|
Log-Analyse und Auswertung: 2 merkwürdige "Programme" (Apps) eingefangen, die sich nicht mehr deinstallieren lassenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
11.11.2018, 21:09 | #1 |
| 2 merkwürdige "Programme" (Apps) eingefangen, die sich nicht mehr deinstallieren lassen Hallo, ich habe mir heute 2 "Programme" (jedenfalls sind sie unter -> Einstellungen -> Apps drin) eingefangen, die sich nciht mehr deinstallieren lassen. Ich bekomme beim deinstallieren immer nur einen Error angezeigt, dass der Uninstaller nicht gefunden werden konnte. Kann mir hier vielleicht jemand sagen wie ich die beiden wieder entfernen kann? Sie nennen sich "Foldershare" und "Wondersoft - Wonderful Weather - Enhance and safeguard your online experience! Ich habe Windows 10 unter folgende Log-Dateien: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:13-04-2016 durchgeführt von s_rep (Administrator) auf DESKTOP-D6NM1SV (11-11-2018 20:52:16) Gestartet von C:\Users\s_rep\Desktop Geladene Profile: s_rep (Verfügbare Profile: s_rep) Platform: Windows 10 Home Version 1803 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) konnte nicht auf den Prozess zugreifen -> Registry konnte nicht auf den Prozess zugreifen -> Memory Compression (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125121.inf_amd64_26ca8ba649abc040\igfxCUIService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Intel Corporation) C:\Windows\System32\ibtsiva.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Microsoft Corporation) C:\Windows\System32\SecurityHealthService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125121.inf_amd64_26ca8ba649abc040\IntelCpHDCPSvc.exe (Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe () C:\Program Files (x86)\Silhouette America\Silhouette Link\Resources\Resources\SPEC_LK\SilhouetteLinkServer.32.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe (Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe (HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125121.inf_amd64_26ca8ba649abc040\IntelCpHeciSvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe () C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125121.inf_amd64_26ca8ba649abc040\igfxEM.exe (HP Development Company, L.P.) C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Video.UI.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeApp.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe (HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe (Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Microsoft Corporation) C:\Windows\System32\OpenWith.exe (HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe (HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Avira) C:\Program Files (x86)\Avira\Safe Shopping\Avira Safe Shopping.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Microsoft Corporation) C:\Windows\System32\SgrmBroker.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3665872 2017-10-18] (ELAN Microelectronics Corp.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9226752 2017-04-28] (Realtek Semiconductor) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [301880 2018-10-22] (Apple Inc.) HKLM\...\Run: [] => [X] HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [1062392 2017-03-15] (HP Inc.) HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [432264 2017-12-06] (Geek Software GmbH) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-10-09] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [64096 2018-03-22] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [] => [X] HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation) HKU\S-1-5-21-2101576799-1165526633-3082190696-1001\...\Run: [bUJwT-agtx.exe] => C:\Program Files\rempl\S08D54A252QD0TO61JR7D5R4UY607K\bUJwT-agtx.exe HKU\S-1-5-21-2101576799-1165526633-3082190696-1001\...\Run: [] => [X] CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\Parameters: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{0e66e665-d5bd-46c0-934a-b7e96667ad27}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{0e66e665-d5bd-46c0-934a-b7e96667ad27}: [DhcpNameServer] 8.8.8.8 Tcpip\..\Interfaces\{71d969ab-8a66-4800-a5f7-2a6cbadd02d6}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{71d969ab-8a66-4800-a5f7-2a6cbadd02d6}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{b5addf36-5134-484e-be4f-d4fe6c88c996}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{d313a7e1-5f52-47df-ae11-06e41f342765}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{eeee3bbc-e978-4405-9111-49a351b896a7}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{fc738cee-50af-4e2a-b13e-1ee31d0093ed}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{fd71aa8d-00d3-11e8-b870-806e6f6e6963}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{fffaf810-9921-4d4b-91fc-6f922045202a}: [NameServer] 8.8.8.8 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {3856EF5A-CFF4-4F06-801E-74B3AEE9CAE4} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {3856EF5A-CFF4-4F06-801E-74B3AEE9CAE4} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 SearchScopes: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 SearchScopes: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001 -> {3856EF5A-CFF4-4F06-801E-74B3AEE9CAE4} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2018-02-15] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-12-06] (HP Inc.) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-09-12] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-12-06] (HP Inc.) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\s_rep\AppData\Roaming\Mozilla\Firefox\Profiles\e8mqt8ns.default FF NewTab: file:///C:/ProgramData/Polygens/ff.NT FF Homepage: hxxps://www.google.com/ FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-12] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.) FF user.js: detected! => C:\Users\s_rep\AppData\Roaming\Mozilla\Firefox\Profiles\e8mqt8ns.default\user.js [2018-11-11] FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2017-09-12] (Microsoft Corporation) FF Extension: Kein Name - C:\Users\s_rep\AppData\Roaming\Mozilla\Firefox\Profiles\e8mqt8ns.default\Extensions\abs@avira.com.xpi [2018-10-26] FF Extension: Kein Name - C:\Users\s_rep\AppData\Roaming\Mozilla\Firefox\Profiles\e8mqt8ns.default\Extensions\passwordmanager@avira.com.xpi [2018-06-13] FF Extension: Kein Name - C:\Users\s_rep\AppData\Roaming\Mozilla\Firefox\Profiles\e8mqt8ns.default\Extensions\toolbar-ff@payback.de.xpi [2018-10-10] FF Extension: Kein Name - C:\Users\s_rep\AppData\Roaming\Mozilla\Firefox\Profiles\e8mqt8ns.default\Extensions\toolbar@web.de.xpi [2018-05-25] FF Extension: Kein Name - C:\Users\s_rep\AppData\Roaming\Mozilla\Firefox\Profiles\e8mqt8ns.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2018-04-13] FF Extension: Kein Name - C:\Users\s_rep\AppData\Roaming\Mozilla\Firefox\Profiles\e8mqt8ns.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2018-09-25] FF Extension: Kein Name - C:\Users\s_rep\AppData\Roaming\Mozilla\Firefox\Profiles\e8mqt8ns.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-10-31] FF Extension: Kein Name - C:\Users\s_rep\AppData\Roaming\Mozilla\Firefox\Profiles\e8mqt8ns.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2018-03-17] StartMenuInternet: FIREFOX.EXE - firefox.exe Chrome: ======= CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx StartMenuInternet: Google Chrome - Chrome.exe Opera: ======= OPR Extension: (Kein Name) - C:\Users\s_rep\AppData\Roaming\Opera Software\Opera Stable\Extensions\gkcgcddlhhlldmjffagogcoalhmfigoh [2018-11-11] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [891472 2018-10-16] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [248312 2018-10-16] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [248312 2018-10-16] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1162120 2018-10-16] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc.) