991-AF4D-C890-0273D5EDC3FA}.job, In Quarantäne, [218], [521470],1.0.12693
PUP.Optional.WinYahoo.Generic, C:\WINDOWS\SYSTEM32\TASKS\{032FFC57-D991-AF4D-C890-0273D5EDC3FA}, In Quarantäne, [218], [521470],1.0.12693
Adware.WinYahoo, C:\USERS\STEFANIE\APPDATA\ROAMING\2B98FEB06DA7A6C5DCC04113E135866E\TRZC022.TMP, In Quarantäne, [661], [740013],1.0.12693
PUP.Optional.ChipDe, C:\USERS\STEFANIE\DOWNLOADS\AVI PLAYER - CHIP-INSTALLER.EXE, In Quarantäne, [538], [621518],1.0.12693
PUP.Optional.IoloSC, C:\USERS\STEFANIE\DOWNLOADS\SCUDOWNLOADER.EXE, In Quarantäne, [1209], [349236],1.0.12693
PUP.Optional.DsiLoad, C:\USERS\STEFANIE\APPDATA\LOCAL\DSISETUP4729108752.EXE, In Quarantäne, [11665], [68115],1.0.12693

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)

WMI: 0
(keine bösartigen Elemente erkannt)


(end)

cosinus 29.09.2019 20:12
Lesestoff:
Hinweise für Hilfensuchende

Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?




Lesestoff:
Posten in CODE-Tags

Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Djchaos 04.10.2019 15:59
Hallo,
sorry ich konnte paar Tage nicht am Rechner sein. Hoffe das macht nix.
Habe mal FRST laufen lassen.
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:28-07-2015
durchgeführt von Stefanie (Administrator) auf FINN (04-10-2019 16:27:58)
Gestartet von C:\Users\Stefanie\Desktop
Geladene Profile: Stefanie (Verfügbare Profile: Stefanie)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

konnte nicht auf den Prozess zugreifen -> Registry
(Microsoft Corporation) C:\Windows\System32\fontdrvhost.exe
(Microsoft Corporation) C:\Windows\System32\fontdrvhost.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
konnte nicht auf den Prozess zugreifen -> Memory Compression
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(Microsoft Corporation) C:\Windows\System32\SecurityHealthService.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\System32\sihost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\taskhostw.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(TOSHIBA) C:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TDUSrv64.exe
(RedFox) C:\Program Files (x86)\RedFox\CloneCD\CloneCDTray.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Corporation) C:\Windows\System32\SgrmBroker.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\ApplicationFrameHost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\System32\SystemSettingsBroker.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.302\GoogleCrashHandler.exe
(Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.302\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\taskhostw.exe
(Microsoft Corporation) C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-10-09] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [179288 2014-01-05] (TOSHIBA Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296008 2013-10-22] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-09-29] (AVAST Software)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2013-08-06] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\RedFox\CloneCD\CloneCDTray.exe [57344 2016-03-29] (RedFox)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [20488312 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [20488312 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-581088433-320290056-2638895184-1001\...\Run: [OneDrive] => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\OneDrive.exe [1592440 2019-10-04] (Microsoft Corporation)
HKU\S-1-5-21-581088433-320290056-2638895184-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22714912 2019-08-15] (Piriform Ltd)
HKU\S-1-5-21-581088433-320290056-2638895184-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-581088433-320290056-2638895184-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-581088433-320290056-2638895184-1001\...\RunOnce: [Uninstall 19.152.0801.0009\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0801.0009\amd64"
HKU\S-1-5-21-581088433-320290056-2638895184-1001\...\RunOnce: [Uninstall 19.152.0801.0009] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0801.0009"
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Windows\System32\osk.exe [623104 2018-10-21] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Windows\System32\osk.exe [623104 2018-10-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-29] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileSyncShell.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileSyncShell.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileSyncShell.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileSyncShell.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileSyncShell.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileSyncShell.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileSyncShell.dll [2019-10-04] (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ATTENTION

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-09b708085549b3cc
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-09b708085549b3cc
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-581088433-320290056-2638895184-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-09b708085549b3cc
HKU\S-1-5-21-581088433-320290056-2638895184-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TEJB
HKU\S-1-5-21-581088433-320290056-2638895184-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/symbaloo_c
SearchScopes: HKLM -> DefaultScope {4A7A7036-93FB-4B53-9434-2E9D0BDBBC8E} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-219b8a270528f977&q={searchTerms}
SearchScopes: HKLM -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKLM -> {4A7A7036-93FB-4B53-9434-2E9D0BDBBC8E} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-219b8a270528f977&q={searchTerms}
SearchScopes: HKLM -> {bce42d98-b1cd-493f-a64c-107aae7521be} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {4A7A7036-93FB-4B53-9434-2E9D0BDBBC8E} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-219b8a270528f977&q={searchTerms}
SearchScopes: HKLM-x32 -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {4A7A7036-93FB-4B53-9434-2E9D0BDBBC8E} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-219b8a270528f977&q={searchTerms}
SearchScopes: HKLM-x32 -> {bce42d98-b1cd-493f-a64c-107aae7521be} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-581088433-320290056-2638895184-1001 -> DefaultScope {1b31c9d2-7135-442b-bb93-7c002172adc6} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-219b8a270528f977&q={searchTerms}
SearchScopes: HKU\S-1-5-21-581088433-320290056-2638895184-1001 -> {1b31c9d2-7135-442b-bb93-7c002172adc6} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-219b8a270528f977&q={searchTerms}
SearchScopes: HKU\S-1-5-21-581088433-320290056-2638895184-1001 -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-581088433-320290056-2638895184-1001 -> {bce42d98-b1cd-493f-a64c-107aae7521be} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-581088433-320290056-2638895184-1001 -> {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2019-08-20] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2019-04-30] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-10-22] (Microsoft Corporation)
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll [2018-06-08] (Microsoft Corporation)
Handler-x32: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2018-06-08] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{75013482-b294-4535-9c56-b2178f6e757f}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{a516b4d1-81c3-4daa-bf24-f5142955b826}: [DhcpNameServer] 192.168.2.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Stefanie\AppData\Roaming\Mozilla\Firefox\Profiles\h857aa1h.default
FF SelectedSearchEngine: Search Provided by Yahoo
FF DefaultSearchEngine: Search Provided by Yahoo
FF NewTab: about:newtab
FF Homepage: https://www.bing.com/search?FORM=INCOH1&PC=IC04&PTAG=ICO-eb682354
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_255.dll [2019-09-11] ()
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_255.dll [2019-09-11] ()
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-10-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-02] (Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-02] (Google LLC)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-07-31] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Stefanie\AppData\Roaming\Mozilla\Firefox\Profiles\h857aa1h.default\user.js [2014-10-20]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome:
=======
CHR Profile: C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Slides) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-30]
CHR Extension: (Docs) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-30]
CHR Extension: (Google Drive) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-06-30]
CHR Extension: (YouTube) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-30]
CHR Extension: (Sheets) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-30]
CHR Extension: (Search Selector Beta) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gboaiodgdajeapekadgejlbmabjganof [2019-07-04]
CHR Extension: (Google Docs Offline) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-06-30]
CHR Extension: (Avast Online Security) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-09-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-30]
CHR Extension: (Gmail) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-06-30]
CHR Extension: (Chrome Media Router) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-30]
CHR HKLM\...\Chrome\Extension: [gboaiodgdajeapekadgejlbmabjganof] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-581088433-320290056-2638895184-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gboaiodgdajeapekadgejlbmabjganof] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gboaiodgdajeapekadgejlbmabjganof] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - https://clients2.google.com/service/update2/crx

==================== Services (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-09-11] (Adobe)
S3 AJRouter; C:\Windows\System32\AJRouter.dll [25088 2018-04-12] (Microsoft Corporation)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6085360 2019-09-29] (AVAST Software)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-03-19] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-09-29] (AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-09-29] (AVAST Software)
R3 BTAGService; C:\Windows\System32\BTAGService.dll [514048 2018-11-09] (Microsoft Corporation)
R3 BthAvctpSvc; C:\Windows\System32\BthAvctpSvc.dll [399872 2018-11-09] (Microsoft Corporation)
R3 camsvc; C:\Windows\system32\CapabilityAccessManager.dll [266752 2019-01-09] (Microsoft Corporation)
R2 CDPSvc; C:\Windows\System32\CDPSvc.dll [632320 2018-10-21] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058256 2019-02-13] (Microsoft Corporation)
R3 ClipSVC; C:\Windows\System32\ClipSVC.dll [1033696 2019-06-13] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [885760 2018-12-08] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [567256 2018-12-08] (Microsoft Corporation)
S3 DevQueryBroker; C:\Windows\system32\DevQueryBroker.dll [33792 2018-04-12] (Microsoft Corporation)
S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [90112 2019-05-03] (Microsoft Corporation)
S3 diagsvc; C:\Windows\system32\DiagSvc.dll [219648 2018-04-12] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [827392 2019-04-19] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [593408 2019-04-19] (Microsoft Corporation)
S3 dmwappushservice; C:\Windows\system32\dmwappushsvc.dll [57856 2018-04-12] (Microsoft Corporation)
R2 DoSvc; C:\Windows\System32\svchost.exe [85472 2019-01-09] (Microsoft Corporation)
R2 DoSvc; C:\Windows\SysWOW64\svchost.exe [71456 2019-01-09] (Microsoft Corporation)
R3 DsSvc; C:\Windows\System32\DsSvc.dll [155136 2019-09-04] (Microsoft Corporation)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [21840 2014-03-03] ()
R2 DusmSvc; C:\Windows\System32\dusmsvc.dll [356352 2018-12-08] (Microsoft Corporation)
S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [167424 2018-04-12] (Microsoft Corporation)
S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [308736 2018-11-09] (Microsoft Corporation)
S3 FrameServer; C:\Windows\system32\FrameServer.dll [673792 2018-06-08] (Microsoft Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-02-26] (WildTangent)
S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\elevation_service.exe [1106416 2019-09-18] (Google LLC)
S3 GraphicsPerfSvc; C:\Windows\System32\GraphicsPerfSvc.dll [90624 2018-04-12] (Microsoft Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [358264 2019-08-07] (HP Inc.)
S3 HvHost; C:\Windows\System32\hvhostsvc.dll [61736 2018-08-03] (Microsoft Corporation)
S3 icssvc; C:\Windows\System32\tetheringservice.dll [241152 2018-11-01] (Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [337888 2016-09-01] (Intel Corporation)
S3 InstallService; C:\Windows\system32\InstallService.dll [1487360 2019-05-17] (Microsoft Corporation)
S3 InstallService; C:\Windows\SysWOW64\InstallService.dll [1110528 2019-05-17] (Microsoft Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
S3 IpxlatCfgSvc; C:\Windows\System32\IpxlatCfg.dll [63488 2018-04-12] (Microsoft Corporation)
R3 lfsvc; C:\Windows\System32\lfsvc.dll [44544 2018-04-12] (Microsoft Corporation)
R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [48640 2018-04-12] (Microsoft Corporation)
S3 LxpSvc; C:\Windows\System32\LanguageOverlayServer.dll [199680 2018-04-12] (Microsoft Corporation)
S2 MapsBroker; C:\Windows\System32\moshost.dll [91136 2018-07-06] (Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239696 2013-07-23] ()
S3 NaturalAuthentication; C:\Windows\System32\NaturalAuth.dll [824832 2018-04-12] (Microsoft Corporation)
S3 NetSetupSvc; C:\Windows\System32\NetSetupSvc.dll [335360 2019-07-09] (Microsoft Corporation)
R3 NgcCtnrSvc; C:\Windows\System32\NgcCtnrSvc.dll [582144 2019-07-09] (Microsoft Corporation)
R3 NgcSvc; C:\Windows\system32\ngcsvc.dll [784896 2019-04-19] (Microsoft Corporation)
S3 PhoneSvc; C:\Windows\System32\PhoneService.dll [835584 2018-11-01] (Microsoft Corporation)
S3 PushToInstall; C:\Windows\system32\PushToInstall.dll [262144 2018-07-14] (Microsoft Corporation)
S3 RetailDemo; C:\Windows\system32\RDXService.dll [681984 2018-04-12] (Microsoft Corporation)
R3 RmSvc; C:\Windows\System32\RMapi.dll [153600 2018-12-08] (Microsoft Corporation)
R2 SecurityHealthService; C:\Windows\system32\SecurityHealthService.exe [760888 2018-07-14] (Microsoft Corporation)
R2 sedsvc; C:\Program Files\rempl\sedsvc.exe [357680 2019-08-26] (Microsoft Corporation)
R3 SEMgrSvc; C:\Windows\system32\SEMgrSvc.dll [1248768 2018-04-12] (Microsoft Corporation)
S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1273344 2018-04-12] (Microsoft Corporation)
S3 SensorService; C:\Windows\system32\SensorService.dll [712192 2018-04-12] (Microsoft Corporation)
R2 SgrmBroker; C:\Windows\system32\SgrmBroker.exe [163336 2018-04-12] (Microsoft Corporation)
S3 SharedRealitySvc; C:\Windows\System32\SharedRealitySvc.dll [713216 2019-06-13] (Microsoft Corporation)
S4 shpamsvc; C:\Windows\system32\Windows.SharedPC.AccountManager.dll [195584 2018-04-12] (Microsoft Corporation)
S3 SmsRouter; C:\Windows\system32\SmsRouterSvc.dll [590336 2018-04-12] (Microsoft Corporation)
S3 spectrum; C:\Windows\system32\spectrum.exe [976384 2018-06-08] (Microsoft Corporation)
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [4970360 2018-06-08] (Microsoft Corporation)
R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [4469832 2018-06-08] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [287240 2018-03-29] (Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12135768 2019-09-24] (TeamViewer GmbH)
R3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [120392 2015-11-17] (Toshiba Europe GmbH)
S3 TieringEngineService; C:\Windows\system32\TieringEngineService.exe [303616 2018-04-12] (Microsoft Corporation)
R3 TimeBrokerSvc; C:\Windows\System32\TimeBrokerServer.dll [176128 2018-04-12] (Microsoft Corporation)
R3 TokenBroker; C:\Windows\System32\TokenBroker.dll [1400832 2019-07-09] (Microsoft Corporation)
R3 TokenBroker; C:\Windows\SysWOW64\TokenBroker.dll [1003008 2019-07-09] (Microsoft Corporation)
S4 tzautoupdate; C:\Windows\system32\tzautoupdate.dll [92160 2018-11-09] (Microsoft Corporation)
S4 tzautoupdate; C:\Windows\SysWOW64\tzautoupdate.dll [72192 2018-04-12] (Microsoft Corporation)
R2 UserManager; C:\Windows\System32\usermgr.dll [1027584 2019-05-17] (Microsoft Corporation)
R2 UsoSvc; C:\Windows\system32\usocore.dll [1398272 2019-09-04] (Microsoft Corporation)
S3 VacSvc; C:\Windows\System32\vac.dll [411256 2018-04-12] (Microsoft Corporation)
S3 vmicrdv; C:\Windows\System32\icsvcext.dll [309760 2018-04-12] (Microsoft Corporation)
S3 vmicvmsession; C:\Windows\System32\icsvc.dll [289792 2018-04-12] (Microsoft Corporation)
S3 vmicvss; C:\Windows\System32\icsvcext.dll [309760 2018-04-12] (Microsoft Corporation)
S3 WaaSMedicSvc; C:\Windows\System32\WaaSMedicSvc.dll [392704 2019-01-09] (Microsoft Corporation)
S3 WalletService; C:\Windows\system32\WalletService.dll [427520 2018-04-12] (Microsoft Corporation)
S3 WarpJITSvc; C:\Windows\System32\Windows.WARP.JITService.dll [31744 2018-04-12] (Microsoft Corporation)
S3 WFDSConMgrSvc; C:\Windows\System32\wfdsconmgrsvc.dll [681984 2018-07-14] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1908.7-0\MsMpEng.exe [103168 2019-09-19] (Microsoft Corporation)
S3 wisvc; C:\Windows\system32\flightsettings.dll [858112 2018-06-08] (Microsoft Corporation)
S3 wisvc; C:\Windows\SysWOW64\flightsettings.dll [729088 2018-06-08] (Microsoft Corporation)
S3 wlpasvc; C:\Windows\System32\lpasvc.dll [1364992 2019-02-16] (Microsoft Corporation)
S3 WpcMonSvc; C:\Windows\System32\WpcDesktopMonSvc.dll [1456640 2018-06-06] (Microsoft Corporation)
R2 WpnService; C:\Windows\system32\WpnService.dll [280576 2018-04-12] (Microsoft Corporation)
S3 xbgm; C:\Windows\system32\xbgmsvc.exe [59512 2018-04-12] (Microsoft Corporation)
R3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [1115648 2018-04-12] (Microsoft Corporation)
S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1308672 2018-04-12] (Microsoft Corporation)
S3 XboxGipSvc; C:\Windows\System32\XboxGipSvc.dll [58880 2018-04-12] (Microsoft Corporation)
S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1148928 2018-04-12] (Microsoft Corporation)
S3 WdNisSvc; "%ProgramData%\Microsoft\Windows Defender\platform\4.18.1908.7-0\NisSrv.exe" [X]

==================== Drivers (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [20480 2018-04-12] (Microsoft Corporation)
R1 afunix; C:\Windows\system32\drivers\afunix.sys [39424 2018-04-12] (Microsoft Corporation)
S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [18432 2018-04-12] (Microsoft Corporation)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37616 2019-09-29] (AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [204824 2019-09-29] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [274456 2019-09-29] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [209552 2019-09-29] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [65120 2019-09-29] (AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [16304 2019-09-29] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [276952 2019-09-29] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42736 2019-09-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [171520 2019-09-29] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110320 2019-09-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [83792 2019-09-29] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [848432 2019-09-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460448 2019-09-30] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [236024 2019-09-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [316528 2019-09-29] (AVAST Software)
S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533912 2018-04-12] (QLogic Corporation)
R1 bam; C:\Windows\System32\drivers\bam.sys [60320 2018-04-12] (Microsoft Corporation)
S3 BcastDVRUserService; No ImagePath
S3 BcastDVRUserService_93ffe; No ImagePath
S3 bindflt; C:\Windows\system32\drivers\bindflt.sys [92704 2019-01-09] (Microsoft Corporation)
S3 BluetoothUserService; No ImagePath
S3 BluetoothUserService_93ffe; No ImagePath
R3 BthLEEnum; C:\Windows\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [86528 2018-04-12] (Microsoft Corporation)
S0 bttflt; C:\Windows\System32\drivers\bttflt.sys [38304 2018-04-12] (Microsoft Corporation)
S3 buttonconverter; C:\Windows\System32\drivers\buttonconverter.sys [39936 2018-04-12] (Microsoft Corporation)
R3 CAD; C:\Windows\System32\drivers\CAD.sys [60320 2018-04-12] (Microsoft Corporation)
S3 CapImg; C:\Windows\System32\drivers\capimg.sys [123392 2018-04-12] (Microsoft Corporation)
S2 CDPUserSvc; No ImagePath
R2 CDPUserSvc_93ffe; No ImagePath
S0 cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [321432 2018-04-12] (Chelsio Communications)
S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [1836952 2018-04-12] (Chelsio Communications)
R2 CldFlt; C:\Windows\System32\drivers\cldflt.sys [414720 2019-07-09] (Microsoft Corporation)
S4 cnghwassist; C:\Windows\System32\DRIVERS\cnghwassist.sys [39328 2018-04-12] (Microsoft Corporation)
R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_bcb89b3386563bd7\CompositeBus.sys [40448 2018-04-12] (Microsoft Corporation)
S3 DevicePickerUserSvc; No ImagePath
S3 DevicePickerUserSvc_93ffe; No ImagePath
S3 DevicesFlowUserSvc; No ImagePath
S3 DevicesFlowUserSvc_93ffe; No ImagePath
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3419032 2018-04-12] (QLogic Corporation)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40872 2014-02-10] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40872 2014-02-10] (SlySoft, Inc.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-12-04] (Malwarebytes)
R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [55808 2018-04-12] (Microsoft Corporation)
S3 GENERICDRV; C:\Program Files (x86)\UEFI WinFlash\amifldrv64.sys [15640 2012-07-27] ()
S3 genericusbfn; C:\Windows\System32\drivers\genericusbfn.sys [20992 2018-04-12] (Microsoft Corporation)
R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2018-04-12] (Microsoft Corporation)
S3 hidinterrupt; C:\Windows\System32\drivers\hidinterrupt.sys [50592 2018-04-12] (Microsoft Corporation)
S4 hvcrash; C:\Windows\System32\drivers\hvcrash.sys [33184 2018-04-12] (Microsoft Corporation)
S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [76304 2019-06-07] (Microsoft Corporation)
S3 hwdatacard; C:\Windows\system32\DRIVERS\ewusbmdm.sys [115328 2015-02-26] (Huawei Technologies Co., Ltd.) [Datei ist nicht signiert]
S3 HwNClx0101; C:\Windows\System32\Drivers\mshwnclx.sys [27136 2018-04-12] (Microsoft Corporation)
S3 iagpio; C:\Windows\System32\drivers\iagpio.sys [36864 2018-04-12] (Intel(R) Corporation)
S3 iai2c; C:\Windows\System32\drivers\iai2c.sys [91648 2018-04-12] (Intel(R) Corporation)
S3 iaLPSS2i_GPIO2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [79360 2018-04-12] (Intel Corporation)
S3 iaLPSS2i_GPIO2_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [88576 2018-04-12] (Intel Corporation)
S3 iaLPSS2i_I2C; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [171520 2018-04-12] (Intel Corporation)
S3 iaLPSS2i_I2C_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [174592 2018-04-12] (Intel Corporation)
S0 iaStorAVC; C:\Windows\System32\drivers\iaStorAVC.sys [885144 2018-04-12] (Intel Corporation)
S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [526232 2018-04-12] (Mellanox)
S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [38912 2018-04-12] (Microsoft Corporation)
R0 iorate; C:\Windows\System32\drivers\iorate.sys [58168 2018-12-08] (Microsoft Corporation)
S3 IPT; C:\Windows\System32\drivers\ipt.sys [32256 2018-04-12] (Microsoft Corporation)
S0 ItSas35i; C:\Windows\System32\drivers\ItSas35i.sys [145816 2018-04-12] (Avago Technologies)
S0 LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [124312 2018-04-12] (LSI Corporation)
S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [128408 2018-04-12] (Avago Technologies)
S3 mausbhost; C:\Windows\System32\drivers\mausbhost.sys [505240 2018-04-12] (Microsoft Corporation)
S3 mausbip; C:\Windows\System32\drivers\mausbip.sys [56736 2018-04-12] (Microsoft Corporation)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198512 2019-09-29] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [126624 2019-09-29] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [72536 2019-09-29] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [261032 2019-09-29] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [113016 2019-10-04] (Malwarebytes)
S0 megasas; C:\Windows\System32\drivers\megasas.sys [59800 2018-04-12] (Avago Technologies)
S0 megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [75160 2018-04-12] (Avago Technologies)
S0 megasas35i; C:\Windows\System32\drivers\megasas35i.sys [82328 2018-04-12] (Avago Technologies)
S3 MessagingService; No ImagePath
S3 MessagingService_93ffe; No ImagePath
R3 Microsoft_Bluetooth_AvrcpTransport; C:\Windows\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation)
S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [842648 2018-04-12] (Mellanox)
R2 MMCSS; C:\Windows\system32\drivers\mmcss.sys [43008 2018-12-08] (Microsoft Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [29192 2016-03-17] (Marvell Semiconductor, Inc.)
S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [108952 2018-04-12] (Mellanox)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [175104 2018-04-12] (Microsoft Corporation)
S3 netvsc; C:\Windows\System32\drivers\netvsc.sys [197632 2018-04-12] (Microsoft Corporation)
S3 nvdimm; C:\Windows\System32\drivers\nvdimm.sys [104448 2018-04-12] (Microsoft Corporation)
S2 OneSyncSvc; No ImagePath
R2 OneSyncSvc_93ffe; No ImagePath
S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58776 2018-04-12] (Avago Technologies)
S0 percsas3i; C:\Windows\System32\drivers\percsas3i.sys [61848 2018-04-12] (Avago Technologies)
S3 PimIndexMaintenanceSvc; No ImagePath
R3 PimIndexMaintenanceSvc_93ffe; No ImagePath
S3 pmem; C:\Windows\System32\drivers\pmem.sys [105984 2018-04-12] (Microsoft Corporation)
S3 PrintWorkflowUserSvc; No ImagePath
S3 PrintWorkflowUserSvc_93ffe; No ImagePath
S0 Ramdisk; C:\Windows\System32\DRIVERS\ramdisk.sys [39840 2018-04-12] (Microsoft Corporation)
S3 ReFSv1; C:\Windows\System32\Drivers\ReFSv1.sys [945464 2019-03-06] (Microsoft Corporation)
S3 rhproxy; C:\Windows\System32\drivers\rhproxy.sys [104448 2018-04-12] (Microsoft Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-09] (Realtek Semiconductor Corp.)
S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [128920 2018-08-03] (Microsoft Corporation)
S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [33176 2018-04-12] (Microsoft Corporation)
R0 SgrmAgent; C:\Windows\System32\drivers\SgrmAgent.sys [63896 2018-04-12] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [54792 2018-03-29] (Synaptics Incorporated)
S3 SpatialGraphFilter; C:\Windows\System32\drivers\SpatialGraphFilter.sys [57752 2018-04-12] (Microsoft Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [82432 2019-03-14] (Microsoft Corporation)
S0 storufs; C:\Windows\System32\drivers\storufs.sys [48544 2018-06-15] (Microsoft Corporation)
R3 swenum; C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_ea7b19c04e7a8136\swenum.sys [18336 2018-04-12] (Microsoft Corporation)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [54424 2015-07-29] (Toshiba Corporation)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [128512 2018-04-12] (Microsoft Corporation)
S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [152576 2018-04-12] (Microsoft Corporation)
S3 UcmUcsi; C:\Windows\System32\drivers\UcmUcsi.sys [57856 2018-04-12] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [45056 2018-04-12] (Microsoft Corporation)
S3 Ufx01000; C:\Windows\System32\drivers\ufx01000.sys [282008 2018-04-12] (Microsoft Corporation)
S3 UfxChipidea; C:\Windows\System32\drivers\UfxChipidea.sys [98200 2018-04-12] (Microsoft Corporation)
S3 ufxsynopsys; C:\Windows\System32\drivers\ufxsynopsys.sys [144288 2018-04-12] (Microsoft Corporation)
S3 UnistoreSvc; No ImagePath
R3 UnistoreSvc_93ffe; No ImagePath
S3 UrsChipidea; C:\Windows\System32\drivers\urschipidea.sys [29088 2018-04-12] (Microsoft Corporation)
S3 UrsCx01000; C:\Windows\System32\drivers\urscx01000.sys [67992 2018-04-12] (Microsoft Corporation)
S3 UrsSynopsys; C:\Windows\System32\drivers\urssynopsys.sys [28064 2018-04-12] (Microsoft Corporation)
S3 UserDataSvc; No ImagePath
R3 UserDataSvc_93ffe; No ImagePath
S3 vhf; C:\Windows\System32\drivers\vhf.sys [36352 2018-10-21] (Microsoft Corporation)
S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [10240 2018-08-03] (Microsoft Corporation)
R0 volume; C:\Windows\System32\drivers\volume.sys [16288 2018-04-12] (Microsoft Corporation)
R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [152072 2019-03-14] (Microsoft Corporation)
R3 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [83456 2018-12-08] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46472 2019-09-19] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [346336 2019-09-19] (Microsoft Corporation)
S3 wdiwifi; C:\Windows\System32\DRIVERS\wdiwifi.sys [787968 2019-05-17] (Microsoft Corporation)
S3 WdmCompanionFilter; C:\Windows\System32\drivers\WdmCompanionFilter.sys [21408 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [53984 2019-09-19] (Microsoft Corporation)
R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [72768 2018-06-15] (Microsoft Corporation)
R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [18472 2018-04-12] (Microsoft Corporation)
S3 WinMad; C:\Windows\System32\drivers\winmad.sys [32152 2018-04-12] (Mellanox)
S3 WinNat; C:\Windows\System32\drivers\winnat.sys [228864 2019-05-17] (Microsoft Corporation)
S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [64920 2018-04-12] (Mellanox)
S2 WpnUserService; No ImagePath
R2 WpnUserService_93ffe; No ImagePath
S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [295424 2018-06-15] (Microsoft Corporation)
S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [46592 2018-04-12] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

NETSVC: InstallService -> C:\Windows\system32\InstallService.dll (Microsoft Corporation)
NETSVC: LxpSvc -> C:\Windows\System32\LanguageOverlayServer.dll (Microsoft Corporation)
NETSVC: shpamsvc -> C:\Windows\system32\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
NETSVC: PushToInstall -> C:\Windows\system32\PushToInstall.dll (Microsoft Corporation)
NETSVC: XblGameSave -> C:\Windows\System32\XblGameSave.dll (Microsoft Corporation)
NETSVC: DmEnrollmentSvc -> C:\Windows\system32\Windows.Internal.Management.dll (Microsoft Corporation)
NETSVC: XblAuthManager -> C:\Windows\System32\XblAuthManager.dll (Microsoft Corporation)
NETSVC: NaturalAuthentication -> C:\Windows\System32\NaturalAuth.dll (Microsoft Corporation)
NETSVC: NetSetupSvc -> C:\Windows\System32\NetSetupSvc.dll (Microsoft Corporation)
NETSVC: UserManager -> C:\Windows\System32\usermgr.dll (Microsoft Corporation)
NETSVC: XboxGipSvc -> C:\Windows\System32\XboxGipSvc.dll (Microsoft Corporation)
NETSVC: TokenBroker -> C:\Windows\System32\TokenBroker.dll (Microsoft Corporation)
NETSVC: dmwappushservice -> C:\Windows\system32\dmwappushsvc.dll (Microsoft Corporation)
NETSVC: wisvc -> C:\Windows\system32\flightsettings.dll (Microsoft Corporation)
NETSVC: WpnService -> C:\Windows\system32\WpnService.dll (Microsoft Corporation)
NETSVC: XboxNetApiSvc -> C:\Windows\system32\XboxNetApiSvc.dll (Microsoft Corporation)
NETSVC: UsoSvc -> C:\Windows\system32\usocore.dll (Microsoft Corporation)
NETSVCx32: TokenBroker -> C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation)
NETSVCx32: UserManager -> C:\Windows\SysWOW64\usermgr.dll ==> Keine Datei