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [431688 2018-10-09] (Avira Operations GmbH & Co. KG) R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2940584 2018-03-16] (Avira Operations GmbH & Co. KG) R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [102816 2018-10-11] (Avira Operations GmbH & Co. KG) S3 BcastDVRUserService; C:\Windows\System32\BcastDVRUserService.dll [1364992 2018-09-20] (Microsoft Corporation) R3 BcastDVRUserService_5cf36; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation) R3 BcastDVRUserService_5cf36; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation) S3 BluetoothUserService; C:\Windows\System32\Microsoft.Bluetooth.UserService.dll [464384 2018-04-12] (Microsoft Corporation) S3 BluetoothUserService_5cf36; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation) S3 BluetoothUserService_5cf36; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation) R3 BTAGService; C:\Windows\System32\BTAGService.dll [514048 2018-04-12] (Microsoft Corporation) R3 BthAvctpSvc; C:\Windows\System32\BthAvctpSvc.dll [395264 2018-04-12] (Microsoft Corporation) R3 camsvc; C:\Windows\system32\CapabilityAccessManager.dll [266752 2018-06-15] (Microsoft Corporation) S2 CDPUserSvc; C:\Windows\System32\CDPUserSvc.dll [453120 2018-04-12] (Microsoft Corporation) R2 CDPUserSvc_5cf36; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation) R2 CDPUserSvc_5cf36; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation) R3 cphs; C:\Windows\System32\DriverStore\FileRepository\ki125121.inf_amd64_26ca8ba649abc040\IntelCpHeciSvc.exe [397280 2017-11-03] (Intel Corporation) R2 cplspcon; C:\Windows\System32\DriverStore\FileRepository\ki125121.inf_amd64_26ca8ba649abc040\IntelCpHDCPSvc.exe [613352 2017-11-03] (Intel Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-12-18] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-12-18] (Dropbox, Inc.) S3 DevicePickerUserSvc; C:\Windows\System32\Windows.Devices.Picker.dll [400896 2018-04-12] (Microsoft Corporation) S3 DevicePickerUserSvc; C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll [312832 2018-04-12] (Microsoft Corporation) S3 DevicePickerUserSvc_5cf36; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation) S3 DevicePickerUserSvc_5cf36; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation) S3 DevicesFlowUserSvc; C:\Windows\System32\DevicesFlowBroker.dll [750080 2018-04-12] (Microsoft Corporation) S3 DevicesFlowUserSvc_5cf36; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation) S3 DevicesFlowUserSvc_5cf36; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation) S3 diagsvc; C:\Windows\system32\DiagSvc.dll [219648 2018-04-12] (Microsoft Corporation) R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2018-02-16] (Digital Wave Ltd.) R2 DusmSvc; C:\Windows\System32\dusmsvc.dll [356352 2018-04-12] (Microsoft Corporation) R2 esifsvc; C:\Windows\system32\Intel\DPTF\esif_uf.exe [2218552 2017-02-03] (Intel Corporation) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [153040 2017-10-18] (ELAN Microelectronics Corp.) S3 FrameServer; C:\Windows\system32\FrameServer.dll [673792 2018-06-08] (Microsoft Corporation) S3 GraphicsPerfSvc; C:\Windows\System32\GraphicsPerfSvc.dll [90624 2018-04-12] (Microsoft Corporation) R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1309184 2016-10-07] (HP Inc.) [Datei ist nicht signiert] R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-04-03] (HP Inc.) S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.) R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [630776 2017-02-06] (HP Inc.) S3 HvHost; C:\Windows\System32\hvhostsvc.dll [61736 2018-08-03] (Microsoft Corporation) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17976 2016-09-20] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\Windows\System32\DriverStore\FileRepository\ki125121.inf_amd64_26ca8ba649abc040\igfxCUIService.exe [415208 2017-11-03] (Intel Corporation) S3 InstallService; C:\Windows\system32\InstallService.dll [1487360 2018-06-15] (Microsoft Corporation) S3 InstallService; C:\WINDOWS\SysWOW64\InstallService.dll [1110528 2018-06-15] (Microsoft Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [630048 2016-10-13] (Intel(R) Corporation) S3 IpxlatCfgSvc; C:\Windows\System32\IpxlatCfg.dll [63488 2018-04-12] (Microsoft Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [196200 2016-12-19] (Intel Corporation) S3 LxpSvc; C:\Windows\System32\LanguageOverlayServer.dll [199680 2018-04-12] (Microsoft Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes) S3 NaturalAuthentication; C:\Windows\System32\NaturalAuth.dll [824832 2018-04-12] (Microsoft Corporation) R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [432264 2017-12-06] (Geek Software GmbH) S3 PrintWorkflowUserSvc; C:\Windows\System32\PrintWorkflowService.dll [170496 2018-04-12] (Microsoft Corporation) S3 PrintWorkflowUserSvc; C:\WINDOWS\SysWOW64\PrintWorkflowService.dll [138240 2018-04-12] (Microsoft Corporation) S3 PrintWorkflowUserSvc_5cf36; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation) S3 PrintWorkflowUserSvc_5cf36; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation) S3 PushToInstall; C:\Windows\system32\PushToInstall.dll [262144 2018-07-14] (Microsoft Corporation) S3 RmSvc; C:\Windows\System32\RMapi.dll [153600 2018-04-12] (Microsoft Corporation) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2017-04-28] (Realtek Semiconductor) R2 SecurityHealthService; C:\Windows\system32\SecurityHealthService.exe [760888 2018-07-14] (Microsoft Corporation) R3 SEMgrSvc; C:\Windows\system32\SEMgrSvc.dll [1248768 2018-04-12] (Microsoft Corporation) R2 SgrmBroker; C:\Windows\system32\SgrmBroker.exe [163336 2018-04-12] (Microsoft Corporation) S3 SharedRealitySvc; C:\Windows\System32\SharedRealitySvc.dll [713216 2018-08-28] (Microsoft Corporation) S4 shpamsvc; C:\Windows\system32\Windows.SharedPC.AccountManager.dll [195584 2018-04-12] (Microsoft Corporation) R2 SilhouetteLink; C:\Program Files (x86)\Silhouette America\Silhouette Link\Resources\Resources\SPEC_LK\SilhouetteLinkServer.32.exe [897200 2016-12-06] () S3 spectrum; C:\Windows\system32\spectrum.exe [976384 2018-06-08] (Microsoft Corporation) S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] () R3 TimeBrokerSvc; C:\Windows\System32\TimeBrokerServer.dll [176128 2018-04-12] (Microsoft Corporation) R3 TokenBroker; C:\Windows\System32\TokenBroker.dll [1395200 2018-08-03] (Microsoft Corporation) R3 TokenBroker; C:\WINDOWS\SysWOW64\TokenBroker.dll [1000448 2018-08-03] (Microsoft Corporation) S4 tzautoupdate; C:\WINDOWS\SysWOW64\tzautoupdate.dll [72192 2018-04-12] (Microsoft Corporation) S3 VacSvc; C:\Windows\System32\vac.dll [411256 2018-04-12] (Microsoft Corporation) S3 vmicrdv; C:\Windows\System32\icsvcext.dll [309760 2018-04-12] (Microsoft Corporation) S3 vmicvss; C:\Windows\System32\icsvcext.dll [309760 2018-04-12] (Microsoft Corporation) S3 WaaSMedicSvc; C:\Windows\System32\WaaSMedicSvc.dll [392704 2018-08-09] (Microsoft Corporation) S3 WarpJITSvc; C:\Windows\System32\Windows.WARP.JITService.dll [31744 2018-04-12] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation) S3 WFDSConMgrSvc; C:\Windows\System32\wfdsconmgrsvc.dll [681984 2018-07-14] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation) S3 wisvc; C:\Windows\system32\flightsettings.dll [858112 2018-06-08] (Microsoft Corporation) S3 wisvc; C:\WINDOWS\SysWOW64\flightsettings.dll [729088 2018-06-08] (Microsoft Corporation) S3 wlpasvc; C:\Windows\System32\lpasvc.dll [1359360 2018-07-14] (Microsoft Corporation) S3 WpcMonSvc; C:\Windows\System32\WpcDesktopMonSvc.dll [1456640 2018-06-02] (Microsoft Corporation) S2 WpnUserService; C:\Windows\System32\WpnUserService.dll [96768 2018-04-12] (Microsoft Corporation) R2 WpnUserService_5cf36; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation) R2 WpnUserService_5cf36; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation) S3 xbgm; C:\Windows\system32\xbgmsvc.exe [59512 2018-04-12] (Microsoft Corporation) S3 XboxGipSvc; C:\Windows\System32\XboxGipSvc.dll [58880 2018-04-12] (Microsoft Corporation) R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X] S2 MTEzOG; rundll32.exe C:\WINDOWS\rusurngttj.rux RGSgaxSwymIJMiY [X] ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 Accelerometer; C:\Windows\System32\drivers\Accelerometer.sys [55696 2018-08-31] (HP) S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [20480 2018-04-12] (Microsoft Corporation) R1 afunix; C:\Windows\system32\drivers\afunix.sys [39424 2018-04-12] (Microsoft Corporation) S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [18432 2018-04-12] (Microsoft Corporation) R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [69656 2018-08-08] (Avira Operations GmbH & Co. KG) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [179376 2018-07-04] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [169864 2018-07-04] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [44488 2018-01-03] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [88488 2018-01-03] (Avira Operations GmbH & Co. KG) R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [38048 2018-01-03] (Avira Operations GmbH & Co. KG) S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533912 2018-04-12] (QLogic Corporation) R1 bam; C:\Windows\System32\drivers\bam.sys [60320 2018-04-12] (Microsoft Corporation) S3 bindflt; C:\Windows\system32\drivers\bindflt.sys [92056 2018-04-12] (Microsoft Corporation) R3 BthLEEnum; C:\Windows\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [86528 2018-04-12] (Microsoft Corporation) S0 bttflt; C:\Windows\System32\drivers\bttflt.sys [38304 2018-04-12] (Microsoft Corporation) R3 CAD; C:\Windows\System32\drivers\CAD.sys [60320 2018-04-12] (Microsoft Corporation) S0 cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [321432 2018-04-12] (Chelsio Communications) S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [1836952 2018-04-12] (Chelsio Communications) R2 CldFlt; C:\Windows\System32\drivers\cldflt.sys [414720 2018-07-14] (Microsoft Corporation) R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [72584 2017-02-03] (Intel Corporation) R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [67976 2017-02-03] (Intel Corporation) R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [355208 2017-02-03] (Intel Corporation) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-10-18] (Malwarebytes) R3 ETDSMBus; C:\Windows\System32\drivers\ETDSMBus.sys [32840 2017-04-14] (ELAN Microelectronic Corp.) R3 HID_PCI; C:\Windows\System32\drivers\HID_PCI.sys [31328 2016-08-10] (Intel) R0 hpdskflt; C:\Windows\System32\drivers\hpdskflt.sys [42384 2018-08-31] (HP) S4 hvcrash; C:\Windows\System32\drivers\hvcrash.sys [33184 2018-04-12] (Microsoft Corporation) S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [76088 2018-09-20] (Microsoft Corporation) S3 HwNClx0101; C:\Windows\System32\Drivers\mshwnclx.sys [27136 2018-04-12] (Microsoft Corporation) S3 iagpio; C:\Windows\System32\drivers\iagpio.sys [36864 2018-04-12] (Intel(R) Corporation) R3 iaLPSS2i_GPIO2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [79360 2018-04-12] (Intel Corporation) S3 iaLPSS2i_GPIO2_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [88576 2018-04-12] (Intel Corporation) S3 iaLPSS2i_I2C_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [174592 2018-04-12] (Intel Corporation) S0 iaStorAVC; C:\Windows\System32\drivers\iaStorAVC.sys [885144 2018-04-12] (Intel Corporation) R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [136128 2017-12-06] (Intel Corporation) R3 igfx; C:\Windows\System32\DriverStore\FileRepository\ki125121.inf_amd64_26ca8ba649abc040\igdkmd64.sys [12842984 2017-11-03] (Intel Corporation) S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [38912 2018-04-12] (Microsoft Corporation) R0 iorate; C:\Windows\System32\drivers\iorate.sys [58272 2018-04-12] (Microsoft Corporation) S3 IPT; C:\Windows\System32\drivers\ipt.sys [32256 2018-04-12] (Microsoft Corporation) R3 ISH; C:\Windows\System32\drivers\ISH.sys [143984 2016-09-19] (Intel) R3 ISH_BusDriver; C:\Windows\System32\drivers\ISH_BusDriver.sys [80496 2016-08-18] (Intel) S0 ItSas35i; C:\Windows\System32\drivers\ItSas35i.sys [145816 2018-04-12] (Avago Technologies) S3 mausbhost; C:\Windows\System32\drivers\mausbhost.sys [505240 2018-04-12] (Microsoft Corporation) S3 mausbip; C:\Windows\System32\drivers\mausbip.sys [56736 2018-04-12] (Microsoft Corporation) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198000 2018-11-11] (Malwarebytes) R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [119136 2018-11-11] (Malwarebytes) R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [63768 2018-11-11] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [260480 2018-11-11] (Malwarebytes) R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [111152 2018-11-11] (Malwarebytes) S0 megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [75160 2018-04-12] (Avago Technologies) S0 megasas35i; C:\Windows\System32\drivers\megasas35i.sys [82328 2018-04-12] (Avago Technologies) R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [204920 2016-12-02] (Intel Corporation) R3 Microsoft_Bluetooth_AvrcpTransport; C:\Windows\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation) S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [175104 2018-04-12] (Microsoft Corporation) R3 Netwtw04; C:\Windows\system32\DRIVERS\Netwtw04.sys [8623128 2018-04-04] (Intel Corporation) S3 nvdimm; C:\Windows\System32\drivers\nvdimm.sys [104448 2018-04-12] (Microsoft Corporation) S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58776 2018-04-12] (Avago Technologies) S3 pmem; C:\Windows\System32\drivers\pmem.sys [105984 2018-04-12] (Microsoft Corporation) S0 Ramdisk; C:\Windows\System32\DRIVERS\ramdisk.sys [39840 2018-04-12] (Microsoft Corporation) S3 rhproxy; C:\Windows\System32\drivers\rhproxy.sys [104448 2018-04-12] (Microsoft Corporation) R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [782304 2017-04-19] (Realsil Semiconductor Corporation) S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [128920 2018-08-03] (Microsoft Corporation) S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [33176 2018-04-12] (Microsoft Corporation) R0 SgrmAgent; C:\Windows\System32\drivers\SgrmAgent.sys [63896 2018-04-12] (Microsoft Corporation) S3 SpatialGraphFilter; C:\Windows\System32\drivers\SpatialGraphFilter.sys [57752 2018-04-12] (Microsoft Corporation) S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [152576 2018-04-12] (Microsoft Corporation) R3 VirtualButtons; C:\Windows\System32\drivers\VirtualButtons.sys [42000 2017-01-16] (Intel Corporation) S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [10240 2018-08-03] (Microsoft Corporation) R0 volume; C:\Windows\System32\drivers\volume.sys [16288 2018-04-12] (Microsoft Corporation) R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [151960 2018-04-12] (Microsoft Corporation) S3 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [82944 2018-04-12] (Microsoft Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation) S3 WdmCompanionFilter; C:\Windows\System32\drivers\WdmCompanionFilter.sys [21408 2018-04-12] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation) S3 WinNat; C:\Windows\System32\drivers\winnat.sys [227840 2018-07-14] (Microsoft Corporation) R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [35568 2018-08-31] (HP) U3 aspnet_state; kein ImagePath S1 ODk1NWNkZTRhY; \??\C:\WINDOWS\system32\drivers\ODk1NWNkZTRhY [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) NETSVC: InstallService -> C:\Windows\system32\InstallService.dll (Microsoft Corporation) NETSVC: LxpSvc -> C:\Windows\System32\LanguageOverlayServer.dll (Microsoft Corporation) NETSVC: shpamsvc -> C:\Windows\system32\Windows.SharedPC.AccountManager.dll (Microsoft Corporation) NETSVC: PushToInstall -> C:\Windows\system32\PushToInstall.dll (Microsoft Corporation) NETSVC: NaturalAuthentication -> C:\Windows\System32\NaturalAuth.dll (Microsoft Corporation) NETSVC: XboxGipSvc -> C:\Windows\System32\XboxGipSvc.dll (Microsoft Corporation) NETSVC: TokenBroker -> C:\Windows\System32\TokenBroker.dll (Microsoft Corporation) NETSVC: wisvc -> C:\Windows\system32\flightsettings.dll (Microsoft Corporation) NETSVC: WpnService -> C:\Windows\system32\WpnService.dll (Microsoft Corporation) NETSVCx32: TokenBroker -> C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2018-11-11 20:52 - 2018-11-11 20:53 - 00035759 _____ C:\Users\s_rep\Desktop\FRST.txt 2018-11-11 20:50 - 2018-11-11 20:50 - 01388448 _____ C:\Users\Public\ASR.dat 2018-11-11 20:46 - 2018-11-11 20:46 - 00063768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2018-11-11 20:45 - 2018-11-11 20:45 - 00260480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2018-11-11 20:45 - 2018-11-11 20:45 - 00119136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2018-11-11 20:45 - 2018-11-11 20:45 - 00111152 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2018-11-11 20:18 - 2018-11-11 20:18 - 00255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\2124B6DE.sys 2018-11-11 20:17 - 2018-11-11 20:42 - 00000000 ____D C:\Users\s_rep\Desktop\mbar 2018-11-11 20:17 - 2018-11-11 20:42 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2018-11-11 20:16 - 2018-11-11 20:16 - 14178840 _____ (Malwarebytes Corp.) C:\Users\s_rep\Desktop\mbar-1.10.3.1001.exe 2018-11-11 19:10 - 2018-11-11 20:52 - 00000000 ____D C:\FRST 2018-11-11 19:10 - 2018-11-11 19:10 - 02375168 _____ (Farbar) C:\Users\s_rep\Desktop\FRST64.exe 2018-11-11 19:08 - 2018-11-11 19:08 - 01725952 _____ (Farbar) C:\Users\s_rep\Downloads\FRST.exe 2018-11-11 18:17 - 2018-11-11 18:17 - 00000000 ___HD C:\$SysReset 2018-11-11 16:54 - 2018-11-11 16:55 - 00000000 ____D C:\AdwCleaner 2018-11-11 16:54 - 2018-11-11 16:54 - 07592144 _____ (Malwarebytes) C:\Users\s_rep\Desktop\adwcleaner_7.2.4.0.exe 2018-11-11 16:45 - 2018-11-11 16:46 - 04650564 _____ C:\Users\s_rep\Downloads\combocleaner.dmg 2018-11-11 16:13 - 2018-11-11 16:13 - 00000056 _____ C:\WINDOWS\wininit.ini 2018-11-11 16:06 - 2018-11-11 16:13 - 00000306 __RSH C:\ProgramData\ntuser.pol 2018-11-11 15:38 - 2018-11-11 15:38 - 00000000 ____D C:\Users\s_rep\AppData\Local\mbam 2018-11-11 15:37 - 2018-11-11 20:18 - 00000000 ____D C:\ProgramData\Malwarebytes 2018-11-11 15:37 - 2018-11-11 15:37 - 00198000 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2018-11-11 15:37 - 2018-11-11 15:37 - 00001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2018-11-11 15:37 - 2018-11-11 15:37 - 00000000 ____D C:\Users\s_rep\AppData\Local\mbamtray 2018-11-11 15:37 - 2018-11-11 15:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2018-11-11 15:37 - 2018-11-11 15:37 - 00000000 ____D C:\Program Files\Malwarebytes 2018-11-11 15:37 - 2018-10-18 08:44 - 00152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2018-11-11 15:29 - 2018-11-11 15:29 - 79596656 _____ (Malwarebytes ) C:\Users\s_rep\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.482-1.0.7783.exe 2018-11-11 15:19 - 2018-11-11 16:05 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\excdir 2018-11-11 15:16 - 2018-11-11 15:44 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\10g0mgchl40 2018-11-11 15:15 - 2018-11-11 15:46 