==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2019-10-04 16:27 - 2019-10-04 16:29 - 00048353 _____ C:\Users\Stefanie\Desktop\FRST.txt
2019-10-04 16:27 - 2019-10-04 16:28 - 00000000 ____D C:\FRST
2019-10-04 16:25 - 2019-10-04 16:25 - 02169856 _____ (Farbar) C:\Users\Stefanie\Desktop\FRST64.exe
2019-10-04 13:58 - 2019-10-04 13:58 - 00000000 ____D C:\Users\Stefanie\AppData\Local\CrashDumps
2019-10-04 12:28 - 2019-10-04 12:28 - 00000000 ___HD C:\OneDriveTemp
2019-09-29 15:50 - 2019-09-29 15:50 - 00001123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 14.lnk
2019-09-29 15:50 - 2019-09-29 15:50 - 00001111 _____ C:\Users\Public\Desktop\TeamViewer 14.lnk
2019-09-29 15:50 - 2019-09-29 15:50 - 00000000 ____D C:\Users\Stefanie\AppData\Roaming\TeamViewer
2019-09-29 15:50 - 2019-09-29 15:50 - 00000000 ____D C:\Users\Stefanie\AppData\Local\TeamViewer
2019-09-29 15:50 - 2019-09-29 15:50 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2019-09-29 15:48 - 2019-09-29 15:49 - 26199544 _____ (TeamViewer GmbH) C:\Users\Stefanie\Downloads\TeamViewer_Setup.exe
2019-09-29 12:52 - 2019-09-29 12:52 - 00019785 _____ C:\Users\Stefanie\Desktop\Report_Malwarebytes.txt
2019-09-29 12:46 - 2019-09-29 12:46 - 00072536 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-09-29 12:45 - 2019-10-04 13:49 - 00113016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-09-29 12:45 - 2019-09-29 12:45 - 00126624 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-09-29 12:42 - 2019-09-29 12:46 - 00000306 __RSH C:\ProgramData\ntuser.pol
2019-09-29 12:27 - 2019-09-29 12:27 - 00000000 ____D C:\Users\Stefanie\AppData\Local\mbamtray
2019-09-29 12:27 - 2019-09-29 12:27 - 00000000 ____D C:\Users\Stefanie\AppData\Local\mbam
2019-09-29 12:21 - 2019-09-29 12:21 - 00198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-09-29 12:20 - 2019-09-29 12:45 - 00261032 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-09-29 12:20 - 2019-09-29 12:20 - 00001923 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-09-29 12:20 - 2019-09-29 12:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-09-29 12:20 - 2018-12-04 08:09 - 00152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-09-29 12:19 - 2019-09-29 12:19 - 00000000 ____D C:\Program Files\Malwarebytes
2019-09-29 12:10 - 2019-09-29 12:19 - 00000000 ____D C:\ProgramData\Malwarebytes
2019-09-29 12:08 - 2019-09-29 12:08 - 00000000 ____D C:\Users\Stefanie\AppData\Roaming\AVAST Software
2019-09-29 12:06 - 2019-09-29 12:07 - 22851472 _____ (Malwarebytes ) C:\Users\Stefanie\Downloads\mbam-setup-2.2.1.1043.exe
2019-09-29 12:03 - 2019-09-29 12:03 - 00002099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2019-09-29 12:03 - 2019-09-29 12:03 - 00002087 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-09-29 12:00 - 2019-09-29 12:00 - 00000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-09-29 11:58 - 2019-09-29 12:22 - 00004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-09-29 11:54 - 2019-09-30 15:58 - 00848432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-09-29 11:54 - 2019-09-30 15:58 - 00460448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-09-29 11:54 - 2019-09-29 11:59 - 00856960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys.156985192484301
2019-09-29 11:54 - 2019-09-29 11:59 - 00464608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys.156985192484301
2019-09-29 11:54 - 2019-09-29 11:54 - 00316528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-09-29 11:54 - 2019-09-29 11:54 - 00276952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-09-29 11:54 - 2019-09-29 11:54 - 00236024 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-09-29 11:54 - 2019-09-29 11:54 - 00171520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-09-29 11:54 - 2019-09-29 11:54 - 00110320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-09-29 11:54 - 2019-09-29 11:54 - 00083792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-09-29 11:54 - 2019-09-29 11:54 - 00042736 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-09-29 11:54 - 2019-09-29 11:54 - 00016304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2019-09-29 11:54 - 2019-09-29 11:54 - 00000000 ____D C:\Program Files\Common Files\AVAST Software
2019-09-29 11:54 - 2019-09-29 11:53 - 00355720 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-09-29 11:54 - 2019-09-29 11:53 - 00274456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-09-29 11:54 - 2019-09-29 11:53 - 00209552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-09-29 11:54 - 2019-09-29 11:53 - 00204824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-09-29 11:54 - 2019-09-29 11:53 - 00065120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-09-29 11:54 - 2019-09-29 11:53 - 00037616 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-09-29 11:52 - 2019-09-29 11:52 - 00000000 ____D C:\Program Files\AVAST Software
2019-09-29 11:51 - 2019-09-29 11:54 - 00003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-09-29 11:51 - 2019-09-29 11:54 - 00000874 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-09-29 11:51 - 2019-09-29 11:54 - 00000000 ____D C:\ProgramData\AVAST Software
2019-09-29 11:51 - 2019-09-29 11:51 - 00002872 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-09-29 11:51 - 2019-09-29 11:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-09-29 11:51 - 2019-09-29 11:51 - 00000000 ____D C:\Program Files\CCleaner
2019-09-29 11:50 - 2019-09-29 11:50 - 20889016 _____ (Piriform Software Ltd) C:\Users\Stefanie\Downloads\ccsetup561.exe
2019-09-28 09:12 - 2019-09-28 09:12 - 00002134 _____ C:\Users\Stefanie\Desktop\Chromium.lnk
2019-09-28 09:12 - 2019-09-28 09:12 - 00001777 _____ C:\Users\Stefanie\Desktop\Internet Explorer.lnk
2019-09-28 00:42 - 2019-09-28 00:42 - 00325862 _____ C:\Users\Stefanie\AppData\Roaming\Cerepelu
2019-09-21 08:49 - 2019-09-21 08:49 - 00000279 _____ C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papierkorb.lnk
2019-09-19 12:28 - 2019-09-19 12:28 - 00292078 _____ C:\Users\Stefanie\AppData\Roaming\Ninibokekimi
2019-09-11 05:22 - 2019-09-04 07:13 - 07519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-09-11 05:22 - 2019-09-04 07:02 - 06568280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-09-11 05:22 - 2019-09-04 06:55 - 25857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-09-11 05:22 - 2019-09-04 06:45 - 22734336 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-09-11 05:21 - 2019-09-04 12:16 - 02871608 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-09-11 05:21 - 2019-09-04 12:16 - 01721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-09-11 05:21 - 2019-09-04 12:16 - 00810808 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-09-11 05:21 - 2019-09-04 12:16 - 00740664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-09-11 05:21 - 2019-09-04 12:16 - 00324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-09-11 05:21 - 2019-09-04 12:15 - 00637752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-09-11 05:21 - 2019-09-04 12:15 - 00464696 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-09-11 05:21 - 2019-09-04 12:15 - 00164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-09-11 05:21 - 2019-09-04 12:15 - 00071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-09-11 05:21 - 2019-09-04 12:01 - 04527800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-09-11 05:21 - 2019-09-04 12:01 - 01516632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-09-11 05:21 - 2019-09-04 12:00 - 21399576 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-09-11 05:21 - 2019-09-04 12:00 - 01632112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-09-11 05:21 - 2019-09-04 12:00 - 01616840 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-09-11 05:21 - 2019-09-04 11:46 - 12838400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-09-11 05:21 - 2019-09-04 11:43 - 08627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-09-11 05:21 - 2019-09-04 11:40 - 03614208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-09-11 05:21 - 2019-09-04 11:40 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-09-11 05:21 - 2019-09-04 10:52 - 01453624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-09-11 05:21 - 2019-09-04 10:50 - 01320344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-09-11 05:21 - 2019-09-04 10:48 - 20393120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-09-11 05:21 - 2019-09-04 10:38 - 12039680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-09-11 05:21 - 2019-09-04 10:33 - 02882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-09-11 05:21 - 2019-09-04 07:25 - 03180080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2019-09-11 05:21 - 2019-09-04 07:25 - 01613096 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2019-09-11 05:21 - 2019-09-04 07:19 - 00513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-09-11 05:21 - 2019-09-04 07:19 - 00511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-09-11 05:21 - 2019-09-04 07:17 - 01213264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-09-11 05:21 - 2019-09-04 07:17 - 01035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-09-11 05:21 - 2019-09-04 07:15 - 05627280 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-09-11 05:21 - 2019-09-04 07:15 - 01219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-09-11 05:21 - 2019-09-04 07:15 - 01027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-09-11 05:21 - 2019-09-04 07:14 - 07437592 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-09-11 05:21 - 2019-09-04 07:14 - 03290584 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-09-11 05:21 - 2019-09-04 07:14 - 02469920 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-09-11 05:21 - 2019-09-04 07:13 - 09084424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-09-11 05:21 - 2019-09-04 07:13 - 04405232 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-09-11 05:21 - 2019-09-04 07:13 - 02773816 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-09-11 05:21 - 2019-09-04 07:13 - 02571848 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-09-11 05:21 - 2019-09-04 07:13 - 02371296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-09-11 05:21 - 2019-09-04 07:10 - 00415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-09-11 05:21 - 2019-09-04 07:03 - 06046096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-09-11 05:21 - 2019-09-04 07:03 - 02478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-09-11 05:21 - 2019-09-04 07:03 - 02331696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-09-11 05:21 - 2019-09-04 07:03 - 02261448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-09-11 05:21 - 2019-09-04 07:03 - 01993136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-09-11 05:21 - 2019-09-04 07:03 - 01980264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-09-11 05:21 - 2019-09-04 07:02 - 04790160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-09-11 05:21 - 2019-09-04 06:54 - 22017024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-09-11 05:21 - 2019-09-04 06:48 - 19385344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-09-11 05:21 - 2019-09-04 06:48 - 07057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2019-09-11 05:21 - 2019-09-04 06:46 - 09084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2019-09-11 05:21 - 2019-09-04 06:45 - 05883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2019-09-11 05:21 - 2019-09-04 06:44 - 04388864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-09-11 05:21 - 2019-09-04 06:44 - 03687424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-09-11 05:21 - 2019-09-04 06:43 - 04849664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-09-11 05:21 - 2019-09-04 06:43 - 03402240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-09-11 05:21 - 2019-09-04 06:42 - 07572992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-09-11 05:21 - 2019-09-04 06:42 - 06032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2019-09-11 05:21 - 2019-09-04 06:42 - 05769728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-09-11 05:21 - 2019-09-04 06:42 - 01765888 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-09-11 05:21 - 2019-09-04 06:41 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-09-11 05:21 - 2019-09-04 06:41 - 01634304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-09-11 05:21 - 2019-09-04 06:40 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-09-11 05:21 - 2019-09-04 06:40 - 02602496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-09-11 05:21 - 2019-09-04 06:40 - 02364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2019-09-11 05:21 - 2019-09-04 06:40 - 01808896 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-09-11 05:21 - 2019-09-04 06:39 - 03203072 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-09-11 05:21 - 2019-09-04 06:39 - 02166272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-09-11 05:21 - 2019-09-04 06:39 - 01920512 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-09-11 05:21 - 2019-09-04 06:38 - 01398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-09-11 05:21 - 2019-08-13 20:20 - 03701184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-09-11 05:21 - 2019-08-13 20:06 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-09-11 05:21 - 2019-08-13 16:46 - 06661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-09-11 05:21 - 2019-08-13 16:45 - 02969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-09-11 05:21 - 2019-08-13 12:14 - 04040008 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-09-11 05:21 - 2019-08-13 11:51 - 04853248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-09-11 05:21 - 2019-08-13 11:51 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2019-09-11 05:21 - 2019-08-13 11:50 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-09-11 05:21 - 2019-08-13 11:47 - 01262080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-09-11 05:21 - 2019-08-13 06:17 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-09-11 05:21 - 2019-08-13 06:16 - 08189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-09-11 05:21 - 2019-08-13 06:15 - 01626112 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-09-11 05:21 - 2019-08-13 06:14 - 01826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-09-11 05:21 - 2019-08-13 06:08 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-09-11 05:21 - 2019-08-13 04:51 - 00421376 _____ (curl, https://curl.haxx.se/) C:\WINDOWS\system32\curl.exe
2019-09-11 05:20 - 2019-09-04 12:06 - 00581016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-09-11 05:20 - 2019-09-04 12:06 - 00541200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-09-11 05:20 - 2019-09-04 12:06 - 00402016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2019-09-11 05:20 - 2019-09-04 12:01 - 00790936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-09-11 05:20 - 2019-09-04 12:01 - 00396088 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2019-09-11 05:20 - 2019-09-04 11:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-09-11 05:20 - 2019-09-04 11:44 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-09-11 05:20 - 2019-09-04 11:42 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\NcaSvc.dll
2019-09-11 05:20 - 2019-09-04 11:41 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-09-11 05:20 - 2019-09-04 11:40 - 01364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-09-11 05:20 - 2019-09-04 11:40 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-09-11 05:20 - 2019-09-04 11:39 - 00577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-09-11 05:20 - 2019-09-04 10:52 - 00467400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2019-09-11 05:20 - 2019-09-04 10:51 - 00662328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-09-11 05:20 - 2019-09-04 10:51 - 00322360 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2019-09-11 05:20 - 2019-09-04 10:50 - 00356896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2019-09-11 05:20 - 2019-09-04 10:38 - 07990784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-09-11 05:20 - 2019-09-04 10:35 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-09-11 05:20 - 2019-09-04 07:24 - 02417744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2019-09-11 05:20 - 2019-09-04 07:24 - 01298960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2019-09-11 05:20 - 2019-09-04 07:24 - 00705336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-09-11 05:20 - 2019-09-04 07:19 - 00036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-09-11 05:20 - 2019-09-04 07:15 - 00568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-09-11 05:20 - 2019-09-04 07:15 - 00500744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-09-11 05:20 - 2019-09-04 07:15 - 00491208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-09-11 05:20 - 2019-09-04 07:15 - 00323904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2019-09-11 05:20 - 2019-09-04 07:14 - 01934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-09-11 05:20 - 2019-09-04 07:14 - 01363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-09-11 05:20 - 2019-09-04 07:14 - 01209696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-09-11 05:20 - 2019-09-04 07:14 - 00594032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-09-11 05:20 - 2019-09-04 07:14 - 00420984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xbgmengine.dll
2019-09-11 05:20 - 2019-09-04 07:14 - 00361752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-09-11 05:20 - 2019-09-04 07:13 - 01459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-09-11 05:20 - 2019-09-04 07:13 - 01260776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-09-11 05:20 - 2019-09-04 07:13 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-09-11 05:20 - 2019-09-04 07:13 - 01098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-09-11 05:20 - 2019-09-04 07:13 - 00983936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-09-11 05:20 - 2019-09-04 07:13 - 00735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-09-11 05:20 - 2019-09-04 07:13 - 00713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-09-11 05:20 - 2019-09-04 07:13 - 00692352 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2019-09-11 05:20 - 2019-09-04 07:13 - 00545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-09-11 05:20 - 2019-09-04 07:13 - 00383288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-09-11 05:20 - 2019-09-04 07:13 - 00335672 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2019-09-11 05:20 - 2019-09-04 07:13 - 00260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-09-11 05:20 - 2019-09-04 07:13 - 00129040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-09-11 05:20 - 2019-09-04 07:05 - 00550520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-09-11 05:20 - 2019-09-04 07:04 - 00286616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-09-11 05:20 - 2019-09-04 07:03 - 01011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-09-11 05:20 - 2019-09-04 07:03 - 00581264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-09-11 05:20 - 2019-09-04 07:03 - 00538192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2019-09-11 05:20 - 2019-09-04 07:02 - 01805872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-09-11 05:20 - 2019-09-04 07:02 - 00560600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-09-11 05:20 - 2019-09-04 07:02 - 00129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-09-11 05:20 - 2019-09-04 06:46 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-09-11 05:20 - 2019-09-04 06:45 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-09-11 05:20 - 2019-09-04 06:45 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-09-11 05:20 - 2019-09-04 06:45 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ws2ifsl.sys
2019-09-11 05:20 - 2019-09-04 06:44 - 06647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2019-09-11 05:20 - 2019-09-04 06:43 - 05307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-09-11 05:20 - 2019-09-04 06:43 - 02825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2019-09-11 05:20 - 2019-09-04 06:43 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-09-11 05:20 - 2019-09-04 06:43 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2019-09-11 05:20 - 2019-09-04 06:43 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2019-09-11 05:20 - 2019-09-04 06:43 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-09-11 05:20 - 2019-09-04 06:43 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2019-09-11 05:20 - 2019-09-04 06:42 - 03381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2019-09-11 05:20 - 2019-09-04 06:42 - 02929152 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2019-09-11 05:20 - 2019-09-04 06:42 - 01862656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2019-09-11 05:20 - 2019-09-04 06:42 - 00894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-09-11 05:20 - 2019-09-04 06:42 - 00808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-09-11 05:20 - 2019-09-04 06:42 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-09-11 05:20 - 2019-09-04 06:42 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-09-11 05:20 - 2019-09-04 06:42 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2019-09-11 05:20 - 2019-09-04 06:42 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-09-11 05:20 - 2019-09-04 06:42 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-09-11 05:20 - 2019-09-04 06:41 - 02449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2019-09-11 05:20 - 2019-09-04 06:41 - 01986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2019-09-11 05:20 - 2019-09-04 06:41 - 01347584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2019-09-11 05:20 - 2019-09-04 06:41 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-09-11 05:20 - 2019-09-04 06:41 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-09-11 05:20 - 2019-09-04 06:40 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-09-11 05:20 - 2019-09-04 06:40 - 01563648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-09-11 05:20 - 2019-09-04 06:40 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-09-11 05:20 - 2019-09-04 06:40 - 00978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2019-09-11 05:20 - 2019-09-04 06:40 - 00851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-09-11 05:20 - 2019-09-04 06:40 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-09-11 05:20 - 2019-09-04 06:40 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 01264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 01225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 00976896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 00961536 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 00927744 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 00735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 00729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 00532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-09-11 05:20 - 2019-09-04 06:38 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-09-11 05:20 - 2019-09-04 06:38 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2019-09-11 05:20 - 2019-09-04 06:38 - 00705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2019-09-11 05:20 - 2019-09-04 06:38 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-09-11 05:20 - 2019-09-04 06:38 - 00506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-09-11 05:20 - 2019-09-04 05:22 - 00001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-09-11 05:20 - 2019-08-16 00:55 - 00786072 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-09-11 05:20 - 2019-08-16 00:55 - 00604000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-09-11 05:20 - 2019-08-15 11:59 - 00868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-09-11 05:20 - 2019-08-13 20:21 - 00665400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-09-11 05:20 - 2019-08-13 20:21 - 00221016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2019-09-11 05:20 - 2019-08-13 20:20 - 00106560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2019-09-11 05:20 - 2019-08-13 20:06 - 00668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2019-09-11 05:20 - 2019-08-13 20:06 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComputerDefaults.exe
2019-09-11 05:20 - 2019-08-13 20:05 - 02017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-09-11 05:20 - 2019-08-13 17:06 - 00443632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-09-11 05:20 - 2019-08-13 17:04 - 01651040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2019-09-11 05:20 - 2019-08-13 17:04 - 01585304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2019-09-11 05:20 - 2019-08-13 16:44 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2019-09-11 05:20 - 2019-08-13 16:43 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-09-11 05:20 - 2019-08-13 16:43 - 00624128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2019-09-11 05:20 - 2019-08-13 16:43 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2019-09-11 05:20 - 2019-08-13 16:42 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2019-09-11 05:20 - 2019-08-13 16:40 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-09-11 05:20 - 2019-08-13 16:39 - 00536064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-09-11 05:20 - 2019-08-13 12:09 - 00771384 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-09-11 05:20 - 2019-08-13 12:09 - 00571688 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-09-11 05:20 - 2019-08-13 12:08 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2019-09-11 05:20 - 2019-08-13 11:49 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-09-11 05:20 - 2019-08-13 11:49 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComputerDefaults.exe
2019-09-11 05:20 - 2019-08-13 11:46 - 02084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-09-11 05:20 - 2019-08-13 11:46 - 00757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2019-09-11 05:20 - 2019-08-13 08:37 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-09-11 05:20 - 2019-08-13 06:54 - 00790208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-09-11 05:20 - 2019-08-13 06:46 - 00611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-09-11 05:20 - 2019-08-13 06:46 - 00510288 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-09-11 05:20 - 2019-08-13 06:46 - 00194360 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-09-11 05:20 - 2019-08-13 06:45 - 02718736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-09-11 05:20 - 2019-08-13 06:45 - 00723216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-09-11 05:20 - 2019-08-13 06:45 - 00722960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-09-11 05:20 - 2019-08-13 06:44 - 02161288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2019-09-11 05:20 - 2019-08-13 06:44 - 01793472 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2019-09-11 05:20 - 2019-08-13 06:16 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-09-11 05:20 - 2019-08-13 06:13 - 00462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-09-11 05:20 - 2019-08-13 06:13 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2019-09-11 05:20 - 2019-08-13 06:12 - 01307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-09-11 05:20 - 2019-08-13 06:12 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-09-11 05:20 - 2019-08-13 06:12 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-09-11 05:20 - 2019-08-13 06:12 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2019-09-11 05:20 - 2019-08-13 06:12 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2019-09-11 05:20 - 2019-08-13 06:11 - 00737280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2019-09-11 05:20 - 2019-08-13 06:11 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-09-11 05:20 - 2019-08-13 06:11 - 00302592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2019-09-11 05:20 - 2019-08-13 06:08 - 00662016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-09-11 05:20 - 2019-08-13 06:08 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2019-09-11 05:20 - 2019-08-13 04:49 - 00806328 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-09-11 05:20 - 2019-08-13 04:49 - 00806328 _____ C:\WINDOWS\system32\locale.nls
2019-09-11 05:20 - 2019-08-13 02:57 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-09-11 05:20 - 2019-08-13 02:57 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-09-11 05:20 - 2019-08-13 02:57 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-09-11 05:20 - 2019-08-13 02:57 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-09-10 00:42 - 2019-09-10 00:42 - 00128371 _____ C:\Users\Stefanie\AppData\Roaming\Hesumo
2019-09-05 00:42 - 2019-09-05 00:42 - 00364531 _____ C:\Users\Stefanie\AppData\Roaming\Hesusakolit

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2019-10-04 16:21 - 2018-06-06 21:39 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2019-10-04 15:35 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\system32\sru
2019-10-04 14:27 - 2018-04-12 01:30 - 00000000 ____D C:\WINDOWS\CbsTemp
2019-10-04 12:28 - 2018-06-07 06:08 - 00003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-581088433-320290056-2638895184-1001
2019-10-04 12:28 - 2018-06-07 05:37 - 00002434 _____ C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-04 12:28 - 2014-10-08 20:22 - 00000000 ___RD C:\Users\Stefanie\OneDrive
2019-10-04 01:50 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\AppReadiness
2019-10-02 22:38 - 2018-06-07 06:08 - 00003632 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-10-02 22:38 - 2018-06-07 06:08 - 00003508 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-10-02 22:38 - 2014-05-22 01:54 - 00000000 ____D C:\Program Files (x86)\Google
2019-09-30 22:26 - 2017-12-09 10:20 - 00000000 ____D C:\Users\Stefanie\AppData\Local\Packages
2019-09-29 12:44 - 2018-06-07 06:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-09-29 12:43 - 2018-04-11 23:04 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2019-09-29 12:42 - 2018-11-10 14:11 - 00000000 ____D C:\WINDOWS\System32\Tasks\{2B98FEB0-6DA7-A6C5-DCC0-4113E135866E}
2019-09-29 12:42 - 2017-09-28 20:25 - 00000000 ____D C:\Users\Stefanie\AppData\Roaming\2b98feb06da7a6c5dcc04113e135866e
2019-09-29 12:42 - 2016-08-03 11:31 - 00000000 ____D C:\ProgramData\iolo
2019-09-29 12:42 - 2016-08-03 11:31 - 00000000 ____D C:\Program Files (x86)\iolo
2019-09-29 12:42 - 2014-05-22 01:53 - 00000000 ____D C:\Program Files (x86)\Amazon
2019-09-29 12:27 - 2018-06-07 05:52 - 01718588 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-09-29 12:27 - 2018-04-12 18:13 - 00743096 _____ C:\WINDOWS\system32\perfh007.dat
2019-09-29 12:27 - 2018-04-12 18:13 - 00149732 _____ C:\WINDOWS\system32\perfc007.dat
2019-09-29 12:23 - 2017-12-09 10:53 - 00000000 ___RD C:\Users\Stefanie\3D Objects
2019-09-29 12:19 - 2018-06-06 21:39 - 00282216 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-09-29 12:18 - 2016-12-02 20:29 - 00293436 _____ C:\WINDOWS\PFRO.log
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\zu-ZA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\yo-NG
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\xh-ZA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\wo-SN
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\tn-ZA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\ti-ET
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\rw-RW
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\nso-ZA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\ig-NG
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\chr-CHER-US
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2019-09-29 12:15 - 2018-04-12 01:38 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-09-29 12:15 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\TextInput
2019-09-29 12:15 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-09-29 12:15 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\system32\oobe
2019-09-29 12:15 - 2018-04-11 23:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2019-09-29 12:14 - 2018-04-12 01:38 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-09-29 12:14 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\ShellExperiences
2019-09-29 12:14 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2019-09-29 12:14 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\bcastdvr
2019-09-29 11:59 - 2018-05-30 20:46 - 00000000 ___DC C:\WINDOWS\Panther
2019-09-29 11:59 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2019-09-29 11:55 - 2018-04-12 01:38 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2019-09-29 11:47 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\system32\NDF
2019-09-28 09:13 - 2019-07-04 14:27 - 00000000 ____D C:\ProgramData\{558E69B2-7DA6-11CA-25FE-39E2CD16E13A}
2019-09-28 00:42 - 2014-10-10 12:42 - 00001093 _____ C:\Users\Stefanie\AppData\Roaming\WB.CFG
2019-09-25 20:37 - 2018-06-30 20:17 - 00002304 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-09-21 08:57 - 2016-12-02 19:45 - 00000000 ____D C:\Program Files\OnlineFotoservice
2019-09-21 08:55 - 2014-10-08 21:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-09-21 08:54 - 2018-10-17 19:55 - 00000000 ____D C:\Program Files\CEWE
2019-09-21 08:52 - 2019-06-25 19:46 - 00000000 ____D C:\Program Files\cewe-fotoservice
2019-09-19 12:35 - 2018-02-14 03:05 - 00000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-09-11 02:44 - 2018-06-07 06:08 - 00004626 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-09-11 02:44 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-09-11 02:44 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\system32\Macromed

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2019-08-06 00:42 - 2019-08-06 00:42 - 0361562 _____ () C:\Users\Stefanie\AppData\Roaming\Bepacecudeto
2019-09-01 20:42 - 2019-09-01 20:42 - 0307024 _____ () C:\Users\Stefanie\AppData\Roaming\Budadet
2019-09-28 00:42 - 2019-09-28 00:42 - 0325862 _____ () C:\Users\Stefanie\AppData\Roaming\Cerepelu
2019-03-16 01:42 - 2019-03-16 01:42 - 0329892 _____ () C:\Users\Stefanie\AppData\Roaming\Cureheleloci
2019-04-28 00:42 - 2019-04-28 00:42 - 0335229 _____ () C:\Users\Stefanie\AppData\Roaming\Dehacimusuma
2019-02-19 01:42 - 2019-02-19 01:42 - 0337202 _____ () C:\Users\Stefanie\AppData\Roaming\Dofanapopele
2019-02-10 01:42 - 2019-02-10 01:42 - 0133167 _____ () C:\Users\Stefanie\AppData\Roaming\Fufaboliko
2019-05-15 00:42 - 2019-05-15 00:42 - 0304458 _____ () C:\Users\Stefanie\AppData\Roaming\Gaheme
2019-05-23 00:42 - 2019-05-23 00:42 - 0302882 _____ () C:\Users\Stefanie\AppData\Roaming\Gopib
2019-07-04 13:42 - 2019-07-04 13:42 - 0168331 _____ () C:\Users\Stefanie\AppData\Roaming\Gubiparo
2019-06-18 00:42 - 2019-06-18 00:42 - 0347448 _____ () C:\Users\Stefanie\AppData\Roaming\Hepotoca
2019-09-10 00:42 - 2019-09-10 00:42 - 0128371 _____ () C:\Users\Stefanie\AppData\Roaming\Hesumo
2019-09-05 00:42 - 2019-09-05 00:42 - 0364531 _____ () C:\Users\Stefanie\AppData\Roaming\Hesusakolit
2019-08-15 00:42 - 2019-08-15 00:42 - 0212389 _____ () C:\Users\Stefanie\AppData\Roaming\Hoginig
2019-08-23 00:42 - 2019-08-23 00:42 - 0327657 _____ () C:\Users\Stefanie\AppData\Roaming\Honekineneba
2019-07-13 00:28 - 2019-07-13 00:28 - 0157795 _____ () C:\Users\Stefanie\AppData\Roaming\Kecareh
2019-06-26 00:42 - 2019-06-26 00:42 - 0246789 _____ () C:\Users\Stefanie\AppData\Roaming\Kehenat
2016-10-29 15:01 - 2016-10-29 15:01 - 0018833 _____ () C:\Users\Stefanie\AppData\Roaming\Kelalipob
2019-04-20 00:10 - 2019-04-20 00:10 - 0313260 _____ () C:\Users\Stefanie\AppData\Roaming\Kunesamafo
2019-07-21 00:42 - 2019-07-21 00:42 - 0362819 _____ () C:\Users\Stefanie\AppData\Roaming\Lurusuhat
2019-05-06 00:42 - 2019-05-06 00:42 - 0164250 _____ () C:\Users\Stefanie\AppData\Roaming\Matedanafika
2019-02-28 01:42 - 2019-02-28 01:42 - 0286382 _____ () C:\Users\Stefanie\AppData\Roaming\Nibug
2019-09-19 12:28 - 2019-09-19 12:28 - 0292078 _____ () C:\Users\Stefanie\AppData\Roaming\Ninibokekimi
2019-07-29 00:42 - 2019-07-29 00:42 - 0359966 _____ () C:\Users\Stefanie\AppData\Roaming\Nodikolib
2019-04-11 00:46 - 2019-04-11 00:46 - 0315693 _____ () C:\Users\Stefanie\AppData\Roaming\Pitacarobere
2019-03-25 01:29 - 2019-03-25 01:29 - 0340540 _____ () C:\Users\Stefanie\AppData\Roaming\Pufure
2019-03-08 01:42 - 2019-03-08 01:42 - 0146702 _____ () C:\Users\Stefanie\AppData\Roaming\Rukeraf
2019-06-09 00:42 - 2019-06-09 00:42 - 0220511 _____ () C:\Users\Stefanie\AppData\Roaming\Sosimofem
2019-06-01 00:42 - 2019-06-01 00:42 - 0137171 _____ () C:\Users\Stefanie\AppData\Roaming\Teritet
2019-04-03 00:42 - 2019-04-03 00:42 - 0151565 _____ () C:\Users\Stefanie\AppData\Roaming\Tetetuco
2014-10-10 12:42 - 2019-09-28 00:42 - 0001093 _____ () C:\Users\Stefanie\AppData\Roaming\WB.CFG
2017-12-15 10:26 - 2017-12-15 10:26 - 0000068 _____ () C:\Users\Stefanie\AppData\Local\5qe2nbznbz
2014-10-12 21:42 - 2014-12-20 19:43 - 0000001 _____ () C:\Users\Stefanie\AppData\Local\DSI.DAT
2016-12-11 17:04 - 2017-02-14 23:17 - 0000041 _____ () C:\ProgramData\.zreglib
2017-09-15 09:45 - 2017-09-15 09:45 - 0000000 _____ () C:\ProgramData\DP45977C.lfl
2017-12-29 20:29 - 2017-12-29 20:29 - 0000016 _____ () C:\ProgramData\mntemp
2017-12-29 20:29 - 2017-12-29 20:29 - 0004935 _____ () C:\ProgramData\vfiakfjk.zeu

Einige Dateien in TEMP:
====================
C:\Users\Stefanie\AppData\Local\Temp\jre-8u221-windows-au.exe


==================== Bamital & volsnap Check =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\System32\winlogon.exe => Datei ist digital signiert
C:\Windows\System32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\System32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\System32\services.exe => Datei ist digital signiert
C:\Windows\System32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\System32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\System32\rpcss.dll => Datei ist digital signiert
C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2018-06-06 21:39

==================== Ende von log ============================

Djchaos 04.10.2019 16:00
Addition.txt

Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:28-07-2015
durchgeführt von Stefanie (2019-10-04 16:31:19)
Gestartet von C:\Users\Stefanie\Desktop
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-581088433-320290056-2638895184-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-581088433-320290056-2638895184-503 - Limited - Disabled)
Gast (S-1-5-21-581088433-320290056-2638895184-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-581088433-320290056-2638895184-1005 - Limited - Enabled)
Stefanie (S-1-5-21-581088433-320290056-2638895184-1001 - Administrator - Enabled) => C:\Users\Stefanie
WDAGUtilityAccount (S-1-5-21-581088433-320290056-2638895184-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 19.012.20040 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.255 - Adobe)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
AVI Media Player 1.0.2 (HKLM-x32\...\AVI Media Player_is1) (Version:  - vsevensoft.com)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
CloneCD (HKLM-x32\...\CloneCD) (Version: 5.3.4.0 - SlySoft)
Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3817.05 - CyberLink Corp.)
DTS Sound (HKLM-x32\...\{9B17BBEC-CF31-4C23-949E-E65A14365CE1}) (Version: 1.01.6100 - DTS, Inc.)
Enchanted Cavern 2 (x32 Version: 2.2.0.110 - WildTangent) Hidden
Evernote (HKLM-x32\...\Evernote) (Version: 1.0.0 - Evernote Launcher by Toshiba Europe GmbH)
Firefox Packages (HKU\S-1-5-21-581088433-320290056-2638895184-1001\...\Firefox Packages) (Version:  - ) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.90 - Google LLC)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.35.301 - Google LLC) Hidden
HP LaserJet Pro M11-M13 Series (HKLM\...\HP LaserJet Pro M11-M13 Series) (Version:  - )
HP Support Solutions Framework (HKLM-x32\...\{AAE126B3-95C5-49E1-A590-7B5F6EDC7D60}) (Version: 12.12.32.3 - HP Inc.)
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4425 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden
Malwarebytes Version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.5163.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-581088433-320290056-2638895184-1001\...\OneDriveSetup.exe) (Version: 19.152.0927.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d07b0db5-8dad-40e1-be90-88026298a46b}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{2749c485-3a8b-4533-92ff-7cf6e8221cff}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.21.00.03 - Huawei Technologies Co.,Ltd)
Movavi Video Converter 18 Premium (HKLM-x32\...\Movavi Video Converter 18 Premium) (Version: 18.1.0 - Movavi)
My Kingdom for the Princess 3 (x32 Version: 2.2.0.110 - WildTangent) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.5163.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.5163.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.5163.1000 - Microsoft Corporation) Hidden
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7173 - Realtek Semiconductor Corp.)
Symbaloo (HKLM-x32\...\Symbaloo) (Version: 1.0.0 - Symbaloo Launcher by Toshiba Europe GmbH)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.4.3.182 - Synaptics Incorporated)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.6.4835 - TeamViewer)
tiptoi® Manager 4.0.1 (HKLM\...\{833392BB-E8C0-4066-9408-3A30FA43972F}_is1) (Version: 4.0.1 - Ravensburger AG)
TOSHIBA Display Utility (HKLM\...\{F64E9295-E1B3-4EEA-86D3-AF44A0087B06}) (Version: 1.1.16.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{94D2A899-0C34-4420-880E-AE337E635AB0}) (Version: 2.4.2.6403 - Toshiba Corporation)
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.51.81.2C - TOSHIBA CORPORATION)
TOSHIBA Function Key (HKLM\...\{1844CFE2-EBA3-490A-8A5E-9BFC646342FD}) (Version: 1.1.5.6402 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.19 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{59358FD4-252B-4B38-AB81-955C491A494F}) (Version: 2.0.0.15C - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{B507386D-1F61-4E55-B05B-F56ACB0086B3}) (Version: 4.02.00.6400 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.2.00.56006005 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{E3FCDCBE-0A13-4F73-95C1-000A51CF1C8C}) (Version: 2.6.16.0 - Toshiba Corporation)
TOSHIBA Start Screen Option (HKLM\...\{06B71035-F19F-4F76-9875-FFCCD4FC3F83}) (Version: 1.00.01.6402 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0033 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{4D57ED72-6B01-40BD-9CA9-012B8FC09CEB}) (Version: 2.0.1.32003 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{E4C7D9D7-19D4-4623-AF0C-EA313C466411}) (Version: 5.0.0 - Toshiba Europe GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Utility Common Driver (x32 Version: 1.0.53.3 - Compal) Hidden
Virtual Villagers 5 - New Believers (x32 Version: 3.0.2.32 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.10.25 - WildTangent) Hidden
Windows Phone app for desktop (HKLM-x32\...\{19773614-FC22-4ACC-AAA3-E6BDA81ACF92}) (Version: 1.1.2726.0 - Microsoft Corporation)
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}\localserver32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{389510b7-9e58-40d7-98bf-60b911cb0ea9}\localserver32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileCoAuthLib64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{94269C4E-071A-4116-90E6-52E557067E4E}\localserver32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{A926714B-7BFC-4D08-A035-80021395FFA8}\localserver32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)

==================== Wiederherstellungspunkte =========================

19-09-2019 12:47:30 Geplanter Prüfpunkt
28-09-2019 23:37:48 Geplanter Prüfpunkt
04-10-2019 13:54:21 Windows Update

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {036673C3-F9B7-478F-949B-C77D696FFB0B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2019-02-13] (Microsoft Corporation)
Task: {042D8A51-5878-4000-9C10-C04AFF122A1F} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand
Task: {04B3E894-DE5B-4C4A-9AA7-CA8F7CE43583} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Cellular => C:\Windows\system32\ProvTool.exe [2018-04-12] (Microsoft Corporation)
Task: {05C3BAB1-68F8-4EAF-B4AF-8C21E2478533} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime No Task File <==== ATTENTION
Task: {05E09776-F708-4694-949B-E8993608CC2B} - System32\Tasks\Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate
Task: {09131E27-3793-4B1E-A11E-77D3EAC118D1} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask
Task: {0A7AA876-862F-4F81-AA4B-B73950FA632C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates
Task: {0BA33681-9D00-4B31-9A87-01683672BFEF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d No Task File <==== ATTENTION
Task: {0E55C40D-83F8-4F39-838C-C1D3707EA86A} - System32\Tasks\Microsoft\Windows\DUSM\dusmtask => C:\Windows\System32\dusmtask.exe [2018-11-01] (Microsoft Corporation)
Task: {10A37F08-4ACD-47E1-AAB4-6ECDE6DDDE8A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {130CBC05-E385-448F-9422-19563DD85832} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => C:\Windows\system32\MusNotification.exe [2019-07-09] (Microsoft Corporation)
Task: {175463A3-4AF2-4959-8504-C36C4397C393} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\IntegrityCheck
Task: {1BE936D4-EE40-4F04-84E0-18FFD27C0A6A} - System32\Tasks\Microsoft\Windows\Chkdsk\SyspartRepair => C:\Windows\system32\bcdboot.exe [2018-04-12] (Microsoft Corporation)
Task: {1FAE791A-9736-4412-823B-80AE3EE2C1CB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d No Task File <==== ATTENTION
Task: {2231CAFE-FABE-41F5-A0B3-842D9319DBF9} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\Windows\system32\AppHostRegistrationVerifier.exe [2018-06-06] (Microsoft Corporation)
Task: {226C52BC-0F62-4E67-A70D-74C22932AC02} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload => C:\Windows\system32\dmclient.exe [2018-04-12] (Microsoft Corporation)
Task: {23ACACF5-2E96-4ECC-BE70-94CFCB2EF6DE} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Installation
Task: {257A47C0-FECE-4A8E-BB35-161852DFF727} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-01-20] (Realtek Semiconductor)
Task: {289D68A0-E96F-491B-9498-B0B602C5C53A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess No Task File <==== ATTENTION
Task: {28C75830-5752-4F41-A94B-BFD5E8A0D7C8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d No Task File <==== ATTENTION
Task: {294EF281-56B6-4F71-8115-BAC2919EF034} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task
Task: {29F3A47A-C0DC-48D8-ACAF-89413EE0731D} - System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr => C:\Windows\System32\UNP\UpdateNotificationMgr.exe [2019-07-09] (Microsoft Corporation)
Task: {2BB692C1-F60F-479E-ADC2-1CAF9422A2AC} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask
Task: {2DB8F5ED-0B44-4E56-A57D-947B4AA4F7F6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2019-08-15] (Piriform Ltd)
Task: {2DBD790D-172A-4CFA-B3F7-824D7509680F} - System32\Tasks\Microsoft\Windows\PushToInstall\Registration => Sc.exe start pushtoinstall registration
Task: {2E2E003A-9792-4956-8F12-92797F584AB8} - System32\Tasks\Microsoft\Windows\License Manager\TempSignedLicenseExchange
Task: {3137ADB6-515F-4020-9DB9-0F91106BB27F} - \WPD\SqmUpload_S-1-5-21-581088433-320290056-2638895184-1001 No Task File <==== ATTENTION
Task: {3199A9F7-0492-4FC9-9EC1-A59CC69A8F52} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2015-11-17] (Toshiba Europe GmbH)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe
Task: {3790297B-C317-4FEB-9E8D-3B4C85520240} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig No Task File <==== ATTENTION
Task: {3C1365A1-11E1-4629-9B25-7D6A932E6B60} - System32\Tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Management Initialization
Task: {3D2803AB-6821-4975-98F2-784F0B5919E2} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2019-09-29] (AVAST Software)
Task: {3DF2FF36-8A3E-4F15-9221-D68F365A7872} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2019-09-12] (HP Inc.)
Task: {407E1879-1F5E-42B2-BA7F-53BCEF433805} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe [2018-04-12] (Microsoft Corporation)
Task: {430852CB-A87C-492E-A659-075C7BF1710C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates
Task: {46DDFBEA-7B80-499F-8D16-8FB7836BEBDC} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan => C:\Windows\system32\usoclient.exe [2019-07-09] (Microsoft Corporation)
Task: {4CB53382-6FBB-4666-B563-0ABC6429D301} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceSettingChange
Task: {4F662F7F-D75F-455E-A03A-8AD0D8313218} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B No Task File <==== ATTENTION
Task: {51B7FB15-4DCB-400E-9A98-10E802F21FB3} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceScreenOnOff
Task: {51D31EBF-545E-411D-A21A-CB34004CC384} - System32\Tasks\Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh
Task: {5294EF9E-88CD-432B-A10B-C3AC2FB364AC} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe [2019-08-26] (Microsoft Corporation)
Task: {536E4522-B726-480C-9063-126E74EEA4A4} - System32\Tasks\Microsoft\Windows\Maps\MapsUpdateTask
Task: {541BA5BF-1736-4A3E-B1E5-CE1C9EE13043} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates
Task: {577C3956-E492-42A5-AEFB-FDC54A537C64} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange
Task: {57A7E0DF-F70E-43B1-AA2C-5BA67DBBE753} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask
Task: {5BE358DF-C2F0-43BC-BA5A-77E36BF54A02} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics => C:\Windows\system32\disksnapshot.exe [2018-04-12] (Microsoft Corporation)
Task: {5DB4FD20-4FF2-4C58-9801-ADD6F0149633} - System32\Tasks\Microsoft\Windows\EDP\EDP Inaccessible Credentials Task
Task: {60C269FF-448A-4F10-886E-2C70F5086A5F} - System32\Tasks\Microsoft\Windows\Sysmain\ResPriStaticDbSync
Task: {62331915-A3E9-4B6E-9686-86034377E8CF} - System32\Tasks\Microsoft\Windows\USB\Usb-Notifications
Task: {65A34F07-723D-4150-B109-13BD1AE3DFAA} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6BFE7106-601B-4B34-8F8E-87B9A0DA6ACE} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterUserDevice
Task: {6DE4F7DC-0B8D-404A-A6C9-83241658F8CA} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\Windows\system32\AppHostRegistrationVerifier.exe [2018-06-06] (Microsoft Corporation)
Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => C:\Windows\system32\MusNotification.exe [2019-07-09] (Microsoft Corporation)
Task: {7138D0D3-1873-4A77-86CF-4840F491C90F} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\Windows\System32\XblGameSaveTask.exe [2018-04-12] (Microsoft Corporation)
Task: {749AC711-AA62-4D1D-B314-EF1C97E1CA56} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2018-04-12] (Microsoft Corporation)
Task: {749E286C-C205-4C7C-B742-BE5023BF06DE} - System32\Tasks\Microsoft\Windows\PushToInstall\LoginCheck => Sc.exe start pushtoinstall login
Task: {75522E26-6BE6-4F53-A0FA-14470ECAACAB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2019-09-04] (Microsoft Corporation)
Task: {7558573E-8172-4712-ACF4-9749EC2BE926} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation
Task: {78BABCCD-20B8-49B7-B4F8-87490C41C875} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser
Task: {7E964508-4868-4DB6-A10A-B96FAE223F77} - \Microsoft\Windows\UNP\RunCampaignManager No Task File <==== ATTENTION
Task: {7EAE5A6B-00F4-4B9F-A255-E1C163B587A1} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession
Task: {8AE856F2-278D-45AA-B794-F22C124638A7} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_255_Plugin.exe [2019-09-11] (Adobe)
Task: {8B4471CE-BE6B-4E3E-ACA5-46DEE1BBC895} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater – Install HPSA => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2019-07-31] (HP Inc.)
Task: {8CCDCCC3-88F0-4860-84BE-5AC16A1C6FA9} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => Rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
Task: {8D87C19D-6DCD-4EFE-B479-BA3F07C807AB} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2018-03-29] (Synaptics Incorporated)
Task: {8E7BB9A3-956E-4C6A-AE87-4F175197704F} - System32\Tasks\Microsoft\Windows\NlaSvc\WiFiTask => C:\Windows\System32\WiFiTask.exe [2018-04-12] (Microsoft Corporation)
Task: {8F255F88-A87A-495F-B828-A4AFEC70BDB0} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\Windows\system32\dxgiadaptercache.exe [2018-04-12] (Microsoft Corporation)
Task: {91AF4E1B-193C-48CF-9F8C-4E86CB77B10B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime No Task File <==== ATTENTION
Task: {931758D8-2EC2-4EAE-B3BA-A98DAEC67332} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {94C0F2F9-98DF-415E-BDC9-AAFF75D5EF69} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2018-04-12] (Microsoft Corporation)
Task: {95301ABB-6B78-4DEE-8319-BD138F73F8D3} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2018-04-12] (Microsoft Corporation)
Task: {97E8D66D-0085-423C-BA11-DD777A1258AB} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\Windows\system32\MDMAgent.exe [2019-06-13] (Microsoft Corporation)
Task: {9BD44F9F-0C01-4F78-9644-4C7596CD1E0A} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceAccountChange
Task: {9D6319E1-E88F-4D35-AD66-C4EED376E93E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d No Task File <==== ATTENTION
Task: {9E1DD7B4-6A7B-4AD3-B4AA-B4741028631C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent No Task File <==== ATTENTION
Task: {A19CD75C-08C3-42D5-9EB4-AE76B91A5550} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2018-04-12] (Microsoft Corporation)
Task: {A2E97D0A-9C58-44AB-89DC-55128ACA73C4} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {A305A840-EC8B-4C66-8EA8-5FF15F129CD2} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe [2018-04-12] (Microsoft Corporation)
Task: {A5FE6B52-974F-492F-81F3-472223AD09D5} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\Windows\system32\ClipRenew.exe [2018-04-12] (Microsoft Corporation)
Task: {A6A8CC4C-F0CA-4637-ACFE-CF91F3AC86A7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2019-08-15] (Piriform Software Ltd)
Task: {B0952E0A-C54F-4E8B-95E9-90E560086B37} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand
Task: {B14C88F4-4AAC-4F00-A94E-8EA180D7AEDC} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense
Task: {B2D1D0E5-4670-4493-9360-C9DD0E832A9D} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\CryptoPolicyTask
Task: {B2F4AC84-A8D0-4524-9363-BFF5A5911A00} - System32\Tasks\Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask
Task: {B320E058-C6FA-413F-876B-0C9B4428AE66} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic6
Task: {B3433942-FE11-4C11-839D-9C7589B6C5CB} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\Windows\system32\ClipRenew.exe [2018-04-12] (Microsoft Corporation)
Task: {B3D90CF4-FD50-4338-9755-85006ADC9978} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-09-11] (Adobe)
Task: {B6DCBB4A-0292-47AE-B9DC-F81CF086D721} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-581088433-320290056-2638895184-1001 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {B76ECE88-27B3-4CEC-9B37-1314B4602CAA} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic24
Task: {C2098BE2-A29A-4EB1-97F6-F0C57E086D4F} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\Windows\system32\speech_onecore\common\SpeechRuntime.exe [2018-06-06] (Microsoft Corporation)
Task: {C48D50E5-71A9-48D8-B7C1-3DA9AECBDEC3} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2019-05-17] (Microsoft Corporation)
Task: {C6B2579B-4962-4D12-883D-BBD420573A6C} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic1
Task: {C9B34E7E-3A1B-4940-B011-BF7F34B31D20} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2014-04-03] (TOSHIBA Corporation)
Task: {CB7F3B8F-F794-47DD-A8D2-AD8051F45A55} - System32\Tasks\Microsoft\Windows\WwanSvc\NotificationTask => C:\Windows\System32\WiFiTask.exe [2018-04-12] (Microsoft Corporation)
Task: {CCEF2C54-86E8-4168-B918-53DA443D8D00} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2019-07-31] (HP Inc.)
Task: {CD5CE6F3-171C-4C0F-8629-3F2126A0FB72} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => C:\Windows\system32\MusNotification.exe [2019-07-09] (Microsoft Corporation)
Task: {CDA5D686-5D6C-4730-9907-B66710DC3670} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange
Task: {D010978C-B666-4072-B7F3-DD6340CDD629} - System32\Tasks\Microsoft\Windows\EDP\StorageCardEncryption Task
Task: {D19A2726-897E-4F7D-9CE4-0773B449CE9E} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceConnectedToNetwork
Task: {D1CC320B-9A47-4DB4-AFE4-2BCE1A964E7A} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources
Task: {D427D1D6-119C-40F8-A697-571ACBFEE8DD} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback
Task: {D49C81A2-855C-417E-825F-1DC2AA1443D3} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon => C:\Windows\System32\XblGameSaveTask.exe [2018-04-12] (Microsoft Corporation)
Task: {D4A9B4EC-1635-4B25-9E3B-1C9BE9D98D00} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattelrunner.exe [2019-09-04] (Microsoft Corporation)
Task: {D8436F3C-DDFE-4877-A05C-2337758E98E9} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {DC3C4041-27B3-4040-9DE1-FA5EE922AA3B} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {DD710A69-86C6-4932-97B1-01FB13ACFEF1} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged
Task: {DDE89E5E-48CB-4C3D-A623-99BCA9174B97} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2019-07-24] (Adobe Systems)
Task: {E047CF5C-4040-476F-8737-408E3BA4B0B6} - System32\Tasks\Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate
Task: {E0862994-9083-482D-A921-27B4860FFA21} - System32\Tasks\Microsoft\Windows\Printing\EduPrintProv => C:\Windows\system32\eduprintprov.exe [2019-04-19] (Microsoft Corporation)
Task: {E82177E3-E19A-4321-84F6-90AA57815013} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2019-09-04] (Microsoft Corporation)
Task: {E8411C63-4393-40B6-9A25-7D31CD4897BE} - System32\Tasks\Microsoft\Windows\WCM\WiFiTask => C:\Windows\System32\WiFiTask.exe [2018-04-12] (Microsoft Corporation)
Task: {E907704E-6225-4B0A-A428-3ECE7F8277BE} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask
Task: {E9474EE3-C9D7-4FA3-9B3E-353E37D5814D} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Logon => C:\Windows\system32\ProvTool.exe [2018-04-12] (Microsoft Corporation)
Task: {EE263E86-FF16-45EE-94C8-2327B81F98CE} - System32\Tasks\Microsoft\Windows\Workplace Join\Recovery-Check => C:\Windows\System32\dsregcmd.exe [2018-04-12] (Microsoft Corporation)
Task: {EF7CFDCE-C0DD-449F-9DF2-CCEB2CE3AE8B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent No Task File <==== ATTENTION
Task: {EFA86FF7-22AE-4997-AFD9-E89E1BF9B7D6} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\Windows\system32\devicecensus.exe [2019-09-04] (Microsoft Corporation)
Task: {F066932D-862A-414E-B851-D3EA0B53207A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2019-09-29] (AVAST Software)
Task: {F084544B-322F-4CED-B874-EC696339C19E} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceManagerTask => C:\Windows\system32\spaceman.exe [2018-04-12] (Microsoft Corporation)
Task: {F35ACE16-1E96-431C-B189-F2F82BA8A4F9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d No Task File <==== ATTENTION
Task: {F781AB90-1860-4C91-9993-0C832C31E016} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2019-02-13] (Microsoft Corporation)
Task: {F955A09C-E83A-4AD5-9ABC-7D5D7A055117} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task
Task: {FC779438-B7FD-4774-AA55-4DE2A4B098A4} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh
Task: {FD0C7C89-E963-41B3-A6DE-3D6B2644A94D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {FE702A37-B3C1-4A15-B59D-86935E5097A7} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation
Task: {FEBC9EFC-F9E9-420F-AA49-0491E2CA5639} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install => C:\Windows\system32\usoclient.exe [2019-07-09] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2018-04-12 01:34 - 2018-04-12 01:34 - 00491744 _____ () C:\Windows\System32\InputHost.dll
2017-02-08 22:51 - 2016-02-25 16:39 - 00074240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HPM11M13PP.DLL
2014-10-10 12:41 - 2017-01-17 04:25 - 00117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-03-03 22:30 - 2014-03-03 22:30 - 00021840 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2015-03-01 13:37 - 2013-07-23 05:47 - 00239696 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
2019-09-29 12:20 - 2018-11-15 11:01 - 02712432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2019-09-29 12:20 - 2018-11-21 11:07 - 02842608 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 00491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 00472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2019-09-11 05:21 - 2019-09-04 06:39 - 02759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 00491744 _____ () C:\WINDOWS\SYSTEM32\InputHost.dll
2019-09-11 05:21 - 2019-09-04 06:39 - 02184192 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2012-07-19 03:38 - 2012-07-19 03:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2019-09-29 12:02 - 2019-09-29 12:02 - 108869848 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2019-08-15 13:30 - 2019-08-15 13:30 - 00109248 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2019-09-29 12:02 - 2019-09-29 12:02 - 02694872 _____ () C:\Program Files\AVAST Software\Avast\swiftshader\libglesv2.dll
2019-09-29 12:02 - 2019-09-29 12:02 - 00167128 _____ () C:\Program Files\AVAST Software\Avast\swiftshader\libegl.dll
2019-09-25 20:24 - 2019-09-25 20:25 - 00484352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2019-09-25 20:24 - 2019-09-25 20:25 - 80811520 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-10-05 09:13 - 2017-10-05 09:15 - 02523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2019-09-25 20:24 - 2019-09-25 20:25 - 00011264 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2019-05-03 18:52 - 2019-05-03 18:53 - 03707904 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2019-09-25 20:24 - 2019-09-25 20:25 - 13444096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2019-09-25 20:24 - 2019-09-25 20:24 - 03027968 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2019-05-03 18:52 - 2019-05-03 18:53 - 01014784 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2019-09-25 20:24 - 2019-09-25 20:25 - 00123904 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\AppSettingsCppCX.dll
2019-08-24 22:39 - 2019-08-24 22:40 - 01418240 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll
2019-08-24 22:39 - 2019-08-24 22:40 - 01398784 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2019-09-25 20:24 - 2019-09-25 20:25 - 00881664 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\OnlineMediaComponent.dll
2019-09-10 23:07 - 2019-09-10 23:07 - 26138624 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe
2019-09-10 23:07 - 2019-09-10 23:07 - 00289280 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.12011.0_x64__8wekyb3d8bbwe\SharedUI.dll
2017-12-03 19:33 - 2017-12-03 19:33 - 00902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.12011.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-11-28 23:15 - 2018-11-28 23:15 - 04202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.12011.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-09-10 23:07 - 2019-09-10 23:07 - 05704192 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.12011.0_x64__8wekyb3d8bbwe\EntCommon.dll
2019-09-10 23:07 - 2019-09-10 23:07 - 08989184 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.12011.0_x64__8wekyb3d8bbwe\EntPlat.dll
2019-09-30 22:24 - 2019-09-30 22:25 - 96078240 _____ () C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\libcef.dll
2019-09-30 22:24 - 2019-09-30 22:25 - 04884896 _____ () C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\libglesv2.dll
2019-09-30 22:24 - 2019-09-30 22:25 - 00326048 _____ () C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Program Files\Microsoft Office 15:Win32App_1
AlternateDataStreams: C:\Program Files\UNP:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Atheros:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\AVI Media Player:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Bluetooth Suite:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Spotify:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Toshiba TEMPRO:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\WildGames:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Windows Phone:Win32App_1
AlternateDataStreams: C:\ProgramData\Compal:Win32App_1
AlternateDataStreams: C:\Users\Stefanie\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity
AlternateDataStreams: C:\Users\Stefanie\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Stefanie\Documents\Ravensburger tiptoi:Win32App_1

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52} => ""="Firmware"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52} => ""="Firmware"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer trusted/restricted ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-581088433-320290056-2638895184-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Stefanie\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\DSCN0705.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [WirelessDisplay-Infra-In-TCP] => (Allow) %systemroot%\system32\CastSrv.exe
FirewallRules: [{43F0A6BA-6580-4322-976C-3526326A1F5B}] => (Allow) LPort=161
FirewallRules: [{79DCE212-6583-418B-98D3-5BC300532550}] => (Allow) LPort=427
FirewallRules: [{C25042E1-630B-4AD4-A979-6FFE4140A5A5}] => (Allow) LPort=9100
FirewallRules: [{DD929EDE-1337-40E5-9E5D-0A0723880007}] => (Allow) C:\Program Files\HP\HP LaserJet Pro M11-M13 Series\wificonfig.exe
FirewallRules: [{FB50C379-0382-4110-B384-6355710DB51D}] => (Allow) C:\Program Files\HP\HP LaserJet Pro M11-M13 Series\wificonfig.exe
FirewallRules: [{5EE32BE0-2A09-4972-B8EA-D82C4B0BB0A3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{7F78D69A-2287-4026-8902-716FAD84865A}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{6BCFBC3B-73FA-437C-A0F0-B6BD0DBA46E5}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{2518B1F5-B266-462C-967E-1FE500565A1D}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{B8CD2042-38C7-4279-BDC6-2D3F0B7950AB}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{EC3E7A9C-1F3E-4496-9679-41A8BB2070C8}] => (Allow) C:\Users\Stefanie\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{DD5C4696-91CB-4D58-A8CB-611D9AFE6647}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{4996D0CA-46A7-4EE4-9126-AEFF8C204305}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{48F144F7-DE7A-4999-AC43-DAC45F28266E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{BB53FFB9-F70E-4372-BD56-29255A0AA6F2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{C1FFB7C0-CB49-405F-AAFB-075A914B021F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E45C0CBB-AE89-4F63-838D-67945D8AB01B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{5DE48DF5-3D61-404A-B2C9-F07C1F539A97}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{2E5306FB-6E3C-412B-B791-7D5446BF4330}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{58E5ED33-30E1-44CF-9884-71D7CB4DE6F7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{39C630F8-E86D-4709-AAF2-80D42663BE65}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{05433D25-F9D2-47BF-A6B8-239999187D56}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{30EB44EC-BD4F-4017-91E2-5904E4563256}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{3BB607EF-D19F-42B0-8EB5-6A0CFCB2C0D4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{29DAA745-1F95-400A-8E60-B93D822FCCED}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{B0BDDE87-16E7-459C-88B2-A1065D8D0764}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{4ACEC861-5733-451B-B4A9-E444522920C9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{3D4B3F98-002F-4641-88AF-35D314E01FAC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{CC0F69FA-6D86-4AB9-85A1-6C9D39F74A6F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{CE69EE57-F033-4D46-8854-FBE98B18D62E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{73A3BF34-A4EC-405F-BE8C-FA3899A84833}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{F9147934-B002-4CE2-BC0D-3E4ABE117951}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{A19A7D11-CF1C-4937-ADE6-9FF3BF77E7F0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{3D7324D6-AB05-4CD1-8453-6946CE24AA27}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{13A4CEF4-3B93-40DA-B2D0-1088F7375CFD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{319681FC-6A8D-4626-8CA8-0756C33578F7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{A342A1BA-5BBF-407D-BF14-59BF45ADE7AC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{08E7051B-889F-48BA-ABE4-04BF0438AF8E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{CA4D3ECA-8BDD-44F4-9332-9D723CB92B42}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{BEDE9B37-22B7-4B59-BB89-C4CBA1FD0A14}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E28FA4B3-61C9-4D7D-9D60-B73453BD3562}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{525158E3-7566-43A6-AA60-3A84DB9E2F5C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{F573BB4D-92E7-487C-8926-CE508D81D643}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{BD851E31-E1EE-4436-B1A9-B9DBE0B47B22}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{7C78242F-04B7-48C3-A87F-36834A7182A1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{AB0E1EF2-2758-4CCD-A7DA-18C62BA12DC1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{8C65DC10-A379-40E3-AA3E-6B5C9D39AB24}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{33A23490-514E-4A49-BDE0-79C8E1FB0410}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{6B9F3EDA-CA0E-4155-B74F-EBD9FD892B32}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{8D1990B1-2BF9-40B1-A47F-71A9F90D6B41}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{4E9F3EFA-8D84-4DA4-B67F-AE764E7A5D6B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{1764FA75-2F99-4692-9946-5BBC226DE11B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{5E386AEE-D841-473C-81FC-96C8163FC521}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{B728E216-134F-4D62-B5D4-A44ED6DC4EC0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{80E4337B-4555-44C3-B4C3-2AA671E2A20A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E5FB16D9-00BB-452C-A48E-3FF586352F82}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{0A212600-E0C3-49F1-836A-0968CEC685C7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{244B592A-D1CF-4E06-949E-B6849142FCC4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{794F5D4C-6F6B-4235-B06F-606000888ED5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{0951EC61-382E-465E-9EFD-B9B509C23954}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{92ADB20F-3803-45B0-AFCB-8FC6A46AEB3F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{7334221C-39EC-42D6-9044-4CCC81F543AA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{063DD2C7-3803-471C-B64B-E262140A0A11}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C47BC493-BC55-4AE9-8E92-F7CA888F688C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{2997190C-70D4-4081-A1F7-870374B23FD1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{D35E5F26-8B4D-4E7B-9042-FF068828E392}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{557D208A-3A7B-4467-9AB8-E8CD058D5CB4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{9C187E98-BA6E-45AE-B679-40E03C48E6B8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{6BB99833-8F48-4433-9A50-AEC2D944F19C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{D4189CD5-E8F8-45E2-96E9-33FE7393A7C7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{8E3E1A78-6808-4441-B23B-2CFA7636B341}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{4B7ED5B4-DB83-4B01-BEA9-E78DFD8D7EB5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (10/04/2019 04:23:19 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FINN)
Description: httphttp-2147467263

Error: (10/04/2019 04:23:17 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FINN)
Description: httphttp-2147467263

Error: (10/04/2019 01:58:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxext.exe, Version: 6.15.10.4425, Zeitstempel: 0x5702a8b4
Name des fehlerhaften Moduls: igfxext.exe, Version: 6.15.10.4425, Zeitstempel: 0x5702a8b4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000084b0
ID des fehlerhaften Prozesses: 0x14f0
Startzeit der fehlerhaften Anwendung: 0xigfxext.exe0
Pfad der fehlerhaften Anwendung: igfxext.exe1
Pfad des fehlerhaften Moduls: igfxext.exe2
Berichtskennung: igfxext.exe3
Vollständiger Name des fehlerhaften Pakets: igfxext.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxext.exe5

Error: (09/29/2019 01:21:31 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FINN)
Description: httphttp-2147467263

Error: (09/29/2019 12:52:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TPCHSrv.exe, Version: 1.0.0.31, Zeitstempel: 0x54729b5e
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.17134.799, Zeitstempel: 0x7f828745
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000f479b
ID des fehlerhaften Prozesses: 0x1478
Startzeit der fehlerhaften Anwendung: 0xTPCHSrv.exe0
Pfad der fehlerhaften Anwendung: TPCHSrv.exe1
Pfad des fehlerhaften Moduls: TPCHSrv.exe2
Berichtskennung: TPCHSrv.exe3
Vollständiger Name des fehlerhaften Pakets: TPCHSrv.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: TPCHSrv.exe5

Error: (09/29/2019 11:55:11 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Microsoft.Photos.exe, Version 2019.19071.17920.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 5e0

Startzeit: 01d574a202dacb38

Beendigungszeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

Berichts-ID: ada155d4-25d7-49a6-ad10-a7126b45c55f

Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe

Auf das fehlerhafte Paket bezogene Anwendungs-ID: App

Error: (09/29/2019 11:16:10 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FINN)
Description: httphttp-2147467263

Error: (09/29/2019 11:16:07 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FINN)
Description: httphttp-2147467263

Error: (09/13/2019 08:42:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxext.exe, Version: 6.15.10.4425, Zeitstempel: 0x5702a8b4
Name des fehlerhaften Moduls: igfxext.exe, Version: 6.15.10.4425, Zeitstempel: 0x5702a8b4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000084b0
ID des fehlerhaften Prozesses: 0x2dfc
Startzeit der fehlerhaften Anwendung: 0xigfxext.exe0
Pfad der fehlerhaften Anwendung: igfxext.exe1
Pfad des fehlerhaften Moduls: igfxext.exe2
Berichtskennung: igfxext.exe3
Vollständiger Name des fehlerhaften Pakets: igfxext.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxext.exe5

Error: (09/13/2019 08:22:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Microsoft.Photos.exe, Version 2019.19061.18920.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 11c8

Startzeit: 01d562874b56497b

Beendigungszeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

Berichts-ID: a6e60de0-3022-4902-b37c-c5069befa47b

Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe

Auf das fehlerhafte Paket bezogene Anwendungs-ID: App


Systemfehler:
=============
Error: (10/04/2019 04:21:57 PM) (Source: DCOM) (EventID: 10016) (User: FINN)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}FinnStefanieS-1-5-21-581088433-320290056-2638895184-1001LocalHost (unter Verwendung von LRPC)SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0Nicht verfügbar

Error: (10/04/2019 01:59:18 PM) (Source: DCOM) (EventID: 10016) (User: FINN)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}FinnStefanieS-1-5-21-581088433-320290056-2638895184-1001LocalHost (unter Verwendung von LRPC)SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0Nicht verfügbar

Error: (10/03/2019 04:56:27 AM) (Source: DCOM) (EventID: 10016) (User: FINN)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}FinnStefanieS-1-5-21-581088433-320290056-2638895184-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewyS-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723

Error: (10/02/2019 08:21:35 PM) (Source: DCOM) (EventID: 10016) (User: FINN)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}FinnStefanieS-1-5-21-581088433-320290056-2638895184-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewyS-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723

Error: (10/02/2019 12:18:47 AM) (Source: DCOM) (EventID: 10016) (User: FINN)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}FinnStefanieS-1-5-21-581088433-320290056-2638895184-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewyS-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723

Error: (09/30/2019 04:40:30 AM) (Source: DCOM) (EventID: 10016) (User: FINN)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}FinnStefanieS-1-5-21-581088433-320290056-2638895184-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewyS-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723

Error: (09/30/2019 12:54:02 AM) (Source: DCOM) (EventID: 10016) (User: FINN)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}FinnStefanieS-1-5-21-581088433-320290056-2638895184-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewyS-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723

Error: (09/30/2019 12:09:27 AM) (Source: DCOM) (EventID: 10016) (User: FINN)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}FinnStefanieS-1-5-21-581088433-320290056-2638895184-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewyS-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723

Error: (09/29/2019 08:41:57 PM) (Source: DCOM) (EventID: 10016) (User: FINN)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}FinnStefanieS-1-5-21-581088433-320290056-2638895184-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewyS-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723

Error: (09/29/2019 04:42:21 PM) (Source: DCOM) (EventID: 10016) (User: FINN)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}FinnStefanieS-1-5-21-581088433-320290056-2638895184-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewyS-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723


Microsoft Office:
=========================
Error: (10/04/2019 04:23:19 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FINN)
Description: httphttp-2147467263

Error: (10/04/2019 04:23:17 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FINN)
Description: httphttp-2147467263

Error: (10/04/2019 01:58:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxext.exe6.15.10.44255702a8b4igfxext.exe6.15.10.44255702a8b4c000000500000000000084b014f001d57aaafa4d0292C:\WINDOWS\system32\igfxext.exeC:\WINDOWS\system32\igfxext.exe54444b65-0ddd-4503-832d-ff1960ae65db

Error: (09/29/2019 01:21:31 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FINN)
Description: httphttp-2147467263

Error: (09/29/2019 12:52:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TPCHSrv.exe1.0.0.3154729b5entdll.dll10.0.17134.7997f828745c000037400000000000f479b147801d576b3ed2f2c0eC:\Program Files\TOSHIBA\TPHM\TPCHSrv.exeC:\WINDOWS\SYSTEM32\ntdll.dllb24c563d-e2b9-4340-8588-614baa752ebd

Error: (09/29/2019 11:55:11 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Microsoft.Photos.exe2019.19071.17920.05e001d574a202dacb384294967295C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exeada155d4-25d7-49a6-ad10-a7126b45c55fMicrosoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbweApp

Error: (09/29/2019 11:16:10 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FINN)
Description: httphttp-2147467263

Error: (09/29/2019 11:16:07 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FINN)
Description: httphttp-2147467263

Error: (09/13/2019 08:42:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxext.exe6.15.10.44255702a8b4igfxext.exe6.15.10.44255702a8b4c000000500000000000084b02dfc01d56a6305fa4e75C:\WINDOWS\system32\igfxext.exeC:\WINDOWS\system32\igfxext.exe9825ba5a-941d-4733-bcf3-bd44a97653ea

Error: (09/13/2019 08:22:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Microsoft.Photos.exe2019.19061.18920.011c801d562874b56497b4294967295C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exea6e60de0-3022-4902-b37c-c5069befa47bMicrosoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbweApp


CodeIntegrity:
===================================
  Date: 2018-09-25 09:26:00.839
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-09-25 09:26:00.604
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-09-25 09:26:00.245
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen ===========================

Processor: Intel(R) Celeron(R) CPU N2830 @ 2.16GHz
Percentage of memory in use: 65%
Total physical RAM: 3982.88 MB
Available physical RAM: 1374.33 MB
Total Virtual: 4686.88 MB
Available Virtual: 1304.93 MB

==================== Drives ================================

Drive c: (TI31338300A) (Fixed) (Total:453.31 GB) (Free:254.55 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== Ende von log ============================

cosinus 04.10.2019 17:01
Da muss einiges deinstalliert werden. Unnötiger oder alter Krempel. Auch Avast, völliger Unsinn. m besten auch Google Chrome durch Firefox ersetzen siehe Lesestoff unten.

Adobe Acrobat Reader DC
Adobe Flash Player 32 NPAPI
Avast Free Antivirus
CCleaner
Firefox Packages
Google Chrome

Lesestoff:
Google Chrome

Offensichtlich nutzt du den Browser Chrome von Google. Von der Verwendung dieses Browsers muss man aus Datenschutzgründen dringend abraten. Siehe auch Google: Chrome-Browser scannt lokale Dateien auf Windows-PCs

Installiere Mozilla Firefox, damit lassen sich auch Profildaten aus Chrome importieren, anschließend Google Chrome deinstallieren.

Djchaos 06.10.2019 14:27
Hi,

ich habe nun mal die angegebenen Programme deinstalliert.
Bei den Firefox Packages ging es nicht, da die uninstaller.exe nicht gefunden wurde.

Firefox ist auch installiert.

cosinus 06.10.2019 14:48
Ich brauche neue FRST-Logs . Haken setzen bei addition.txt dann auf Untersuchen klicken.

http://www.trojaner-board.de/picture...&pictureid=611

Djchaos 06.10.2019 16:40
Hier die neuen Logs von FRST

FRST.TXT
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:28-07-2015
durchgeführt von Stefanie (Administrator) auf FINN (06-10-2019 17:27:46)
Gestartet von C:\Users\Stefanie\Desktop
Geladene Profile: Stefanie (Verfügbare Profile: Stefanie)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

konnte nicht auf den Prozess zugreifen -> Registry
(Microsoft Corporation) C:\Windows\System32\fontdrvhost.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
konnte nicht auf den Prozess zugreifen -> Memory Compression
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(Microsoft Corporation) C:\Windows\System32\SecurityHealthService.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Corporation) C:\Windows\System32\SgrmBroker.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.302\GoogleCrashHandler.exe
(Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.302\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\fontdrvhost.exe
(Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\System32\sihost.exe
(Microsoft Corporation) C:\Windows\System32\taskhostw.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\taskhostw.exe
(Microsoft Corporation) C:\Windows\System32\wermgr.exe
(Microsoft Corporation) C:\Windows\System32\MusNotification.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe
(Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe
(Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe
(Microsoft Corporation) C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(TOSHIBA) C:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TDUSrv64.exe
(RedFox) C:\Program Files (x86)\RedFox\CloneCD\CloneCDTray.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-10-09] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [179288 2014-01-05] (TOSHIBA Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296008 2013-10-22] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2013-08-06] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\RedFox\CloneCD\CloneCDTray.exe [57344 2016-03-29] (RedFox)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [20488312 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [20488312 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-581088433-320290056-2638895184-1001\...\Run: [OneDrive] => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\OneDrive.exe [1592440 2019-10-04] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Windows\System32\osk.exe [623104 2018-10-21] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Windows\System32\osk.exe [623104 2018-10-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileSyncShell.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileSyncShell.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileSyncShell.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileSyncShell.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileSyncShell.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileSyncShell.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileSyncShell.dll [2019-10-04] (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ATTENTION

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-09b708085549b3cc
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-09b708085549b3cc
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-581088433-320290056-2638895184-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-09b708085549b3cc
HKU\S-1-5-21-581088433-320290056-2638895184-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TEJB
HKU\S-1-5-21-581088433-320290056-2638895184-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/symbaloo_c
SearchScopes: HKLM -> DefaultScope {4A7A7036-93FB-4B53-9434-2E9D0BDBBC8E} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-219b8a270528f977&q={searchTerms}
SearchScopes: HKLM -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKLM -> {4A7A7036-93FB-4B53-9434-2E9D0BDBBC8E} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-219b8a270528f977&q={searchTerms}
SearchScopes: HKLM -> {bce42d98-b1cd-493f-a64c-107aae7521be} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {4A7A7036-93FB-4B53-9434-2E9D0BDBBC8E} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-219b8a270528f977&q={searchTerms}
SearchScopes: HKLM-x32 -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {4A7A7036-93FB-4B53-9434-2E9D0BDBBC8E} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-219b8a270528f977&q={searchTerms}
SearchScopes: HKLM-x32 -> {bce42d98-b1cd-493f-a64c-107aae7521be} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-581088433-320290056-2638895184-1001 -> DefaultScope {1b31c9d2-7135-442b-bb93-7c002172adc6} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-219b8a270528f977&q={searchTerms}
SearchScopes: HKU\S-1-5-21-581088433-320290056-2638895184-1001 -> {1b31c9d2-7135-442b-bb93-7c002172adc6} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-219b8a270528f977&q={searchTerms}
SearchScopes: HKU\S-1-5-21-581088433-320290056-2638895184-1001 -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-581088433-320290056-2638895184-1001 -> {bce42d98-b1cd-493f-a64c-107aae7521be} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-581088433-320290056-2638895184-1001 -> {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2019-08-20] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2019-04-30] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-10-22] (Microsoft Corporation)
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll [2018-06-08] (Microsoft Corporation)
Handler-x32: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2018-06-08] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{75013482-b294-4535-9c56-b2178f6e757f}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{a516b4d1-81c3-4daa-bf24-f5142955b826}: [DhcpNameServer] 192.168.2.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Stefanie\AppData\Roaming\Mozilla\Firefox\Profiles\h857aa1h.default
FF SelectedSearchEngine: Search Provided by Yahoo
FF DefaultSearchEngine: Search Provided by Yahoo
FF NewTab: about:newtab
FF Homepage: https://www.bing.com/search?FORM=INCOH1&PC=IC04&PTAG=ICO-eb682354
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll No File
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-10-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-02] (Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-02] (Google LLC)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF user.js: detected! => C:\Users\Stefanie\AppData\Roaming\Mozilla\Firefox\Profiles\h857aa1h.default\user.js [2014-10-20]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
StartMenuInternet: Firefox-308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR Profile: C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Slides) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-30]
CHR Extension: (Docs) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-30]
CHR Extension: (Google Drive) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-06-30]
CHR Extension: (YouTube) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-30]
CHR Extension: (Sheets) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-30]
CHR Extension: (Search Selector Beta) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gboaiodgdajeapekadgejlbmabjganof [2019-07-04]
CHR Extension: (Google Docs Offline) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-06-30]
CHR Extension: (Avast Online Security) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-09-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-30]
CHR Extension: (Gmail) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-06-30]
CHR Extension: (Chrome Media Router) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-30]
CHR HKLM\...\Chrome\Extension: [gboaiodgdajeapekadgejlbmabjganof] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-581088433-320290056-2638895184-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gboaiodgdajeapekadgejlbmabjganof] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gboaiodgdajeapekadgejlbmabjganof] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - https://clients2.google.com/service/update2/crx

==================== Services (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AJRouter; C:\Windows\System32\AJRouter.dll [25088 2018-04-12] (Microsoft Corporation)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-03-19] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R3 BTAGService; C:\Windows\System32\BTAGService.dll [514048 2018-11-09] (Microsoft Corporation)
R3 BthAvctpSvc; C:\Windows\System32\BthAvctpSvc.dll [399872 2018-11-09] (Microsoft Corporation)
R3 camsvc; C:\Windows\system32\CapabilityAccessManager.dll [266752 2019-01-09] (Microsoft Corporation)
R2 CDPSvc; C:\Windows\System32\CDPSvc.dll [632320 2018-10-21] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058256 2019-02-13] (Microsoft Corporation)
R3 ClipSVC; C:\Windows\System32\ClipSVC.dll [1033696 2019-06-13] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [885760 2018-12-08] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [567256 2018-12-08] (Microsoft Corporation)
S3 DevQueryBroker; C:\Windows\system32\DevQueryBroker.dll [33792 2018-04-12] (Microsoft Corporation)
S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [90112 2019-05-03] (Microsoft Corporation)
S3 diagsvc; C:\Windows\system32\DiagSvc.dll [219648 2018-04-12] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [827392 2019-04-19] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [593408 2019-04-19] (Microsoft Corporation)
S3 dmwappushservice; C:\Windows\system32\dmwappushsvc.dll [57856 2018-04-12] (Microsoft Corporation)
R2 DoSvc; C:\Windows\System32\svchost.exe [85472 2019-01-09] (Microsoft Corporation)
R2 DoSvc; C:\Windows\SysWOW64\svchost.exe [71456 2019-01-09] (Microsoft Corporation)
R3 DsSvc; C:\Windows\System32\DsSvc.dll [155136 2019-09-04] (Microsoft Corporation)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [21840 2014-03-03] ()
R2 DusmSvc; C:\Windows\System32\dusmsvc.dll [356352 2018-12-08] (Microsoft Corporation)
S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [167424 2018-04-12] (Microsoft Corporation)
S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [308736 2018-11-09] (Microsoft Corporation)
S3 FrameServer; C:\Windows\system32\FrameServer.dll [673792 2018-06-08] (Microsoft Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-02-26] (WildTangent)
S3 GraphicsPerfSvc; C:\Windows\System32\GraphicsPerfSvc.dll [90624 2018-04-12] (Microsoft Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [358264 2019-08-07] (HP Inc.)
S3 HvHost; C:\Windows\System32\hvhostsvc.dll [61736 2018-08-03] (Microsoft Corporation)
S3 icssvc; C:\Windows\System32\tetheringservice.dll [241152 2018-11-01] (Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [337888 2016-09-01] (Intel Corporation)
S3 InstallService; C:\Windows\system32\InstallService.dll [1487360 2019-05-17] (Microsoft Corporation)
S3 InstallService; C:\Windows\SysWOW64\InstallService.dll [1110528 2019-05-17] (Microsoft Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
S3 IpxlatCfgSvc; C:\Windows\System32\IpxlatCfg.dll [63488 2018-04-12] (Microsoft Corporation)
R3 lfsvc; C:\Windows\System32\lfsvc.dll [44544 2018-04-12] (Microsoft Corporation)
R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [48640 2018-04-12] (Microsoft Corporation)
S3 LxpSvc; C:\Windows\System32\LanguageOverlayServer.dll [199680 2018-04-12] (Microsoft Corporation)
S2 MapsBroker; C:\Windows\System32\moshost.dll [91136 2018-07-06] (Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239696 2013-07-23] ()
S3 NaturalAuthentication; C:\Windows\System32\NaturalAuth.dll [824832 2018-04-12] (Microsoft Corporation)
S3 NetSetupSvc; C:\Windows\System32\NetSetupSvc.dll [335360 2019-07-09] (Microsoft Corporation)
R3 NgcCtnrSvc; C:\Windows\System32\NgcCtnrSvc.dll [582144 2019-07-09] (Microsoft Corporation)
R3 NgcSvc; C:\Windows\system32\ngcsvc.dll [784896 2019-04-19] (Microsoft Corporation)
S3 PhoneSvc; C:\Windows\System32\PhoneService.dll [835584 2018-11-01] (Microsoft Corporation)
S3 PushToInstall; C:\Windows\system32\PushToInstall.dll [262144 2018-07-14] (Microsoft Corporation)
S3 RetailDemo; C:\Windows\system32\RDXService.dll [681984 2018-04-12] (Microsoft Corporation)
R3 RmSvc; C:\Windows\System32\RMapi.dll [153600 2018-12-08] (Microsoft Corporation)
R2 SecurityHealthService; C:\Windows\system32\SecurityHealthService.exe [760888 2018-07-14] (Microsoft Corporation)
R2 sedsvc; C:\Program Files\rempl\sedsvc.exe [357680 2019-08-26] (Microsoft Corporation)
R3 SEMgrSvc; C:\Windows\system32\SEMgrSvc.dll [1248768 2018-04-12] (Microsoft Corporation)
S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1273344 2018-04-12] (Microsoft Corporation)
S3 SensorService; C:\Windows\system32\SensorService.dll [712192 2018-04-12] (Microsoft Corporation)
R2 SgrmBroker; C:\Windows\system32\SgrmBroker.exe [163336 2018-04-12] (Microsoft Corporation)
S3 SharedRealitySvc; C:\Windows\System32\SharedRealitySvc.dll [713216 2019-06-13] (Microsoft Corporation)
S4 shpamsvc; C:\Windows\system32\Windows.SharedPC.AccountManager.dll [195584 2018-04-12] (Microsoft Corporation)
S3 SmsRouter; C:\Windows\system32\SmsRouterSvc.dll [590336 2018-04-12] (Microsoft Corporation)
S3 spectrum; C:\Windows\system32\spectrum.exe [976384 2018-06-08] (Microsoft Corporation)
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [4970360 2018-06-08] (Microsoft Corporation)
R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [4469832 2018-06-08] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [287240 2018-03-29] (Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12135768 2019-09-24] (TeamViewer GmbH)
R3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [120392 2015-11-17] (Toshiba Europe GmbH)
S3 TieringEngineService; C:\Windows\system32\TieringEngineService.exe [303616 2018-04-12] (Microsoft Corporation)
R3 TimeBrokerSvc; C:\Windows\System32\TimeBrokerServer.dll [176128 2018-04-12] (Microsoft Corporation)
R3 TokenBroker; C:\Windows\System32\TokenBroker.dll [1400832 2019-07-09] (Microsoft Corporation)
R3 TokenBroker; C:\Windows\SysWOW64\TokenBroker.dll [1003008 2019-07-09] (Microsoft Corporation)
S4 tzautoupdate; C:\Windows\system32\tzautoupdate.dll [92160 2018-11-09] (Microsoft Corporation)
S4 tzautoupdate; C:\Windows\SysWOW64\tzautoupdate.dll [72192 2018-04-12] (Microsoft Corporation)
R2 UserManager; C:\Windows\System32\usermgr.dll [1027584 2019-05-17] (Microsoft Corporation)
R2 UsoSvc; C:\Windows\system32\usocore.dll [1398272 2019-09-04] (Microsoft Corporation)
S3 VacSvc; C:\Windows\System32\vac.dll [411256 2018-04-12] (Microsoft Corporation)
S3 vmicrdv; C:\Windows\System32\icsvcext.dll [309760 2018-04-12] (Microsoft Corporation)
S3 vmicvmsession; C:\Windows\System32\icsvc.dll [289792 2018-04-12] (Microsoft Corporation)
S3 vmicvss; C:\Windows\System32\icsvcext.dll [309760 2018-04-12] (Microsoft Corporation)
S3 WaaSMedicSvc; C:\Windows\System32\WaaSMedicSvc.dll [392704 2019-01-09] (Microsoft Corporation)
S3 WalletService; C:\Windows\system32\WalletService.dll [427520 2018-04-12] (Microsoft Corporation)
S3 WarpJITSvc; C:\Windows\System32\Windows.WARP.JITService.dll [31744 2018-04-12] (Microsoft Corporation)
S3 WFDSConMgrSvc; C:\Windows\System32\wfdsconmgrsvc.dll [681984 2018-07-14] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1908.7-0\MsMpEng.exe [103168 2019-09-19] (Microsoft Corporation)
S3 wisvc; C:\Windows\system32\flightsettings.dll [858112 2018-06-08] (Microsoft Corporation)
S3 wisvc; C:\Windows\SysWOW64\flightsettings.dll [729088 2018-06-08] (Microsoft Corporation)
S3 wlpasvc; C:\Windows\System32\lpasvc.dll [1364992 2019-02-16] (Microsoft Corporation)
S3 WpcMonSvc; C:\Windows\System32\WpcDesktopMonSvc.dll [1456640 2018-06-06] (Microsoft Corporation)
R2 WpnService; C:\Windows\system32\WpnService.dll [280576 2018-04-12] (Microsoft Corporation)
S3 xbgm; C:\Windows\system32\xbgmsvc.exe [59512 2018-04-12] (Microsoft Corporation)
S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [1115648 2018-04-12] (Microsoft Corporation)
S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1308672 2018-04-12] (Microsoft Corporation)
S3 XboxGipSvc; C:\Windows\System32\XboxGipSvc.dll [58880 2018-04-12] (Microsoft Corporation)
S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1148928 2018-04-12] (Microsoft Corporation)
S3 WdNisSvc; "%ProgramData%\Microsoft\Windows Defender\platform\4.18.1908.7-0\NisSrv.exe" [X]