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\q3cvj2ojp2m 2018-11-11 15:08 - 2018-11-11 16:05 - 00000000 ____D C:\Program Files (x86)\IwTmDCzJJIE 2018-11-11 15:08 - 2018-11-11 15:15 - 00000034 _____ C:\Users\Public\Documents\{DE764086-1C0A-4DD3-90BA-0B93BDD794BE} 2018-11-11 15:08 - 2018-11-11 15:08 - 00004256 _____ C:\WINDOWS\System32\Tasks\Benutzerdienstfür(AppXSVC) 2018-11-11 15:08 - 2018-11-11 15:08 - 00003008 _____ C:\WINDOWS\System32\Tasks\niYEcWwYibJfLQX2 2018-11-11 15:08 - 2018-11-11 15:08 - 00000000 ____D C:\ProgramData\zTXZmVxyKBKDhdVB 2018-11-11 15:07 - 2018-11-11 15:47 - 00000000 ____D C:\Program Files (x86)\UmTwpSvRUOfSC 2018-11-11 15:07 - 2018-11-11 15:47 - 00000000 ____D C:\Program Files (x86)\pbjpUXEkQjxU2 2018-11-11 15:07 - 2018-11-11 15:47 - 00000000 ____D C:\Program Files (x86)\hGGLWjvHZZUn 2018-11-11 15:07 - 2018-11-11 15:47 - 00000000 ____D C:\Program Files (x86)\BHXQvOBMsgKdEntstUR 2018-11-11 15:07 - 2018-11-11 15:41 - 00000000 ____D C:\Program Files (x86)\eEvEEOxmU 2018-11-11 15:07 - 2018-11-11 15:13 - 00000582 _____ C:\WINDOWS\Tasks\EZnVzpmjsBPJAOW.job 2018-11-11 15:07 - 2018-11-11 15:08 - 00000000 ____D C:\Program Files (x86)\nodejs 2018-11-11 15:07 - 2018-11-11 15:07 - 00003212 _____ C:\WINDOWS\System32\Tasks\OqUgsIhoyVOixP 2018-11-11 15:07 - 2018-11-11 15:07 - 00003034 _____ C:\WINDOWS\System32\Tasks\qdxgajDnKqmDPrtzQ2 2018-11-11 15:07 - 2018-11-11 15:07 - 00003026 _____ C:\WINDOWS\System32\Tasks\yKlRUxrwnsuFpeUeBWz2 2018-11-11 15:07 - 2018-11-11 15:07 - 00003014 _____ C:\WINDOWS\System32\Tasks\EZnVzpmjsBPJAOW 2018-11-11 15:07 - 2018-11-11 15:07 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\npm 2018-11-11 15:06 - 2018-11-11 15:16 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\ydti5ummqoo 2018-11-11 15:06 - 2018-11-11 15:06 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\Python 2018-11-11 15:06 - 2018-11-11 15:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondersoft 2018-11-11 15:05 - 2018-11-11 16:10 - 00000000 ____D C:\Program Files (x86)\SHSK 2018-11-11 15:05 - 2018-11-11 16:05 - 00000000 ____D C:\Program Files (x86)\Multitimer 2018-11-11 15:05 - 2018-11-11 15:49 - 00000000 ____D C:\Users\s_rep\AppData\Local\William 2018-11-11 15:05 - 2018-11-11 15:47 - 00000000 ____D C:\Program Files\Okawville 2018-11-11 15:05 - 2018-11-11 15:16 - 00003480 _____ C:\WINDOWS\System32\Tasks\{e6b1bd71-40ef-4173-8106-93b5f9032a6e} 2018-11-11 15:05 - 2018-11-11 15:16 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\41fvqqftwqx 2018-11-11 15:05 - 2018-11-11 15:13 - 00001546 _____ C:\WINDOWS\Tasks\Okawville.job 2018-11-11 15:05 - 2018-11-11 15:05 - 00140800 _____ C:\Users\s_rep\AppData\Local\installer.dat 2018-11-11 15:05 - 2018-11-11 15:05 - 00013984 _____ C:\WINDOWS\System32\Tasks\Okawville 2018-11-11 15:05 - 2018-11-11 15:05 - 00000000 ____D C:\Program Files (x86)\Wondersoft 2018-11-11 15:01 - 2018-11-11 15:03 - 00000000 ____D C:\ProgramData\Ver 2018-11-11 15:01 - 2018-11-11 15:01 - 00000000 ____D C:\Users\s_rep\Documents\MediaTrans 2018-11-11 15:01 - 2018-11-11 15:01 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\DearMob 2018-11-11 15:00 - 2018-11-11 15:00 - 00000000 ____D C:\Users\s_rep\AppData\Local\AdvinstAnalytics 2018-11-11 14:57 - 2018-11-11 15:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digiarty 2018-11-11 14:57 - 2018-11-11 15:01 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\Digiarty 2018-11-11 14:57 - 2018-11-11 14:57 - 31498016 _____ C:\Users\s_rep\Downloads\winx-mediatrans-5-6.exe 2018-11-11 14:57 - 2018-11-11 14:57 - 00000000 ____D C:\Program Files (x86)\Digiarty 2018-11-11 14:56 - 2018-11-11 15:10 - 00000000 ____D C:\Users\s_rep\Documents\LeaderTask 2018-11-11 14:55 - 2018-11-11 14:55 - 00000000 ____D C:\Users\s_rep\Downloads\WinX MediaTrans 63 Crack License Code Free Torrent 2018-11-11 14:54 - 2018-11-11 14:54 - 00593889 _____ C:\Users\s_rep\Downloads\WinX MediaTrans 63 Crack License Code Free Torrent.zip 2018-11-11 14:51 - 2018-11-11 14:51 - 00593844 _____ C:\Users\s_rep\Downloads\winx mediatrans 63 crack full version 2018(1).zip 2018-11-11 14:51 - 2018-11-11 14:51 - 00000000 ____D C:\Users\s_rep\Downloads\winx mediatrans 63 crack full version 2018(1) 2018-11-11 14:50 - 2018-11-11 14:50 - 00000000 _____ C:\Users\s_rep\Downloads\winx mediatrans 63 crack full version 2018.zip 2018-11-11 10:34 - 2018-11-11 10:34 - 00098201 _____ C:\WINDOWS\uninstaller.dat 2018-11-10 18:58 - 2018-11-10 18:58 - 00000000 ___HD C:\OneDriveTemp 2018-11-10 07:40 - 2018-11-10 07:40 - 49460656 _____ C:\Users\s_rep\Downloads\x-iphone-ringtone-maker-de.exe 2018-11-10 07:18 - 2018-11-10 07:41 - 00000000 ____D C:\Users\s_rep\Documents\Xilisoft 2018-11-10 07:18 - 2018-11-10 07:41 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\Xilisoft 2018-11-10 07:13 - 2018-11-10 07:13 - 00000000 ____D C:\Users\s_rep\Downloads\Xilisoft_iPhone_Magic_5.7.25_Platinum 2018-11-10 07:05 - 2018-11-10 07:05 - 02906754 _____ C:\Users\s_rep\Downloads\Loreen - Euphoria.m4r 2018-11-10 06:59 - 2018-11-10 07:03 - 71977205 _____ C:\Users\s_rep\Downloads\Xilisoft_iPhone_Magic_5.7.25_Platinum.rar 2018-11-09 14:22 - 2018-11-09 14:22 - 04958970 _____ C:\Users\s_rep\Downloads\_Miezo_Printable_SchnippSchnappAK_Lichterkette.zip 2018-11-09 14:22 - 2018-11-09 14:22 - 04177262 _____ C:\Users\s_rep\Downloads\_Miezo_Printable_SchnippSchnappAK_Nikolaus.zip 2018-11-09 14:22 - 2018-11-09 14:22 - 03357516 _____ C:\Users\s_rep\Downloads\_Miezo_Printable_SchnippSchnappAK_Reh_mit_Schleife.zip 2018-11-09 14:22 - 2018-11-09 14:22 - 03207965 _____ C:\Users\s_rep\Downloads\_Miezo_Printable_SchnippSchnappAK_Engel.zip 2018-11-09 14:22 - 2018-11-09 14:22 - 02136903 _____ C:\Users\s_rep\Downloads\_Miezo_Printable_SchnippSchnappAK_Zuckerstange.zip 2018-11-09 14:16 - 2018-11-09 14:16 - 03698950 _____ C:\Users\s_rep\Downloads\_Miezo Digistamp Drachenmädchen mit Laterne.zip 2018-11-09 10:51 - 2018-11-09 10:51 - 01710944 _____ C:\Users\s_rep\Downloads\IKEA FAMILY KARTE.pdf 2018-11-08 05:48 - 2018-11-08 06:00 - 00000000 ____D C:\Users\s_rep\AppData\Local\iMobie_Inc 2018-11-08 05:48 - 2018-11-08 05:59 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\iMobie 2018-11-08 05:47 - 2018-11-11 15:13 - 00000000 ____D C:\Program Files (x86)\iMobie 2018-11-08 05:47 - 2018-11-08 05:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMobie 2018-11-08 05:46 - 2018-11-08 05:46 - 02576312 _____ (iMobie Inc.) C:\Users\s_rep\Downloads\anytrans-ios-setup.exe 2018-11-08 05:31 - 2018-11-08 05:31 - 00000000 ____D C:\Users\s_rep\AppData\Local\Apple Computer 2018-11-08 05:05 - 2018-11-10 07:54 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\Apple Computer 2018-11-08 05:05 - 2018-11-08 05:05 - 00001823 _____ C:\Users\Public\Desktop\iTunes.lnk 2018-11-08 05:05 - 2018-11-08 05:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2018-11-08 05:05 - 2018-11-08 05:05 - 00000000 ____D C:\Program Files\iPod 2018-11-08 05:03 - 2018-11-08 05:05 - 00000000 ____D C:\Program Files\iTunes 2018-11-08 05:03 - 2018-11-08 05:03 - 00000000 ____D C:\ProgramData\Apple Computer 2018-11-08 05:00 - 2018-11-08 05:00 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2018-11-08 05:00 - 2018-11-08 05:00 - 00000000 ____D C:\Users\s_rep\AppData\Local\Apple 2018-11-08 05:00 - 2018-11-08 05:00 - 00000000 ____D C:\Program Files (x86)\Apple Software Update 2018-11-08 04:59 - 2018-11-08 04:59 - 00000000 ____D C:\Program Files\Bonjour 2018-11-08 04:59 - 2018-11-08 04:59 - 00000000 ____D C:\Program Files (x86)\Bonjour 2018-11-08 04:58 - 2018-11-08 04:59 - 00000000 ____D C:\Program Files\Common Files\Apple 2018-11-08 04:54 - 2018-11-08 04:55 - 270003016 _____ (Apple Inc.) C:\Users\s_rep\Downloads\iTunes64Setup.exe 2018-11-07 14:44 - 2018-11-07 14:44 - 06986360 _____ (ESET spol. s r.o.) C:\Users\s_rep\Downloads\ESETOnlineScanner_DEU.exe 2018-11-07 14:44 - 2018-11-07 14:44 - 00000000 ____D C:\Users\s_rep\AppData\Local\ESET 2018-11-07 12:53 - 2018-11-07 12:53 - 00000000 ____D C:\Users\s_rep\AppData\Local\D3DSCache 2018-11-06 06:32 - 2018-11-06 06:32 - 01681611 _____ C:\Users\s_rep\Downloads\Mother's Day.zip 2018-11-06 06:25 - 2018-11-06 06:25 - 03172822 _____ C:\Users\s_rep\Downloads\KINDNESS_IS_THE_WAY_CUST_FILES.zip 2018-11-06 05:55 - 2018-11-06 05:55 - 00029450 _____ C:\Users\s_rep\Downloads\copicnummern.pdf 2018-11-04 11:21 - 2018-11-04 11:21 - 00310110 _____ C:\Users\s_rep\Downloads\Steffies Bastelkammer Box zum binden Herz und Stern.studio3 2018-11-01 06:00 - 2018-11-01 08:19 - 00010552 _____ C:\Users\s_rep\Documents\Erbe Ausgaben.xlsx 2018-11-01 05:22 - 2018-11-01 05:22 - 00656584 _____ C:\Users\s_rep\Downloads\Steffie´s Bastelkammer 24 Lichter im Advent Portrait.studio3 2018-11-01 05:22 - 2018-11-01 05:22 - 00600163 _____ C:\Users\s_rep\Downloads\Steffie´s Bastelkammer 24 Lichter im Advent Cameo.studio3 2018-10-26 05:08 - 2018-10-26 05:08 - 00072472 _____ C:\Users\s_rep\Downloads\Briefmarken.12Stk.26.10.2018_0606.pdf 2018-10-26 04:57 - 2018-10-26 04:57 - 03693207 _____ C:\Users\s_rep\Downloads\Rund ums Basteln.pdf 2018-10-26 04:57 - 2018-10-26 04:57 - 