==================== Drivers (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [20480 2018-04-12] (Microsoft Corporation)
R1 afunix; C:\Windows\system32\drivers\afunix.sys [39424 2018-04-12] (Microsoft Corporation)
S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [18432 2018-04-12] (Microsoft Corporation)
S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533912 2018-04-12] (QLogic Corporation)
R1 bam; C:\Windows\System32\drivers\bam.sys [60320 2018-04-12] (Microsoft Corporation)
S3 BcastDVRUserService; No ImagePath
S3 BcastDVRUserService_1d39ebed; No ImagePath
S3 bindflt; C:\Windows\system32\drivers\bindflt.sys [92704 2019-01-09] (Microsoft Corporation)
S3 BluetoothUserService; No ImagePath
S3 BluetoothUserService_1d39ebed; No ImagePath
R3 BthLEEnum; C:\Windows\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [86528 2018-04-12] (Microsoft Corporation)
S0 bttflt; C:\Windows\System32\drivers\bttflt.sys [38304 2018-04-12] (Microsoft Corporation)
S3 buttonconverter; C:\Windows\System32\drivers\buttonconverter.sys [39936 2018-04-12] (Microsoft Corporation)
R3 CAD; C:\Windows\System32\drivers\CAD.sys [60320 2018-04-12] (Microsoft Corporation)
S3 CapImg; C:\Windows\System32\drivers\capimg.sys [123392 2018-04-12] (Microsoft Corporation)
S2 CDPUserSvc; No ImagePath
R2 CDPUserSvc_1d39ebed; No ImagePath
S0 cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [321432 2018-04-12] (Chelsio Communications)
S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [1836952 2018-04-12] (Chelsio Communications)
R2 CldFlt; C:\Windows\System32\drivers\cldflt.sys [414720 2019-07-09] (Microsoft Corporation)
S4 cnghwassist; C:\Windows\System32\DRIVERS\cnghwassist.sys [39328 2018-04-12] (Microsoft Corporation)
R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_bcb89b3386563bd7\CompositeBus.sys [40448 2018-04-12] (Microsoft Corporation)
S3 DevicePickerUserSvc; No ImagePath
S3 DevicePickerUserSvc_1d39ebed; No ImagePath
S3 DevicesFlowUserSvc; No ImagePath
S3 DevicesFlowUserSvc_1d39ebed; No ImagePath
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3419032 2018-04-12] (QLogic Corporation)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40872 2014-02-10] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40872 2014-02-10] (SlySoft, Inc.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-12-04] (Malwarebytes)
R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [55808 2018-04-12] (Microsoft Corporation)
S3 GENERICDRV; C:\Program Files (x86)\UEFI WinFlash\amifldrv64.sys [15640 2012-07-27] ()
S3 genericusbfn; C:\Windows\System32\drivers\genericusbfn.sys [20992 2018-04-12] (Microsoft Corporation)
R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2018-04-12] (Microsoft Corporation)
S3 hidinterrupt; C:\Windows\System32\drivers\hidinterrupt.sys [50592 2018-04-12] (Microsoft Corporation)
S4 hvcrash; C:\Windows\System32\drivers\hvcrash.sys [33184 2018-04-12] (Microsoft Corporation)
S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [76304 2019-06-07] (Microsoft Corporation)
S3 hwdatacard; C:\Windows\system32\DRIVERS\ewusbmdm.sys [115328 2015-02-26] (Huawei Technologies Co., Ltd.) [Datei ist nicht signiert]
S3 HwNClx0101; C:\Windows\System32\Drivers\mshwnclx.sys [27136 2018-04-12] (Microsoft Corporation)
S3 iagpio; C:\Windows\System32\drivers\iagpio.sys [36864 2018-04-12] (Intel(R) Corporation)
S3 iai2c; C:\Windows\System32\drivers\iai2c.sys [91648 2018-04-12] (Intel(R) Corporation)
S3 iaLPSS2i_GPIO2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [79360 2018-04-12] (Intel Corporation)
S3 iaLPSS2i_GPIO2_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [88576 2018-04-12] (Intel Corporation)
S3 iaLPSS2i_I2C; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [171520 2018-04-12] (Intel Corporation)
S3 iaLPSS2i_I2C_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [174592 2018-04-12] (Intel Corporation)
S0 iaStorAVC; C:\Windows\System32\drivers\iaStorAVC.sys [885144 2018-04-12] (Intel Corporation)
S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [526232 2018-04-12] (Mellanox)
S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [38912 2018-04-12] (Microsoft Corporation)
R0 iorate; C:\Windows\System32\drivers\iorate.sys [58168 2018-12-08] (Microsoft Corporation)
S3 IPT; C:\Windows\System32\drivers\ipt.sys [32256 2018-04-12] (Microsoft Corporation)
S0 ItSas35i; C:\Windows\System32\drivers\ItSas35i.sys [145816 2018-04-12] (Avago Technologies)
S0 LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [124312 2018-04-12] (LSI Corporation)
S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [128408 2018-04-12] (Avago Technologies)
S3 mausbhost; C:\Windows\System32\drivers\mausbhost.sys [505240 2018-04-12] (Microsoft Corporation)
S3 mausbip; C:\Windows\System32\drivers\mausbip.sys [56736 2018-04-12] (Microsoft Corporation)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198512 2019-09-29] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [126624 2019-09-29] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [72536 2019-09-29] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [261032 2019-09-29] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [113016 2019-10-06] (Malwarebytes)
S0 megasas; C:\Windows\System32\drivers\megasas.sys [59800 2018-04-12] (Avago Technologies)
S0 megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [75160 2018-04-12] (Avago Technologies)
S0 megasas35i; C:\Windows\System32\drivers\megasas35i.sys [82328 2018-04-12] (Avago Technologies)
S3 MessagingService; No ImagePath
S3 MessagingService_1d39ebed; No ImagePath
R3 Microsoft_Bluetooth_AvrcpTransport; C:\Windows\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation)
S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [842648 2018-04-12] (Mellanox)
R2 MMCSS; C:\Windows\system32\drivers\mmcss.sys [43008 2018-12-08] (Microsoft Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [29192 2016-03-17] (Marvell Semiconductor, Inc.)
S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [108952 2018-04-12] (Mellanox)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [175104 2018-04-12] (Microsoft Corporation)
S3 netvsc; C:\Windows\System32\drivers\netvsc.sys [197632 2018-04-12] (Microsoft Corporation)
S3 nvdimm; C:\Windows\System32\drivers\nvdimm.sys [104448 2018-04-12] (Microsoft Corporation)
S2 OneSyncSvc; No ImagePath
U2 OneSyncSvc_1d39ebed; No ImagePath
S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58776 2018-04-12] (Avago Technologies)
S0 percsas3i; C:\Windows\System32\drivers\percsas3i.sys [61848 2018-04-12] (Avago Technologies)
S3 PimIndexMaintenanceSvc; No ImagePath
S3 PimIndexMaintenanceSvc_1d39ebed; No ImagePath
S3 pmem; C:\Windows\System32\drivers\pmem.sys [105984 2018-04-12] (Microsoft Corporation)
S3 PrintWorkflowUserSvc; No ImagePath
S3 PrintWorkflowUserSvc_1d39ebed; No ImagePath
S0 Ramdisk; C:\Windows\System32\DRIVERS\ramdisk.sys [39840 2018-04-12] (Microsoft Corporation)
S3 ReFSv1; C:\Windows\System32\Drivers\ReFSv1.sys [945464 2019-03-06] (Microsoft Corporation)
S3 rhproxy; C:\Windows\System32\drivers\rhproxy.sys [104448 2018-04-12] (Microsoft Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-09] (Realtek Semiconductor Corp.)
S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [128920 2018-08-03] (Microsoft Corporation)
S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [33176 2018-04-12] (Microsoft Corporation)
R0 SgrmAgent; C:\Windows\System32\drivers\SgrmAgent.sys [63896 2018-04-12] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [54792 2018-03-29] (Synaptics Incorporated)
S3 SpatialGraphFilter; C:\Windows\System32\drivers\SpatialGraphFilter.sys [57752 2018-04-12] (Microsoft Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [82432 2019-03-14] (Microsoft Corporation)
S0 storufs; C:\Windows\System32\drivers\storufs.sys [48544 2018-06-15] (Microsoft Corporation)
R3 swenum; C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_ea7b19c04e7a8136\swenum.sys [18336 2018-04-12] (Microsoft Corporation)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [54424 2015-07-29] (Toshiba Corporation)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [128512 2018-04-12] (Microsoft Corporation)
S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [152576 2018-04-12] (Microsoft Corporation)
S3 UcmUcsi; C:\Windows\System32\drivers\UcmUcsi.sys [57856 2018-04-12] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [45056 2018-04-12] (Microsoft Corporation)
S3 Ufx01000; C:\Windows\System32\drivers\ufx01000.sys [282008 2018-04-12] (Microsoft Corporation)
S3 UfxChipidea; C:\Windows\System32\drivers\UfxChipidea.sys [98200 2018-04-12] (Microsoft Corporation)
S3 ufxsynopsys; C:\Windows\System32\drivers\ufxsynopsys.sys [144288 2018-04-12] (Microsoft Corporation)
S3 UnistoreSvc; No ImagePath
R3 UnistoreSvc_1d39ebed; No ImagePath
S3 UrsChipidea; C:\Windows\System32\drivers\urschipidea.sys [29088 2018-04-12] (Microsoft Corporation)
S3 UrsCx01000; C:\Windows\System32\drivers\urscx01000.sys [67992 2018-04-12] (Microsoft Corporation)
S3 UrsSynopsys; C:\Windows\System32\drivers\urssynopsys.sys [28064 2018-04-12] (Microsoft Corporation)
S3 UserDataSvc; No ImagePath
R3 UserDataSvc_1d39ebed; No ImagePath
S3 vhf; C:\Windows\System32\drivers\vhf.sys [36352 2018-10-21] (Microsoft Corporation)
S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [10240 2018-08-03] (Microsoft Corporation)
R0 volume; C:\Windows\System32\drivers\volume.sys [16288 2018-04-12] (Microsoft Corporation)
R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [152072 2019-03-14] (Microsoft Corporation)
R3 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [83456 2018-12-08] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46472 2019-09-19] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [346336 2019-09-19] (Microsoft Corporation)
S3 wdiwifi; C:\Windows\System32\DRIVERS\wdiwifi.sys [787968 2019-05-17] (Microsoft Corporation)
S3 WdmCompanionFilter; C:\Windows\System32\drivers\WdmCompanionFilter.sys [21408 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [53984 2019-09-19] (Microsoft Corporation)
R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [72768 2018-06-15] (Microsoft Corporation)
R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [18472 2018-04-12] (Microsoft Corporation)
S3 WinMad; C:\Windows\System32\drivers\winmad.sys [32152 2018-04-12] (Mellanox)
S3 WinNat; C:\Windows\System32\drivers\winnat.sys [228864 2019-05-17] (Microsoft Corporation)
S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [64920 2018-04-12] (Mellanox)
S2 WpnUserService; No ImagePath
R2 WpnUserService_1d39ebed; No ImagePath
S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [295424 2018-06-15] (Microsoft Corporation)
S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [46592 2018-04-12] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

NETSVC: InstallService -> C:\Windows\system32\InstallService.dll (Microsoft Corporation)
NETSVC: LxpSvc -> C:\Windows\System32\LanguageOverlayServer.dll (Microsoft Corporation)
NETSVC: shpamsvc -> C:\Windows\system32\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
NETSVC: PushToInstall -> C:\Windows\system32\PushToInstall.dll (Microsoft Corporation)
NETSVC: XblGameSave -> C:\Windows\System32\XblGameSave.dll (Microsoft Corporation)
NETSVC: DmEnrollmentSvc -> C:\Windows\system32\Windows.Internal.Management.dll (Microsoft Corporation)
NETSVC: XblAuthManager -> C:\Windows\System32\XblAuthManager.dll (Microsoft Corporation)
NETSVC: NaturalAuthentication -> C:\Windows\System32\NaturalAuth.dll (Microsoft Corporation)
NETSVC: NetSetupSvc -> C:\Windows\System32\NetSetupSvc.dll (Microsoft Corporation)
NETSVC: UserManager -> C:\Windows\System32\usermgr.dll (Microsoft Corporation)
NETSVC: XboxGipSvc -> C:\Windows\System32\XboxGipSvc.dll (Microsoft Corporation)
NETSVC: TokenBroker -> C:\Windows\System32\TokenBroker.dll (Microsoft Corporation)
NETSVC: dmwappushservice -> C:\Windows\system32\dmwappushsvc.dll (Microsoft Corporation)
NETSVC: wisvc -> C:\Windows\system32\flightsettings.dll (Microsoft Corporation)
NETSVC: WpnService -> C:\Windows\system32\WpnService.dll (Microsoft Corporation)
NETSVC: XboxNetApiSvc -> C:\Windows\system32\XboxNetApiSvc.dll (Microsoft Corporation)
NETSVC: UsoSvc -> C:\Windows\system32\usocore.dll (Microsoft Corporation)
NETSVCx32: TokenBroker -> C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation)
NETSVCx32: UserManager -> C:\Windows\SysWOW64\usermgr.dll ==> Keine Datei

==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2019-10-06 17:27 - 2019-10-06 17:27 - 00000000 ___HD C:\OneDriveTemp
2019-10-06 15:25 - 2019-10-06 15:25 - 00001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-10-06 15:25 - 2019-10-06 15:25 - 00001004 _____ C:\Users\Public\Desktop\Firefox.lnk
2019-10-06 15:24 - 2019-10-06 15:24 - 00000000 ____D C:\Program Files\Mozilla Firefox
2019-10-06 15:23 - 2019-10-06 15:24 - 49818008 _____ (Mozilla) C:\Users\Stefanie\Downloads\Firefox Setup 69.0.2.exe
2019-10-04 16:31 - 2019-10-04 16:35 - 00070902 _____ C:\Users\Stefanie\Desktop\Addition.txt
2019-10-04 16:27 - 2019-10-06 17:28 - 00000000 ____D C:\FRST
2019-10-04 16:27 - 2019-10-06 17:27 - 00044074 _____ C:\Users\Stefanie\Desktop\FRST.txt
2019-10-04 16:25 - 2019-10-04 16:25 - 02169856 _____ (Farbar) C:\Users\Stefanie\Desktop\FRST64.exe
2019-10-04 13:58 - 2019-10-04 17:19 - 00000000 ____D C:\Users\Stefanie\AppData\Local\CrashDumps
2019-09-29 15:50 - 2019-09-29 15:50 - 00001123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 14.lnk
2019-09-29 15:50 - 2019-09-29 15:50 - 00001111 _____ C:\Users\Public\Desktop\TeamViewer 14.lnk
2019-09-29 15:50 - 2019-09-29 15:50 - 00000000 ____D C:\Users\Stefanie\AppData\Roaming\TeamViewer
2019-09-29 15:50 - 2019-09-29 15:50 - 00000000 ____D C:\Users\Stefanie\AppData\Local\TeamViewer
2019-09-29 15:50 - 2019-09-29 15:50 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2019-09-29 15:48 - 2019-09-29 15:49 - 26199544 _____ (TeamViewer GmbH) C:\Users\Stefanie\Downloads\TeamViewer_Setup.exe
2019-09-29 12:52 - 2019-09-29 12:52 - 00019785 _____ C:\Users\Stefanie\Desktop\Report_Malwarebytes.txt
2019-09-29 12:46 - 2019-09-29 12:46 - 00072536 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-09-29 12:45 - 2019-10-06 14:59 - 00113016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-09-29 12:45 - 2019-09-29 12:45 - 00126624 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-09-29 12:42 - 2019-09-29 12:46 - 00000306 __RSH C:\ProgramData\ntuser.pol
2019-09-29 12:27 - 2019-09-29 12:27 - 00000000 ____D C:\Users\Stefanie\AppData\Local\mbamtray
2019-09-29 12:27 - 2019-09-29 12:27 - 00000000 ____D C:\Users\Stefanie\AppData\Local\mbam
2019-09-29 12:21 - 2019-09-29 12:21 - 00198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-09-29 12:20 - 2019-09-29 12:45 - 00261032 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-09-29 12:20 - 2019-09-29 12:20 - 00001923 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-09-29 12:20 - 2019-09-29 12:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-09-29 12:20 - 2018-12-04 08:09 - 00152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-09-29 12:19 - 2019-09-29 12:19 - 00000000 ____D C:\Program Files\Malwarebytes
2019-09-29 12:10 - 2019-09-29 12:19 - 00000000 ____D C:\ProgramData\Malwarebytes
2019-09-29 12:08 - 2019-09-29 12:08 - 00000000 ____D C:\Users\Stefanie\AppData\Roaming\AVAST Software
2019-09-29 12:06 - 2019-09-29 12:07 - 22851472 _____ (Malwarebytes ) C:\Users\Stefanie\Downloads\mbam-setup-2.2.1.1043.exe
2019-09-29 12:03 - 2019-09-29 12:03 - 00002099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2019-09-29 12:03 - 2019-09-29 12:03 - 00002087 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-09-29 11:54 - 2019-09-30 15:58 - 00848432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw6628da15bfb023de.tmp
2019-09-29 11:54 - 2019-09-30 15:58 - 00460448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbb00d5506afbf00d.tmp
2019-09-29 11:54 - 2019-09-29 11:59 - 00856960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys.156985192484301
2019-09-29 11:54 - 2019-09-29 11:59 - 00464608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys.156985192484301
2019-09-29 11:54 - 2019-09-29 11:54 - 00316528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswd93cbf2bb74ed39d.tmp
2019-09-29 11:54 - 2019-09-29 11:54 - 00276952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw7725644aceb28575.tmp
2019-09-29 11:54 - 2019-09-29 11:54 - 00236024 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswc09f1aaa7ecf305c.tmp
2019-09-29 11:54 - 2019-09-29 11:54 - 00171520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw68594f7727e55d28.tmp
2019-09-29 11:54 - 2019-09-29 11:54 - 00110320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw1cd3342fff195b97.tmp
2019-09-29 11:54 - 2019-09-29 11:54 - 00083792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswd5c56a17e2f83be3.tmp
2019-09-29 11:54 - 2019-09-29 11:54 - 00042736 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw02f1e72a6b4ce91a.tmp
2019-09-29 11:54 - 2019-09-29 11:54 - 00016304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw8bf716967ddc3324.tmp
2019-09-29 11:54 - 2019-09-29 11:54 - 00000000 ____D C:\Program Files\Common Files\AVAST Software
2019-09-29 11:54 - 2019-09-29 11:53 - 00355720 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-09-29 11:54 - 2019-09-29 11:53 - 00274456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw34a9b079378bc57b.tmp
2019-09-29 11:54 - 2019-09-29 11:53 - 00209552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw54f2df87fb8e5188.tmp
2019-09-29 11:54 - 2019-09-29 11:53 - 00204824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswc02b8fcb80d13b27.tmp
2019-09-29 11:54 - 2019-09-29 11:53 - 00065120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw4de6767cdab830e4.tmp
2019-09-29 11:54 - 2019-09-29 11:53 - 00037616 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswcd7242a34ab7b133.tmp
2019-09-29 11:52 - 2019-09-29 11:52 - 00000000 ____D C:\Program Files\AVAST Software
2019-09-29 11:51 - 2019-09-29 11:54 - 00000000 ____D C:\ProgramData\AVAST Software
2019-09-29 11:50 - 2019-09-29 11:50 - 20889016 _____ (Piriform Software Ltd) C:\Users\Stefanie\Downloads\ccsetup561.exe
2019-09-28 09:12 - 2019-09-28 09:12 - 00002134 _____ C:\Users\Stefanie\Desktop\Chromium.lnk
2019-09-28 09:12 - 2019-09-28 09:12 - 00001777 _____ C:\Users\Stefanie\Desktop\Internet Explorer.lnk
2019-09-28 00:42 - 2019-09-28 00:42 - 00325862 _____ C:\Users\Stefanie\AppData\Roaming\Cerepelu
2019-09-21 08:49 - 2019-09-21 08:49 - 00000279 _____ C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papierkorb.lnk
2019-09-19 12:28 - 2019-09-19 12:28 - 00292078 _____ C:\Users\Stefanie\AppData\Roaming\Ninibokekimi
2019-09-11 05:22 - 2019-09-04 07:13 - 07519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-09-11 05:22 - 2019-09-04 07:02 - 06568280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-09-11 05:22 - 2019-09-04 06:55 - 25857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-09-11 05:22 - 2019-09-04 06:45 - 22734336 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-09-11 05:21 - 2019-09-04 12:16 - 02871608 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-09-11 05:21 - 2019-09-04 12:16 - 01721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-09-11 05:21 - 2019-09-04 12:16 - 00810808 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-09-11 05:21 - 2019-09-04 12:16 - 00740664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-09-11 05:21 - 2019-09-04 12:16 - 00324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-09-11 05:21 - 2019-09-04 12:15 - 00637752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-09-11 05:21 - 2019-09-04 12:15 - 00464696 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-09-11 05:21 - 2019-09-04 12:15 - 00164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-09-11 05:21 - 2019-09-04 12:15 - 00071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-09-11 05:21 - 2019-09-04 12:01 - 04527800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-09-11 05:21 - 2019-09-04 12:01 - 01516632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-09-11 05:21 - 2019-09-04 12:00 - 21399576 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-09-11 05:21 - 2019-09-04 12:00 - 01632112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-09-11 05:21 - 2019-09-04 12:00 - 01616840 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-09-11 05:21 - 2019-09-04 11:46 - 12838400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-09-11 05:21 - 2019-09-04 11:43 - 08627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-09-11 05:21 - 2019-09-04 11:40 - 03614208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-09-11 05:21 - 2019-09-04 11:40 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-09-11 05:21 - 2019-09-04 10:52 - 01453624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-09-11 05:21 - 2019-09-04 10:50 - 01320344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-09-11 05:21 - 2019-09-04 10:48 - 20393120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-09-11 05:21 - 2019-09-04 10:38 - 12039680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-09-11 05:21 - 2019-09-04 10:33 - 02882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-09-11 05:21 - 2019-09-04 07:25 - 03180080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2019-09-11 05:21 - 2019-09-04 07:25 - 01613096 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2019-09-11 05:21 - 2019-09-04 07:19 - 00513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-09-11 05:21 - 2019-09-04 07:19 - 00511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-09-11 05:21 - 2019-09-04 07:17 - 01213264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-09-11 05:21 - 2019-09-04 07:17 - 01035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-09-11 05:21 - 2019-09-04 07:15 - 05627280 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-09-11 05:21 - 2019-09-04 07:15 - 01219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-09-11 05:21 - 2019-09-04 07:15 - 01027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-09-11 05:21 - 2019-09-04 07:14 - 07437592 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-09-11 05:21 - 2019-09-04 07:14 - 03290584 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-09-11 05:21 - 2019-09-04 07:14 - 02469920 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-09-11 05:21 - 2019-09-04 07:13 - 09084424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-09-11 05:21 - 2019-09-04 07:13 - 04405232 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-09-11 05:21 - 2019-09-04 07:13 - 02773816 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-09-11 05:21 - 2019-09-04 07:13 - 02571848 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-09-11 05:21 - 2019-09-04 07:13 - 02371296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-09-11 05:21 - 2019-09-04 07:10 - 00415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-09-11 05:21 - 2019-09-04 07:03 - 06046096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-09-11 05:21 - 2019-09-04 07:03 - 02478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-09-11 05:21 - 2019-09-04 07:03 - 02331696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-09-11 05:21 - 2019-09-04 07:03 - 02261448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-09-11 05:21 - 2019-09-04 07:03 - 01993136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-09-11 05:21 - 2019-09-04 07:03 - 01980264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-09-11 05:21 - 2019-09-04 07:02 - 04790160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-09-11 05:21 - 2019-09-04 06:54 - 22017024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-09-11 05:21 - 2019-09-04 06:48 - 19385344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-09-11 05:21 - 2019-09-04 06:48 - 07057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2019-09-11 05:21 - 2019-09-04 06:46 - 09084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2019-09-11 05:21 - 2019-09-04 06:45 - 05883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2019-09-11 05:21 - 2019-09-04 06:44 - 04388864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-09-11 05:21 - 2019-09-04 06:44 - 03687424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-09-11 05:21 - 2019-09-04 06:43 - 04849664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-09-11 05:21 - 2019-09-04 06:43 - 03402240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-09-11 05:21 - 2019-09-04 06:42 - 07572992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-09-11 05:21 - 2019-09-04 06:42 - 06032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2019-09-11 05:21 - 2019-09-04 06:42 - 05769728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-09-11 05:21 - 2019-09-04 06:42 - 01765888 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-09-11 05:21 - 2019-09-04 06:41 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-09-11 05:21 - 2019-09-04 06:41 - 01634304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-09-11 05:21 - 2019-09-04 06:40 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-09-11 05:21 - 2019-09-04 06:40 - 02602496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-09-11 05:21 - 2019-09-04 06:40 - 02364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2019-09-11 05:21 - 2019-09-04 06:40 - 01808896 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-09-11 05:21 - 2019-09-04 06:39 - 03203072 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-09-11 05:21 - 2019-09-04 06:39 - 02166272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-09-11 05:21 - 2019-09-04 06:39 - 01920512 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-09-11 05:21 - 2019-09-04 06:38 - 01398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-09-11 05:21 - 2019-08-13 20:20 - 03701184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-09-11 05:21 - 2019-08-13 20:06 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-09-11 05:21 - 2019-08-13 16:46 - 06661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-09-11 05:21 - 2019-08-13 16:45 - 02969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-09-11 05:21 - 2019-08-13 12:14 - 04040008 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-09-11 05:21 - 2019-08-13 11:51 - 04853248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-09-11 05:21 - 2019-08-13 11:51 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2019-09-11 05:21 - 2019-08-13 11:50 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-09-11 05:21 - 2019-08-13 11:47 - 01262080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-09-11 05:21 - 2019-08-13 06:17 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-09-11 05:21 - 2019-08-13 06:16 - 08189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-09-11 05:21 - 2019-08-13 06:15 - 01626112 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-09-11 05:21 - 2019-08-13 06:14 - 01826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-09-11 05:21 - 2019-08-13 06:08 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-09-11 05:21 - 2019-08-13 04:51 - 00421376 _____ (curl, https://curl.haxx.se/) C:\WINDOWS\system32\curl.exe
2019-09-11 05:20 - 2019-09-04 12:06 - 00581016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-09-11 05:20 - 2019-09-04 12:06 - 00541200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-09-11 05:20 - 2019-09-04 12:06 - 00402016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2019-09-11 05:20 - 2019-09-04 12:01 - 00790936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-09-11 05:20 - 2019-09-04 12:01 - 00396088 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2019-09-11 05:20 - 2019-09-04 11:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-09-11 05:20 - 2019-09-04 11:44 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-09-11 05:20 - 2019-09-04 11:42 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\NcaSvc.dll
2019-09-11 05:20 - 2019-09-04 11:41 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-09-11 05:20 - 2019-09-04 11:40 - 01364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-09-11 05:20 - 2019-09-04 11:40 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-09-11 05:20 - 2019-09-04 11:39 - 00577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-09-11 05:20 - 2019-09-04 10:52 - 00467400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2019-09-11 05:20 - 2019-09-04 10:51 - 00662328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-09-11 05:20 - 2019-09-04 10:51 - 00322360 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2019-09-11 05:20 - 2019-09-04 10:50 - 00356896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2019-09-11 05:20 - 2019-09-04 10:38 - 07990784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-09-11 05:20 - 2019-09-04 10:35 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-09-11 05:20 - 2019-09-04 07:24 - 02417744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2019-09-11 05:20 - 2019-09-04 07:24 - 01298960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2019-09-11 05:20 - 2019-09-04 07:24 - 00705336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-09-11 05:20 - 2019-09-04 07:19 - 00036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-09-11 05:20 - 2019-09-04 07:15 - 00568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-09-11 05:20 - 2019-09-04 07:15 - 00500744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-09-11 05:20 - 2019-09-04 07:15 - 00491208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-09-11 05:20 - 2019-09-04 07:15 - 00323904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2019-09-11 05:20 - 2019-09-04 07:14 - 01934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-09-11 05:20 - 2019-09-04 07:14 - 01363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-09-11 05:20 - 2019-09-04 07:14 - 01209696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-09-11 05:20 - 2019-09-04 07:14 - 00594032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-09-11 05:20 - 2019-09-04 07:14 - 00420984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xbgmengine.dll
2019-09-11 05:20 - 2019-09-04 07:14 - 00361752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-09-11 05:20 - 2019-09-04 07:13 - 01459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-09-11 05:20 - 2019-09-04 07:13 - 01260776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-09-11 05:20 - 2019-09-04 07:13 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-09-11 05:20 - 2019-09-04 07:13 - 01098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-09-11 05:20 - 2019-09-04 07:13 - 00983936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-09-11 05:20 - 2019-09-04 07:13 - 00735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-09-11 05:20 - 2019-09-04 07:13 - 00713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-09-11 05:20 - 2019-09-04 07:13 - 00692352 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2019-09-11 05:20 - 2019-09-04 07:13 - 00545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-09-11 05:20 - 2019-09-04 07:13 - 00383288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-09-11 05:20 - 2019-09-04 07:13 - 00335672 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2019-09-11 05:20 - 2019-09-04 07:13 - 00260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-09-11 05:20 - 2019-09-04 07:13 - 00129040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-09-11 05:20 - 2019-09-04 07:05 - 00550520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-09-11 05:20 - 2019-09-04 07:04 - 00286616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-09-11 05:20 - 2019-09-04 07:03 - 01011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-09-11 05:20 - 2019-09-04 07:03 - 00581264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-09-11 05:20 - 2019-09-04 07:03 - 00538192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2019-09-11 05:20 - 2019-09-04 07:02 - 01805872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-09-11 05:20 - 2019-09-04 07:02 - 00560600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-09-11 05:20 - 2019-09-04 07:02 - 00129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-09-11 05:20 - 2019-09-04 06:46 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-09-11 05:20 - 2019-09-04 06:45 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-09-11 05:20 - 2019-09-04 06:45 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-09-11 05:20 - 2019-09-04 06:45 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ws2ifsl.sys
2019-09-11 05:20 - 2019-09-04 06:44 - 06647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2019-09-11 05:20 - 2019-09-04 06:43 - 05307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-09-11 05:20 - 2019-09-04 06:43 - 02825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2019-09-11 05:20 - 2019-09-04 06:43 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-09-11 05:20 - 2019-09-04 06:43 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2019-09-11 05:20 - 2019-09-04 06:43 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2019-09-11 05:20 - 2019-09-04 06:43 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-09-11 05:20 - 2019-09-04 06:43 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2019-09-11 05:20 - 2019-09-04 06:42 - 03381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2019-09-11 05:20 - 2019-09-04 06:42 - 02929152 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2019-09-11 05:20 - 2019-09-04 06:42 - 01862656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2019-09-11 05:20 - 2019-09-04 06:42 - 00894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-09-11 05:20 - 2019-09-04 06:42 - 00808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-09-11 05:20 - 2019-09-04 06:42 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-09-11 05:20 - 2019-09-04 06:42 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-09-11 05:20 - 2019-09-04 06:42 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2019-09-11 05:20 - 2019-09-04 06:42 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-09-11 05:20 - 2019-09-04 06:42 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-09-11 05:20 - 2019-09-04 06:41 - 02449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2019-09-11 05:20 - 2019-09-04 06:41 - 01986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2019-09-11 05:20 - 2019-09-04 06:41 - 01347584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2019-09-11 05:20 - 2019-09-04 06:41 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-09-11 05:20 - 2019-09-04 06:41 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-09-11 05:20 - 2019-09-04 06:40 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-09-11 05:20 - 2019-09-04 06:40 - 01563648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-09-11 05:20 - 2019-09-04 06:40 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-09-11 05:20 - 2019-09-04 06:40 - 00978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2019-09-11 05:20 - 2019-09-04 06:40 - 00851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-09-11 05:20 - 2019-09-04 06:40 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-09-11 05:20 - 2019-09-04 06:40 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 01264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 01225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 00976896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 00961536 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 00927744 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 00735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 00729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 00532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-09-11 05:20 - 2019-09-04 06:38 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-09-11 05:20 - 2019-09-04 06:38 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2019-09-11 05:20 - 2019-09-04 06:38 - 00705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2019-09-11 05:20 - 2019-09-04 06:38 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-09-11 05:20 - 2019-09-04 06:38 - 00506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-09-11 05:20 - 2019-09-04 05:22 - 00001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-09-11 05:20 - 2019-08-16 00:55 - 00786072 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-09-11 05:20 - 2019-08-16 00:55 - 00604000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-09-11 05:20 - 2019-08-15 11:59 - 00868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-09-11 05:20 - 2019-08-13 20:21 - 00665400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-09-11 05:20 - 2019-08-13 20:21 - 00221016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2019-09-11 05:20 - 2019-08-13 20:20 - 00106560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2019-09-11 05:20 - 2019-08-13 20:06 - 00668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2019-09-11 05:20 - 2019-08-13 20:06 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComputerDefaults.exe
2019-09-11 05:20 - 2019-08-13 20:05 - 02017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-09-11 05:20 - 2019-08-13 17:06 - 00443632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-09-11 05:20 - 2019-08-13 17:04 - 01651040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2019-09-11 05:20 - 2019-08-13 17:04 - 01585304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2019-09-11 05:20 - 2019-08-13 16:44 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2019-09-11 05:20 - 2019-08-13 16:43 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-09-11 05:20 - 2019-08-13 16:43 - 00624128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2019-09-11 05:20 - 2019-08-13 16:43 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2019-09-11 05:20 - 2019-08-13 16:42 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2019-09-11 05:20 - 2019-08-13 16:40 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-09-11 05:20 - 2019-08-13 16:39 - 00536064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-09-11 05:20 - 2019-08-13 12:09 - 00771384 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-09-11 05:20 - 2019-08-13 12:09 - 00571688 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-09-11 05:20 - 2019-08-13 12:08 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2019-09-11 05:20 - 2019-08-13 11:49 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-09-11 05:20 - 2019-08-13 11:49 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComputerDefaults.exe
2019-09-11 05:20 - 2019-08-13 11:46 - 02084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-09-11 05:20 - 2019-08-13 11:46 - 00757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2019-09-11 05:20 - 2019-08-13 08:37 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-09-11 05:20 - 2019-08-13 06:54 - 00790208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-09-11 05:20 - 2019-08-13 06:46 - 00611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-09-11 05:20 - 2019-08-13 06:46 - 00510288 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-09-11 05:20 - 2019-08-13 06:46 - 00194360 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-09-11 05:20 - 2019-08-13 06:45 - 02718736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-09-11 05:20 - 2019-08-13 06:45 - 00723216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-09-11 05:20 - 2019-08-13 06:45 - 00722960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-09-11 05:20 - 2019-08-13 06:44 - 02161288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2019-09-11 05:20 - 2019-08-13 06:44 - 01793472 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2019-09-11 05:20 - 2019-08-13 06:16 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-09-11 05:20 - 2019-08-13 06:13 - 00462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-09-11 05:20 - 2019-08-13 06:13 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2019-09-11 05:20 - 2019-08-13 06:12 - 01307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-09-11 05:20 - 2019-08-13 06:12 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-09-11 05:20 - 2019-08-13 06:12 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-09-11 05:20 - 2019-08-13 06:12 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2019-09-11 05:20 - 2019-08-13 06:12 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2019-09-11 05:20 - 2019-08-13 06:11 - 00737280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2019-09-11 05:20 - 2019-08-13 06:11 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-09-11 05:20 - 2019-08-13 06:11 - 00302592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2019-09-11 05:20 - 2019-08-13 06:08 - 00662016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-09-11 05:20 - 2019-08-13 06:08 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2019-09-11 05:20 - 2019-08-13 04:49 - 00806328 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-09-11 05:20 - 2019-08-13 04:49 - 00806328 _____ C:\WINDOWS\system32\locale.nls
2019-09-11 05:20 - 2019-08-13 02:57 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-09-11 05:20 - 2019-08-13 02:57 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-09-11 05:20 - 2019-08-13 02:57 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-09-11 05:20 - 2019-08-13 02:57 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-09-10 00:42 - 2019-09-10 00:42 - 00128371 _____ C:\Users\Stefanie\AppData\Roaming\Hesumo

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2019-10-06 17:28 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\system32\sru
2019-10-06 17:27 - 2014-10-08 20:22 - 00000000 ___RD C:\Users\Stefanie\OneDrive
2019-10-06 17:26 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\AppReadiness
2019-10-06 15:27 - 2014-10-08 20:51 - 00000000 ____D C:\ProgramData\Mozilla
2019-10-06 15:25 - 2014-10-08 21:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-10-06 15:22 - 2014-05-22 01:54 - 00000000 ____D C:\Program Files (x86)\Google
2019-10-06 15:13 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-10-06 15:13 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\system32\Macromed
2019-10-06 15:12 - 2016-08-02 17:58 - 00000000 ____D C:\Program Files (x86)\Adobe
2019-10-05 17:58 - 2018-06-06 21:39 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2019-10-05 17:58 - 2014-10-22 12:12 - 00000000 ____D C:\Users\Stefanie\Documents\Steffi Bewerbungsunterlagen
2019-10-05 17:25 - 2018-06-07 08:10 - 00000000 ____D C:\Users\Stefanie\AppData\Local\PlaceholderTileLogoFolder
2019-10-05 17:19 - 2018-07-03 18:52 - 00000000 ____D C:\ProgramData\Packages
2019-10-05 17:19 - 2017-12-09 10:20 - 00000000 ____D C:\Users\Stefanie\AppData\Local\Packages
2019-10-04 14:27 - 2018-04-12 01:30 - 00000000 ____D C:\WINDOWS\CbsTemp
2019-10-04 12:28 - 2018-06-07 06:08 - 00003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-581088433-320290056-2638895184-1001
2019-10-04 12:28 - 2018-06-07 05:37 - 00002434 _____ C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-02 22:38 - 2018-06-07 06:08 - 00003632 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-10-02 22:38 - 2018-06-07 06:08 - 00003508 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-09-29 12:44 - 2018-06-07 06:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-09-29 12:43 - 2018-04-11 23:04 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2019-09-29 12:42 - 2018-11-10 14:11 - 00000000 ____D C:\WINDOWS\System32\Tasks\{2B98FEB0-6DA7-A6C5-DCC0-4113E135866E}
2019-09-29 12:42 - 2017-09-28 20:25 - 00000000 ____D C:\Users\Stefanie\AppData\Roaming\2b98feb06da7a6c5dcc04113e135866e
2019-09-29 12:42 - 2016-08-03 11:31 - 00000000 ____D C:\ProgramData\iolo
2019-09-29 12:42 - 2016-08-03 11:31 - 00000000 ____D C:\Program Files (x86)\iolo
2019-09-29 12:42 - 2014-05-22 01:53 - 00000000 ____D C:\Program Files (x86)\Amazon
2019-09-29 12:27 - 2018-06-07 05:52 - 01718588 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-09-29 12:27 - 2018-04-12 18:13 - 00743096 _____ C:\WINDOWS\system32\perfh007.dat
2019-09-29 12:27 - 2018-04-12 18:13 - 00149732 _____ C:\WINDOWS\system32\perfc007.dat
2019-09-29 12:23 - 2017-12-09 10:53 - 00000000 ___RD C:\Users\Stefanie\3D Objects
2019-09-29 12:19 - 2018-06-06 21:39 - 00282216 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-09-29 12:18 - 2016-12-02 20:29 - 00293436 _____ C:\WINDOWS\PFRO.log
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\zu-ZA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\yo-NG
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\xh-ZA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\wo-SN
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\tn-ZA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\ti-ET
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\rw-RW
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\nso-ZA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\ig-NG
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\chr-CHER-US
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2019-09-29 12:15 - 2018-04-12 01:38 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-09-29 12:15 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\TextInput
2019-09-29 12:15 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-09-29 12:15 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\system32\oobe
2019-09-29 12:15 - 2018-04-11 23:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2019-09-29 12:14 - 2018-04-12 01:38 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-09-29 12:14 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\ShellExperiences
2019-09-29 12:14 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2019-09-29 12:14 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\bcastdvr
2019-09-29 11:59 - 2018-05-30 20:46 - 00000000 ___DC C:\WINDOWS\Panther
2019-09-29 11:59 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2019-09-29 11:55 - 2018-04-12 01:38 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2019-09-29 11:47 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\system32\NDF
2019-09-28 09:13 - 2019-07-04 14:27 - 00000000 ____D C:\ProgramData\{558E69B2-7DA6-11CA-25FE-39E2CD16E13A}
2019-09-28 00:42 - 2014-10-10 12:42 - 00001093 _____ C:\Users\Stefanie\AppData\Roaming\WB.CFG
2019-09-21 08:57 - 2016-12-02 19:45 - 00000000 ____D C:\Program Files\OnlineFotoservice
2019-09-21 08:54 - 2018-10-17 19:55 - 00000000 ____D C:\Program Files\CEWE
2019-09-21 08:52 - 2019-06-25 19:46 - 00000000 ____D C:\Program Files\cewe-fotoservice
2019-09-19 12:35 - 2018-02-14 03:05 - 00000000 ____D C:\WINDOWS\system32\Drivers\wd

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2019-08-06 00:42 - 2019-08-06 00:42 - 0361562 _____ () C:\Users\Stefanie\AppData\Roaming\Bepacecudeto
2019-09-01 20:42 - 2019-09-01 20:42 - 0307024 _____ () C:\Users\Stefanie\AppData\Roaming\Budadet
2019-09-28 00:42 - 2019-09-28 00:42 - 0325862 _____ () C:\Users\Stefanie\AppData\Roaming\Cerepelu
2019-03-16 01:42 - 2019-03-16 01:42 - 0329892 _____ () C:\Users\Stefanie\AppData\Roaming\Cureheleloci
2019-04-28 00:42 - 2019-04-28 00:42 - 0335229 _____ () C:\Users\Stefanie\AppData\Roaming\Dehacimusuma
2019-02-19 01:42 - 2019-02-19 01:42 - 0337202 _____ () C:\Users\Stefanie\AppData\Roaming\Dofanapopele
2019-02-10 01:42 - 2019-02-10 01:42 - 0133167 _____ () C:\Users\Stefanie\AppData\Roaming\Fufaboliko
2019-05-15 00:42 - 2019-05-15 00:42 - 0304458 _____ () C:\Users\Stefanie\AppData\Roaming\Gaheme
2019-05-23 00:42 - 2019-05-23 00:42 - 0302882 _____ () C:\Users\Stefanie\AppData\Roaming\Gopib
2019-07-04 13:42 - 2019-07-04 13:42 - 0168331 _____ () C:\Users\Stefanie\AppData\Roaming\Gubiparo
2019-06-18 00:42 - 2019-06-18 00:42 - 0347448 _____ () C:\Users\Stefanie\AppData\Roaming\Hepotoca
2019-09-10 00:42 - 2019-09-10 00:42 - 0128371 _____ () C:\Users\Stefanie\AppData\Roaming\Hesumo
2019-09-05 00:42 - 2019-09-05 00:42 - 0364531 _____ () C:\Users\Stefanie\AppData\Roaming\Hesusakolit
2019-08-15 00:42 - 2019-08-15 00:42 - 0212389 _____ () C:\Users\Stefanie\AppData\Roaming\Hoginig
2019-08-23 00:42 - 2019-08-23 00:42 - 0327657 _____ () C:\Users\Stefanie\AppData\Roaming\Honekineneba
2019-07-13 00:28 - 2019-07-13 00:28 - 0157795 _____ () C:\Users\Stefanie\AppData\Roaming\Kecareh
2019-06-26 00:42 - 2019-06-26 00:42 - 0246789 _____ () C:\Users\Stefanie\AppData\Roaming\Kehenat
2016-10-29 15:01 - 2016-10-29 15:01 - 0018833 _____ () C:\Users\Stefanie\AppData\Roaming\Kelalipob
2019-04-20 00:10 - 2019-04-20 00:10 - 0313260 _____ () C:\Users\Stefanie\AppData\Roaming\Kunesamafo
2019-07-21 00:42 - 2019-07-21 00:42 - 0362819 _____ () C:\Users\Stefanie\AppData\Roaming\Lurusuhat
2019-05-06 00:42 - 2019-05-06 00:42 - 0164250 _____ () C:\Users\Stefanie\AppData\Roaming\Matedanafika
2019-02-28 01:42 - 2019-02-28 01:42 - 0286382 _____ () C:\Users\Stefanie\AppData\Roaming\Nibug
2019-09-19 12:28 - 2019-09-19 12:28 - 0292078 _____ () C:\Users\Stefanie\AppData\Roaming\Ninibokekimi
2019-07-29 00:42 - 2019-07-29 00:42 - 0359966 _____ () C:\Users\Stefanie\AppData\Roaming\Nodikolib
2019-04-11 00:46 - 2019-04-11 00:46 - 0315693 _____ () C:\Users\Stefanie\AppData\Roaming\Pitacarobere
2019-03-25 01:29 - 2019-03-25 01:29 - 0340540 _____ () C:\Users\Stefanie\AppData\Roaming\Pufure
2019-03-08 01:42 - 2019-03-08 01:42 - 0146702 _____ () C:\Users\Stefanie\AppData\Roaming\Rukeraf
2019-06-09 00:42 - 2019-06-09 00:42 - 0220511 _____ () C:\Users\Stefanie\AppData\Roaming\Sosimofem
2019-06-01 00:42 - 2019-06-01 00:42 - 0137171 _____ () C:\Users\Stefanie\AppData\Roaming\Teritet
2019-04-03 00:42 - 2019-04-03 00:42 - 0151565 _____ () C:\Users\Stefanie\AppData\Roaming\Tetetuco
2014-10-10 12:42 - 2019-09-28 00:42 - 0001093 _____ () C:\Users\Stefanie\AppData\Roaming\WB.CFG
2017-12-15 10:26 - 2017-12-15 10:26 - 0000068 _____ () C:\Users\Stefanie\AppData\Local\5qe2nbznbz
2014-10-12 21:42 - 2014-12-20 19:43 - 0000001 _____ () C:\Users\Stefanie\AppData\Local\DSI.DAT
2016-12-11 17:04 - 2017-02-14 23:17 - 0000041 _____ () C:\ProgramData\.zreglib
2017-09-15 09:45 - 2017-09-15 09:45 - 0000000 _____ () C:\ProgramData\DP45977C.lfl
2017-12-29 20:29 - 2017-12-29 20:29 - 0000016 _____ () C:\ProgramData\mntemp
2017-12-29 20:29 - 2017-12-29 20:29 - 0004935 _____ () C:\ProgramData\vfiakfjk.zeu

Einige Dateien in TEMP:
====================
C:\Users\Stefanie\AppData\Local\Temp\jre-8u221-windows-au.exe


==================== Bamital & volsnap Check =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\System32\winlogon.exe => Datei ist digital signiert
C:\Windows\System32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\System32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\System32\services.exe => Datei ist digital signiert
C:\Windows\System32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\System32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\System32\rpcss.dll => Datei ist digital signiert
C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2018-06-06 21:39

==================== Ende von log ============================

Djchaos 06.10.2019 16:41
und das Addition.txt LOG

Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:28-07-2015
durchgeführt von Stefanie (2019-10-06 17:33:45)
Gestartet von C:\Users\Stefanie\Desktop
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-581088433-320290056-2638895184-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-581088433-320290056-2638895184-503 - Limited - Disabled)
Gast (S-1-5-21-581088433-320290056-2638895184-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-581088433-320290056-2638895184-1005 - Limited - Enabled)
Stefanie (S-1-5-21-581088433-320290056-2638895184-1001 - Administrator - Enabled) => C:\Users\Stefanie
WDAGUtilityAccount (S-1-5-21-581088433-320290056-2638895184-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
AVI Media Player 1.0.2 (HKLM-x32\...\AVI Media Player_is1) (Version:  - vsevensoft.com)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CloneCD (HKLM-x32\...\CloneCD) (Version: 5.3.4.0 - SlySoft)
Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3817.05 - CyberLink Corp.)
DTS Sound (HKLM-x32\...\{9B17BBEC-CF31-4C23-949E-E65A14365CE1}) (Version: 1.01.6100 - DTS, Inc.)
Enchanted Cavern 2 (x32 Version: 2.2.0.110 - WildTangent) Hidden
Evernote (HKLM-x32\...\Evernote) (Version: 1.0.0 - Evernote Launcher by Toshiba Europe GmbH)
Firefox Packages (HKU\S-1-5-21-581088433-320290056-2638895184-1001\...\Firefox Packages) (Version:  - ) <==== ATTENTION
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.35.301 - Google LLC) Hidden
HP LaserJet Pro M11-M13 Series (HKLM\...\HP LaserJet Pro M11-M13 Series) (Version:  - )
HP Support Solutions Framework (HKLM-x32\...\{AAE126B3-95C5-49E1-A590-7B5F6EDC7D60}) (Version: 12.12.32.3 - HP Inc.)
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4425 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden
Malwarebytes Version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.5163.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-581088433-320290056-2638895184-1001\...\OneDriveSetup.exe) (Version: 19.152.0927.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d07b0db5-8dad-40e1-be90-88026298a46b}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{2749c485-3a8b-4533-92ff-7cf6e8221cff}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.21.00.03 - Huawei Technologies Co.,Ltd)
Movavi Video Converter 18 Premium (HKLM-x32\...\Movavi Video Converter 18 Premium) (Version: 18.1.0 - Movavi)
Mozilla Firefox 69.0.2 (x64 de) (HKLM\...\Mozilla Firefox 69.0.2 (x64 de)) (Version: 69.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0.2 - Mozilla)
My Kingdom for the Princess 3 (x32 Version: 2.2.0.110 - WildTangent) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.5163.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.5163.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.5163.1000 - Microsoft Corporation) Hidden
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7173 - Realtek Semiconductor Corp.)
Symbaloo (HKLM-x32\...\Symbaloo) (Version: 1.0.0 - Symbaloo Launcher by Toshiba Europe GmbH)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.4.3.182 - Synaptics Incorporated)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.6.4835 - TeamViewer)
tiptoi® Manager 4.0.1 (HKLM\...\{833392BB-E8C0-4066-9408-3A30FA43972F}_is1) (Version: 4.0.1 - Ravensburger AG)
TOSHIBA Display Utility (HKLM\...\{F64E9295-E1B3-4EEA-86D3-AF44A0087B06}) (Version: 1.1.16.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{94D2A899-0C34-4420-880E-AE337E635AB0}) (Version: 2.4.2.6403 - Toshiba Corporation)
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.51.81.2C - TOSHIBA CORPORATION)
TOSHIBA Function Key (HKLM\...\{1844CFE2-EBA3-490A-8A5E-9BFC646342FD}) (Version: 1.1.5.6402 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.19 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{59358FD4-252B-4B38-AB81-955C491A494F}) (Version: 2.0.0.15C - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{B507386D-1F61-4E55-B05B-F56ACB0086B3}) (Version: 4.02.00.6400 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.2.00.56006005 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{E3FCDCBE-0A13-4F73-95C1-000A51CF1C8C}) (Version: 2.6.16.0 - Toshiba Corporation)
TOSHIBA Start Screen Option (HKLM\...\{06B71035-F19F-4F76-9875-FFCCD4FC3F83}) (Version: 1.00.01.6402 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0033 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{4D57ED72-6B01-40BD-9CA9-012B8FC09CEB}) (Version: 2.0.1.32003 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{E4C7D9D7-19D4-4623-AF0C-EA313C466411}) (Version: 5.0.0 - Toshiba Europe GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Utility Common Driver (x32 Version: 1.0.53.3 - Compal) Hidden
Virtual Villagers 5 - New Believers (x32 Version: 3.0.2.32 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.10.25 - WildTangent) Hidden
Windows Phone app for desktop (HKLM-x32\...\{19773614-FC22-4ACC-AAA3-E6BDA81ACF92}) (Version: 1.1.2726.0 - Microsoft Corporation)
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}\localserver32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{389510b7-9e58-40d7-98bf-60b911cb0ea9}\localserver32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileCoAuthLib64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{94269C4E-071A-4116-90E6-52E557067E4E}\localserver32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{A926714B-7BFC-4D08-A035-80021395FFA8}\localserver32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)

==================== Wiederherstellungspunkte =========================

19-09-2019 12:47:30 Geplanter Prüfpunkt
28-09-2019 23:37:48 Geplanter Prüfpunkt
04-10-2019 13:54:21 Windows Update
06-10-2019 15:09:31 Removed Adobe Acrobat Reader DC - Deutsch.

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {036673C3-F9B7-478F-949B-C77D696FFB0B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2019-02-13] (Microsoft Corporation)
Task: {042D8A51-5878-4000-9C10-C04AFF122A1F} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand
Task: {04B3E894-DE5B-4C4A-9AA7-CA8F7CE43583} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Cellular => C:\Windows\system32\ProvTool.exe [2018-04-12] (Microsoft Corporation)
Task: {05C3BAB1-68F8-4EAF-B4AF-8C21E2478533} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime No Task File <==== ATTENTION
Task: {05E09776-F708-4694-949B-E8993608CC2B} - System32\Tasks\Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate
Task: {09131E27-3793-4B1E-A11E-77D3EAC118D1} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask
Task: {0A7AA876-862F-4F81-AA4B-B73950FA632C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates
Task: {0BA33681-9D00-4B31-9A87-01683672BFEF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d No Task File <==== ATTENTION
Task: {0E55C40D-83F8-4F39-838C-C1D3707EA86A} - System32\Tasks\Microsoft\Windows\DUSM\dusmtask => C:\Windows\System32\dusmtask.exe [2018-11-01] (Microsoft Corporation)
Task: {10A37F08-4ACD-47E1-AAB4-6ECDE6DDDE8A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {175463A3-4AF2-4959-8504-C36C4397C393} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\IntegrityCheck
Task: {1BE936D4-EE40-4F04-84E0-18FFD27C0A6A} - System32\Tasks\Microsoft\Windows\Chkdsk\SyspartRepair => C:\Windows\system32\bcdboot.exe [2018-04-12] (Microsoft Corporation)
Task: {1FAE791A-9736-4412-823B-80AE3EE2C1CB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d No Task File <==== ATTENTION
Task: {2231CAFE-FABE-41F5-A0B3-842D9319DBF9} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\Windows\system32\AppHostRegistrationVerifier.exe [2018-06-06] (Microsoft Corporation)
Task: {226C52BC-0F62-4E67-A70D-74C22932AC02} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload => C:\Windows\system32\dmclient.exe [2018-04-12] (Microsoft Corporation)
Task: {23ACACF5-2E96-4ECC-BE70-94CFCB2EF6DE} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Installation
Task: {257A47C0-FECE-4A8E-BB35-161852DFF727} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-01-20] (Realtek Semiconductor)
Task: {289D68A0-E96F-491B-9498-B0B602C5C53A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess No Task File <==== ATTENTION
Task: {28C75830-5752-4F41-A94B-BFD5E8A0D7C8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d No Task File <==== ATTENTION
Task: {294EF281-56B6-4F71-8115-BAC2919EF034} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task
Task: {29F3A47A-C0DC-48D8-ACAF-89413EE0731D} - System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr => C:\Windows\System32\UNP\UpdateNotificationMgr.exe [2019-07-09] (Microsoft Corporation)
Task: {2BB692C1-F60F-479E-ADC2-1CAF9422A2AC} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask
Task: {2DBD790D-172A-4CFA-B3F7-824D7509680F} - System32\Tasks\Microsoft\Windows\PushToInstall\Registration => Sc.exe start pushtoinstall registration
Task: {2E2E003A-9792-4956-8F12-92797F584AB8} - System32\Tasks\Microsoft\Windows\License Manager\TempSignedLicenseExchange
Task: {3137ADB6-515F-4020-9DB9-0F91106BB27F} - \WPD\SqmUpload_S-1-5-21-581088433-320290056-2638895184-1001 No Task File <==== ATTENTION
Task: {3199A9F7-0492-4FC9-9EC1-A59CC69A8F52} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2015-11-17] (Toshiba Europe GmbH)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe
Task: {3790297B-C317-4FEB-9E8D-3B4C85520240} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig No Task File <==== ATTENTION
Task: {3C1365A1-11E1-4629-9B25-7D6A932E6B60} - System32\Tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Management Initialization
Task: {3DF2FF36-8A3E-4F15-9221-D68F365A7872} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2019-09-12] (HP Inc.)
Task: {407E1879-1F5E-42B2-BA7F-53BCEF433805} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe [2018-04-12] (Microsoft Corporation)
Task: {430852CB-A87C-492E-A659-075C7BF1710C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates
Task: {46DDFBEA-7B80-499F-8D16-8FB7836BEBDC} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan => C:\Windows\system32\usoclient.exe [2019-07-09] (Microsoft Corporation)
Task: {4CB53382-6FBB-4666-B563-0ABC6429D301} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceSettingChange
Task: {4F662F7F-D75F-455E-A03A-8AD0D8313218} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B No Task File <==== ATTENTION
Task: {51B7FB15-4DCB-400E-9A98-10E802F21FB3} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceScreenOnOff
Task: {51D31EBF-545E-411D-A21A-CB34004CC384} - System32\Tasks\Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh
Task: {5294EF9E-88CD-432B-A10B-C3AC2FB364AC} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe [2019-08-26] (Microsoft Corporation)
Task: {536E4522-B726-480C-9063-126E74EEA4A4} - System32\Tasks\Microsoft\Windows\Maps\MapsUpdateTask
Task: {541BA5BF-1736-4A3E-B1E5-CE1C9EE13043} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates
Task: {577C3956-E492-42A5-AEFB-FDC54A537C64} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange
Task: {57A7E0DF-F70E-43B1-AA2C-5BA67DBBE753} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask
Task: {5BE358DF-C2F0-43BC-BA5A-77E36BF54A02} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics => C:\Windows\system32\disksnapshot.exe [2018-04-12] (Microsoft Corporation)
Task: {5DB4FD20-4FF2-4C58-9801-ADD6F0149633} - System32\Tasks\Microsoft\Windows\EDP\EDP Inaccessible Credentials Task
Task: {60C269FF-448A-4F10-886E-2C70F5086A5F} - System32\Tasks\Microsoft\Windows\Sysmain\ResPriStaticDbSync
Task: {62331915-A3E9-4B6E-9686-86034377E8CF} - System32\Tasks\Microsoft\Windows\USB\Usb-Notifications
Task: {65A34F07-723D-4150-B109-13BD1AE3DFAA} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6BFE7106-601B-4B34-8F8E-87B9A0DA6ACE} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterUserDevice
Task: {6DE4F7DC-0B8D-404A-A6C9-83241658F8CA} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\Windows\system32\AppHostRegistrationVerifier.exe [2018-06-06] (Microsoft Corporation)
Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => C:\Windows\system32\MusNotification.exe [2019-07-09] (Microsoft Corporation)
Task: {7138D0D3-1873-4A77-86CF-4840F491C90F} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\Windows\System32\XblGameSaveTask.exe [2018-04-12] (Microsoft Corporation)
Task: {749AC711-AA62-4D1D-B314-EF1C97E1CA56} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2018-04-12] (Microsoft Corporation)
Task: {749E286C-C205-4C7C-B742-BE5023BF06DE} - System32\Tasks\Microsoft\Windows\PushToInstall\LoginCheck => Sc.exe start pushtoinstall login
Task: {75522E26-6BE6-4F53-A0FA-14470ECAACAB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2019-09-04] (Microsoft Corporation)
Task: {7558573E-8172-4712-ACF4-9749EC2BE926} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation
Task: {78115EA0-7766-426E-94BA-632EB6A6C132} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Driver Install => C:\Windows\system32\usoclient.exe [2019-07-09] (Microsoft Corporation)
Task: {78BABCCD-20B8-49B7-B4F8-87490C41C875} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser
Task: {7E964508-4868-4DB6-A10A-B96FAE223F77} - \Microsoft\Windows\UNP\RunCampaignManager No Task File <==== ATTENTION
Task: {7EAE5A6B-00F4-4B9F-A255-E1C163B587A1} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession
Task: {8B4471CE-BE6B-4E3E-ACA5-46DEE1BBC895} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater – Install HPSA => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2019-07-31] (HP Inc.)
Task: {8CCDCCC3-88F0-4860-84BE-5AC16A1C6FA9} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => Rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
Task: {8D87C19D-6DCD-4EFE-B479-BA3F07C807AB} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2018-03-29] (Synaptics Incorporated)
Task: {8E7BB9A3-956E-4C6A-AE87-4F175197704F} - System32\Tasks\Microsoft\Windows\NlaSvc\WiFiTask => C:\Windows\System32\WiFiTask.exe [2018-04-12] (Microsoft Corporation)
Task: {8F255F88-A87A-495F-B828-A4AFEC70BDB0} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\Windows\system32\dxgiadaptercache.exe [2018-04-12] (Microsoft Corporation)
Task: {91AF4E1B-193C-48CF-9F8C-4E86CB77B10B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime No Task File <==== ATTENTION
Task: {931758D8-2EC2-4EAE-B3BA-A98DAEC67332} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {94C0F2F9-98DF-415E-BDC9-AAFF75D5EF69} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2018-04-12] (Microsoft Corporation)
Task: {95301ABB-6B78-4DEE-8319-BD138F73F8D3} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2018-04-12] (Microsoft Corporation)
Task: {97E8D66D-0085-423C-BA11-DD777A1258AB} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\Windows\system32\MDMAgent.exe [2019-06-13] (Microsoft Corporation)
Task: {9BD44F9F-0C01-4F78-9644-4C7596CD1E0A} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceAccountChange
Task: {9D6319E1-E88F-4D35-AD66-C4EED376E93E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d No Task File <==== ATTENTION
Task: {9E1DD7B4-6A7B-4AD3-B4AA-B4741028631C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent No Task File <==== ATTENTION
Task: {A19CD75C-08C3-42D5-9EB4-AE76B91A5550} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2018-04-12] (Microsoft Corporation)
Task: {A2E97D0A-9C58-44AB-89DC-55128ACA73C4} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {A305A840-EC8B-4C66-8EA8-5FF15F129CD2} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe [2018-04-12] (Microsoft Corporation)
Task: {A5FE6B52-974F-492F-81F3-472223AD09D5} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\Windows\system32\ClipRenew.exe [2018-04-12] (Microsoft Corporation)
Task: {B0952E0A-C54F-4E8B-95E9-90E560086B37} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand
Task: {B14C88F4-4AAC-4F00-A94E-8EA180D7AEDC} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense
Task: {B2D1D0E5-4670-4493-9360-C9DD0E832A9D} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\CryptoPolicyTask
Task: {B2F4AC84-A8D0-4524-9363-BFF5A5911A00} - System32\Tasks\Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask
Task: {B320E058-C6FA-413F-876B-0C9B4428AE66} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic6
Task: {B3433942-FE11-4C11-839D-9C7589B6C5CB} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\Windows\system32\ClipRenew.exe [2018-04-12] (Microsoft Corporation)
Task: {B6DCBB4A-0292-47AE-B9DC-F81CF086D721} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-581088433-320290056-2638895184-1001 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {B76ECE88-27B3-4CEC-9B37-1314B4602CAA} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic24
Task: {C2098BE2-A29A-4EB1-97F6-F0C57E086D4F} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\Windows\system32\speech_onecore\common\SpeechRuntime.exe [2018-06-06] (Microsoft Corporation)
Task: {C48D50E5-71A9-48D8-B7C1-3DA9AECBDEC3} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2019-05-17] (Microsoft Corporation)
Task: {C6B2579B-4962-4D12-883D-BBD420573A6C} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic1
Task: {C9B34E7E-3A1B-4940-B011-BF7F34B31D20} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2014-04-03] (TOSHIBA Corporation)
Task: {CB7F3B8F-F794-47DD-A8D2-AD8051F45A55} - System32\Tasks\Microsoft\Windows\WwanSvc\NotificationTask => C:\Windows\System32\WiFiTask.exe [2018-04-12] (Microsoft Corporation)
Task: {CCEF2C54-86E8-4168-B918-53DA443D8D00} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2019-07-31] (HP Inc.)
Task: {CD5CE6F3-171C-4C0F-8629-3F2126A0FB72} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => C:\Windows\system32\MusNotification.exe [2019-07-09] (Microsoft Corporation)
Task: {CDA5D686-5D6C-4730-9907-B66710DC3670} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange
Task: {D010978C-B666-4072-B7F3-DD6340CDD629} - System32\Tasks\Microsoft\Windows\EDP\StorageCardEncryption Task
Task: {D19A2726-897E-4F7D-9CE4-0773B449CE9E} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceConnectedToNetwork
Task: {D1CC320B-9A47-4DB4-AFE4-2BCE1A964E7A} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources
Task: {D427D1D6-119C-40F8-A697-571ACBFEE8DD} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback
Task: {D49C81A2-855C-417E-825F-1DC2AA1443D3} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon => C:\Windows\System32\XblGameSaveTask.exe [2018-04-12] (Microsoft Corporation)
Task: {D4A9B4EC-1635-4B25-9E3B-1C9BE9D98D00} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattelrunner.exe [2019-09-04] (Microsoft Corporation)
Task: {D8436F3C-DDFE-4877-A05C-2337758E98E9} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {DC3C4041-27B3-4040-9DE1-FA5EE922AA3B} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {DD710A69-86C6-4932-97B1-01FB13ACFEF1} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged
Task: {DDE89E5E-48CB-4C3D-A623-99BCA9174B97} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2019-07-24] (Adobe Systems)
Task: {E047CF5C-4040-476F-8737-408E3BA4B0B6} - System32\Tasks\Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate
Task: {E0862994-9083-482D-A921-27B4860FFA21} - System32\Tasks\Microsoft\Windows\Printing\EduPrintProv => C:\Windows\system32\eduprintprov.exe [2019-04-19] (Microsoft Corporation)
Task: {E82177E3-E19A-4321-84F6-90AA57815013} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2019-09-04] (Microsoft Corporation)
Task: {E8411C63-4393-40B6-9A25-7D31CD4897BE} - System32\Tasks\Microsoft\Windows\WCM\WiFiTask => C:\Windows\System32\WiFiTask.exe [2018-04-12] (Microsoft Corporation)
Task: {E907704E-6225-4B0A-A428-3ECE7F8277BE} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask
Task: {E9474EE3-C9D7-4FA3-9B3E-353E37D5814D} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Logon => C:\Windows\system32\ProvTool.exe [2018-04-12] (Microsoft Corporation)
Task: {EE263E86-FF16-45EE-94C8-2327B81F98CE} - System32\Tasks\Microsoft\Windows\Workplace Join\Recovery-Check => C:\Windows\System32\dsregcmd.exe [2018-04-12] (Microsoft Corporation)
Task: {EF7CFDCE-C0DD-449F-9DF2-CCEB2CE3AE8B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent No Task File <==== ATTENTION
Task: {EFA86FF7-22AE-4997-AFD9-E89E1BF9B7D6} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\Windows\system32\devicecensus.exe [2019-09-04] (Microsoft Corporation)
Task: {F084544B-322F-4CED-B874-EC696339C19E} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceManagerTask => C:\Windows\system32\spaceman.exe [2018-04-12] (Microsoft Corporation)
Task: {F35ACE16-1E96-431C-B189-F2F82BA8A4F9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d No Task File <==== ATTENTION
Task: {F781AB90-1860-4C91-9993-0C832C31E016} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2019-02-13] (Microsoft Corporation)
Task: {F955A09C-E83A-4AD5-9ABC-7D5D7A055117} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task
Task: {FC779438-B7FD-4774-AA55-4DE2A4B098A4} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh
Task: {FD0C7C89-E963-41B3-A6DE-3D6B2644A94D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {FE702A37-B3C1-4A15-B59D-86935E5097A7} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation
Task: {FEBC9EFC-F9E9-420F-AA49-0491E2CA5639} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install => C:\Windows\system32\usoclient.exe [2019-07-09] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2018-04-12 01:34 - 2018-04-12 01:34 - 00491744 _____ () C:\Windows\System32\InputHost.dll
2017-02-08 22:51 - 2016-02-25 16:39 - 00074240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HPM11M13PP.DLL
2014-10-10 12:41 - 2017-01-17 04:25 - 00117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-03-03 22:30 - 2014-03-03 22:30 - 00021840 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2015-03-01 13:37 - 2013-07-23 05:47 - 00239696 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
2019-09-29 12:20 - 2018-11-15 11:01 - 02712432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2019-09-29 12:20 - 2018-11-21 11:07 - 02842608 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 00472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2019-09-11 05:21 - 2019-09-04 06:39 - 02759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 00491744 _____ () C:\WINDOWS\SYSTEM32\InputHost.dll
2019-09-11 05:21 - 2019-09-04 06:39 - 02184192 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 00491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 00491744 _____ () C:\WINDOWS\system32\InputHost.dll
2019-07-10 23:11 - 2019-07-10 23:11 - 08837120 _____ () C:\Program Files\WindowsApps\Microsoft.OneConnect_5.1906.1791.0_x64__8wekyb3d8bbwe\OneConnect.dll
2019-04-17 01:59 - 2019-04-17 01:59 - 02834944 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.1902.633.0_x64__8wekyb3d8bbwe\People.BackgroundTasks.dll
2019-04-17 01:59 - 2019-04-17 01:59 - 00120320 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.1902.633.0_x64__8wekyb3d8bbwe\PeopleUtilRT.dll
2019-09-19 12:37 - 2019-09-19 12:38 - 00069120 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11909.1002.3.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2012-07-19 03:38 - 2012-07-19 03:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Program Files\Microsoft Office 15:Win32App_1
AlternateDataStreams: C:\Program Files\UNP:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Atheros:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\AVI Media Player:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Bluetooth Suite:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Spotify:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Toshiba TEMPRO:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\WildGames:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Windows Phone:Win32App_1
AlternateDataStreams: C:\ProgramData\Compal:Win32App_1
AlternateDataStreams: C:\Users\Stefanie\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity
AlternateDataStreams: C:\Users\Stefanie\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Stefanie\Documents\Ravensburger tiptoi:Win32App_1

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52} => ""="Firmware"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52} => ""="Firmware"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer trusted/restricted ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-581088433-320290056-2638895184-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Stefanie\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\DSCN0705.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [WirelessDisplay-Infra-In-TCP] => (Allow) %systemroot%\system32\CastSrv.exe
FirewallRules: [{43F0A6BA-6580-4322-976C-3526326A1F5B}] => (Allow) LPort=161
FirewallRules: [{79DCE212-6583-418B-98D3-5BC300532550}] => (Allow) LPort=427
FirewallRules: [{C25042E1-630B-4AD4-A979-6FFE4140A5A5}] => (Allow) LPort=9100
FirewallRules: [{DD929EDE-1337-40E5-9E5D-0A0723880007}] => (Allow) C:\Program Files\HP\HP LaserJet Pro M11-M13 Series\wificonfig.exe
FirewallRules: [{FB50C379-0382-4110-B384-6355710DB51D}] => (Allow) C:\Program Files\HP\HP LaserJet Pro M11-M13 Series\wificonfig.exe
FirewallRules: [{5EE32BE0-2A09-4972-B8EA-D82C4B0BB0A3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{7F78D69A-2287-4026-8902-716FAD84865A}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{6BCFBC3B-73FA-437C-A0F0-B6BD0DBA46E5}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{2518B1F5-B266-462C-967E-1FE500565A1D}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{B8CD2042-38C7-4279-BDC6-2D3F0B7950AB}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{EC3E7A9C-1F3E-4496-9679-41A8BB2070C8}] => (Allow) C:\Users\Stefanie\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{DD5C4696-91CB-4D58-A8CB-611D9AFE6647}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{4996D0CA-46A7-4EE4-9126-AEFF8C204305}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{48F144F7-DE7A-4999-AC43-DAC45F28266E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{BB53FFB9-F70E-4372-BD56-29255A0AA6F2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{C1FFB7C0-CB49-405F-AAFB-075A914B021F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E45C0CBB-AE89-4F63-838D-67945D8AB01B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{5DE48DF5-3D61-404A-B2C9-F07C1F539A97}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{2E5306FB-6E3C-412B-B791-7D5446BF4330}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{58E5ED33-30E1-44CF-9884-71D7CB4DE6F7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{39C630F8-E86D-4709-AAF2-80D42663BE65}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{05433D25-F9D2-47BF-A6B8-239999187D56}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{30EB44EC-BD4F-4017-91E2-5904E4563256}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{3BB607EF-D19F-42B0-8EB5-6A0CFCB2C0D4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{29DAA745-1F95-400A-8E60-B93D822FCCED}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{B0BDDE87-16E7-459C-88B2-A1065D8D0764}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{4ACEC861-5733-451B-B4A9-E444522920C9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{3D4B3F98-002F-4641-88AF-35D314E01FAC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{CC0F69FA-6D86-4AB9-85A1-6C9D39F74A6F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{CE69EE57-F033-4D46-8854-FBE98B18D62E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{73A3BF34-A4EC-405F-BE8C-FA3899A84833}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{F9147934-B002-4CE2-BC0D-3E4ABE117951}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{A19A7D11-CF1C-4937-ADE6-9FF3BF77E7F0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{3D7324D6-AB05-4CD1-8453-6946CE24AA27}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{13A4CEF4-3B93-40DA-B2D0-1088F7375CFD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{319681FC-6A8D-4626-8CA8-0756C33578F7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{A342A1BA-5BBF-407D-BF14-59BF45ADE7AC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{08E7051B-889F-48BA-ABE4-04BF0438AF8E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{CA4D3ECA-8BDD-44F4-9332-9D723CB92B42}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{BEDE9B37-22B7-4B59-BB89-C4CBA1FD0A14}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E28FA4B3-61C9-4D7D-9D60-B73453BD3562}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{525158E3-7566-43A6-AA60-3A84DB9E2F5C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{F573BB4D-92E7-487C-8926-CE508D81D643}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{BD851E31-E1EE-4436-B1A9-B9DBE0B47B22}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{7C78242F-04B7-48C3-A87F-36834A7182A1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{AB0E1EF2-2758-4CCD-A7DA-18C62BA12DC1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{8C65DC10-A379-40E3-AA3E-6B5C9D39AB24}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{33A23490-514E-4A49-BDE0-79C8E1FB0410}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{6B9F3EDA-CA0E-4155-B74F-EBD9FD892B32}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{8D1990B1-2BF9-40B1-A47F-71A9F90D6B41}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{4E9F3EFA-8D84-4DA4-B67F-AE764E7A5D6B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{1764FA75-2F99-4692-9946-5BBC226DE11B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{5E386AEE-D841-473C-81FC-96C8163FC521}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{B728E216-134F-4D62-B5D4-A44ED6DC4EC0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{80E4337B-4555-44C3-B4C3-2AA671E2A20A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E5FB16D9-00BB-452C-A48E-3FF586352F82}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{0A212600-E0C3-49F1-836A-0968CEC685C7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{244B592A-D1CF-4E06-949E-B6849142FCC4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{794F5D4C-6F6B-4235-B06F-606000888ED5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{92ADB20F-3803-45B0-AFCB-8FC6A46AEB3F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{7334221C-39EC-42D6-9044-4CCC81F543AA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{063DD2C7-3803-471C-B64B-E262140A0A11}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C47BC493-BC55-4AE9-8E92-F7CA888F688C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{2997190C-70D4-4081-A1F7-870374B23FD1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{D35E5F26-8B4D-4E7B-9042-FF068828E392}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{557D208A-3A7B-4467-9AB8-E8CD058D5CB4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{9C187E98-BA6E-45AE-B679-40E03C48E6B8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{6BB99833-8F48-4433-9A50-AEC2D944F19C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{D4189CD5-E8F8-45E2-96E9-33FE7393A7C7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{8E3E1A78-6808-4441-B23B-2CFA7636B341}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{4B7ED5B4-DB83-4B01-BEA9-E78DFD8D7EB5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{09E8295D-C252-4219-9869-E210EA8B3AB0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{DFFB18C3-019D-42CD-9AB1-3A8EC7BCFE8E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (10/06/2019 05:30:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TPCHSrv.exe, Version: 1.0.0.31, Zeitstempel: 0x54729b5e
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.17134.799, Zeitstempel: 0x7f828745
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000f479b
ID des fehlerhaften Prozesses: 0x3184
Startzeit der fehlerhaften Anwendung: 0xTPCHSrv.exe0
Pfad der fehlerhaften Anwendung: TPCHSrv.exe1
Pfad des fehlerhaften Moduls: TPCHSrv.exe2
Berichtskennung: TPCHSrv.exe3
Vollständiger Name des fehlerhaften Pakets: TPCHSrv.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: TPCHSrv.exe5

Error: (10/06/2019 03:26:15 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FINN)
Description: httphttp-2147467263

Error: (10/06/2019 02:58:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LockApp.exe, Version 10.0.17134.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 700

Startzeit: 01d57c45772dcee1

Beendigungszeit: 4294967295

Anwendungspfad: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe

Berichts-ID: 4bd638dd-b3ef-47e0-ad1c-c2b1ce90a910

Vollständiger Name des fehlerhaften Pakets: Microsoft.LockApp_10.0.17134.1_neutral__cw5n1h2txyewy

Auf das fehlerhafte Paket bezogene Anwendungs-ID: WindowsDefaultLockScreen

Error: (10/05/2019 05:59:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Microsoft.Photos.exe, Version 2019.19071.17920.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2b3c

Startzeit: 01d576ba69b47f9d

Beendigungszeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

Berichts-ID: e47c673f-50be-4a8e-ad87-4ac23ea2f0e1

Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe

Auf das fehlerhafte Paket bezogene Anwendungs-ID: App

Error: (10/04/2019 05:19:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxext.exe, Version: 6.15.10.4425, Zeitstempel: 0x5702a8b4
Name des fehlerhaften Moduls: igfxext.exe, Version: 6.15.10.4425, Zeitstempel: 0x5702a8b4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000084b0
ID des fehlerhaften Prozesses: 0x11bc
Startzeit der fehlerhaften Anwendung: 0xigfxext.exe0
Pfad der fehlerhaften Anwendung: igfxext.exe1
Pfad des fehlerhaften Moduls: igfxext.exe2
Berichtskennung: igfxext.exe3
Vollständiger Name des fehlerhaften Pakets: igfxext.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxext.exe5

Error: (10/04/2019 04:38:32 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FINN)
Description: httphttp-2147467263

Error: (10/04/2019 04:23:19 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FINN)
Description: httphttp-2147467263

Error: (10/04/2019 04:23:17 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FINN)
Description: httphttp-2147467263

Error: (10/04/2019 01:58:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxext.exe, Version: 6.15.10.4425, Zeitstempel: 0x5702a8b4
Name des fehlerhaften Moduls: igfxext.exe, Version: 6.15.10.4425, Zeitstempel: 0x5702a8b4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000084b0
ID des fehlerhaften Prozesses: 0x14f0
Startzeit der fehlerhaften Anwendung: 0xigfxext.exe0
Pfad der fehlerhaften Anwendung: igfxext.exe1
Pfad des fehlerhaften Moduls: igfxext.exe2
Berichtskennung: igfxext.exe3
Vollständiger Name des fehlerhaften Pakets: igfxext.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxext.exe5

Error: (09/29/2019 01:21:31 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FINN)
Description: httphttp-2147467263


Systemfehler:
=============
Error: (10/06/2019 05:32:04 PM) (Source: DCOM) (EventID: 10010) (User: FINN)
Description: {45CC1698-D1CF-417B-BC32-80EB79E05EF1}

Error: (10/06/2019 05:30:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "TPCH Service" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.

Error: (10/06/2019 05:28:00 PM) (Source: DCOM) (EventID: 10016) (User: FINN)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}FinnStefanieS-1-5-21-581088433-320290056-2638895184-1001LocalHost (unter Verwendung von LRPC)SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0Nicht verfügbar

Error: (10/06/2019 05:27:54 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (10/06/2019 05:25:45 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/06/2019 05:25:45 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/06/2019 05:25:41 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/06/2019 03:23:02 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/06/2019 03:22:02 PM) (Source: DCOM) (EventID: 10016) (User: FINN)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}FinnStefanieS-1-5-21-581088433-320290056-2638895184-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/06/2019 03:02:05 PM) (Source: DCOM) (EventID: 10016) (User: FINN)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}FinnStefanieS-1-5-21-581088433-320290056-2638895184-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewyS-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723


Microsoft Office:
=========================
Error: (10/06/2019 05:30:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TPCHSrv.exe1.0.0.3154729b5entdll.dll10.0.17134.7997f828745c000037400000000000f479b318401d57c5aed16c9b0C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exeC:\WINDOWS\SYSTEM32\ntdll.dllebf03159-b8ee-4f68-bc5f-1e746842011c

Error: (10/06/2019 03:26:15 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FINN)
Description: httphttp-2147467263

Error: (10/06/2019 02:58:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LockApp.exe10.0.17134.170001d57c45772dcee14294967295C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe4bd638dd-b3ef-47e0-ad1c-c2b1ce90a910Microsoft.LockApp_10.0.17134.1_neutral__cw5n1h2txyewyWindowsDefaultLockScreen

Error: (10/05/2019 05:59:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Microsoft.Photos.exe2019.19071.17920.02b3c01d576ba69b47f9d4294967295C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exee47c673f-50be-4a8e-ad87-4ac23ea2f0e1Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbweApp

Error: (10/04/2019 05:19:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxext.exe6.15.10.44255702a8b4igfxext.exe6.15.10.44255702a8b4c000000500000000000084b011bc01d57ac714a89fd7C:\WINDOWS\system32\igfxext.exeC:\WINDOWS\system32\igfxext.execf2d2aa1-ae21-4262-bcfc-9d8234355da0

Error: (10/04/2019 04:38:32 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FINN)
Description: httphttp-2147467263

Error: (10/04/2019 04:23:19 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FINN)
Description: httphttp-2147467263

Error: (10/04/2019 04:23:17 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FINN)
Description: httphttp-2147467263

Error: (10/04/2019 01:58:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxext.exe6.15.10.44255702a8b4igfxext.exe6.15.10.44255702a8b4c000000500000000000084b014f001d57aaafa4d0292C:\WINDOWS\system32\igfxext.exeC:\WINDOWS\system32\igfxext.exe54444b65-0ddd-4503-832d-ff1960ae65db

Error: (09/29/2019 01:21:31 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FINN)
Description: httphttp-2147467263


CodeIntegrity:
===================================
  Date: 2018-09-25 09:26:00.839
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-09-25 09:26:00.604
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-09-25 09:26:00.245
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen ===========================

Processor: Intel(R) Celeron(R) CPU N2830 @ 2.16GHz
Percentage of memory in use: 49%
Total physical RAM: 3982.88 MB
Available physical RAM: 1998.38 MB
Total Virtual: 4686.88 MB
Available Virtual: 2552.1 MB

==================== Drives ================================

Drive c: (TI31338300A) (Fixed) (Total:453.31 GB) (Free:311.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== Ende von log ============================

Djchaos 12.10.2019 15:10
Reichen die Logs oder fehlt noch etwas? :confused:

cosinus 13.10.2019 10:32
Irgendwie hab ich die Antwort nicht richtig gepostet, wohl nur Vorschau :confused:

adwCleaner

Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags.

Djchaos 14.10.2019 06:56
Bin nun bis Sonntag 20.10. nicht da. Würde gern solange pausieren.

Kümmer mich dann darum wenn ich wieder da bin.

Djchaos 27.10.2019 17:47
Sorry das es doch nun etrwas lnger gedauert hat. Aber hier was AdwCleaner gemacht hat.