00616315 _____ C:\Users\s_rep\Downloads\Steffies Bastelkammer Sternlicht.studio3 2018-10-22 08:32 - 2018-10-22 08:32 - 00509216 _____ C:\Users\s_rep\Downloads\Steffies Bastelkammer Karte für 10x15 Fotos.studio3 2018-10-19 17:45 - 2018-11-07 14:29 - 00004190 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1539967477 2018-10-19 17:45 - 2018-11-07 14:29 - 00001179 _____ C:\Users\s_rep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk 2018-10-19 17:43 - 2018-10-19 17:43 - 01921552 _____ (Opera Software) C:\Users\s_rep\Downloads\OperaSetup(1).exe 2018-10-19 16:35 - 2018-10-19 16:35 - 00066006 _____ C:\Users\s_rep\Downloads\Steffies Bastelkammer Karte zum aufstellen.studio3 2018-10-19 13:31 - 2018-10-19 13:31 - 81772586 _____ C:\Users\s_rep\Downloads\Wimpelkalender Zahlen.studio3 2018-10-19 12:31 - 2018-10-19 12:31 - 00121336 _____ C:\Users\s_rep\Downloads\Miezo Wimpelkalender(2).studio3 2018-10-19 04:06 - 2018-10-19 04:06 - 00111560 _____ C:\Users\s_rep\Downloads\Miezo Wimpelkalender(1).studio3 2018-10-18 09:03 - 2018-10-18 09:03 - 00611671 _____ C:\Users\s_rep\Downloads\adventskalender'kranz' rohling.studio3 2018-10-18 08:49 - 2018-10-18 08:49 - 00065540 _____ C:\Users\s_rep\Downloads\MiniAdventskranz.studio3 2018-10-18 08:47 - 2018-10-18 08:47 - 00649488 _____ C:\Users\s_rep\Downloads\HäuserBoxenLeer.studio3 2018-10-18 08:47 - 2018-10-18 08:47 - 00262512 _____ C:\Users\s_rep\Downloads\Würfelbox zum heraus ziehen.studio3 2018-10-18 04:28 - 2018-10-18 04:28 - 00111560 _____ C:\Users\s_rep\Downloads\Miezo Wimpelkalender.studio3 2018-10-17 12:30 - 2018-10-17 12:30 - 00286994 _____ C:\Users\s_rep\Downloads\Steffies Bastelkammer Karte mit Durchblick DIY.studio3 2018-10-17 07:21 - 2018-10-17 07:22 - 62543360 _____ C:\Users\s_rep\Downloads\FontPack1900820071_XtdAlf_Lang_DC.msi 2018-10-17 07:21 - 2018-10-17 07:21 - 00809182 _____ C:\Users\s_rep\Downloads\img001.pdf 2018-10-16 08:35 - 2018-10-16 08:35 - 00250423 _____ C:\Users\s_rep\Downloads\Miezo Pocket-Zahnstocherkalender.studio3 2018-10-15 13:16 - 2018-10-15 13:16 - 00153207 _____ C:\Users\s_rep\Downloads\Wichtige Infos rund um unsere Arbeit.pdf ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2018-11-11 20:52 - 2018-04-12 00:38 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2018-11-11 20:50 - 2018-04-12 00:38 - 00000000 ___HD C:\Program Files\WindowsApps 2018-11-11 20:50 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\AppReadiness 2018-11-11 20:50 - 2018-01-24 08:14 - 00000000 ____D C:\Users\s_rep\AppData\Local\Packages 2018-11-11 20:48 - 2017-12-17 17:42 - 00000000 ____D C:\Users\s_rep\AppData\LocalLow\Mozilla 2018-11-11 20:47 - 2018-03-28 16:14 - 00000000 ____D C:\Users\Public\Speedup Sessions 2018-11-11 20:45 - 2017-12-17 17:33 - 00000000 __SHD C:\Users\s_rep\IntelGraphicsProfiles 2018-11-11 20:44 - 2018-06-02 08:56 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2018-11-11 20:44 - 2018-04-11 22:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI 2018-11-11 18:30 - 2017-12-18 07:07 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\com.silhouettesoftware 2018-11-11 18:27 - 2018-05-04 06:01 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\com.silhouettesoftware.scratch.1 2018-11-11 18:27 - 2018-05-04 06:01 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\com.aspexsoftware.ss_bluetooth 2018-11-11 17:02 - 2018-01-16 10:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2018-11-11 17:02 - 2018-01-16 10:07 - 00000000 ____D C:\ProgramData\Avira 2018-11-11 17:02 - 2018-01-16 10:07 - 00000000 ____D C:\Program Files (x86)\Avira 2018-11-11 16:53 - 2018-06-02 08:21 - 01817928 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2018-11-11 16:53 - 2018-04-12 17:13 - 00781586 _____ C:\WINDOWS\system32\perfh007.dat 2018-11-11 16:53 - 2018-04-12 17:13 - 00166424 _____ C:\WINDOWS\system32\perfc007.dat 2018-11-11 16:53 - 2018-04-12 00:36 - 00000000 ____D C:\WINDOWS\INF 2018-11-11 16:30 - 2018-06-25 05:41 - 00000000 ____D C:\Program Files\Opera 2018-11-11 16:21 - 2018-04-12 00:30 - 00000000 ____D C:\WINDOWS\CbsTemp 2018-11-11 15:16 - 2017-12-17 17:42 - 00000000 ____D C:\Program Files\Mozilla Firefox 2018-11-11 15:14 - 2018-06-02 08:22 - 00000000 ____D C:\Users\s_rep 2018-11-11 15:13 - 2018-06-02 08:13 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2018-11-11 15:06 - 2017-12-17 16:55 - 00000000 ____D C:\Program Files\Intel 2018-11-11 15:06 - 2017-10-12 00:37 - 00000000 ____D C:\ProgramData\Intel 2018-11-11 15:05 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2018-11-11 15:05 - 2018-01-12 13:01 - 00000000 ____D C:\Program Files\rempl 2018-11-11 15:05 - 2017-03-18 22:03 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy 2018-11-10 22:12 - 2017-12-17 17:40 - 00000000 ___RD C:\Users\s_rep\OneDrive 2018-11-10 17:00 - 2018-06-04 05:08 - 00559880 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2018-11-09 12:43 - 2017-12-17 17:35 - 00000000 ____D C:\Users\s_rep\AppData\Local\Comms 2018-11-09 06:46 - 2017-12-18 06:46 - 00000000 ____D C:\Users\s_rep\Documents\01 Dieter 2018-11-08 12:25 - 2017-12-18 07:07 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\com.aspexsoftware.Silhouette_Studio 2018-11-08 08:47 - 2018-04-27 10:47 - 00000000 ____D C:\Users\s_rep\Downloads\Miezo 2018-11-08 04:59 - 2017-05-23 03:14 - 00000000 ____D C:\ProgramData\Apple 2018-11-07 12:56 - 2018-06-02 08:13 - 00621856 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2018-11-07 12:55 - 2017-12-17 17:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2018-11-02 05:08 - 2017-12-17 17:42 - 00001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2018-10-25 04:41 - 2017-12-18 15:30 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2018-10-22 13:49 - 2017-05-23 03:11 - 00000000 ____D C:\ProgramData\Package Cache 2018-10-19 17:45 - 2018-06-25 05:41 - 00000000 ____D C:\Users\s_rep\AppData\Local\Opera Software 2018-10-19 17:43 - 2018-06-25 05:41 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\Opera Software 2018-10-17 08:26 - 2018-06-02 08:56 - 00003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2101576799-1165526633-3082190696-1001 2018-10-17 08:26 - 2018-06-02 08:22 - 00002390 _____ C:\Users\s_rep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2018-10-16 04:30 - 2017-12-18 07:09 - 00000000 ____D C:\Users\s_rep\Downloads\Plotterdateien - später einsortieren 2018-10-16 04:07 - 2018-07-18 10:57 - 00000000 ____D C:\ProgramData\Packages 2018-10-13 06:05 - 2017-12-17 16:55 - 00000000 ____D C:\Intel 2018-10-12 03:55 - 2017-12-30 16:04 - 00000000 ___RD C:\Users\s_rep\3D Objects 2018-10-12 03:55 - 2017-03-18 04:53 - 00000000 __RHD C:\Users\Public\AccountPictures ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2017-12-18 07:07 - 2017-12-18 07:07 - 0000008 _____ () C:\Users\s_rep\AppData\Roaming\com.silhouettesoftware.id 2018-11-11 15:05 - 2018-11-11 15:05 - 0140800 _____ () C:\Users\s_rep\AppData\Local\installer.dat 2018-07-31 15:06 - 2018-07-31 15:06 - 0000218 _____ () C:\Users\s_rep\AppData\Local\recently-used.xbel 2017-12-18 06:13 - 2017-12-18 06:13 - 0000057 _____ () C:\ProgramData\Ament.ini Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\Public\ASR.dat Einige Dateien in TEMP: ==================== C:\Users\s_rep\AppData\Local\Temp\Uninstall.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2018-06-02 08:13 ==================== Ende von FRST.txt ============================ |
11.11.2018, 21:10 | #2 |
| 2 merkwürdige "Programme" (Apps) eingefangen, die sich nicht mehr deinstallieren lassenCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:13-04-2016 durchgeführt von s_rep (2018-11-11 20:53:50) Gestartet von C:\Users\s_rep\Desktop Windows 10 Home Version 1803 (X64) (2018-06-02 07:57:52) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-2101576799-1165526633-3082190696-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2101576799-1165526633-3082190696-503 - Limited - Disabled) Gast (S-1-5-21-2101576799-1165526633-3082190696-501 - Limited - Disabled) s_rep (S-1-5-21-2101576799-1165526633-3082190696-1001 - Administrator - Enabled) => C:\Users\s_rep WDAGUtilityAccount (S-1-5-21-2101576799-1165526633-3082190696-504 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 123 Photo Version 2.0 (HKLM-x32\...\{68F08E04-F190-49B4-B159-3FA7E72A4EC8}_is1) (Version: 2.0 - Harald Wittke) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 19.008.20080 - Adobe Systems Incorporated) Any Video Converter 6.0.9 (HKLM-x32\...\Any Video Converter) (Version: 6.0.9 - Anvsoft) Apple Application Support (32-Bit) (HKLM-x32\...\{49F7DD82-FC83-48BF-86C6-CFE6E1E233E1}) (Version: 7.1 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{1FA68E27-2951-42E8-9F57-1A7F6581B4FD}) (Version: 7.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.) Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.) Avira (HKLM-x32\...\{2884d9b5-2fed-48df-b0e0-fe229e7eb781}) (Version: 1.2.121.24663 - Avira Operations GmbH & Co. KG) Avira (x32 Version: 1.2.121.24663 - Avira Operations GmbH & Co. KG) Hidden Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.42.11 - Avira Operations GmbH & Co. KG) Avira Safe Shopping (HKLM-x32\...