AdwCleaner[C00].txt

Code:
# -------------------------------
# Malwarebytes AdwCleaner 7.4.2.0
# -------------------------------
# Build:    10-21-2019
# Database: 2019-10-21.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    10-27-2019
# Duration: 00:01:37
# OS:      Windows 10 Home
# Cleaned:  63
# Failed:  0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted      HKCU\Software\BRS
Deleted      HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Firefox Packages
Deleted      HKLM\Software\Classes\AppID\{9CB2CD61-FFA0-406C-9D2D-8FDE6F4A4D8A}
Deleted      HKLM\Software\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Deleted      HKLM\Software\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Deleted      HKLM\Software\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Deleted      HKLM\Software\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Deleted      HKLM\Software\Wow6432Node\\Classes\AppID\{9CB2CD61-FFA0-406C-9D2D-8FDE6F4A4D8A}
Deleted      HKLM\Software\Wow6432Node\\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Deleted      HKLM\Software\Wow6432Node\\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Deleted      HKLM\Software\Wow6432Node\\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Deleted      HKLM\Software\Wow6432Node\\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

Deleted      Preinstalled.HPSupportAssistant  Folder  C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS
Deleted      Preinstalled.HPSupportAssistant  Folder  C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted      Preinstalled.HPSupportAssistant  Folder  C:\Users\Stefanie\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted      Preinstalled.HPSupportAssistant  Registry  HKLM\Software\Wow6432Node\\Classes\CLSID\{C0ABBA07-B636-47B8-B9E1-BB96D7CD4831}
Deleted      Preinstalled.LenovoPowerDVD  Registry  HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Deleted      Preinstalled.LenovoPowerDVD  Registry  HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Deleted      Preinstalled.TOSHIBADesktopAssist  Registry  HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C4CDCEF0-0A7A-4425-887C-33E39533D758}
Deleted      Preinstalled.TOSHIBAPCHealthMonitor  Folder  C:\Program Files\TOSHIBA\TPHM
Deleted      Preinstalled.TOSHIBAPCHealthMonitor  Folder  C:\ProgramData\TOSHIBA\TPHM
Deleted      Preinstalled.TOSHIBAPCHealthMonitor  Registry  HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|TosWaitSrv
Deleted      Preinstalled.TOSHIBAPCHealthMonitor  Registry  HKLM\Software\Microsoft\Windows\CurrentVersion\Run|TosWaitSrv
Deleted      Preinstalled.TOSHIBAPCHealthMonitor  Registry  HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B507386D-1F61-4E55-B05B-F56ACB0086B3}
Deleted      Preinstalled.TOSHIBAPasswordUtility  Folder  C:\Program Files\TOSHIBA\PASSWORDUTILITY
Deleted      Preinstalled.TOSHIBASystemSettings  Folder  C:\Program Files (x86)\TOSHIBA\SYSTEM SETTING
Deleted      Preinstalled.TOSHIBASystemSettings  Registry  HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|TCrdMain
Deleted      Preinstalled.TOSHIBASystemSettings  Registry  HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|TSSSrv
Deleted      Preinstalled.TOSHIBASystemSettings  Registry  HKLM\Software\Microsoft\Windows\CurrentVersion\Run|TCrdMain
Deleted      Preinstalled.TOSHIBASystemSettings  Registry  HKLM\Software\Microsoft\Windows\CurrentVersion\Run|TSSSrv
Deleted      Preinstalled.TOSHIBASystemSettings  Registry  HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4D57ED72-6B01-40BD-9CA9-012B8FC09CEB}
Deleted      Preinstalled.TOSHIBATEMPRO  Folder  C:\Program Files (x86)\TOSHIBA TEMPRO
Deleted      Preinstalled.TOSHIBATEMPRO  Folder  C:\ProgramData\TOSHIBA TEMPRO
Deleted      Preinstalled.TOSHIBATEMPRO  Registry  HKLM\Software\Classes\CLSID\{F1999956-6CC2-4912-990F-F3E26C88D260}
Deleted      Preinstalled.TOSHIBATEMPRO  Registry  HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{E4C7D9D7-19D4-4623-AF0C-EA313C466411}
Deleted      Preinstalled.TOSHIBAUtilities  Folder  C:\Program Files (x86)\TOSHIBA\UTILITIES
Deleted      Preinstalled.TOSHIBAUtilities  Folder  C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\UTILITIES
Deleted      Preinstalled.TOSHIBAUtilities  Registry  HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|KeNotify
Deleted      Preinstalled.TOSHIBAUtilities  Registry  HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|KeNotify
Deleted      Preinstalled.TOSHIBAUtilities  Registry  HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}
Deleted      Preinstalled.TOSHIBAUtilities  Registry  HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{620BBA5E-F848-4D56-8BDA-584E44584C5E}
Deleted      Preinstalled.ToshibaWildTangentGamesBundle  Registry  HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-toshiba-genres
Deleted      Preinstalled.WildTangentGamesBundle  File  C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - toshiba.lnk
Deleted      Preinstalled.WildTangentGamesBundle  Folder  C:\Program Files (x86)\WILDGAMES
Deleted      Preinstalled.WildTangentGamesBundle  Folder  C:\Program Files (x86)\WILDGAMES\BEJEWELED 3
Deleted      Preinstalled.WildTangentGamesBundle  Folder  C:\Program Files (x86)\WILDGAMES\CUT THE ROPE
Deleted      Preinstalled.WildTangentGamesBundle  Folder  C:\Program Files (x86)\WILDGAMES\MAGIC ACADEMY
Deleted      Preinstalled.WildTangentGamesBundle  Folder  C:\Program Files (x86)\WILDGAMES\MAHJONGG ARTIFACTS
Deleted      Preinstalled.WildTangentGamesBundle  Folder  C:\Program Files (x86)\WILDGAMES\PEGGLE NIGHTS
Deleted      Preinstalled.WildTangentGamesBundle  Folder  C:\Program Files (x86)\WILDGAMES\PLANTS VS ZOMBIES - GAME OF THE YEAR
Deleted      Preinstalled.WildTangentGamesBundle  Folder  C:\Program Files (x86)\WILDGAMES\POLAR BOWLER
Deleted      Preinstalled.WildTangentGamesBundle  Folder  C:\Program Files (x86)\WILDGAMES\YOUDA JEWEL SHOP
Deleted      Preinstalled.WildTangentGamesBundle  Folder  C:\Program Files (x86)\WILDTANGENT GAMES
Deleted      Preinstalled.WildTangentGamesBundle  Folder  C:\Program Files (x86)\WILDTANGENT GAMES\APP
Deleted      Preinstalled.WildTangentGamesBundle  Folder  C:\Program Files (x86)\WILDTANGENT GAMES\TOUCHPOINTS\TOSHIBA
Deleted      Preinstalled.WildTangentGamesBundle  Registry  HKLM\Software\Wow6432Node\\Classes\CLSID\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted      Preinstalled.WildTangentGamesBundle  Registry  HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted      Preinstalled.WildTangentGamesBundle  Registry  HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall
Deleted      Preinstalled.WildTangentGamesBundle  Registry  HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-toshiba-touch
Deleted      Preinstalled.WildTangentGamesBundle  Registry  HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App
Deleted      Preinstalled.WildTangentGamesBundle  Registry  HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-toshiba
Deleted      Preinstalled.WildTangentGamesBundle  Registry  HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted      Preinstalled.WildTangentGamesBundle  Registry  HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}


*************************

[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset Chromium Policies
[+] Reset IE Policies
[+] Reset Winsock

*************************

AdwCleaner_Debug.log - [142991 octets] - [27/10/2019 16:08:03]
AdwCleaner[S00].txt - [8827 octets] - [27/10/2019 16:16:18]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
AdwCleaner[S00].txt

Code:
# -------------------------------
# Malwarebytes AdwCleaner 7.4.2.0
# -------------------------------
# Build:    10-21-2019
# Database: 2019-10-21.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    10-27-2019
# Duration: 00:01:22
# OS:      Windows 10 Home
# Scanned:  35182
# Detected: 63


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.AppEnable.A        HKLM\Software\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
PUP.Optional.AppEnable.A        HKLM\Software\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
PUP.Optional.AppEnable.A        HKLM\Software\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
PUP.Optional.AppEnable.A        HKLM\Software\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
PUP.Optional.AppEnable.A        HKLM\Software\Wow6432Node\\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
PUP.Optional.AppEnable.A        HKLM\Software\Wow6432Node\\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
PUP.Optional.AppEnable.A        HKLM\Software\Wow6432Node\\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
PUP.Optional.AppEnable.A        HKLM\Software\Wow6432Node\\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
PUP.Optional.Legacy            HKCU\Software\BRS
PUP.Optional.Legacy            HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Firefox Packages
PUP.Optional.Legacy            HKLM\Software\Classes\AppID\{9CB2CD61-FFA0-406C-9D2D-8FDE6F4A4D8A}
PUP.Optional.Legacy            HKLM\Software\Wow6432Node\\Classes\AppID\{9CB2CD61-FFA0-406C-9D2D-8FDE6F4A4D8A}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

Preinstalled.HPSupportAssistant  Folder  C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS
Preinstalled.HPSupportAssistant  Folder  C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant  Folder  C:\Users\Stefanie\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant  Registry  HKLM\Software\Wow6432Node\\Classes\CLSID\{C0ABBA07-B636-47B8-B9E1-BB96D7CD4831}
Preinstalled.LenovoPowerDVD  Registry  HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Preinstalled.LenovoPowerDVD  Registry  HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Preinstalled.TOSHIBADesktopAssist  Registry  HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C4CDCEF0-0A7A-4425-887C-33E39533D758}
Preinstalled.TOSHIBAPCHealthMonitor  Folder  C:\Program Files\TOSHIBA\TPHM
Preinstalled.TOSHIBAPCHealthMonitor  Folder  C:\ProgramData\TOSHIBA\TPHM
Preinstalled.TOSHIBAPCHealthMonitor  Registry  HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|TosWaitSrv
Preinstalled.TOSHIBAPCHealthMonitor  Registry  HKLM\Software\Microsoft\Windows\CurrentVersion\Run|TosWaitSrv
Preinstalled.TOSHIBAPCHealthMonitor  Registry  HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B507386D-1F61-4E55-B05B-F56ACB0086B3}
Preinstalled.TOSHIBAPasswordUtility  Folder  C:\Program Files\TOSHIBA\PASSWORDUTILITY
Preinstalled.TOSHIBASystemSettings  Folder  C:\Program Files (x86)\TOSHIBA\SYSTEM SETTING
Preinstalled.TOSHIBASystemSettings  Registry  HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|TCrdMain
Preinstalled.TOSHIBASystemSettings  Registry  HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|TSSSrv
Preinstalled.TOSHIBASystemSettings  Registry  HKLM\Software\Microsoft\Windows\CurrentVersion\Run|TCrdMain
Preinstalled.TOSHIBASystemSettings  Registry  HKLM\Software\Microsoft\Windows\CurrentVersion\Run|TSSSrv
Preinstalled.TOSHIBASystemSettings  Registry  HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4D57ED72-6B01-40BD-9CA9-012B8FC09CEB}
Preinstalled.TOSHIBATEMPRO  Folder  C:\Program Files (x86)\TOSHIBA TEMPRO
Preinstalled.TOSHIBATEMPRO  Folder  C:\ProgramData\TOSHIBA TEMPRO
Preinstalled.TOSHIBATEMPRO  Registry  HKLM\Software\Classes\CLSID\{F1999956-6CC2-4912-990F-F3E26C88D260}
Preinstalled.TOSHIBATEMPRO  Registry  HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{E4C7D9D7-19D4-4623-AF0C-EA313C466411}
Preinstalled.TOSHIBAUtilities  Folder  C:\Program Files (x86)\TOSHIBA\UTILITIES
Preinstalled.TOSHIBAUtilities  Folder  C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\UTILITIES
Preinstalled.TOSHIBAUtilities  Registry  HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|KeNotify
Preinstalled.TOSHIBAUtilities  Registry  HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|KeNotify
Preinstalled.TOSHIBAUtilities  Registry  HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}
Preinstalled.TOSHIBAUtilities  Registry  HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{620BBA5E-F848-4D56-8BDA-584E44584C5E}
Preinstalled.ToshibaWildTangentGamesBundle  Registry  HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-toshiba-genres
Preinstalled.WildTangentGamesBundle  File  C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - toshiba.lnk
Preinstalled.WildTangentGamesBundle  Folder  C:\Program Files (x86)\WILDGAMES
Preinstalled.WildTangentGamesBundle  Folder  C:\Program Files (x86)\WILDGAMES\BEJEWELED 3
Preinstalled.WildTangentGamesBundle  Folder  C:\Program Files (x86)\WILDGAMES\CUT THE ROPE
Preinstalled.WildTangentGamesBundle  Folder  C:\Program Files (x86)\WILDGAMES\MAGIC ACADEMY
Preinstalled.WildTangentGamesBundle  Folder  C:\Program Files (x86)\WILDGAMES\MAHJONGG ARTIFACTS
Preinstalled.WildTangentGamesBundle  Folder  C:\Program Files (x86)\WILDGAMES\PEGGLE NIGHTS
Preinstalled.WildTangentGamesBundle  Folder  C:\Program Files (x86)\WILDGAMES\PLANTS VS ZOMBIES - GAME OF THE YEAR
Preinstalled.WildTangentGamesBundle  Folder  C:\Program Files (x86)\WILDGAMES\POLAR BOWLER
Preinstalled.WildTangentGamesBundle  Folder  C:\Program Files (x86)\WILDGAMES\YOUDA JEWEL SHOP
Preinstalled.WildTangentGamesBundle  Folder  C:\Program Files (x86)\WILDTANGENT GAMES
Preinstalled.WildTangentGamesBundle  Folder  C:\Program Files (x86)\WILDTANGENT GAMES\APP
Preinstalled.WildTangentGamesBundle  Folder  C:\Program Files (x86)\WILDTANGENT GAMES\TOUCHPOINTS\TOSHIBA
Preinstalled.WildTangentGamesBundle  Registry  HKLM\Software\Wow6432Node\\Classes\CLSID\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Preinstalled.WildTangentGamesBundle  Registry  HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Preinstalled.WildTangentGamesBundle  Registry  HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall
Preinstalled.WildTangentGamesBundle  Registry  HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-toshiba-touch
Preinstalled.WildTangentGamesBundle  Registry  HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App
Preinstalled.WildTangentGamesBundle  Registry  HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-toshiba
Preinstalled.WildTangentGamesBundle  Registry  HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Preinstalled.WildTangentGamesBundle  Registry  HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}


AdwCleaner_Debug.log - [16664 octets] - [27/10/2019 16:08:03]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

cosinus 27.10.2019 19:56
adwcleaner bitte zwecks Kontrolle wiederholen

Djchaos 28.10.2019 06:47
Code:
# -------------------------------
# Malwarebytes AdwCleaner 7.4.2.0
# -------------------------------
# Build:    10-21-2019
# Database: 2019-10-21.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    10-28-2019
# Duration: 00:00:06
# OS:      Windows 10 Home
# Cleaned:  0
# Failed:  0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset Chromium Policies
[+] Reset IE Policies
[+] Reset Winsock

*************************

AdwCleaner_Debug.log - [158521 octets] - [27/10/2019 16:08:03]
AdwCleaner[S00].txt - [8827 octets] - [27/10/2019 16:16:18]
AdwCleaner[C00].txt - [9532 octets] - [27/10/2019 17:01:33]
AdwCleaner[S01].txt - [1512 octets] - [28/10/2019 06:34:06]
AdwCleaner[S02].txt - [1573 octets] - [28/10/2019 06:35:28]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########

cosinus 28.10.2019 10:51
Ich brauche neue FRST-Logs . Haken setzen bei addition.txt dann auf Untersuchen klicken.

http://www.trojaner-board.de/picture...&pictureid=611

Djchaos 01.11.2019 10:03
FRST.txt
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:28-07-2015
durchgeführt von Stefanie (Administrator) auf FINN (01-11-2019 09:51:18)
Gestartet von C:\Users\Stefanie\Desktop
Geladene Profile: Stefanie (Verfügbare Profile: Stefanie)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

konnte nicht auf den Prozess zugreifen -> Registry
(Microsoft Corporation) C:\Windows\System32\fontdrvhost.exe
konnte nicht auf den Prozess zugreifen -> Memory Compression
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(Microsoft Corporation) C:\Windows\System32\SecurityHealthService.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Corporation) C:\Windows\System32\SgrmBroker.exe
(Microsoft Corporation) C:\Windows\System32\fontdrvhost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\sihost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\taskhostw.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(Microsoft Corporation) C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe
(TOSHIBA) C:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TDUSrv64.exe
(RedFox) C:\Program Files (x86)\RedFox\CloneCD\CloneCDTray.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1910.4-0\MsMpEng.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1910.4-0\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\ApplicationFrameHost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19101.10711.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17134.1063_none_c3f457ba6965bb0b\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\taskhostw.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [179288 2014-01-05] (TOSHIBA Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\RedFox\CloneCD\CloneCDTray.exe [57344 2016-03-29] (RedFox)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [20488312 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [20488312 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-581088433-320290056-2638895184-1001\...\Run: [OneDrive] => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\OneDrive.exe [1593464 2019-10-25] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Windows\System32\osk.exe [623104 2018-10-21] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Windows\System32\osk.exe [623104 2018-10-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\FileSyncShell.dll [2019-10-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\FileSyncShell.dll [2019-10-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\FileSyncShell.dll [2019-10-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\FileSyncShell.dll [2019-10-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\FileSyncShell.dll [2019-10-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\FileSyncShell.dll [2019-10-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\FileSyncShell.dll [2019-10-25] (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ATTENTION

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-09b708085549b3cc
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-09b708085549b3cc
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-581088433-320290056-2638895184-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-09b708085549b3cc
HKU\S-1-5-21-581088433-320290056-2638895184-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TEJB
HKU\S-1-5-21-581088433-320290056-2638895184-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/symbaloo_c
SearchScopes: HKLM -> DefaultScope {4A7A7036-93FB-4B53-9434-2E9D0BDBBC8E} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-219b8a270528f977&q={searchTerms}
SearchScopes: HKLM -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKLM -> {4A7A7036-93FB-4B53-9434-2E9D0BDBBC8E} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-219b8a270528f977&q={searchTerms}
SearchScopes: HKLM -> {bce42d98-b1cd-493f-a64c-107aae7521be} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {4A7A7036-93FB-4B53-9434-2E9D0BDBBC8E} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-219b8a270528f977&q={searchTerms}
SearchScopes: HKLM-x32 -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {4A7A7036-93FB-4B53-9434-2E9D0BDBBC8E} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-219b8a270528f977&q={searchTerms}
SearchScopes: HKLM-x32 -> {bce42d98-b1cd-493f-a64c-107aae7521be} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-581088433-320290056-2638895184-1001 -> DefaultScope {1b31c9d2-7135-442b-bb93-7c002172adc6} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-219b8a270528f977&q={searchTerms}
SearchScopes: HKU\S-1-5-21-581088433-320290056-2638895184-1001 -> {1b31c9d2-7135-442b-bb93-7c002172adc6} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-219b8a270528f977&q={searchTerms}
SearchScopes: HKU\S-1-5-21-581088433-320290056-2638895184-1001 -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-581088433-320290056-2638895184-1001 -> {bce42d98-b1cd-493f-a64c-107aae7521be} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-581088433-320290056-2638895184-1001 -> {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2019-08-20] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2019-10-24] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-10-22] (Microsoft Corporation)
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll [2018-06-08] (Microsoft Corporation)
Handler-x32: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2018-06-08] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{75013482-b294-4535-9c56-b2178f6e757f}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{a516b4d1-81c3-4daa-bf24-f5142955b826}: [DhcpNameServer] 192.168.2.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Stefanie\AppData\Roaming\Mozilla\Firefox\Profiles\h857aa1h.default
FF SelectedSearchEngine: Search Provided by Yahoo
FF DefaultSearchEngine: Search Provided by Yahoo
FF NewTab: about:newtab
FF Homepage: https://www.bing.com/search?FORM=INCOH1&PC=IC04&PTAG=ICO-eb682354
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll No File
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-10-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-02] (Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-02] (Google LLC)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No File
FF user.js: detected! => C:\Users\Stefanie\AppData\Roaming\Mozilla\Firefox\Profiles\h857aa1h.default\user.js [2014-10-20]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
StartMenuInternet: Firefox-308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR Profile: C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Slides) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-30]
CHR Extension: (Docs) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-30]
CHR Extension: (Google Drive) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-06-30]
CHR Extension: (YouTube) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-30]
CHR Extension: (Sheets) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-30]
CHR Extension: (Search Selector Beta) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gboaiodgdajeapekadgejlbmabjganof [2019-07-04]
CHR Extension: (Google Docs Offline) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-06-30]
CHR Extension: (Avast Online Security) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-09-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-30]
CHR Extension: (Gmail) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-06-30]
CHR Extension: (Chrome Media Router) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-30]
CHR HKLM\...\Chrome\Extension: [gboaiodgdajeapekadgejlbmabjganof] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-581088433-320290056-2638895184-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gboaiodgdajeapekadgejlbmabjganof] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gboaiodgdajeapekadgejlbmabjganof] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - https://clients2.google.com/service/update2/crx

==================== Services (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AJRouter; C:\Windows\System32\AJRouter.dll [25088 2018-04-12] (Microsoft Corporation)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-03-19] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R3 BTAGService; C:\Windows\System32\BTAGService.dll [514048 2018-11-09] (Microsoft Corporation)
R3 BthAvctpSvc; C:\Windows\System32\BthAvctpSvc.dll [399872 2018-11-09] (Microsoft Corporation)
R3 camsvc; C:\Windows\system32\CapabilityAccessManager.dll [266752 2019-01-09] (Microsoft Corporation)
R2 CDPSvc; C:\Windows\System32\CDPSvc.dll [632320 2018-10-21] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058256 2019-02-13] (Microsoft Corporation)
S3 ClipSVC; C:\Windows\System32\ClipSVC.dll [1033696 2019-06-13] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [885760 2018-12-08] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [567256 2018-12-08] (Microsoft Corporation)
S3 DevQueryBroker; C:\Windows\system32\DevQueryBroker.dll [33792 2018-04-12] (Microsoft Corporation)
S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [90112 2019-05-03] (Microsoft Corporation)
S3 diagsvc; C:\Windows\system32\DiagSvc.dll [219648 2018-04-12] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [827392 2019-04-19] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [593408 2019-04-19] (Microsoft Corporation)
S3 dmwappushservice; C:\Windows\system32\dmwappushsvc.dll [57856 2018-04-12] (Microsoft Corporation)
R2 DoSvc; C:\Windows\System32\svchost.exe [85472 2019-01-09] (Microsoft Corporation)
R2 DoSvc; C:\Windows\SysWOW64\svchost.exe [71456 2019-01-09] (Microsoft Corporation)
R3 DsSvc; C:\Windows\System32\DsSvc.dll [155136 2019-09-04] (Microsoft Corporation)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [21840 2014-03-03] ()
R2 DusmSvc; C:\Windows\System32\dusmsvc.dll [356352 2018-12-08] (Microsoft Corporation)
S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [167424 2018-04-12] (Microsoft Corporation)
S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [308736 2018-11-09] (Microsoft Corporation)
S3 FrameServer; C:\Windows\system32\FrameServer.dll [673792 2018-06-08] (Microsoft Corporation)
S3 GraphicsPerfSvc; C:\Windows\System32\GraphicsPerfSvc.dll [90624 2018-04-12] (Microsoft Corporation)
S3 HvHost; C:\Windows\System32\hvhostsvc.dll [61736 2018-08-03] (Microsoft Corporation)
S3 icssvc; C:\Windows\System32\tetheringservice.dll [241152 2018-11-01] (Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [337888 2016-08-31] (Intel Corporation)
S3 InstallService; C:\Windows\system32\InstallService.dll [1487360 2019-05-17] (Microsoft Corporation)
S3 InstallService; C:\Windows\SysWOW64\InstallService.dll [1110528 2019-05-17] (Microsoft Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
S3 IpxlatCfgSvc; C:\Windows\System32\IpxlatCfg.dll [63488 2018-04-12] (Microsoft Corporation)
R3 lfsvc; C:\Windows\System32\lfsvc.dll [44544 2018-04-12] (Microsoft Corporation)
R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [48640 2018-04-12] (Microsoft Corporation)
S3 LxpSvc; C:\Windows\System32\LanguageOverlayServer.dll [199680 2018-04-12] (Microsoft Corporation)
S2 MapsBroker; C:\Windows\System32\moshost.dll [91136 2018-07-06] (Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239696 2013-07-23] ()
S3 NaturalAuthentication; C:\Windows\System32\NaturalAuth.dll [824832 2018-04-12] (Microsoft Corporation)
S3 NetSetupSvc; C:\Windows\System32\NetSetupSvc.dll [335360 2019-07-09] (Microsoft Corporation)
R3 NgcCtnrSvc; C:\Windows\System32\NgcCtnrSvc.dll [582144 2019-07-09] (Microsoft Corporation)
R3 NgcSvc; C:\Windows\system32\ngcsvc.dll [784896 2019-04-19] (Microsoft Corporation)
S3 PhoneSvc; C:\Windows\System32\PhoneService.dll [835584 2018-11-01] (Microsoft Corporation)
S3 PushToInstall; C:\Windows\system32\PushToInstall.dll [262144 2018-07-14] (Microsoft Corporation)
S3 RetailDemo; C:\Windows\system32\RDXService.dll [681984 2018-04-12] (Microsoft Corporation)
S3 RmSvc; C:\Windows\System32\RMapi.dll [153600 2018-12-08] (Microsoft Corporation)
R2 SecurityHealthService; C:\Windows\system32\SecurityHealthService.exe [760888 2018-07-14] (Microsoft Corporation)
R2 sedsvc; C:\Program Files\rempl\sedsvc.exe [357680 2019-08-26] (Microsoft Corporation)
R3 SEMgrSvc; C:\Windows\system32\SEMgrSvc.dll [1248768 2018-04-12] (Microsoft Corporation)
S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1273344 2018-04-12] (Microsoft Corporation)
S3 SensorService; C:\Windows\system32\SensorService.dll [712192 2018-04-12] (Microsoft Corporation)
R2 SgrmBroker; C:\Windows\system32\SgrmBroker.exe [163336 2018-04-12] (Microsoft Corporation)
S3 SharedRealitySvc; C:\Windows\System32\SharedRealitySvc.dll [713216 2019-06-13] (Microsoft Corporation)
S4 shpamsvc; C:\Windows\system32\Windows.SharedPC.AccountManager.dll [195584 2018-04-12] (Microsoft Corporation)
S3 SmsRouter; C:\Windows\system32\SmsRouterSvc.dll [590336 2018-04-12] (Microsoft Corporation)
S3 spectrum; C:\Windows\system32\spectrum.exe [976384 2018-06-08] (Microsoft Corporation)
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [4970360 2018-06-08] (Microsoft Corporation)
R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [4469832 2018-06-08] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [287240 2018-03-28] (Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12135768 2019-09-24] (TeamViewer GmbH)
S3 TieringEngineService; C:\Windows\system32\TieringEngineService.exe [303616 2018-04-12] (Microsoft Corporation)
R3 TimeBrokerSvc; C:\Windows\System32\TimeBrokerServer.dll [176128 2018-04-12] (Microsoft Corporation)
R3 TokenBroker; C:\Windows\System32\TokenBroker.dll [1400832 2019-07-09] (Microsoft Corporation)
R3 TokenBroker; C:\Windows\SysWOW64\TokenBroker.dll [1003008 2019-07-09] (Microsoft Corporation)
S4 tzautoupdate; C:\Windows\system32\tzautoupdate.dll [92160 2018-11-09] (Microsoft Corporation)
S4 tzautoupdate; C:\Windows\SysWOW64\tzautoupdate.dll [72192 2018-04-12] (Microsoft Corporation)
R2 UserManager; C:\Windows\System32\usermgr.dll [1027584 2019-05-17] (Microsoft Corporation)
R2 UsoSvc; C:\Windows\system32\usocore.dll [1418240 2019-10-02] (Microsoft Corporation)
S3 VacSvc; C:\Windows\System32\vac.dll [411256 2018-04-12] (Microsoft Corporation)
S3 vmicrdv; C:\Windows\System32\icsvcext.dll [309760 2018-04-12] (Microsoft Corporation)
S3 vmicvmsession; C:\Windows\System32\icsvc.dll [289792 2018-04-12] (Microsoft Corporation)
S3 vmicvss; C:\Windows\System32\icsvcext.dll [309760 2018-04-12] (Microsoft Corporation)
S3 WaaSMedicSvc; C:\Windows\System32\WaaSMedicSvc.dll [392704 2019-01-09] (Microsoft Corporation)
S3 WalletService; C:\Windows\system32\WalletService.dll [427520 2018-04-12] (Microsoft Corporation)
S3 WarpJITSvc; C:\Windows\System32\Windows.WARP.JITService.dll [31744 2018-04-12] (Microsoft Corporation)
S3 WFDSConMgrSvc; C:\Windows\System32\wfdsconmgrsvc.dll [681984 2018-07-14] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-11-01] (Microsoft Corporation)
S3 wisvc; C:\Windows\system32\flightsettings.dll [858112 2018-06-08] (Microsoft Corporation)
S3 wisvc; C:\Windows\SysWOW64\flightsettings.dll [729088 2018-06-08] (Microsoft Corporation)
S3 wlpasvc; C:\Windows\System32\lpasvc.dll [1364992 2019-02-16] (Microsoft Corporation)
S3 WpcMonSvc; C:\Windows\System32\WpcDesktopMonSvc.dll [1456640 2018-06-06] (Microsoft Corporation)
R2 WpnService; C:\Windows\system32\WpnService.dll [280576 2018-04-12] (Microsoft Corporation)
S3 xbgm; C:\Windows\system32\xbgmsvc.exe [59512 2018-04-12] (Microsoft Corporation)
S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [1115648 2018-04-12] (Microsoft Corporation)
S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1308672 2018-04-12] (Microsoft Corporation)
S3 XboxGipSvc; C:\Windows\System32\XboxGipSvc.dll [58880 2018-04-12] (Microsoft Corporation)
S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1148928 2018-04-12] (Microsoft Corporation)
S2 GamesAppIntegrationService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe" [X]
S3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X]
S2 HPSupportSolutionsFrameworkService; "C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe" [X]
S3 TemproMonitoringService; "C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe" [X]
S3 TPCHSrv; "C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe" [X]
R3 WdNisSvc; "%ProgramData%\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe" [X]

==================== Drivers (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [20480 2018-04-12] (Microsoft Corporation)
R1 afunix; C:\Windows\system32\drivers\afunix.sys [39424 2018-04-12] (Microsoft Corporation)
S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [18432 2018-04-12] (Microsoft Corporation)
S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533912 2018-04-12] (QLogic Corporation)
R1 bam; C:\Windows\System32\drivers\bam.sys [60320 2018-04-12] (Microsoft Corporation)
S3 BcastDVRUserService; No ImagePath
S3 BcastDVRUserService_21f6f6; No ImagePath
S3 bindflt; C:\Windows\system32\drivers\bindflt.sys [92472 2019-10-02] (Microsoft Corporation)
S3 BluetoothUserService; No ImagePath
S3 BluetoothUserService_21f6f6; No ImagePath
R3 BthLEEnum; C:\Windows\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [86528 2018-04-12] (Microsoft Corporation)
S0 bttflt; C:\Windows\System32\drivers\bttflt.sys [38304 2018-04-12] (Microsoft Corporation)
S3 buttonconverter; C:\Windows\System32\drivers\buttonconverter.sys [39936 2018-04-12] (Microsoft Corporation)
R3 CAD; C:\Windows\System32\drivers\CAD.sys [60320 2018-04-12] (Microsoft Corporation)
S3 CapImg; C:\Windows\System32\drivers\capimg.sys [123392 2018-04-12] (Microsoft Corporation)
S2 CDPUserSvc; No ImagePath
R2 CDPUserSvc_21f6f6; No ImagePath
S0 cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [321432 2018-04-12] (Chelsio Communications)
S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [1836952 2018-04-12] (Chelsio Communications)
R2 CldFlt; C:\Windows\System32\drivers\cldflt.sys [414720 2019-07-09] (Microsoft Corporation)
S4 cnghwassist; C:\Windows\System32\DRIVERS\cnghwassist.sys [39328 2018-04-12] (Microsoft Corporation)
R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_bcb89b3386563bd7\CompositeBus.sys [40448 2018-04-12] (Microsoft Corporation)
S3 DevicePickerUserSvc; No ImagePath
S3 DevicePickerUserSvc_21f6f6; No ImagePath
S3 DevicesFlowUserSvc; No ImagePath
S3 DevicesFlowUserSvc_21f6f6; No ImagePath
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3419032 2018-04-12] (QLogic Corporation)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40872 2014-02-10] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40872 2014-02-10] (SlySoft, Inc.)
R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [55808 2018-04-12] (Microsoft Corporation)
S3 GENERICDRV; C:\Program Files (x86)\UEFI WinFlash\amifldrv64.sys [15640 2012-07-27] ()
S3 genericusbfn; C:\Windows\System32\drivers\genericusbfn.sys [20992 2018-04-12] (Microsoft Corporation)
R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2018-04-12] (Microsoft Corporation)
S3 hidinterrupt; C:\Windows\System32\drivers\hidinterrupt.sys [50592 2018-04-12] (Microsoft Corporation)
S4 hvcrash; C:\Windows\System32\drivers\hvcrash.sys [33184 2018-04-12] (Microsoft Corporation)
S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [76304 2019-06-07] (Microsoft Corporation)
S3 hwdatacard; C:\Windows\system32\DRIVERS\ewusbmdm.sys [115328 2015-02-26] (Huawei Technologies Co., Ltd.) [Datei ist nicht signiert]
S3 HwNClx0101; C:\Windows\System32\Drivers\mshwnclx.sys [27136 2018-04-12] (Microsoft Corporation)
S3 iagpio; C:\Windows\System32\drivers\iagpio.sys [36864 2018-04-12] (Intel(R) Corporation)
S3 iai2c; C:\Windows\System32\drivers\iai2c.sys [91648 2018-04-12] (Intel(R) Corporation)
S3 iaLPSS2i_GPIO2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [79360 2018-04-12] (Intel Corporation)
S3 iaLPSS2i_GPIO2_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [88576 2018-04-12] (Intel Corporation)
S3 iaLPSS2i_I2C; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [171520 2018-04-12] (Intel Corporation)
S3 iaLPSS2i_I2C_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [174592 2018-04-12] (Intel Corporation)
S0 iaStorAVC; C:\Windows\System32\drivers\iaStorAVC.sys [885144 2018-04-12] (Intel Corporation)
S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [526232 2018-04-12] (Mellanox)
S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [38912 2018-04-12] (Microsoft Corporation)
R0 iorate; C:\Windows\System32\drivers\iorate.sys [58168 2018-12-08] (Microsoft Corporation)
S3 IPT; C:\Windows\System32\drivers\ipt.sys [32256 2018-04-12] (Microsoft Corporation)
S0 ItSas35i; C:\Windows\System32\drivers\ItSas35i.sys [145816 2018-04-12] (Avago Technologies)
S0 LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [124312 2018-04-12] (LSI Corporation)
S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [128408 2018-04-12] (Avago Technologies)
S3 mausbhost; C:\Windows\System32\drivers\mausbhost.sys [505240 2018-04-12] (Microsoft Corporation)
S3 mausbip; C:\Windows\System32\drivers\mausbip.sys [56736 2018-04-12] (Microsoft Corporation)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-10-28] (Malwarebytes)
S0 megasas; C:\Windows\System32\drivers\megasas.sys [59800 2018-04-12] (Avago Technologies)
S0 megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [75160 2018-04-12] (Avago Technologies)
S0 megasas35i; C:\Windows\System32\drivers\megasas35i.sys [82328 2018-04-12] (Avago Technologies)
S3 MessagingService; No ImagePath
S3 MessagingService_21f6f6; No ImagePath
R3 Microsoft_Bluetooth_AvrcpTransport; C:\Windows\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation)
S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [842648 2018-04-12] (Mellanox)
R2 MMCSS; C:\Windows\system32\drivers\mmcss.sys [43008 2018-12-08] (Microsoft Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [29192 2016-03-17] (Marvell Semiconductor, Inc.)
S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [108952 2018-04-12] (Mellanox)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [175104 2018-04-12] (Microsoft Corporation)
S3 netvsc; C:\Windows\System32\drivers\netvsc.sys [197632 2018-04-12] (Microsoft Corporation)
S3 nvdimm; C:\Windows\System32\drivers\nvdimm.sys [104448 2018-04-12] (Microsoft Corporation)
S2 OneSyncSvc; No ImagePath
R2 OneSyncSvc_21f6f6; No ImagePath
S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58776 2018-04-12] (Avago Technologies)
S0 percsas3i; C:\Windows\System32\drivers\percsas3i.sys [61848 2018-04-12] (Avago Technologies)
S3 PimIndexMaintenanceSvc; No ImagePath
R3 PimIndexMaintenanceSvc_21f6f6; No ImagePath
S3 pmem; C:\Windows\System32\drivers\pmem.sys [105984 2018-04-12] (Microsoft Corporation)
S3 PrintWorkflowUserSvc; No ImagePath
S3 PrintWorkflowUserSvc_21f6f6; No ImagePath
S0 Ramdisk; C:\Windows\System32\DRIVERS\ramdisk.sys [39840 2018-04-12] (Microsoft Corporation)
S3 ReFSv1; C:\Windows\System32\Drivers\ReFSv1.sys [945464 2019-03-06] (Microsoft Corporation)
S3 rhproxy; C:\Windows\System32\drivers\rhproxy.sys [104448 2018-04-12] (Microsoft Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-09] (Realtek Semiconductor Corp.)
S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [128920 2018-08-03] (Microsoft Corporation)
S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [33176 2018-04-12] (Microsoft Corporation)
R0 SgrmAgent; C:\Windows\System32\drivers\SgrmAgent.sys [63896 2018-04-12] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [54792 2018-03-28] (Synaptics Incorporated)
S3 SpatialGraphFilter; C:\Windows\System32\drivers\SpatialGraphFilter.sys [57752 2018-04-12] (Microsoft Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [82432 2019-03-14] (Microsoft Corporation)
S0 storufs; C:\Windows\System32\drivers\storufs.sys [48544 2018-06-15] (Microsoft Corporation)
R3 swenum; C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_ea7b19c04e7a8136\swenum.sys [18336 2018-04-12] (Microsoft Corporation)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [54424 2015-07-29] (Toshiba Corporation)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [128512 2018-04-12] (Microsoft Corporation)
S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [152576 2018-04-12] (Microsoft Corporation)
S3 UcmUcsi; C:\Windows\System32\drivers\UcmUcsi.sys [57856 2018-04-12] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [45056 2018-04-12] (Microsoft Corporation)
S3 Ufx01000; C:\Windows\System32\drivers\ufx01000.sys [282008 2018-04-12] (Microsoft Corporation)
S3 UfxChipidea; C:\Windows\System32\drivers\UfxChipidea.sys [98200 2018-04-12] (Microsoft Corporation)
S3 ufxsynopsys; C:\Windows\System32\drivers\ufxsynopsys.sys [144288 2018-04-12] (Microsoft Corporation)
S3 UnistoreSvc; No ImagePath
R3 UnistoreSvc_21f6f6; No ImagePath
S3 UrsChipidea; C:\Windows\System32\drivers\urschipidea.sys [29088 2018-04-12] (Microsoft Corporation)
S3 UrsCx01000; C:\Windows\System32\drivers\urscx01000.sys [67992 2018-04-12] (Microsoft Corporation)
S3 UrsSynopsys; C:\Windows\System32\drivers\urssynopsys.sys [28064 2018-04-12] (Microsoft Corporation)
S3 UserDataSvc; No ImagePath
R3 UserDataSvc_21f6f6; No ImagePath
S3 vhf; C:\Windows\System32\drivers\vhf.sys [36352 2018-10-21] (Microsoft Corporation)
S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [10240 2018-08-03] (Microsoft Corporation)
R0 volume; C:\Windows\System32\drivers\volume.sys [16288 2018-04-12] (Microsoft Corporation)
R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [152072 2019-03-14] (Microsoft Corporation)
R3 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [83456 2018-12-08] (Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [46472 2019-11-01] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [351968 2019-11-01] (Microsoft Corporation)
S3 wdiwifi; C:\Windows\System32\DRIVERS\wdiwifi.sys [787968 2019-05-17] (Microsoft Corporation)
S3 WdmCompanionFilter; C:\Windows\System32\drivers\WdmCompanionFilter.sys [21408 2018-04-12] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [53984 2019-11-01] (Microsoft Corporation)
R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [72768 2018-06-15] (Microsoft Corporation)
R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [18472 2018-04-12] (Microsoft Corporation)
S3 WinMad; C:\Windows\System32\drivers\winmad.sys [32152 2018-04-12] (Mellanox)
S3 WinNat; C:\Windows\System32\drivers\winnat.sys [228864 2019-05-17] (Microsoft Corporation)
S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [64920 2018-04-12] (Mellanox)
S2 WpnUserService; No ImagePath
R2 WpnUserService_21f6f6; No ImagePath
S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [295424 2018-06-15] (Microsoft Corporation)
S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [46592 2018-04-12] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

NETSVC: InstallService -> C:\Windows\system32\InstallService.dll (Microsoft Corporation)
NETSVC: LxpSvc -> C:\Windows\System32\LanguageOverlayServer.dll (Microsoft Corporation)
NETSVC: shpamsvc -> C:\Windows\system32\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
NETSVC: PushToInstall -> C:\Windows\system32\PushToInstall.dll (Microsoft Corporation)
NETSVC: XblGameSave -> C:\Windows\System32\XblGameSave.dll (Microsoft Corporation)
NETSVC: DmEnrollmentSvc -> C:\Windows\system32\Windows.Internal.Management.dll (Microsoft Corporation)
NETSVC: XblAuthManager -> C:\Windows\System32\XblAuthManager.dll (Microsoft Corporation)
NETSVC: NaturalAuthentication -> C:\Windows\System32\NaturalAuth.dll (Microsoft Corporation)
NETSVC: NetSetupSvc -> C:\Windows\System32\NetSetupSvc.dll (Microsoft Corporation)
NETSVC: UserManager -> C:\Windows\System32\usermgr.dll (Microsoft Corporation)
NETSVC: XboxGipSvc -> C:\Windows\System32\XboxGipSvc.dll (Microsoft Corporation)
NETSVC: TokenBroker -> C:\Windows\System32\TokenBroker.dll (Microsoft Corporation)
NETSVC: dmwappushservice -> C:\Windows\system32\dmwappushsvc.dll (Microsoft Corporation)
NETSVC: wisvc -> C:\Windows\system32\flightsettings.dll (Microsoft Corporation)
NETSVC: WpnService -> C:\Windows\system32\WpnService.dll (Microsoft Corporation)
NETSVC: XboxNetApiSvc -> C:\Windows\system32\XboxNetApiSvc.dll (Microsoft Corporation)
NETSVC: UsoSvc -> C:\Windows\system32\usocore.dll (Microsoft Corporation)
NETSVCx32: TokenBroker -> C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation)
NETSVCx32: UserManager -> C:\Windows\SysWOW64\usermgr.dll ==> Keine Datei