\{573F6664-99E1-40D8-921A-7C9345EC03B2}) (Version: 1.1.5.3330 - Avira Operations GmbH & Co. KG) Avira Safe Shopping (x32 Version: 1.0.65.2672 - Avira Operations Gmbh & Co. KG) Hidden Avira Software Updater (HKLM-x32\...\{D4F0629A-3F4A-4098-ADFE-6F3551762251}) (Version: 2.0.6.4401 - Avira Operations GmbH & Co. KG) Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 4.8.0.7455 - Avira Operations GmbH & Co. KG) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Bullzip PDF Printer 11.5.0.2698 (HKLM\...\Bullzip PDF Printer_is1) (Version: 11.5.0.2698 - Bullzip) calibre (HKLM-x32\...\{5BC66570-E69F-4C93-9DF2-E93739A91A63}) (Version: 3.25.0 - Kovid Goyal) Dropbox 25 GB (HKLM-x32\...\{84D8451D-2ED6-3A59-ABA5-2A447F7C6310}) (Version: 4.1.2.0 - Dropbox, Inc.) Dropbox Update Helper (x32 Version: 1.3.141.1 - Dropbox, Inc.) Hidden ELAN Touchpad 18.2.15.7_X64_WHQL (HKLM\...\Elantech) (Version: 18.2.15.7 - ELAN Microelectronic Corp.) Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.) Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC13084E6700}) (Version: 19.008.20071 - Adobe Systems Incorporated) FlashPeak Slimjet (HKLM-x32\...\Slimjet) (Version: 19.0.4.0 - FlashPeak Inc.) foldershare (HKLM\...\foldershare) (Version: 7.3 - foldershare) FotoWorks XL 2018 (HKLM-x32\...\FotoWorks XL 2018_is1) (Version: Aktuelle Version - IN MEDIAKG TI) Free MP4 Video Converter (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.111.215 - Digital Wave Ltd) HP Audio Switch (HKLM-x32\...\{BC852AA8-58F6-4F07-ACB1-7377E52CA4F3}) (Version: 1.0.150.0 - HP Inc.) HP CoolSense (HKLM-x32\...\{20CC03C7-7B48-4130-B7FA-39BC128E3A9E}) (Version: 2.21.5 - HP Inc.) HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.) HP ePrint SW (HKLM-x32\...\{54da9769-2364-4bd3-8139-6400500778b3}) (Version: 5.3.22034 - HP Inc.) HP JumpStart Apps (HKLM-x32\...\HP JumpStart Apps) (Version: 7.0.21 - HP Inc.) HP JumpStart Bridge (HKLM-x32\...\{23D5C1E8-0442-4D70-9280-927EF36657CB}) (Version: 1.1.0.378 - HP Inc.) HP JumpStart Launch (HKLM-x32\...\{81CA40FD-E11B-4DC1-AE33-A71EB044B8B7}) (Version: 1.1.275.0 - HP Inc.) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Photosmart 5520 series - Grundlegende Software für das Gerät (HKLM\...\{4F396B08-301D-4E53-A372-95A7E93ABD04}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Photosmart 5520 series Hilfe (HKLM-x32\...\{640A03B3-4E6B-4440-A350-E6A8D6348F12}) (Version: 27.0.0 - Hewlett Packard) HP Support Assistant (HKLM-x32\...\{4780AF24-213D-4187-86F2-0014A6D6077B}) (Version: 8.3.50.9 - HP Inc.) HP Support Solutions Framework (HKLM-x32\...\{AAE126B3-95C5-49E1-A590-7B5F6EDC7D60}) (Version: 12.5.32.203 - HP Inc.) HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.29 - HP Inc.) HP System Event Utility (HKLM-x32\...\{1BB20774-0FA8-4CFF-AB69-7B7AAE2DCE6C}) (Version: 1.4.19 - HP Inc.) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) Inkscape 0.92.3 (HKLM-x32\...\Inkscape) (Version: 0.92.3 - Inkscape Project) Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11003.3588 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1047 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4627 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1643.1 - Intel Corporation) Intel(R) Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 1.1.1.22 - Intel Corporation) Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{DDE28492-B260-4DF0-BA99-7F96FC2932C1}) (Version: 19.60.0 - Intel Corporation) Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.40 - Intel(R) Corporation) Hidden Intel® Integrated Sensor Solution (HKLM-x32\...\{b3782b53-1b6c-436a-b0f0-f65d83ae74d9}) (Version: 3.0.30.1119 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{185db067-38cd-4521-a43e-c39b96ee1389}) (Version: 19.50.1 - Intel Corporation) IrfanView 4.50 (64-bit) (HKLM\...\IrfanView64) (Version: 4.50 - Irfan Skiljan) ISS_Drivers_x64 (Version: 3.0.30.1119 - Intel Corporation) Hidden iTunes (HKLM\...\{91B57967-C0E0-435A-AE53-A2336ECD8560}) (Version: 12.9.1.4 - Apple Inc.) LibreOffice 5.3.7.2 (HKLM\...\{117F3217-458C-4371-B222-00C69DE96CB2}) (Version: 5.3.7.2 - The Document Foundation) Malwarebytes Version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2101576799-1165526633-3082190696-1001\...\OneDriveSetup.exe) (Version: 18.172.0826.0010 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 63.0.1 (x64 de) (HKLM\...\Mozilla Firefox 63.0.1 (x64 de)) (Version: 63.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.2 - Mozilla) OpenOffice 4.1.4 (HKLM-x32\...\{5E9128B1-0AB8-40F5-9F71-69089C490855}) (Version: 4.14.9788 - Apache Software Foundation) Opera Stable 56.0.3051.99 (HKU\S-1-5-21-2101576799-1165526633-3082190696-1001\...\Opera 56.0.3051.99) (Version: 56.0.3051.99 - Opera Software) ORTMANN Cross Stitch Designer 4.0 (HKLM-x32\...\ORTMANN Media-Verlag Cross Stitch Designer 4.0) (Version: 4.0 - ORTMANN Media-Verlag) Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden PDF24 Creator 8.3.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) PhotoFiltre 7 (HKU\S-1-5-21-2101576799-1165526633-3082190696-1001\...\PhotoFiltre 7) (Version: - ) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.21299 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8135 - Realtek Semiconductor Corp.) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden Silhouette Link (HKLM-x32\...\{C2136C80-F9D4-4096-86D4-C641BB36DFF3}) (Version: 1.0.096 - Silhouette America) Silhouette Studio (HKLM-x32\...\{518EAEF4-3E9D-4E45-B4DB-041B7FCB86D0}) (Version: 4.1.442 - Silhouette America) Studie zur Verbesserung von HP Photosmart 5520 series Produkten (HKLM\...\{B99F865A-3ECB-4E65-B6CF-9C60EE0273A3}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) Update for Skype for Business 2015 (KB4461446) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFBBF6D0-F140-40E9-B5AE-BDE708FC4817}) (Version: - Microsoft) Update for Skype for Business 2015 (KB4461446) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFBBF6D0-F140-40E9-B5AE-BDE708FC4817}) (Version: - Microsoft) Update for Skype for Business 2015 (KB4461446) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{BFBBF6D0-F140-40E9-B5AE-BDE708FC4817}) (Version: - Microsoft) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{EC5A6438-850E-4AD1-9169-DD071C8EFFEF}) (Version: 2.10.0.0 - Microsoft Corporation) VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes) Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-3) (Version: 1.0.42.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.42.0 (Version: 1.0.42.0 - LunarG, Inc.) Hidden WinRAR 5.50 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) Wondersoft - Wonderful Weather - Enhance and safeguard your online experience (HKLM-x32\...\Wondersoft Wonderful Weather) (Version: "1.1.1" - "Wondersoft") ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001_Classes\CLSID\{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}\localserver32 -> C:\Users\s_rep\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001_Classes\CLSID\{389510b7-9e58-40d7-98bf-60b911cb0ea9}\localserver32 -> C:\Users\s_rep\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\s_rep\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001_Classes\CLSID\{94269C4E-071A-4116-90E6-52E557067E4E}\localserver32 -> C:\Users\s_rep\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> C:\Users\s_rep\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001_Classes\CLSID\{A926714B-7BFC-4D08-A035-80021395FFA8}\localserver32 -> C:\Users\s_rep\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\FileCoAuth.exe (Microsoft Corporation) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {042D8A51-5878-4000-9C10-C04AFF122A1F} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand Task: {04B3E894-DE5B-4C4A-9AA7-CA8F7CE43583} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Cellular => C:\Windows\system32\ProvTool.exe [2018-04-12] (Microsoft Corporation) Task: {0638E40C-2629-48D2-B3AA-EE49DDEAB986} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.) Task: {0967FAC8-6E28-4BBF-8387-9D6CEB7DE860} - System32\Tasks\Avira\Safe Shopping\Check => C:\Program Files (x86)\Avira\Safe Shopping\Updater\Updater.exe [2018-11-01] (Avira) Task: {0A7AA876-862F-4F81-AA4B-B73950FA632C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates Task: {0FD500DA-01C5-4676-9B10-1A481B381433} - System32\Tasks\S-1-5-21-2101576799-1165526633-3082190696-1001\DataSenseLiveTileTask => C:\Windows\System32\DataUsageLiveTileTask.exe [2018-04-12] (Microsoft Corporation) Task: {1966DF7C-DE3A-4B71-A0AC-AD8B72668ECD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-07] (HP Inc.) Task: {1BCC53CF-FE23-46A5-B81C-5FCE6B3BDF23} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\s_rep\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [2018-10-17] (Microsoft Corporation) Task: {1BE936D4-EE40-4F04-84E0-18FFD27C0A6A} - System32\Tasks\Microsoft\Windows\Chkdsk\SyspartRepair => C:\Windows\system32\bcdboot.exe [2018-04-12] (Microsoft Corporation) Task: {2231CAFE-FABE-41F5-A0B3-842D9319DBF9} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\Windows\system32\AppHostRegistrationVerifier.exe [2018-06-02] (Microsoft Corporation) Task: {26979C78-BE35-4BE1-9663-F25C0DD509D3} - System32\Tasks\Opera scheduled Autoupdate 1539967477 => C:\Program Files\Opera\launcher.exe [2018-11-06] (Opera Software) Task: {294EF281-56B6-4F71-8115-BAC2919EF034} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task Task: {29F3A47A-C0DC-48D8-ACAF-89413EE0731D} - System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr => C:\Windows\System32\UNP\UpdateNotificationMgr.exe [2018-07-15] (Microsoft Corporation) Task: {2BB692C1-F60F-479E-ADC2-1CAF9422A2AC} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask Task: {2DBD790D-172A-4CFA-B3F7-824D7509680F} - System32\Tasks\Microsoft\Windows\PushToInstall\Registration => Sc.exe start pushtoinstall registration Task: {301E6046-EE37-4B0D-ADEA-B79237AA4C23} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2018-10-16] (Avira Operations GmbH & Co. KG) Task: {42B682B8-0FA8-4CD6-8609-C90EFF7505D4} - System32\Tasks\HPCustParticipation HP Photosmart 5520 series => C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.) Task: {430852CB-A87C-492E-A659-075C7BF1710C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates Task: {4C7F4583-DD70-4B68-B5CF-3621E0C33708} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {51D31EBF-545E-411D-A21A-CB34004CC384} - System32\Tasks\Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh Task: {541BA5BF-1736-4A3E-B1E5-CE1C9EE13043} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates Task: {54A21C2F-028A-40D4-B5D5-88E4A584FB1B} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-10-13] (Intel(R) Corporation) Task: {56E6F3A6-3B2E-47FE-9C9E-E9669BA61EFC} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-12-18] (Dropbox, Inc.) Task: {57688D33-0857-43F4-B3D2-26F0D0623E39} - System32\Tasks\Benutzerdienstfür(AppXSVC) => C:\Program Files (x86)\nodejs\node.exe [2017-05-02] (Node.js) Task: {577C3956-E492-42A5-AEFB-FDC54A537C64} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange Task: {57A7E0DF-F70E-43B1-AA2C-5BA67DBBE753} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask Task: {5DB4FD20-4FF2-4C58-9801-ADD6F0149633} - System32\Tasks\Microsoft\Windows\EDP\EDP Inaccessible Credentials Task Task: {60221910-B7B0-4AB9-AC2D-71058A6720EE} - System32\Tasks\Avira\Safe Shopping\Launch => C:\Program Files (x86)\Avira\Safe Shopping\Updater\Updater.exe [2018-11-01] (Avira) Task: {62331915-A3E9-4B6E-9686-86034377E8CF} - System32\Tasks\Microsoft\Windows\USB\Usb-Notifications Task: {65A34F07-723D-4150-B109-13BD1AE3DFAA} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] () Task: {66969E28-CE77-4B5F-B1FF-A3B610DFCFD3} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {6AB34E6E-76B0-4D9C-B1AC-C0E5B26BC23E} - System32\Tasks\Avira\Safe Shopping\Update => C:\Program Files (x86)\Avira\Safe Shopping\Updater\Updater.exe [2018-11-01] (Avira) Task: {6DE4F7DC-0B8D-404A-A6C9-83241658F8CA} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\Windows\system32\AppHostRegistrationVerifier.exe [2018-06-02] (Microsoft Corporation) Task: {6F94A2F9-CA33-4FCC-AA69-57F57230173C} - System32\Tasks\EZnVzpmjsBPJAOW => Rundll32.exe "C:\Users\s_rep\AppData\Local\Temp\zJVJydIlxtaAifNHI\TtycKSJSKAhDHkWV\nSqksLm.dll",#1 /adp EIGH4BJGH4VJGH2XIGH7HKGH8XJGH4SJGH8RJGH8YJGH8DIGH0RIGH6LIGH2AIGH1OIGH0WIGH1 /site_id 756 Task: {7138D0D3-1873-4A77-86CF-4840F491C90F} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\Windows\System32\XblGameSaveTask.exe [2018-04-12] (Microsoft Corporation) Task: {749E286C-C205-4C7C-B742-BE5023BF06DE} - System32\Tasks\Microsoft\Windows\PushToInstall\LoginCheck => Sc.exe start pushtoinstall login Task: {756535E6-76E8-42DF-9307-D2A8D82EDB1C} - System32\Tasks\HPEA3JOBS => C:\Program Task: {77DD4C0D-EEDB-4C1D-9A21-7B30E5F4C03A} - System32\Tasks\qdxgajDnKqmDPrtzQ2 => Rundll32.exe "C:\Program Files (x86)\BHXQvOBMsgKdEntstUR\LtVvruU.dll",#1 Task: {78BABCCD-20B8-49B7-B4F8-87490C41C875} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser Task: {7EAE5A6B-00F4-4B9F-A255-E1C163B587A1} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession Task: {7EED1416-89CD-4D52-8537-3E4860543030} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [2018-03-22] (Avira Operations GmbH & Co. KG) Task: {7EFE6C85-50FC-4D58-A3DF-10FEFC8CCB2D} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-12-18] (Dropbox, Inc.) Task: {83B7C57C-BF53-42F4-B3A0-B24ABFACE76A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {85F40D06-8916-40B8-ABA7-734BA60F90F2} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2016-11-28] (DropboxOEM) Task: {88026766-9562-4C3E-9C94-2E7DA5B61195} - System32\Tasks\yKlRUxrwnsuFpeUeBWz2 => Rundll32.exe "C:\Program Files (x86)\UmTwpSvRUOfSC\vKpdeLr.dll",#1 Task: {8CCDCCC3-88F0-4860-84BE-5AC16A1C6FA9} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => Rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance Task: {8D71F5C0-53E1-4F02-9A5D-851779424A0D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.) Task: {8F255F88-A87A-495F-B828-A4AFEC70BDB0} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\Windows\system32\dxgiadaptercache.exe [2018-04-12] (Microsoft Corporation) Task: {90331E02-BD0D-4D82-8804-1342EAAA2C9F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-12-06] (HP Inc.) Task: {97E8D66D-0085-423C-BA11-DD777A1258AB} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\Windows\system32\MDMAgent.exe [2018-04-12] (Microsoft Corporation) Task: {9CB242AA-EA28-4888-8DE0-98F1D6B05AC7} - System32\Tasks\DropboxUpdateTaskMachineCore1d377547997d14 => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-12-18] (Dropbox, Inc.) Task: {A167F6E0-ED47-419C-807E-2A11ECBA98D4} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation Task: {A305A840-EC8B-4C66-8EA8-5FF15F129CD2} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe [2018-04-12] (Microsoft Corporation) Task: {A5FE6B52-974F-492F-81F3-472223AD09D5} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\Windows\system32\ClipRenew.exe [2018-04-12] (Microsoft Corporation) Task: {AE1E6549-6E33-4D49-801B-F33E6D62356A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2016-12-06] (HP Inc.) Task: {B0952E0A-C54F-4E8B-95E9-90E560086B37} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand Task: {B14C88F4-4AAC-4F00-A94E-8EA180D7AEDC} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense Task: {B2F4AC84-A8D0-4524-9363-BFF5A5911A00} - System32\Tasks\Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask Task: {B3433942-FE11-4C11-839D-9C7589B6C5CB} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\Windows\system32\ClipRenew.exe [2018-04-12] (Microsoft Corporation) Task: {B96C2DB0-6A19-4E2B-89F6-84FD75E497A4} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback Task: {BDE8C0F4-1A50-4A42-ABFC-DFA37F8BF1C8} - System32\Tasks\OqUgsIhoyVOixP => Rundll32.exe "C:\Program Files (x86)\pbjpUXEkQjxU2\ydAhoPZsifauT.dll",#1 Task: {C161767E-4A22-4440-A1AF-1317A585F317} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [2018-03-28] (Avira Operations GmbH & Co. KG ) Task: {C2098BE2-A29A-4EB1-97F6-F0C57E086D4F} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\Windows\system32\speech_onecore\common\SpeechRuntime.exe [2018-06-02] (Microsoft Corporation) Task: {C9ACB1EA-CBC3-4359-99B2-F80FA71A75DC} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-12-06] (HP Inc.) Task: {CDA5D686-5D6C-4730-9907-B66710DC3670} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange Task: {D010978C-B666-4072-B7F3-DD6340CDD629} - System32\Tasks\Microsoft\Windows\EDP\StorageCardEncryption Task Task: {D07E8395-3840-41C1-8931-34D62726BED3} - System32\Tasks\niYEcWwYibJfLQX2 => Rundll32.exe "C:\Program Files (x86)\eEvEEOxmU\ggsKtT.dll",#1 Task: {D1CC320B-9A47-4DB4-AFE4-2BCE1A964E7A} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources Task: {D795D83C-F41B-4403-B14E-A038C6FBD1B0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated) Task: {DBE92F66-907D-4220-8C26-5D55E5A5906F} - System32\Tasks\HP\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe [2017-01-12] (HP Development Company, L.P.) Task: {DD710A69-86C6-4932-97B1-01FB13ACFEF1} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged Task: {DDF46C27-D05A-4829-90A2-9E4A4DDD7FE9} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [2017-02-02] (HP Inc.) Task: {E0862994-9083-482D-A921-27B4860FFA21} - System32\Tasks\Microsoft\Windows\Printing\EduPrintProv => C:\Windows\system32\eduprintprov.exe [2018-04-12] (Microsoft Corporation) Task: {E3757DD2-B31D-4CB0-B696-8EC28DB525C3} - System32\Tasks\Okawville => C:\Program Files\Okawville\Okawville.exe Task: {E9D4B94B-01E1-4850-91EF-9E40BB4E670E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-12-06] (HP Inc.) Task: {EDF26610-088A-459C-8682-BED9EC60359F} - System32\Tasks\{e6b1bd71-40ef-4173-8106-93b5f9032a6e} => C:\Users\s_rep\AppData\Local\Temp\{2CF693F1-5E55-41CB-BE04-6E437DA0D4B9}.exe <==== ACHTUNG Task: {EFA86FF7-22AE-4997-AFD9-E89E1BF9B7D6} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\Windows\system32\devicecensus.exe [2018-04-12] (Microsoft Corporation) Task: {F002E6F5-6788-45A8-8F43-228E2955D617} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2101576799-1165526633-3082190696-1001 => C:\Users\s_rep\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [2018-10-17] (Microsoft Corporation) Task: {F955A09C-E83A-4AD5-9ABC-7D5D7A055117} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task Task: {FC779438-B7FD-4774-AA55-4DE2A4B098A4} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh Task: {FECF5D21-00E3-4960-8359-57CBFC4E2D73} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.) Task: {FF7C8D28-6205-4327-B2BE-BD3E5E07D9BA} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [2017-02-01] () (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore1d377547997d14.