==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2019-11-01 08:43 - 2019-11-01 08:43 - 00000000 ___HD C:\OneDriveTemp
2019-10-28 06:42 - 2019-10-28 06:42 - 00275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-10-27 17:17 - 2019-10-28 06:44 - 00000276 _____ C:\WINDOWS\WindowsUpdate.log
2019-10-27 16:20 - 2019-10-27 16:20 - 00000000 ___HD C:\$WINDOWS.~BT
2019-10-27 16:08 - 2019-10-28 06:41 - 00000000 ____D C:\Program Files\Mozilla Firefox
2019-10-27 16:08 - 2019-10-27 16:59 - 00000000 ____D C:\AdwCleaner
2019-10-27 16:06 - 2019-10-27 16:06 - 07622344 _____ (Malwarebytes) C:\Users\Stefanie\Desktop\adwcleaner_7.4.2.exe
2019-10-26 10:00 - 2019-10-26 12:46 - 00000000 ____D C:\WINDOWS\UpdateAssistant
2019-10-24 11:00 - 2019-10-02 06:04 - 07519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-10-24 11:00 - 2019-10-02 05:47 - 06564368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-10-24 11:00 - 2019-10-02 05:40 - 25857024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-10-24 11:00 - 2019-10-02 05:32 - 22735872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-10-24 10:59 - 2019-10-02 12:10 - 04527072 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-10-24 10:59 - 2019-10-02 12:10 - 01616608 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-10-24 10:59 - 2019-10-02 11:53 - 04852736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-10-24 10:59 - 2019-10-02 11:52 - 12835840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-10-24 10:59 - 2019-10-02 11:52 - 08627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-10-24 10:59 - 2019-10-02 11:50 - 04491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-10-24 10:59 - 2019-10-02 11:47 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-10-24 10:59 - 2019-10-02 09:46 - 12037120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-10-24 10:59 - 2019-10-02 09:41 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-10-24 10:59 - 2019-10-02 06:20 - 03180080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2019-10-24 10:59 - 2019-10-02 06:04 - 02774120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-10-24 10:59 - 2019-10-02 06:04 - 01035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-10-24 10:59 - 2019-10-02 06:02 - 04404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-10-24 10:59 - 2019-10-02 06:02 - 01219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-10-24 10:59 - 2019-10-02 06:02 - 01027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-10-24 10:59 - 2019-10-02 06:01 - 02468048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-10-24 10:59 - 2019-10-02 06:00 - 09080632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-10-24 10:59 - 2019-10-02 06:00 - 02570824 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-10-24 10:59 - 2019-10-02 06:00 - 02371504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-10-24 10:59 - 2019-10-02 05:48 - 02331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-10-24 10:59 - 2019-10-02 05:48 - 01990056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-10-24 10:59 - 2019-10-02 05:47 - 04789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-10-24 10:59 - 2019-10-02 05:47 - 02260928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-10-24 10:59 - 2019-10-02 05:47 - 01979752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-10-24 10:59 - 2019-10-02 05:38 - 22016000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-10-24 10:59 - 2019-10-02 05:32 - 06661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-10-24 10:59 - 2019-10-02 05:31 - 08189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-10-24 10:59 - 2019-10-02 05:31 - 04388864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-10-24 10:59 - 2019-10-02 05:30 - 19385856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-10-24 10:59 - 2019-10-02 05:30 - 03403264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-10-24 10:59 - 2019-10-02 05:29 - 03392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-10-24 10:59 - 2019-10-02 05:29 - 02700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-10-24 10:59 - 2019-10-02 05:28 - 07573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-10-24 10:59 - 2019-10-02 05:28 - 04771840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-10-24 10:59 - 2019-10-02 05:28 - 01827328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-10-24 10:59 - 2019-10-02 05:27 - 05769728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-10-24 10:59 - 2019-10-02 05:27 - 02126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2019-10-24 10:59 - 2019-10-02 05:25 - 03091456 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-10-24 10:59 - 2019-10-02 05:25 - 02738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-10-24 10:59 - 2019-10-02 05:24 - 02379264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-10-24 10:59 - 2019-10-02 05:23 - 04938240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-10-24 10:59 - 2019-10-02 05:23 - 04517376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-10-24 10:59 - 2019-10-02 05:23 - 02166272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-10-24 10:59 - 2019-10-02 05:22 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-10-24 10:59 - 2019-09-10 08:17 - 23862272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-10-24 10:59 - 2019-09-10 08:16 - 19525632 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-10-24 10:58 - 2019-10-06 02:43 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-10-24 10:58 - 2019-10-06 02:43 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-10-24 10:58 - 2019-10-02 12:14 - 00349216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-10-24 10:58 - 2019-10-02 12:10 - 01640376 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-10-24 10:58 - 2019-10-02 12:08 - 02394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2019-10-24 10:58 - 2019-10-02 12:08 - 01047568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2019-10-24 10:58 - 2019-10-02 11:53 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-10-24 10:58 - 2019-10-02 11:50 - 02019840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2019-10-24 10:58 - 2019-10-02 11:50 - 00810496 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2019-10-24 10:58 - 2019-10-02 11:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2019-10-24 10:58 - 2019-10-02 11:48 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-10-24 10:58 - 2019-10-02 11:48 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2019-10-24 10:58 - 2019-10-02 11:48 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-10-24 10:58 - 2019-10-02 11:47 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-10-24 10:58 - 2019-10-02 11:47 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-10-24 10:58 - 2019-10-02 11:46 - 01364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-10-24 10:58 - 2019-10-02 11:46 - 01289216 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-10-24 10:58 - 2019-10-02 11:46 - 00740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2019-10-24 10:58 - 2019-10-02 11:46 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-10-24 10:58 - 2019-10-02 11:45 - 01180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-10-24 10:58 - 2019-10-02 11:45 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2019-10-24 10:58 - 2019-10-02 09:56 - 01628488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-10-24 10:58 - 2019-10-02 09:53 - 00917816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2019-10-24 10:58 - 2019-10-02 09:52 - 02206424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2019-10-24 10:58 - 2019-10-02 09:44 - 07991296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-10-24 10:58 - 2019-10-02 09:42 - 03397120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-10-24 10:58 - 2019-10-02 09:42 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-10-24 10:58 - 2019-10-02 09:41 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-10-24 10:58 - 2019-10-02 09:41 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-10-24 10:58 - 2019-10-02 06:21 - 02417744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2019-10-24 10:58 - 2019-10-02 06:19 - 00374584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-10-24 10:58 - 2019-10-02 06:05 - 00092472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-10-24 10:58 - 2019-10-02 06:04 - 01098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-10-24 10:58 - 2019-10-02 06:04 - 00494096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-10-24 10:58 - 2019-10-02 06:03 - 00778024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-10-24 10:58 - 2019-10-02 06:03 - 00193040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-10-24 10:58 - 2019-10-02 06:02 - 00568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-10-24 10:58 - 2019-10-02 06:02 - 00210448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2019-10-24 10:58 - 2019-10-02 06:02 - 00194352 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-10-24 10:58 - 2019-10-02 06:01 - 01288928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-10-24 10:58 - 2019-10-02 06:01 - 00723728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-10-24 10:58 - 2019-10-02 06:01 - 00722744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2019-10-24 10:58 - 2019-10-02 06:01 - 00527160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2019-10-24 10:58 - 2019-10-02 06:01 - 00491208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-10-24 10:58 - 2019-10-02 06:01 - 00439504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-10-24 10:58 - 2019-10-02 06:01 - 00435728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-10-24 10:58 - 2019-10-02 06:01 - 00159864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-10-24 10:58 - 2019-10-02 06:00 - 00433168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-10-24 10:58 - 2019-10-02 06:00 - 00248880 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2019-10-24 10:58 - 2019-10-02 06:00 - 00209936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-10-24 10:58 - 2019-10-02 06:00 - 00039032 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-10-24 10:58 - 2019-10-02 05:59 - 01784696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-10-24 10:58 - 2019-10-02 05:59 - 01459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-10-24 10:58 - 2019-10-02 05:59 - 01260776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-10-24 10:58 - 2019-10-02 05:59 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-10-24 10:58 - 2019-10-02 05:59 - 00983936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-10-24 10:58 - 2019-10-02 05:59 - 00930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2019-10-24 10:58 - 2019-10-02 05:59 - 00604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-10-24 10:58 - 2019-10-02 05:59 - 00260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-10-24 10:58 - 2019-10-02 05:49 - 00550512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-10-24 10:58 - 2019-10-02 05:49 - 00434728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-10-24 10:58 - 2019-10-02 05:49 - 00385000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-10-24 10:58 - 2019-10-02 05:49 - 00191800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-10-24 10:58 - 2019-10-02 05:49 - 00146712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-10-24 10:58 - 2019-10-02 05:48 - 00666248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-10-24 10:58 - 2019-10-02 05:48 - 00380216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-10-24 10:58 - 2019-10-02 05:48 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-10-24 10:58 - 2019-10-02 05:47 - 01380312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-10-24 10:58 - 2019-10-02 05:47 - 01130784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-10-24 10:58 - 2019-10-02 05:47 - 01020280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2019-10-24 10:58 - 2019-10-02 05:47 - 00829752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2019-10-24 10:58 - 2019-10-02 05:47 - 00607248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2019-10-24 10:58 - 2019-10-02 05:47 - 00129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-10-24 10:58 - 2019-10-02 05:29 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2019-10-24 10:58 - 2019-10-02 05:28 - 02929152 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2019-10-24 10:58 - 2019-10-02 05:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2019-10-24 10:58 - 2019-10-02 05:28 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-10-24 10:58 - 2019-10-02 05:28 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2019-10-24 10:58 - 2019-10-02 05:28 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-10-24 10:58 - 2019-10-02 05:28 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-10-24 10:58 - 2019-10-02 05:27 - 03554304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2019-10-24 10:58 - 2019-10-02 05:27 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-10-24 10:58 - 2019-10-02 05:27 - 00929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-10-24 10:58 - 2019-10-02 05:27 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-10-24 10:58 - 2019-10-02 05:27 - 00395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-10-24 10:58 - 2019-10-02 05:27 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-10-24 10:58 - 2019-10-02 05:27 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-10-24 10:58 - 2019-10-02 05:26 - 00908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2019-10-24 10:58 - 2019-10-02 05:26 - 00894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-10-24 10:58 - 2019-10-02 05:26 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-10-24 10:58 - 2019-10-02 05:26 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-10-24 10:58 - 2019-10-02 05:26 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-10-24 10:58 - 2019-10-02 05:26 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-10-24 10:58 - 2019-10-02 05:25 - 02258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-10-24 10:58 - 2019-10-02 05:25 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-10-24 10:58 - 2019-10-02 05:25 - 01862656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2019-10-24 10:58 - 2019-10-02 05:25 - 01540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-10-24 10:58 - 2019-10-02 05:25 - 01295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-10-24 10:58 - 2019-10-02 05:25 - 00808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-10-24 10:58 - 2019-10-02 05:25 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-10-24 10:58 - 2019-10-02 05:25 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-10-24 10:58 - 2019-10-02 05:25 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-10-24 10:58 - 2019-10-02 05:25 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2019-10-24 10:58 - 2019-10-02 05:24 - 01563648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-10-24 10:58 - 2019-10-02 05:24 - 01058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-10-24 10:58 - 2019-10-02 05:24 - 00857088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2019-10-24 10:58 - 2019-10-02 05:24 - 00582144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2019-10-24 10:58 - 2019-10-02 05:24 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-10-24 10:58 - 2019-10-02 05:23 - 01724928 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-10-24 10:58 - 2019-10-02 05:23 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-10-24 10:58 - 2019-10-02 05:23 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2019-10-24 10:58 - 2019-10-02 05:23 - 00735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-10-24 10:58 - 2019-10-02 05:23 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-10-24 10:58 - 2019-10-02 05:23 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-10-24 10:58 - 2019-10-02 05:22 - 01110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-10-24 10:58 - 2019-10-02 05:22 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-10-24 10:58 - 2019-10-02 05:22 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-10-24 10:58 - 2019-10-02 05:22 - 00532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-10-24 10:58 - 2019-10-02 05:22 - 00506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-10-24 10:58 - 2019-10-02 05:22 - 00345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-10-24 10:58 - 2019-10-02 05:22 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-10-24 10:58 - 2019-10-02 05:22 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-10-24 10:58 - 2019-10-02 04:05 - 00001312 _____ C:\WINDOWS\system32\tcbres.wim
2019-10-24 10:58 - 2019-09-19 08:02 - 00868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-10-24 10:58 - 2019-09-10 07:56 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-10-24 10:58 - 2019-09-10 02:20 - 00353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-10-24 10:58 - 2019-09-10 02:20 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-10-24 10:58 - 2019-08-13 15:42 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-10-07 18:03 - 2019-10-24 21:10 - 00153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-10-07 18:03 - 2019-10-07 18:03 - 00001923 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-10-07 18:03 - 2019-10-07 18:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-10-07 18:03 - 2019-06-26 12:00 - 00020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-10-06 14:25 - 2019-10-27 17:35 - 00001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-10-06 14:25 - 2019-10-06 14:25 - 00001004 _____ C:\Users\Public\Desktop\Firefox.lnk
2019-10-06 14:23 - 2019-10-06 14:24 - 49818008 _____ (Mozilla) C:\Users\Stefanie\Downloads\Firefox Setup 69.0.2.exe
2019-10-04 15:31 - 2019-10-06 16:36 - 00064685 _____ C:\Users\Stefanie\Desktop\Addition.txt
2019-10-04 15:27 - 2019-11-01 09:52 - 00043105 _____ C:\Users\Stefanie\Desktop\FRST.txt
2019-10-04 15:27 - 2019-11-01 09:51 - 00000000 ____D C:\FRST
2019-10-04 15:25 - 2019-10-04 15:25 - 02169856 _____ (Farbar) C:\Users\Stefanie\Desktop\FRST64.exe
2019-10-04 12:59 - 2019-09-13 11:57 - 21409376 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-10-04 12:59 - 2019-09-13 05:49 - 05627280 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-10-04 12:59 - 2019-09-13 05:47 - 07445856 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-10-04 12:58 - 2019-10-24 10:01 - 00000000 ____D C:\Users\Stefanie\AppData\Local\CrashDumps
2019-10-04 12:58 - 2019-09-13 12:02 - 04040008 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-10-04 12:58 - 2019-09-13 11:57 - 01517480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-10-04 12:58 - 2019-09-13 11:47 - 06588416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-10-04 12:58 - 2019-09-13 11:41 - 01644032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2019-10-04 12:58 - 2019-09-13 11:40 - 03614208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-10-04 12:58 - 2019-09-13 10:16 - 01320128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-10-04 12:58 - 2019-09-13 10:15 - 20400656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-10-04 12:58 - 2019-09-13 10:15 - 03701184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-10-04 12:58 - 2019-09-13 10:05 - 05659136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-10-04 12:58 - 2019-09-13 10:00 - 02882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-10-04 12:58 - 2019-09-13 05:58 - 07900880 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2019-10-04 12:58 - 2019-09-13 05:58 - 01613096 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2019-10-04 12:58 - 2019-09-13 05:48 - 03290584 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-10-04 12:58 - 2019-09-13 05:36 - 02478152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-10-04 12:58 - 2019-09-13 05:35 - 06052272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-10-04 12:58 - 2019-09-13 05:27 - 16598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-10-04 12:58 - 2019-09-13 05:24 - 13878784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-10-04 12:58 - 2019-09-13 05:17 - 03148288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2019-10-04 12:58 - 2019-09-13 05:15 - 02913792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-10-04 12:58 - 2019-09-13 05:14 - 01854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-10-04 12:58 - 2019-09-13 05:14 - 01809408 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-10-04 12:58 - 2019-09-13 05:14 - 01222144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-10-04 12:58 - 2019-09-13 05:13 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-10-04 12:58 - 2019-09-13 05:12 - 01634304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-10-04 12:57 - 2019-09-13 12:03 - 00586680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-10-04 12:57 - 2019-09-13 11:57 - 01375456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-10-04 12:57 - 2019-09-13 11:56 - 00341392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2019-10-04 12:57 - 2019-09-13 11:44 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2019-10-04 12:57 - 2019-09-13 11:44 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2019-10-04 12:57 - 2019-09-13 11:41 - 01127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-10-04 12:57 - 2019-09-13 11:40 - 01725952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-10-04 12:57 - 2019-09-13 11:40 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2019-10-04 12:57 - 2019-09-13 11:40 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-10-04 12:57 - 2019-09-13 11:40 - 00402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2019-10-04 12:57 - 2019-09-13 11:40 - 00351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe
2019-10-04 12:57 - 2019-09-13 11:40 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2019-10-04 12:57 - 2019-09-13 11:39 - 02085888 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-10-04 12:57 - 2019-09-13 11:39 - 01262592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-10-04 12:57 - 2019-09-13 11:39 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2019-10-04 12:57 - 2019-09-13 10:18 - 00470512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2019-10-04 12:57 - 2019-09-13 10:17 - 01026280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-10-04 12:57 - 2019-09-13 10:01 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2019-10-04 12:57 - 2019-09-13 10:01 - 00622592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-10-04 12:57 - 2019-09-13 10:00 - 01530880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2019-10-04 12:57 - 2019-09-13 09:59 - 02017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-10-04 12:57 - 2019-09-13 05:56 - 05821448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2019-10-04 12:57 - 2019-09-13 05:56 - 01299472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2019-10-04 12:57 - 2019-09-13 05:49 - 00274792 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2019-10-04 12:57 - 2019-09-13 05:48 - 01659704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2019-10-04 12:57 - 2019-09-13 05:48 - 01363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-10-04 12:57 - 2019-09-13 05:48 - 00722744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-10-04 12:57 - 2019-09-13 05:48 - 00710240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-10-04 12:57 - 2019-09-13 05:48 - 00170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-10-04 12:57 - 2019-09-13 05:47 - 01947168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2019-10-04 12:57 - 2019-09-13 05:47 - 00713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-10-04 12:57 - 2019-09-13 05:47 - 00275768 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-10-04 12:57 - 2019-09-13 05:47 - 00081720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2019-10-04 12:57 - 2019-09-13 05:47 - 00039736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys
2019-10-04 12:57 - 2019-09-13 05:36 - 01252152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2019-10-04 12:57 - 2019-09-13 05:35 - 01559272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2019-10-04 12:57 - 2019-09-13 05:23 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2019-10-04 12:57 - 2019-09-13 05:21 - 00153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2019-10-04 12:57 - 2019-09-13 05:21 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2019-10-04 12:57 - 2019-09-13 05:21 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-10-04 12:57 - 2019-09-13 05:21 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpnotify.exe
2019-10-04 12:57 - 2019-09-13 05:21 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-10-04 12:57 - 2019-09-13 05:20 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-10-04 12:57 - 2019-09-13 05:20 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-10-04 12:57 - 2019-09-13 05:20 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2019-10-04 12:57 - 2019-09-13 05:20 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2019-10-04 12:57 - 2019-09-13 05:19 - 00514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-10-04 12:57 - 2019-09-13 05:18 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-10-04 12:57 - 2019-09-13 05:18 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2019-10-04 12:57 - 2019-09-13 05:17 - 00761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-10-04 12:57 - 2019-09-13 05:17 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-10-04 12:57 - 2019-09-13 05:17 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2019-10-04 12:57 - 2019-09-13 05:17 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2019-10-04 12:57 - 2019-09-13 05:17 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-10-04 12:57 - 2019-09-13 05:16 - 00910336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2019-10-04 12:57 - 2019-09-13 05:16 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2019-10-04 12:57 - 2019-09-13 05:15 - 01549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-10-04 12:57 - 2019-09-13 05:15 - 01023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2019-10-04 12:57 - 2019-09-13 05:15 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2019-10-04 12:57 - 2019-09-13 05:15 - 00517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-10-04 12:57 - 2019-09-13 05:15 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2019-10-04 12:57 - 2019-09-13 05:15 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\DavSyncProvider.dll
2019-10-04 12:57 - 2019-09-13 05:15 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-10-04 12:57 - 2019-09-13 05:14 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2019-10-04 12:57 - 2019-09-13 05:14 - 00602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-10-04 12:57 - 2019-09-13 05:14 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-10-04 12:57 - 2019-09-13 05:14 - 00257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2019-10-04 12:57 - 2019-09-13 05:13 - 02893312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2019-10-04 12:57 - 2019-09-13 05:13 - 01371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2019-10-04 12:57 - 2019-09-13 05:13 - 00927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2019-10-04 12:57 - 2019-09-13 05:13 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-10-04 12:57 - 2019-09-13 05:13 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-10-04 12:57 - 2019-09-13 05:13 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-10-04 12:57 - 2019-09-13 05:12 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2019-10-04 12:57 - 2019-09-13 05:12 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2019-10-04 12:57 - 2019-09-13 05:12 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-10-04 12:57 - 2019-09-13 05:11 - 00979456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2019-10-04 12:57 - 2019-09-13 05:11 - 00782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-10-04 12:57 - 2019-09-13 05:11 - 00735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2019-10-04 12:57 - 2019-09-13 05:11 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-10-04 12:57 - 2019-09-13 05:11 - 00536576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-10-04 12:57 - 2019-09-13 05:11 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DavSyncProvider.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2019-11-01 09:47 - 2018-06-06 20:39 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2019-11-01 09:41 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\system32\sru
2019-11-01 09:01 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\AppReadiness
2019-11-01 08:55 - 2018-02-14 02:05 - 00000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-11-01 08:43 - 2014-10-08 19:22 - 00000000 ___RD C:\Users\Stefanie\OneDrive
2019-10-28 06:49 - 2018-06-07 04:52 - 01718588 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-10-28 06:49 - 2018-04-12 17:13 - 00743096 _____ C:\WINDOWS\system32\perfh007.dat
2019-10-28 06:49 - 2018-04-12 17:13 - 00149732 _____ C:\WINDOWS\system32\perfc007.dat
2019-10-28 06:42 - 2019-09-29 14:50 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2019-10-28 06:41 - 2018-06-07 05:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-10-28 06:41 - 2016-12-02 19:29 - 00746616 _____ C:\WINDOWS\PFRO.log
2019-10-28 06:41 - 2014-10-08 20:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-10-28 06:40 - 2018-04-11 22:04 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2019-10-27 17:32 - 2017-12-09 09:53 - 00000000 ___RD C:\Users\Stefanie\3D Objects
2019-10-27 17:14 - 2019-09-29 10:51 - 00000000 ____D C:\ProgramData\AVAST Software
2019-10-27 17:14 - 2018-06-06 20:39 - 00281408 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\zu-ZA
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\yo-NG
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\xh-ZA
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\wo-SN
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\tn-ZA
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\ti-ET
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\rw-RW
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\nso-ZA
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\ig-NG
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\chr-CHER-US
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2019-10-27 17:09 - 2018-04-12 00:38 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2019-10-27 17:09 - 2018-04-12 00:38 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2019-10-27 17:09 - 2018-04-12 00:38 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2019-10-27 17:09 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\TextInput
2019-10-27 17:09 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\SysWOW64\sk-SK
2019-10-27 17:09 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-10-27 17:09 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-10-27 17:09 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2019-10-27 17:09 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\system32\sk-SK
2019-10-27 17:09 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\system32\oobe
2019-10-27 17:09 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\ShellExperiences
2019-10-27 17:09 - 2018-04-11 22:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2019-10-27 17:08 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\bcastdvr
2019-10-27 17:01 - 2017-02-08 18:37 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2019-10-27 17:01 - 2014-06-09 15:07 - 00000000 ____D C:\Program Files (x86)\TOSHIBA
2019-10-27 17:01 - 2014-05-22 01:03 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2019-10-27 17:01 - 2014-05-22 01:03 - 00000000 ____D C:\Program Files\TOSHIBA
2019-10-27 17:01 - 2014-05-22 00:54 - 00000000 ____D C:\ProgramData\TOSHIBA
2019-10-27 17:00 - 2017-07-03 20:33 - 00000000 ____D C:\Users\Stefanie\AppData\Roaming\Hewlett-Packard
2019-10-27 17:00 - 2017-02-10 16:56 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2019-10-27 16:21 - 2018-05-30 19:46 - 00000000 ___DC C:\WINDOWS\Panther
2019-10-25 10:09 - 2018-06-07 05:08 - 00003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-581088433-320290056-2638895184-1001
2019-10-25 10:09 - 2018-06-07 04:37 - 00002434 _____ C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-24 11:25 - 2018-04-12 00:38 - 00017800 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2019-10-24 11:18 - 2018-04-12 00:30 - 00000000 ____D C:\WINDOWS\CbsTemp
2019-10-24 10:56 - 2014-10-10 18:28 - 00000000 ____D C:\WINDOWS\system32\MRT
2019-10-24 10:50 - 2014-10-10 18:27 - 127230528 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-10-24 10:36 - 2014-10-10 11:41 - 00000000 ____D C:\Program Files\Microsoft Office 15
2019-10-20 18:18 - 2018-06-07 08:41 - 00000000 ____D C:\Users\Stefanie\AppData\Local\D3DSCache
2019-10-07 18:04 - 2019-09-29 11:10 - 00000000 ____D C:\ProgramData\Malwarebytes
2019-10-07 18:03 - 2018-04-12 00:38 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2019-10-06 14:27 - 2014-10-08 19:51 - 00000000 ____D C:\ProgramData\Mozilla
2019-10-06 14:22 - 2014-05-22 00:54 - 00000000 ____D C:\Program Files (x86)\Google
2019-10-06 14:13 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-10-06 14:13 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\system32\Macromed
2019-10-06 14:12 - 2016-08-02 16:58 - 00000000 ____D C:\Program Files (x86)\Adobe
2019-10-05 16:58 - 2014-10-22 11:12 - 00000000 ____D C:\Users\Stefanie\Documents\Steffi Bewerbungsunterlagen
2019-10-05 16:25 - 2018-06-07 07:10 - 00000000 ____D C:\Users\Stefanie\AppData\Local\PlaceholderTileLogoFolder
2019-10-05 16:19 - 2018-07-03 17:52 - 00000000 ____D C:\ProgramData\Packages
2019-10-05 16:19 - 2017-12-09 09:20 - 00000000 ____D C:\Users\Stefanie\AppData\Local\Packages
2019-10-02 21:38 - 2018-06-07 05:08 - 00003632 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-10-02 21:38 - 2018-06-07 05:08 - 00003508 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2019-08-05 23:42 - 2019-08-05 23:42 - 0361562 _____ () C:\Users\Stefanie\AppData\Roaming\Bepacecudeto
2019-09-01 19:42 - 2019-09-01 19:42 - 0307024 _____ () C:\Users\Stefanie\AppData\Roaming\Budadet
2019-09-27 23:42 - 2019-09-27 23:42 - 0325862 _____ () C:\Users\Stefanie\AppData\Roaming\Cerepelu
2019-03-16 00:42 - 2019-03-16 00:42 - 0329892 _____ () C:\Users\Stefanie\AppData\Roaming\Cureheleloci
2019-04-27 23:42 - 2019-04-27 23:42 - 0335229 _____ () C:\Users\Stefanie\AppData\Roaming\Dehacimusuma
2019-02-19 00:42 - 2019-02-19 00:42 - 0337202 _____ () C:\Users\Stefanie\AppData\Roaming\Dofanapopele
2019-02-10 00:42 - 2019-02-10 00:42 - 0133167 _____ () C:\Users\Stefanie\AppData\Roaming\Fufaboliko
2019-05-14 23:42 - 2019-05-14 23:42 - 0304458 _____ () C:\Users\Stefanie\AppData\Roaming\Gaheme
2019-05-22 23:42 - 2019-05-22 23:42 - 0302882 _____ () C:\Users\Stefanie\AppData\Roaming\Gopib
2019-07-04 12:42 - 2019-07-04 12:42 - 0168331 _____ () C:\Users\Stefanie\AppData\Roaming\Gubiparo
2019-06-17 23:42 - 2019-06-17 23:42 - 0347448 _____ () C:\Users\Stefanie\AppData\Roaming\Hepotoca
2019-09-09 23:42 - 2019-09-09 23:42 - 0128371 _____ () C:\Users\Stefanie\AppData\Roaming\Hesumo
2019-09-04 23:42 - 2019-09-04 23:42 - 0364531 _____ () C:\Users\Stefanie\AppData\Roaming\Hesusakolit
2019-08-14 23:42 - 2019-08-14 23:42 - 0212389 _____ () C:\Users\Stefanie\AppData\Roaming\Hoginig
2019-08-22 23:42 - 2019-08-22 23:42 - 0327657 _____ () C:\Users\Stefanie\AppData\Roaming\Honekineneba
2019-07-12 23:28 - 2019-07-12 23:28 - 0157795 _____ () C:\Users\Stefanie\AppData\Roaming\Kecareh
2019-06-25 23:42 - 2019-06-25 23:42 - 0246789 _____ () C:\Users\Stefanie\AppData\Roaming\Kehenat
2016-10-29 14:01 - 2016-10-29 14:01 - 0018833 _____ () C:\Users\Stefanie\AppData\Roaming\Kelalipob
2019-04-19 23:10 - 2019-04-19 23:10 - 0313260 _____ () C:\Users\Stefanie\AppData\Roaming\Kunesamafo
2019-07-20 23:42 - 2019-07-20 23:42 - 0362819 _____ () C:\Users\Stefanie\AppData\Roaming\Lurusuhat
2019-05-05 23:42 - 2019-05-05 23:42 - 0164250 _____ () C:\Users\Stefanie\AppData\Roaming\Matedanafika
2019-02-28 00:42 - 2019-02-28 00:42 - 0286382 _____ () C:\Users\Stefanie\AppData\Roaming\Nibug
2019-09-19 11:28 - 2019-09-19 11:28 - 0292078 _____ () C:\Users\Stefanie\AppData\Roaming\Ninibokekimi
2019-07-28 23:42 - 2019-07-28 23:42 - 0359966 _____ () C:\Users\Stefanie\AppData\Roaming\Nodikolib
2019-04-10 23:46 - 2019-04-10 23:46 - 0315693 _____ () C:\Users\Stefanie\AppData\Roaming\Pitacarobere
2019-03-25 00:29 - 2019-03-25 00:29 - 0340540 _____ () C:\Users\Stefanie\AppData\Roaming\Pufure
2019-03-08 00:42 - 2019-03-08 00:42 - 0146702 _____ () C:\Users\Stefanie\AppData\Roaming\Rukeraf
2019-06-08 23:42 - 2019-06-08 23:42 - 0220511 _____ () C:\Users\Stefanie\AppData\Roaming\Sosimofem
2019-05-31 23:42 - 2019-05-31 23:42 - 0137171 _____ () C:\Users\Stefanie\AppData\Roaming\Teritet
2019-04-02 23:42 - 2019-04-02 23:42 - 0151565 _____ () C:\Users\Stefanie\AppData\Roaming\Tetetuco
2014-10-10 11:42 - 2019-09-27 23:42 - 0001093 _____ () C:\Users\Stefanie\AppData\Roaming\WB.CFG
2017-12-15 09:26 - 2017-12-15 09:26 - 0000068 _____ () C:\Users\Stefanie\AppData\Local\5qe2nbznbz
2014-10-12 20:42 - 2014-12-20 18:43 - 0000001 _____ () C:\Users\Stefanie\AppData\Local\DSI.DAT
2016-12-11 16:04 - 2017-02-14 22:17 - 0000041 _____ () C:\ProgramData\.zreglib
2017-09-15 08:45 - 2017-09-15 08:45 - 0000000 _____ () C:\ProgramData\DP45977C.lfl
2017-12-29 19:29 - 2017-12-29 19:29 - 0000016 _____ () C:\ProgramData\mntemp
2017-12-29 19:29 - 2017-12-29 19:29 - 0004935 _____ () C:\ProgramData\vfiakfjk.zeu

==================== Bamital & volsnap Check =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\System32\winlogon.exe => Datei ist digital signiert
C:\Windows\System32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\System32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\System32\services.exe => Datei ist digital signiert
C:\Windows\System32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\System32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\System32\rpcss.dll => Datei ist digital signiert
C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2018-06-06 20:39

==================== Ende von log ============================

Djchaos 01.11.2019 10:04
Addition.txt
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:28-07-2015
durchgeführt von Stefanie (2019-11-01 09:54:56)
Gestartet von C:\Users\Stefanie\Desktop
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-581088433-320290056-2638895184-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-581088433-320290056-2638895184-503 - Limited - Disabled)
Gast (S-1-5-21-581088433-320290056-2638895184-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-581088433-320290056-2638895184-1005 - Limited - Enabled)
Stefanie (S-1-5-21-581088433-320290056-2638895184-1001 - Administrator - Enabled) => C:\Users\Stefanie
WDAGUtilityAccount (S-1-5-21-581088433-320290056-2638895184-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
AVI Media Player 1.0.2 (HKLM-x32\...\AVI Media Player_is1) (Version:  - vsevensoft.com)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CloneCD (HKLM-x32\...\CloneCD) (Version: 5.3.4.0 - SlySoft)
Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden
DTS Sound (HKLM-x32\...\{9B17BBEC-CF31-4C23-949E-E65A14365CE1}) (Version: 1.01.6100 - DTS, Inc.)
Enchanted Cavern 2 (x32 Version: 2.2.0.110 - WildTangent) Hidden
Evernote (HKLM-x32\...\Evernote) (Version: 1.0.0 - Evernote Launcher by Toshiba Europe GmbH)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.35.301 - Google LLC) Hidden
HP LaserJet Pro M11-M13 Series (HKLM\...\HP LaserJet Pro M11-M13 Series) (Version:  - )
HP Support Solutions Framework (HKLM-x32\...\{AAE126B3-95C5-49E1-A590-7B5F6EDC7D60}) (Version: 12.13.42.1 - HP Inc.)
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4425 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden
Malwarebytes Version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.5179.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-581088433-320290056-2638895184-1001\...\OneDriveSetup.exe) (Version: 19.174.0902.0013 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d07b0db5-8dad-40e1-be90-88026298a46b}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{2749c485-3a8b-4533-92ff-7cf6e8221cff}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.21.00.03 - Huawei Technologies Co.,Ltd)
Movavi Video Converter 18 Premium (HKLM-x32\...\Movavi Video Converter 18 Premium) (Version: 18.1.0 - Movavi)
Mozilla Firefox 70.0 (x64 de) (HKLM\...\Mozilla Firefox 70.0 (x64 de)) (Version: 70.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0.2 - Mozilla)
My Kingdom for the Princess 3 (x32 Version: 2.2.0.110 - WildTangent) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.5179.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.5179.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.5179.1000 - Microsoft Corporation) Hidden
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7173 - Realtek Semiconductor Corp.)
Symbaloo (HKLM-x32\...\Symbaloo) (Version: 1.0.0 - Symbaloo Launcher by Toshiba Europe GmbH)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.4.3.182 - Synaptics Incorporated)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.6.4835 - TeamViewer)
tiptoi® Manager 4.0.1 (HKLM\...\{833392BB-E8C0-4066-9408-3A30FA43972F}_is1) (Version: 4.0.1 - Ravensburger AG)
TOSHIBA Display Utility (HKLM\...\{F64E9295-E1B3-4EEA-86D3-AF44A0087B06}) (Version: 1.1.16.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{94D2A899-0C34-4420-880E-AE337E635AB0}) (Version: 2.4.2.6403 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{1844CFE2-EBA3-490A-8A5E-9BFC646342FD}) (Version: 1.1.5.6402 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.19 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{59358FD4-252B-4B38-AB81-955C491A494F}) (Version: 2.0.0.15C - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.2.00.56006005 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{E3FCDCBE-0A13-4F73-95C1-000A51CF1C8C}) (Version: 2.6.16.0 - Toshiba Corporation)
TOSHIBA Start Screen Option (HKLM\...\{06B71035-F19F-4F76-9875-FFCCD4FC3F83}) (Version: 1.00.01.6402 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0033 - Toshiba Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (Version: 1.24.0.0 - Microsoft Corporation) Hidden
Utility Common Driver (x32 Version: 1.0.53.3 - Compal) Hidden
Virtual Villagers 5 - New Believers (x32 Version: 3.0.2.32 - WildTangent) Hidden
Windows Phone app for desktop (HKLM-x32\...\{19773614-FC22-4ACC-AAA3-E6BDA81ACF92}) (Version: 1.1.2726.0 - Microsoft Corporation)
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}\localserver32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{389510b7-9e58-40d7-98bf-60b911cb0ea9}\localserver32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileCoAuthLib64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{94269C4E-071A-4116-90E6-52E557067E4E}\localserver32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{A926714B-7BFC-4D08-A035-80021395FFA8}\localserver32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll (Microsoft Corporation)

==================== Wiederherstellungspunkte =========================

06-10-2019 14:09:31 Removed Adobe Acrobat Reader DC - Deutsch.
24-10-2019 10:47:39 Windows Update
01-11-2019 09:14:30 Windows Update

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {042D8A51-5878-4000-9C10-C04AFF122A1F} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand
Task: {04B3E894-DE5B-4C4A-9AA7-CA8F7CE43583} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Cellular => C:\Windows\system32\ProvTool.exe [2018-04-12] (Microsoft Corporation)
Task: {05C3BAB1-68F8-4EAF-B4AF-8C21E2478533} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime No Task File <==== ATTENTION
Task: {05E09776-F708-4694-949B-E8993608CC2B} - System32\Tasks\Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate
Task: {09131E27-3793-4B1E-A11E-77D3EAC118D1} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask
Task: {0A7AA876-862F-4F81-AA4B-B73950FA632C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates
Task: {0BA33681-9D00-4B31-9A87-01683672BFEF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d No Task File <==== ATTENTION
Task: {0E55C40D-83F8-4F39-838C-C1D3707EA86A} - System32\Tasks\Microsoft\Windows\DUSM\dusmtask => C:\Windows\System32\dusmtask.exe [2018-11-01] (Microsoft Corporation)
Task: {10A37F08-4ACD-47E1-AAB4-6ECDE6DDDE8A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {175463A3-4AF2-4959-8504-C36C4397C393} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\IntegrityCheck
Task: {1BE936D4-EE40-4F04-84E0-18FFD27C0A6A} - System32\Tasks\Microsoft\Windows\Chkdsk\SyspartRepair => C:\Windows\system32\bcdboot.exe [2018-04-12] (Microsoft Corporation)
Task: {1C7A907A-6B30-4164-8565-B0A88C877376} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2019-02-13] (Microsoft Corporation)
Task: {1FAE791A-9736-4412-823B-80AE3EE2C1CB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d No Task File <==== ATTENTION
Task: {2231CAFE-FABE-41F5-A0B3-842D9319DBF9} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\Windows\system32\AppHostRegistrationVerifier.exe [2018-06-06] (Microsoft Corporation)
Task: {226C52BC-0F62-4E67-A70D-74C22932AC02} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload => C:\Windows\system32\dmclient.exe [2018-04-12] (Microsoft Corporation)
Task: {23ACACF5-2E96-4ECC-BE70-94CFCB2EF6DE} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Installation
Task: {257A47C0-FECE-4A8E-BB35-161852DFF727} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-01-20] (Realtek Semiconductor)
Task: {289D68A0-E96F-491B-9498-B0B602C5C53A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess No Task File <==== ATTENTION
Task: {28C75830-5752-4F41-A94B-BFD5E8A0D7C8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d No Task File <==== ATTENTION
Task: {294EF281-56B6-4F71-8115-BAC2919EF034} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task
Task: {29F3A47A-C0DC-48D8-ACAF-89413EE0731D} - System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr => C:\Windows\System32\UNP\UpdateNotificationMgr.exe [2019-07-09] (Microsoft Corporation)
Task: {2BB692C1-F60F-479E-ADC2-1CAF9422A2AC} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask
Task: {2DBD790D-172A-4CFA-B3F7-824D7509680F} - System32\Tasks\Microsoft\Windows\PushToInstall\Registration => Sc.exe start pushtoinstall registration
Task: {2E2E003A-9792-4956-8F12-92797F584AB8} - System32\Tasks\Microsoft\Windows\License Manager\TempSignedLicenseExchange
Task: {3137ADB6-515F-4020-9DB9-0F91106BB27F} - \WPD\SqmUpload_S-1-5-21-581088433-320290056-2638895184-1001 No Task File <==== ATTENTION
Task: {3199A9F7-0492-4FC9-9EC1-A59CC69A8F52} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe
Task: {3790297B-C317-4FEB-9E8D-3B4C85520240} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig No Task File <==== ATTENTION
Task: {3C1365A1-11E1-4629-9B25-7D6A932E6B60} - System32\Tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Management Initialization
Task: {3DF2FF36-8A3E-4F15-9221-D68F365A7872} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe
Task: {407E1879-1F5E-42B2-BA7F-53BCEF433805} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe [2018-04-12] (Microsoft Corporation)
Task: {430852CB-A87C-492E-A659-075C7BF1710C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates
Task: {46DDFBEA-7B80-499F-8D16-8FB7836BEBDC} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan => C:\Windows\system32\usoclient.exe [2019-09-13] (Microsoft Corporation)
Task: {4CB53382-6FBB-4666-B563-0ABC6429D301} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceSettingChange
Task: {4F662F7F-D75F-455E-A03A-8AD0D8313218} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B No Task File <==== ATTENTION
Task: {51B7FB15-4DCB-400E-9A98-10E802F21FB3} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceScreenOnOff
Task: {51D31EBF-545E-411D-A21A-CB34004CC384} - System32\Tasks\Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh
Task: {5294EF9E-88CD-432B-A10B-C3AC2FB364AC} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe [2019-08-26] (Microsoft Corporation)
Task: {536E4522-B726-480C-9063-126E74EEA4A4} - System32\Tasks\Microsoft\Windows\Maps\MapsUpdateTask
Task: {541BA5BF-1736-4A3E-B1E5-CE1C9EE13043} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates
Task: {577C3956-E492-42A5-AEFB-FDC54A537C64} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange
Task: {57A7E0DF-F70E-43B1-AA2C-5BA67DBBE753} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask
Task: {5BE358DF-C2F0-43BC-BA5A-77E36BF54A02} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics => C:\Windows\system32\disksnapshot.exe [2018-04-12] (Microsoft Corporation)
Task: {5DB4FD20-4FF2-4C58-9801-ADD6F0149633} - System32\Tasks\Microsoft\Windows\EDP\EDP Inaccessible Credentials Task
Task: {60C269FF-448A-4F10-886E-2C70F5086A5F} - System32\Tasks\Microsoft\Windows\Sysmain\ResPriStaticDbSync
Task: {62331915-A3E9-4B6E-9686-86034377E8CF} - System32\Tasks\Microsoft\Windows\USB\Usb-Notifications
Task: {65A34F07-723D-4150-B109-13BD1AE3DFAA} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6BFE7106-601B-4B34-8F8E-87B9A0DA6ACE} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterUserDevice
Task: {6DE4F7DC-0B8D-404A-A6C9-83241658F8CA} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\Windows\system32\AppHostRegistrationVerifier.exe [2018-06-06] (Microsoft Corporation)
Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => C:\Windows\system32\MusNotification.exe [2019-10-02] (Microsoft Corporation)
Task: {7138D0D3-1873-4A77-86CF-4840F491C90F} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\Windows\System32\XblGameSaveTask.exe [2018-04-12] (Microsoft Corporation)
Task: {749AC711-AA62-4D1D-B314-EF1C97E1CA56} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2018-04-12] (Microsoft Corporation)
Task: {749E286C-C205-4C7C-B742-BE5023BF06DE} - System32\Tasks\Microsoft\Windows\PushToInstall\LoginCheck => Sc.exe start pushtoinstall login
Task: {75522E26-6BE6-4F53-A0FA-14470ECAACAB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2019-07-09] (Microsoft Corporation)
Task: {7558573E-8172-4712-ACF4-9749EC2BE926} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation
Task: {78BABCCD-20B8-49B7-B4F8-87490C41C875} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser
Task: {7E964508-4868-4DB6-A10A-B96FAE223F77} - \Microsoft\Windows\UNP\RunCampaignManager No Task File <==== ATTENTION
Task: {7EAE5A6B-00F4-4B9F-A255-E1C163B587A1} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession
Task: {836F749C-D064-4E3A-8EEB-A8C21F65A018} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [2019-11-01] (Microsoft Corporation)
Task: {88ACDE4D-32A9-43B2-8AFA-B40952AA4881} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [2019-11-01] (Microsoft Corporation)
Task: {8B4471CE-BE6B-4E3E-ACA5-46DEE1BBC895} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater – Install HPSA => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe
Task: {8CCDCCC3-88F0-4860-84BE-5AC16A1C6FA9} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => Rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
Task: {8D87C19D-6DCD-4EFE-B479-BA3F07C807AB} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2018-03-28] (Synaptics Incorporated)
Task: {8DD63C04-476E-493C-861A-32E304334E76} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistant => C:\Windows\UpdateAssistant\UpdateAssistant.exe [2019-10-16] (Microsoft Corporation)
Task: {8E7BB9A3-956E-4C6A-AE87-4F175197704F} - System32\Tasks\Microsoft\Windows\NlaSvc\WiFiTask => C:\Windows\System32\WiFiTask.exe [2018-04-12] (Microsoft Corporation)
Task: {8F255F88-A87A-495F-B828-A4AFEC70BDB0} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\Windows\system32\dxgiadaptercache.exe [2018-04-12] (Microsoft Corporation)
Task: {91AF4E1B-193C-48CF-9F8C-4E86CB77B10B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime No Task File <==== ATTENTION
Task: {931758D8-2EC2-4EAE-B3BA-A98DAEC67332} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {94C0F2F9-98DF-415E-BDC9-AAFF75D5EF69} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2018-04-12] (Microsoft Corporation)
Task: {95301ABB-6B78-4DEE-8319-BD138F73F8D3} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2018-04-12] (Microsoft Corporation)
Task: {97A565C8-93ED-4888-94AF-BAFA03F733FE} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantWakeupRun => C:\Windows\UpdateAssistant\UpdateAssistant.exe [2019-10-16] (Microsoft Corporation)
Task: {97E8D66D-0085-423C-BA11-DD777A1258AB} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\Windows\system32\MDMAgent.exe [2019-06-13] (Microsoft Corporation)
Task: {9BD44F9F-0C01-4F78-9644-4C7596CD1E0A} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceAccountChange
Task: {9D6319E1-E88F-4D35-AD66-C4EED376E93E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d No Task File <==== ATTENTION
Task: {9E135150-470F-49FC-941B-E284A56AEDD1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [2019-11-01] (Microsoft Corporation)
Task: {9E1DD7B4-6A7B-4AD3-B4AA-B4741028631C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent No Task File <==== ATTENTION
Task: {9ED04639-82DC-496B-85A2-58B3C48CA3F3} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback
Task: {A19CD75C-08C3-42D5-9EB4-AE76B91A5550} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2018-04-12] (Microsoft Corporation)
Task: {A2E97D0A-9C58-44AB-89DC-55128ACA73C4} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {A305A840-EC8B-4C66-8EA8-5FF15F129CD2} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe [2018-04-12] (Microsoft Corporation)
Task: {A5FE6B52-974F-492F-81F3-472223AD09D5} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\Windows\system32\ClipRenew.exe [2018-04-12] (Microsoft Corporation)
Task: {B0952E0A-C54F-4E8B-95E9-90E560086B37} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand
Task: {B14C88F4-4AAC-4F00-A94E-8EA180D7AEDC} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense
Task: {B2D1D0E5-4670-4493-9360-C9DD0E832A9D} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\CryptoPolicyTask
Task: {B2F4AC84-A8D0-4524-9363-BFF5A5911A00} - System32\Tasks\Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask
Task: {B320E058-C6FA-413F-876B-0C9B4428AE66} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic6
Task: {B3433942-FE11-4C11-839D-9C7589B6C5CB} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\Windows\system32\ClipRenew.exe [2018-04-12] (Microsoft Corporation)
Task: {B57429E8-8CBF-47A8-89FA-B5219D8376E3} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2019-02-13] (Microsoft Corporation)
Task: {B6DCBB4A-0292-47AE-B9DC-F81CF086D721} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-581088433-320290056-2638895184-1001 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {B76ECE88-27B3-4CEC-9B37-1314B4602CAA} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic24
Task: {BD924DA8-2073-4BD4-8BCB-118ED4EDEB2C} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\AC Power Install => C:\Windows\system32\usoclient.exe [2019-09-13] (Microsoft Corporation)
Task: {C2098BE2-A29A-4EB1-97F6-F0C57E086D4F} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\Windows\system32\speech_onecore\common\SpeechRuntime.exe [2018-06-06] (Microsoft Corporation)
Task: {C48D50E5-71A9-48D8-B7C1-3DA9AECBDEC3} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2019-05-17] (Microsoft Corporation)
Task: {C6B2579B-4962-4D12-883D-BBD420573A6C} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic1
Task: {C9B34E7E-3A1B-4940-B011-BF7F34B31D20} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2014-04-03] (TOSHIBA Corporation)
Task: {CB7F3B8F-F794-47DD-A8D2-AD8051F45A55} - System32\Tasks\Microsoft\Windows\WwanSvc\NotificationTask => C:\Windows\System32\WiFiTask.exe [2018-04-12] (Microsoft Corporation)
Task: {CCEF2C54-86E8-4168-B918-53DA443D8D00} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe
Task: {CD5CE6F3-171C-4C0F-8629-3F2126A0FB72} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => C:\Windows\system32\MusNotification.exe [2019-10-02] (Microsoft Corporation)
Task: {CDA5D686-5D6C-4730-9907-B66710DC3670} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange
Task: {D010978C-B666-4072-B7F3-DD6340CDD629} - System32\Tasks\Microsoft\Windows\EDP\StorageCardEncryption Task
Task: {D0300741-03C7-49FE-ABAC-C520084F6E67} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [2019-11-01] (Microsoft Corporation)
Task: {D19A2726-897E-4F7D-9CE4-0773B449CE9E} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceConnectedToNetwork
Task: {D1CC320B-9A47-4DB4-AFE4-2BCE1A964E7A} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources
Task: {D49C81A2-855C-417E-825F-1DC2AA1443D3} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon => C:\Windows\System32\XblGameSaveTask.exe [2018-04-12] (Microsoft Corporation)
Task: {D4A9B4EC-1635-4B25-9E3B-1C9BE9D98D00} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattelrunner.exe [2019-09-04] (Microsoft Corporation)
Task: {D8436F3C-DDFE-4877-A05C-2337758E98E9} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {DC3C4041-27B3-4040-9DE1-FA5EE922AA3B} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {DD710A69-86C6-4932-97B1-01FB13ACFEF1} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged
Task: {E047CF5C-4040-476F-8737-408E3BA4B0B6} - System32\Tasks\Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate
Task: {E0862994-9083-482D-A921-27B4860FFA21} - System32\Tasks\Microsoft\Windows\Printing\EduPrintProv => C:\Windows\system32\eduprintprov.exe [2019-04-19] (Microsoft Corporation)
Task: {E1CA9B6B-2358-49EA-9722-19B254DC558E} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantCalendarRun => C:\Windows\UpdateAssistant\UpdateAssistant.exe [2019-10-16] (Microsoft Corporation)
Task: {E82177E3-E19A-4321-84F6-90AA57815013} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2019-09-04] (Microsoft Corporation)
Task: {E8411C63-4393-40B6-9A25-7D31CD4897BE} - System32\Tasks\Microsoft\Windows\WCM\WiFiTask => C:\Windows\System32\WiFiTask.exe [2018-04-12] (Microsoft Corporation)
Task: {E907704E-6225-4B0A-A428-3ECE7F8277BE} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask
Task: {E9474EE3-C9D7-4FA3-9B3E-353E37D5814D} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Logon => C:\Windows\system32\ProvTool.exe [2018-04-12] (Microsoft Corporation)
Task: {E9A40C11-F4D4-498B-B441-C0B6110AC9A4} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantAllUsersRun => C:\Windows\UpdateAssistant\UpdateAssistant.exe [2019-10-16] (Microsoft Corporation)
Task: {EE263E86-FF16-45EE-94C8-2327B81F98CE} - System32\Tasks\Microsoft\Windows\Workplace Join\Recovery-Check => C:\Windows\System32\dsregcmd.exe [2018-04-12] (Microsoft Corporation)
Task: {EF7CFDCE-C0DD-449F-9DF2-CCEB2CE3AE8B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent No Task File <==== ATTENTION
Task: {EFA86FF7-22AE-4997-AFD9-E89E1BF9B7D6} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\Windows\system32\devicecensus.exe [2019-09-04] (Microsoft Corporation)
Task: {F084544B-322F-4CED-B874-EC696339C19E} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceManagerTask => C:\Windows\system32\spaceman.exe [2018-04-12] (Microsoft Corporation)
Task: {F35ACE16-1E96-431C-B189-F2F82BA8A4F9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d No Task File <==== ATTENTION
Task: {F955A09C-E83A-4AD5-9ABC-7D5D7A055117} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task
Task: {FC779438-B7FD-4774-AA55-4DE2A4B098A4} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh
Task: {FD0C7C89-E963-41B3-A6DE-3D6B2644A94D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {FE702A37-B3C1-4A15-B59D-86935E5097A7} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation
Task: {FEBC9EFC-F9E9-420F-AA49-0491E2CA5639} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install => C:\Windows\system32\usoclient.exe [2019-09-13] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2018-04-12 00:34 - 2018-04-12 00:34 - 00491744 _____ () C:\Windows\System32\InputHost.dll
2017-02-08 21:51 - 2016-02-25 15:39 - 00074240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HPM11M13PP.DLL
2014-10-10 11:41 - 2017-01-17 03:25 - 00117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-03-03 21:30 - 2014-03-03 21:30 - 00021840 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2015-03-01 12:37 - 2013-07-23 04:47 - 00239696 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
2018-04-12 00:34 - 2018-04-12 00:34 - 00472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2019-09-11 04:21 - 2019-09-04 05:39 - 02759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 00491744 _____ () C:\WINDOWS\SYSTEM32\InputHost.dll
2019-10-24 10:59 - 2019-10-02 05:23 - 02184192 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 00491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2019-09-25 19:24 - 2019-09-25 19:25 - 00484352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2019-09-25 19:24 - 2019-09-25 19:25 - 80811520 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2019-09-25 19:24 - 2019-09-25 19:25 - 00011264 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2019-05-03 17:52 - 2019-05-03 17:53 - 03707904 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2017-10-05 08:13 - 2017-10-05 08:15 - 02523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2019-09-25 19:24 - 2019-09-25 19:25 - 13444096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2019-09-25 19:24 - 2019-09-25 19:24 - 03027968 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2019-05-03 17:52 - 2019-05-03 17:53 - 01014784 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2019-09-25 19:24 - 2019-09-25 19:25 - 00123904 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\AppSettingsCppCX.dll
2019-08-24 21:39 - 2019-08-24 21:40 - 01418240 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll
2019-08-24 21:39 - 2019-08-24 21:40 - 01398784 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2019-09-25 19:24 - 2019-09-25 19:25 - 00881664 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\OnlineMediaComponent.dll
2019-11-01 08:52 - 2019-11-01 08:54 - 23313408 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19101.10711.0_x64__8wekyb3d8bbwe\Music.UI.exe
2019-11-01 08:52 - 2019-11-01 08:54 - 00289280 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19101.10711.0_x64__8wekyb3d8bbwe\SharedUI.dll
2017-12-03 18:33 - 2017-12-03 18:33 - 00902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19101.10711.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-11-28 22:15 - 2018-11-28 22:15 - 04202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19101.10711.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-11-01 08:52 - 2019-11-01 08:54 - 05704704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19101.10711.0_x64__8wekyb3d8bbwe\EntCommon.dll
2019-10-24 11:04 - 2019-10-24 11:09 - 95419808 _____ () C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\libcef.dll
2019-10-24 11:04 - 2019-10-24 11:09 - 05865888 _____ () C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\libglesv2.dll
2019-10-24 11:04 - 2019-10-24 11:09 - 00320416 _____ () C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Program Files\Microsoft Office 15:Win32App_1
AlternateDataStreams: C:\Program Files\UNP:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Atheros:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\AVI Media Player:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Bluetooth Suite:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Spotify:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Windows Phone:Win32App_1
AlternateDataStreams: C:\ProgramData\Compal:Win32App_1
AlternateDataStreams: C:\Users\Stefanie\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity
AlternateDataStreams: C:\Users\Stefanie\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Stefanie\Documents\Ravensburger tiptoi:Win32App_1

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52} => ""="Firmware"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52} => ""="Firmware"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer trusted/restricted ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-581088433-320290056-2638895184-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Stefanie\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\DSCN0705.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [WirelessDisplay-Infra-In-TCP] => (Allow) %systemroot%\system32\CastSrv.exe
FirewallRules: [{43F0A6BA-6580-4322-976C-3526326A1F5B}] => (Allow) LPort=161
FirewallRules: [{79DCE212-6583-418B-98D3-5BC300532550}] => (Allow) LPort=427
FirewallRules: [{C25042E1-630B-4AD4-A979-6FFE4140A5A5}] => (Allow) LPort=9100
FirewallRules: [{DD929EDE-1337-40E5-9E5D-0A0723880007}] => (Allow) C:\Program Files\HP\HP LaserJet Pro M11-M13 Series\wificonfig.exe
FirewallRules: [{FB50C379-0382-4110-B384-6355710DB51D}] => (Allow) C:\Program Files\HP\HP LaserJet Pro M11-M13 Series\wificonfig.exe
FirewallRules: [{5EE32BE0-2A09-4972-B8EA-D82C4B0BB0A3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{7F78D69A-2287-4026-8902-716FAD84865A}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{6BCFBC3B-73FA-437C-A0F0-B6BD0DBA46E5}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{2518B1F5-B266-462C-967E-1FE500565A1D}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{B8CD2042-38C7-4279-BDC6-2D3F0B7950AB}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{EC3E7A9C-1F3E-4496-9679-41A8BB2070C8}] => (Allow) C:\Users\Stefanie\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{DD5C4696-91CB-4D58-A8CB-611D9AFE6647}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{4996D0CA-46A7-4EE4-9126-AEFF8C204305}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{48F144F7-DE7A-4999-AC43-DAC45F28266E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{BB53FFB9-F70E-4372-BD56-29255A0AA6F2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{C1FFB7C0-CB49-405F-AAFB-075A914B021F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E45C0CBB-AE89-4F63-838D-67945D8AB01B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{5DE48DF5-3D61-404A-B2C9-F07C1F539A97}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{2E5306FB-6E3C-412B-B791-7D5446BF4330}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{58E5ED33-30E1-44CF-9884-71D7CB4DE6F7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{39C630F8-E86D-4709-AAF2-80D42663BE65}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{05433D25-F9D2-47BF-A6B8-239999187D56}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{30EB44EC-BD4F-4017-91E2-5904E4563256}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{3BB607EF-D19F-42B0-8EB5-6A0CFCB2C0D4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{29DAA745-1F95-400A-8E60-B93D822FCCED}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{B0BDDE87-16E7-459C-88B2-A1065D8D0764}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{4ACEC861-5733-451B-B4A9-E444522920C9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{3D4B3F98-002F-4641-88AF-35D314E01FAC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{CC0F69FA-6D86-4AB9-85A1-6C9D39F74A6F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{CE69EE57-F033-4D46-8854-FBE98B18D62E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{73A3BF34-A4EC-405F-BE8C-FA3899A84833}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{F9147934-B002-4CE2-BC0D-3E4ABE117951}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{A19A7D11-CF1C-4937-ADE6-9FF3BF77E7F0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{3D7324D6-AB05-4CD1-8453-6946CE24AA27}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{13A4CEF4-3B93-40DA-B2D0-1088F7375CFD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{319681FC-6A8D-4626-8CA8-0756C33578F7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{A342A1BA-5BBF-407D-BF14-59BF45ADE7AC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{08E7051B-889F-48BA-ABE4-04BF0438AF8E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{CA4D3ECA-8BDD-44F4-9332-9D723CB92B42}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{BEDE9B37-22B7-4B59-BB89-C4CBA1FD0A14}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E28FA4B3-61C9-4D7D-9D60-B73453BD3562}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{525158E3-7566-43A6-AA60-3A84DB9E2F5C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{F573BB4D-92E7-487C-8926-CE508D81D643}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{BD851E31-E1EE-4436-B1A9-B9DBE0B47B22}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{7C78242F-04B7-48C3-A87F-36834A7182A1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{AB0E1EF2-2758-4CCD-A7DA-18C62BA12DC1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{8C65DC10-A379-40E3-AA3E-6B5C9D39AB24}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{33A23490-514E-4A49-BDE0-79C8E1FB0410}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{6B9F3EDA-CA0E-4155-B74F-EBD9FD892B32}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{8D1990B1-2BF9-40B1-A47F-71A9F90D6B41}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{4E9F3EFA-8D84-4DA4-B67F-AE764E7A5D6B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{1764FA75-2F99-4692-9946-5BBC226DE11B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{5E386AEE-D841-473C-81FC-96C8163FC521}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{B728E216-134F-4D62-B5D4-A44ED6DC4EC0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{80E4337B-4555-44C3-B4C3-2AA671E2A20A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E5FB16D9-00BB-452C-A48E-3FF586352F82}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{0A212600-E0C3-49F1-836A-0968CEC685C7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{244B592A-D1CF-4E06-949E-B6849142FCC4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{794F5D4C-6F6B-4235-B06F-606000888ED5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{92ADB20F-3803-45B0-AFCB-8FC6A46AEB3F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{7334221C-39EC-42D6-9044-4CCC81F543AA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{063DD2C7-3803-471C-B64B-E262140A0A11}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C47BC493-BC55-4AE9-8E92-F7CA888F688C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{09E8295D-C252-4219-9869-E210EA8B3AB0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{DFFB18C3-019D-42CD-9AB1-3A8EC7BCFE8E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{5D97C3F7-6412-4C57-8BFA-2289D1AEE544}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{6CC13204-DBC1-4456-87A8-EAEEE46968EC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E155A94C-01EA-42BB-BC5C-7366458AD490}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{7646AA3B-92AD-431F-996A-91ABC915ECFA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{72CB5C21-7D66-468E-83CA-819BEC90EB2A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{A4C1EF6E-B165-420C-A3C6-0F2A9020AE81}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{AAB7BD92-4570-43B8-97F0-A68B8A9E54FE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{407C1A7D-0FFC-4340-809D-61403D8703E9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{96995451-F6EB-4D08-9DA4-A1CA07B526A6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{64D53E24-B1EA-4C9C-9AEB-6C9528E03D3C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{FA0CA4FF-D002-4B60-B284-109F09D44703}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{55D5E618-2CA3-49BA-9379-61146CB3AEF9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{3EF6F584-A247-40B3-B574-932F6A9635EA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{4C97CA9A-BABE-4452-B607-AF99A96EA30D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{A0D7B789-B835-45A8-AAC0-CEEC4E2D9BF2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{7FB6BC8F-3D97-469D-A437-5FF319660C17}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{50998D75-C944-4DBF-8AFE-064E167AD044}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{7363A9AF-BDEE-4370-8DD7-39EF7289A9D3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{545AF423-F6B8-40BC-85ED-EE6B31C3EEEB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{B4F7E179-C922-43EB-BE83-D5CC2CB7BF24}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{ECC4D9EF-B77A-4CE5-A6DD-F56BD1024C2D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E4346D0F-393C-4029-BC6D-337629F64BA2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{B6E59659-3FF8-45C9-9ADD-AFD91AEB9937}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{EAB17B20-2A2B-4E37-B92B-DFB2454F595E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (10/28/2019 06:45:43 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SearchUI.exe, Version 10.0.17134.1067 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 360

Startzeit: 01d58d52af172ac6

Beendigungszeit: 4294967295

Anwendungspfad: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe

Berichts-ID: 1696ef40-c99d-44e8-9ce6-afa210466031

Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Cortana_1.10.8.17134_neutral_neutral_cw5n1h2txyewy

Auf das fehlerhafte Paket bezogene Anwendungs-ID: CortanaUI

Error: (10/27/2019 05:01:26 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.


Vorgang:
  Asynchroner Vorgang wird ausgeführt

Kontext:
  Aktueller Status: DoSnapshotSet

Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service Avast Antivirus since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddWin32ServiceFiles: Unable to back up image of service aswbIDSAgent since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary aswVmm.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSP.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSnx.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary aswRvrt.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary aswRdr.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary aswMonFlt.

System Error:
Das System kann die angegebene Datei nicht finden.
.


Systemfehler:
=============
Error: (11/01/2019 08:57:07 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d02 fehlgeschlagen: 9NCBCSZSJRSB-SpotifyAB.SpotifyMusic

Error: (11/01/2019 08:48:35 AM) (Source: DCOM) (EventID: 10016) (User: FINN)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}FinnStefanieS-1-5-21-581088433-320290056-2638895184-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewyS-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723

Error: (11/01/2019 08:48:23 AM) (Source: DCOM) (EventID: 10016) (User: FINN)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}FinnStefanieS-1-5-21-581088433-320290056-2638895184-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewyS-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723

Error: (11/01/2019 08:44:16 AM) (Source: DCOM) (EventID: 10016) (User: FINN)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}FinnStefanieS-1-5-21-581088433-320290056-2638895184-1001LocalHost (unter Verwendung von LRPC)SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0Nicht verfügbar

Error: (11/01/2019 08:43:56 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (11/01/2019 08:42:26 AM) (Source: DCOM) (EventID: 10016) (User: FINN)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}FinnStefanieS-1-5-21-581088433-320290056-2638895184-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewyS-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723

Error: (11/01/2019 08:40:56 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (11/01/2019 08:40:56 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (11/01/2019 08:40:54 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/28/2019 06:48:05 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStartWindows.SecurityCenter.WscBrokerManagerNicht verfügbarNT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar


Microsoft Office:
=========================
Error: (10/28/2019 06:45:43 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SearchUI.exe10.0.17134.106736001d58d52af172ac64294967295C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe1696ef40-c99d-44e8-9ce6-afa210466031Microsoft.Windows.Cortana_1.10.8.17134_neutral_neutral_cw5n1h2txyewyCortanaUI

Error: (10/27/2019 05:01:26 PM) (Source: VSS) (EventID: 8193) (User: )
Description: QueryFullProcessImageNameW0x80070006, Das Handle ist ungültig.


Vorgang:
  Asynchroner Vorgang wird ausgeführt

Kontext:
  Aktueller Status: DoSnapshotSet

Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service Avast Antivirus since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service aswbIDSAgent since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswVmm.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSP.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSnx.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswRvrt.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswRdr.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswMonFlt.

System Error:
Das System kann die angegebene Datei nicht finden.


CodeIntegrity:
===================================
  Date: 2019-10-07 19:05:43.488
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2018-09-25 09:26:00.839
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-09-25 09:26:00.604
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-09-25 09:26:00.245
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen ===========================

Processor: Intel(R) Celeron(R) CPU N2830 @ 2.16GHz
Percentage of memory in use: 57%
Total physical RAM: 3982.88 MB
Available physical RAM: 1685.45 MB
Total Virtual: 4686.88 MB
Available Virtual: 1690.15 MB

==================== Drives ================================

Drive c: (TI31338300A) (Fixed) (Total:453.31 GB) (Free:318.02 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== Ende von log ============================

cosinus 01.11.2019 11:03
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ATTENTION
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll No File
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll No File
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No File
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
Task: {05C3BAB1-68F8-4EAF-B4AF-8C21E2478533} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime No Task File <==== ATTENTION
Task: {0BA33681-9D00-4B31-9A87-01683672BFEF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d No Task File <==== ATTENTION
Task: {1FAE791A-9736-4412-823B-80AE3EE2C1CB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d No Task File <==== ATTENTION
Task: {289D68A0-E96F-491B-9498-B0B602C5C53A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess No Task File <==== ATTENTION
Task: {28C75830-5752-4F41-A94B-BFD5E8A0D7C8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d No Task File <==== ATTENTION
Task: {3137ADB6-515F-4020-9DB9-0F91106BB27F} - \WPD\SqmUpload_S-1-5-21-581088433-320290056-2638895184-1001 No Task File <==== ATTENTION
Task: {3790297B-C317-4FEB-9E8D-3B4C85520240} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig No Task File <==== ATTENTION
Task: {4F662F7F-D75F-455E-A03A-8AD0D8313218} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B No Task File <==== ATTENTION
Task: {7E964508-4868-4DB6-A10A-B96FAE223F77} - \Microsoft\Windows\UNP\RunCampaignManager No Task File <==== ATTENTION
Task: {91AF4E1B-193C-48CF-9F8C-4E86CB77B10B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime No Task File <==== ATTENTION
Task: {9D6319E1-E88F-4D35-AD66-C4EED376E93E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d No Task File <==== ATTENTION
Task: {9E1DD7B4-6A7B-4AD3-B4AA-B4741028631C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent No Task File <==== ATTENTION
Task: {EF7CFDCE-C0DD-449F-9DF2-CCEB2CE3AE8B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent No Task File <==== ATTENTION
Task: {F35ACE16-1E96-431C-B189-F2F82BA8A4F9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d No Task File <==== ATTENTION
C:\Program Files (x86)\McAfee
C:\Program Files\McAfee
emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


Djchaos 01.11.2019 12:12
Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:28-07-2015
durchgeführt von Stefanie (2019-11-01 11:57:06) Run:1
Gestartet von C:\Users\Stefanie\Desktop
Geladene Profile: Stefanie (Verfügbare Profile: Stefanie)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ATTENTION
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll No File
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll No File
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No File
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
Task: {05C3BAB1-68F8-4EAF-B4AF-8C21E2478533} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime No Task File <==== ATTENTION
Task: {0BA33681-9D00-4B31-9A87-01683672BFEF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d No Task File <==== ATTENTION
Task: {1FAE791A-9736-4412-823B-80AE3EE2C1CB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d No Task File <==== ATTENTION
Task: {289D68A0-E96F-491B-9498-B0B602C5C53A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess No Task File <==== ATTENTION
Task: {28C75830-5752-4F41-A94B-BFD5E8A0D7C8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d No Task File <==== ATTENTION
Task: {3137ADB6-515F-4020-9DB9-0F91106BB27F} - \WPD\SqmUpload_S-1-5-21-581088433-320290056-2638895184-1001 No Task File <==== ATTENTION
Task: {3790297B-C317-4FEB-9E8D-3B4C85520240} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig No Task File <==== ATTENTION
Task: {4F662F7F-D75F-455E-A03A-8AD0D8313218} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B No Task File <==== ATTENTION
Task: {7E964508-4868-4DB6-A10A-B96FAE223F77} - \Microsoft\Windows\UNP\RunCampaignManager No Task File <==== ATTENTION
Task: {91AF4E1B-193C-48CF-9F8C-4E86CB77B10B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime No Task File <==== ATTENTION
Task: {9D6319E1-E88F-4D35-AD66-C4EED376E93E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d No Task File <==== ATTENTION
Task: {9E1DD7B4-6A7B-4AD3-B4AA-B4741028631C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent No Task File <==== ATTENTION
Task: {EF7CFDCE-C0DD-449F-9DF2-CCEB2CE3AE8B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent No Task File <==== ATTENTION
Task: {F35ACE16-1E96-431C-B189-F2F82BA8A4F9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d No Task File <==== ATTENTION
C:\Program Files (x86)\McAfee
C:\Program Files\McAfee
emptytemp:
*****************

"HKLM\SOFTWARE\Policies\Google" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Schlüssel erfolgreich entfernt
"HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10" => Schlüssel erfolgreich entfernt
"HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/MSC,version=10" => Schlüssel erfolgreich entfernt
C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll nicht gefunden.
"HKLM\Software\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0" => Schlüssel erfolgreich entfernt
C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll nicht gefunden.
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\msktbird@mcafee.com => Wert erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{05C3BAB1-68F8-4EAF-B4AF-8C21E2478533}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05C3BAB1-68F8-4EAF-B4AF-8C21E2478533}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0BA33681-9D00-4B31-9A87-01683672BFEF}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0BA33681-9D00-4B31-9A87-01683672BFEF}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1FAE791A-9736-4412-823B-80AE3EE2C1CB}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1FAE791A-9736-4412-823B-80AE3EE2C1CB}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{289D68A0-E96F-491B-9498-B0B602C5C53A}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{289D68A0-E96F-491B-9498-B0B602C5C53A}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{28C75830-5752-4F41-A94B-BFD5E8A0D7C8}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{28C75830-5752-4F41-A94B-BFD5E8A0D7C8}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3137ADB6-515F-4020-9DB9-0F91106BB27F}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3137ADB6-515F-4020-9DB9-0F91106BB27F}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-581088433-320290056-2638895184-1001" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3790297B-C317-4FEB-9E8D-3B4C85520240}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3790297B-C317-4FEB-9E8D-3B4C85520240}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4F662F7F-D75F-455E-A03A-8AD0D8313218}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F662F7F-D75F-455E-A03A-8AD0D8313218}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7E964508-4868-4DB6-A10A-B96FAE223F77}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E964508-4868-4DB6-A10A-B96FAE223F77}" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => Schlüssel nicht gefunden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{91AF4E1B-193C-48CF-9F8C-4E86CB77B10B}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{91AF4E1B-193C-48CF-9F8C-4E86CB77B10B}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9D6319E1-E88F-4D35-AD66-C4EED376E93E}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9D6319E1-E88F-4D35-AD66-C4EED376E93E}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9E1DD7B4-6A7B-4AD3-B4AA-B4741028631C}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9E1DD7B4-6A7B-4AD3-B4AA-B4741028631C}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EF7CFDCE-C0DD-449F-9DF2-CCEB2CE3AE8B}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EF7CFDCE-C0DD-449F-9DF2-CCEB2CE3AE8B}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F35ACE16-1E96-431C-B189-F2F82BA8A4F9}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F35ACE16-1E96-431C-B189-F2F82BA8A4F9}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => Schlüssel erfolgreich entfernt
"C:\Program Files (x86)\McAfee" => Datei/Ordner nicht gefunden.
"C:\Program Files\McAfee" => Datei/Ordner nicht gefunden.
EmptyTemp: => 6.5 GB temporäre Dateien entfernt.


Das System musste neu gestartet werden..

==== Ende von Fixlog 11:58:40 ====

cosinus 01.11.2019 12:13
Kontrollscans mit Malwarebytes + ESET Online Scanner bitte.

Djchaos 01.11.2019 17:34
ESET Online Scanner

Code:
12:34:31 # product=EOS
# version=8
# ESETOnlineScanner_DEU.exe=3.1.10.0
# country="Germany"
# lang=1031
12:35:20 Updating
12:35:20 Update Init
12:35:23 Update Download
12:41:55 esets_scanner_reload returned 0
12:41:55 g_uiModuleBuild: 43300
12:41:55 Update Finalize
12:41:55 Call m_esets_charon_send
12:41:55 Call m_esets_charon_destroy
12:41:55 Updated modules version: 43300
12:42:16 Call m_esets_charon_setup_create
12:42:16 Call m_esets_charon_create
12:42:16 m_esets_charon_create OK
12:42:17 Call m_esets_charon_start_send_thread
12:42:17 Call m_esets_charon_setup_set
12:42:17 m_esets_charon_setup_set OK
12:42:17 Scanner engine: 43300
16:55:43 # product=EOS
# version=8
# flags=0
# av=0
# fw=7
# admin=1
# ESETOnlineScanner_DEU.exe=3.1.10.0
# EOSSerial=14e6e202ebea79429ec08cb90afe4a97
# engine=43300
# end=finished
# bannerClicked=0
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# sfx_checked=true
# utc_time=2019-11-01 15:55:42
# local_time=2019-11-01 16:55:42 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=10.0.17134 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 28733 49134104 0 0
# scanned=280304
# found=6
# cleaned=6
# scan_time=15144
# scan_type=2
# flow=2019-11-01 12:34:35|scr|eula|2019-11-01 12:34:42|scr|welcome|2019-11-01 12:34:50|scr|consents|2019-11-01 12:34:56|scr|scan_type|2019-11-01 12:35:00|scr|pua|2019-11-01 12:35:20|scr|updating|2019-11-01 12:36:31|promo|eis|2019-11-01 12:41:56|scr|scanning|2019-11-01 13:09:51|click|minimize|2019-11-01 16:54:22|scr|all_cleaned|2019-11-01 16:55:15|scr|periodic_offer|2019-11-01 16:55:24|scr|upsell|2019-11-01 16:55:29|scr|thanks
# periodic=0,1
# stats_enabled=1
sh=F8E1E9F41C0F75101ECF97F739CAD15867ED9906 ft=0 fh=0000000000000fbf vn="JS/Adware.Chromex.Agent.M Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\Stefanie\AppData\Local\Chromium\User Data\Default\Extensions\bpmmandcadflhnnaiclipadomfmdbjbp\2.4.1_0\stats.js"
sh=57109D3ACFAC8456F6C83466E3FA48B7A29C2230 ft=1 fh=00000000020d3428 vn="Win32/OpenCandy potenziell unsichere Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\Stefanie\Documents\sicherung\FreeYouTubeToMP3-35Converter.exe"
sh=EDCF4EA293DD0C7475D73797276FBE9E45EBBC29 ft=1 fh=00000000005906f8 vn="Variante von Win32/FileTypeAdvisor.A potenziell unerwünschte Anwendung,Win32/Somoto.E potenziell unerwünschte Anwendung,Variante von Win32/Somoto.V potenziell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\Stefanie\Documents\sicherung\m4a-to80-mp3-converter.exe"
sh=70554D4FA9BB0357E867B9D8F5FD4170D6556D9B ft=1 fh=00000000000a9d60 vn="Variante von MSIL/DownloadGuide.D potenziell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\Stefanie\Documents\sicherung\showcreator142-Downloader.exe"
sh=510F9ECCDEF59D5A22F78C368FF1C0782778DCF2 ft=1 fh=0000000000c7c728 vn="Win32/OpenCandy potenziell unsichere Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\Stefanie\Documents\sicherung\winamp563_full_emusic-7plus_de-de.exe"
sh=A70840939A26D36FAC9DDEEB93D7E6EA3C159477 ft=1 fh=000000000cc8f748 vn="Variante von MSIL/Toshiba3rdParty.A potenziell unerwünschte Anwendung (gelöscht)" ac=C fn="C:\Users\Stefanie\Downloads\TCA0114800E.exe"
16:55:43 RecursiveRemoveDirectoryAndAllFiles: C:\Users\Stefanie\AppData\Local\ESET\ESETOnlineScanner\Modules\
16:55:43 RecursiveRemoveDirectoryAndAllFiles: C:\Users\Stefanie\AppData\Local\ESET\ESETOnlineScanner\OldModules\
16:55:43 DeleteEstsApi: C:\Users\Stefanie\AppData\Local\ESET\ESETOnlineScanner
16:55:44 DeleteApiStgFile: C:\Users\Stefanie\AppData\Local\ESET\ESETOnlineScanner
16:55:44 DeletePeriodicNotifyFiles: C:\Users\Stefanie\AppData\Local\ESET\ESETOnlineScanner
16:55:44 RecursiveRemoveDirectoryAndAllFiles: C:\Users\Stefanie\AppData\Local\ESET\ESETOnlineScanner\Char_Cache\
16:55:45 Call m_esets_charon_send
16:55:45 Call m_esets_charon_destroy
Code:
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 01.11.19
Scan-Zeit: 16:59
Protokolldatei: a4ab3b12-fcc0-11e9-a9c5-f8a963877fd0.json

-Softwaredaten-
Version: 3.8.3.2965
Komponentenversion: 1.0.629
Version des Aktualisierungspakets: 1.0.13141
Lizenz: Kostenlos

-Systemdaten-
Betriebssystem: Windows 10 (Build 17134.1069)
CPU: x64
Dateisystem: NTFS
Benutzer: FINN\Stefanie

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 294399
Erkannte Bedrohungen: 0
In die Quarantäne verschobene Bedrohungen: 0
Abgelaufene Zeit: 15 Min., 10 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)

WMI: 0
(keine bösartigen Elemente erkannt)


(end)

cosinus 01.11.2019 19:52
Dann wären wir durch! :daumenhoc

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...:dankeschoen:und/oder das Forum mit einer kleinen Spende http://www.trojaner-board.de/extra/spende.png unterstützen. :applaus:

Abschließend bitte noch einen Cleanup mit unserem TB-Cleanup-Script durchführen und unbedingt die Sicherheitsmaßnahmen lesen und umsetzen - beides ist in folgendem Lesestoff verlinkt:

Lesestoff:
Anleitung: Cleanup & Maßnahmen zur Absicherung des Rechners

Djchaos 02.11.2019 09:52
Dann vielen Danke für deine Hilfe :daumenhoc


Alle Zeitangaben in WEZ +1. Es ist jetzt 14:48 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131