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\EZnVzpmjsBPJAOW.job => C:\Users\s_rep\AppData\Local\Temp\zJVJydIlxtaAifNHI\TtycKSJSKAhDHkWV\nSqksLm.dll <==== ACHTUNG Task: C:\WINDOWS\Tasks\Okawville.job => C:\Program Files\Okawville\Okawville.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2018-10-21 02:17 - 2018-10-21 02:17 - 00088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2018-10-21 02:17 - 2018-10-21 02:17 - 01356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2016-12-06 12:06 - 2016-12-06 12:06 - 00897200 _____ () C:\Program Files (x86)\Silhouette America\Silhouette Link\Resources\Resources\SPEC_LK\SilhouetteLinkServer.32.exe 2018-11-11 15:37 - 2018-10-18 08:44 - 02821952 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2018-11-11 15:37 - 2018-10-18 08:44 - 02695360 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2018-04-04 17:03 - 2018-04-04 17:03 - 00173760 _____ () C:\WINDOWS\system32\IntelWifiIhv04.dll 2017-02-01 10:50 - 2017-02-01 10:50 - 00459264 _____ () C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe 2018-04-12 00:34 - 2018-04-12 00:34 - 00491744 _____ () C:\Windows\System32\InputHost.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 00472064 _____ () C:\Windows\ShellExperiences\TileControl.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 02759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 00491744 _____ () C:\WINDOWS\SYSTEM32\InputHost.dll 2018-10-10 07:50 - 2018-09-20 04:38 - 02185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-10-23 13:23 - 2018-10-23 13:23 - 00183808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe 2018-10-23 13:23 - 2018-10-23 13:23 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll 2018-10-28 16:06 - 2018-10-28 16:06 - 35118592 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Video.UI.exe 2018-10-28 16:06 - 2018-10-28 16:06 - 00290816 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\SharedUI.dll 2018-10-28 16:06 - 2018-10-28 16:06 - 05987328 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\EntCommon.dll 2017-12-17 18:16 - 2017-12-17 18:16 - 03553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2018-10-28 16:06 - 2018-10-28 16:06 - 09064448 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\EntPlat.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 00491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2018-10-16 04:05 - 2018-10-16 04:06 - 00009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll 2018-10-23 13:23 - 2018-10-23 13:23 - 00060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\ChakraBridge.dll 2018-10-23 13:23 - 2018-10-23 13:23 - 10978304 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\LibWrapper.dll 2018-10-23 13:23 - 2018-10-23 13:23 - 02810368 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\skypert.dll 2018-10-22 13:59 - 2018-10-22 13:59 - 00088888 _____ () C:\Program Files\iTunes\zlib1.dll 2018-10-22 13:59 - 2018-10-22 13:59 - 01356088 _____ () C:\Program Files\iTunes\libxml2.dll 2018-11-11 15:05 - 2018-11-11 15:16 - 00228352 _____ () C:\Program Files\Mozilla Firefox\zlib1.dll 2018-07-11 11:12 - 2018-06-15 18:30 - 01308672 _____ () c:\windows\system32\FaceProcessor.dll 2018-07-11 11:11 - 2018-06-15 18:55 - 00542888 _____ () c:\windows\system32\FaceProcessorCore.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 01348664 _____ () c:\windows\system32\FaceTrackerInternal.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 00491744 _____ () C:\WINDOWS\system32\InputHost.dll 2018-06-13 16:56 - 2018-06-08 10:31 - 03912608 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll 2018-06-13 16:55 - 2018-06-08 10:31 - 02506680 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentManagementSDK.dll 2018-03-16 16:03 - 2018-01-18 11:10 - 00114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll 2018-03-16 16:03 - 2018-01-18 11:10 - 00048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll 2018-03-16 16:03 - 2018-01-18 11:10 - 00024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll 2018-03-16 16:03 - 2018-01-18 11:10 - 00108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll 2018-08-08 14:36 - 2018-08-08 14:35 - 00243352 _____ () C:\Program Files (x86)\Avira\Antivirus\ssl-44.dll 2018-08-08 14:36 - 2018-08-08 14:35 - 01204472 _____ () C:\Program Files (x86)\Avira\Antivirus\crypto-42.dll 2018-10-12 13:51 - 2018-10-12 13:51 - 00153088 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\5a6824ba71791f4e5c689ddf33969597\BRIDGECommon.ni.dll 2018-10-12 13:52 - 2018-10-12 13:52 - 00326144 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\47497f5230d6bfbbb6565f725a2086ae\CleanStartController.ni.dll 2018-10-12 13:51 - 2018-10-12 13:51 - 00116736 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\40891bc946359c696fadcef1382449be\BridgeExtension.ni.dll 2018-11-01 11:43 - 2018-11-01 11:43 - 00078992 _____ () C:\Program Files (x86)\Avira\Safe Shopping\ScreenClick.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1" ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001\...\sharepoint.com -> hxxps://ecahk-files.sharepoint.com ==================== Hosts Inhalt: ========================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2017-03-18 22:03 - 2018-11-11 15:16 - 00000980 ____A C:\WINDOWS\system32\Drivers\etc\hosts 104.251.211.173 clients2.google.com 104.251.211.173 clients2.google.com 104.251.211.173 clients2.google.com 104.251.211.173 clients2.google.com ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-2101576799-1165526633-3082190696-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\s_rep\Documents\Wallpapers Bot\Wallpapers\zfAMY4rgtp5h33Qc.jpg DNS Servers: 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [WirelessDisplay-Infra-In-TCP] => (Allow) %systemroot%\system32\CastSrv.exe FirewallRules: [{439043F2-9AB9-4A4B-BFBE-FA623699EF00}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{3B0106F5-5C9F-4A3E-8056-9C4EC2BEA19C}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{677E5800-E1DF-49A2-A852-19B997DFE957}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{EC4B0CD1-E3AD-4240-A3CD-D7BB88847A2F}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{BCBD647B-FFEC-47FD-829E-1B05F44A12E6}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{BD67F4B2-6704-4DDF-BE67-C56288677333}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [UDP Query User{2F7241AE-72ED-401E-99C4-05313F54B160}C:\program files (x86)\avira\softwareupdater\avirasoftwareupdatertoastnotificationsbridge.exe] => (Allow) C:\program files (x86)\avira\softwareupdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [TCP Query User{8EA3B3FA-7B32-451F-93EA-DD2A8A2175E1}C:\program files (x86)\avira\softwareupdater\avirasoftwareupdatertoastnotificationsbridge.exe] => (Allow) C:\program files (x86)\avira\softwareupdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{B7052AEC-6E2C-46FD-8B02-6BE5265D139F}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{70658E0A-BCA3-4118-9B42-0EA07E1BFE05}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{A1549108-A290-49D9-B5EC-ED771DF44F8D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{1B586CB7-BE56-4AB0-9CAC-7453ABD88DD1}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{06C0F912-9378-457B-93BD-DCDEB82F5AD4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{37E293EB-09D3-496C-86DE-021CFBCA1C97}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [UDP Query User{047AF169-911B-485B-A0CD-39BB4A3F55BA}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{A60134A4-2C23-4282-B121-32B94999C6CA}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe FirewallRules: [{8EFA245C-82EE-4FFB-8BB1-B5655205979D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{A0044B33-F734-40D5-AC66-272F00226DFC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{0B34C0E6-0CAB-4577-B4D1-23395A092786}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe FirewallRules: [{D8BEE5B1-E632-4A06-BAA1-68516E9C65A6}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe FirewallRules: [{4B4AA8B4-8C91-412A-81C3-E75BA96964D3}] => (Allow) C:\Program Files (x86)\Silhouette America\Silhouette Link\SilhouetteLinkConsole.exe FirewallRules: [{3C469094-E9B2-47AF-A2D0-986D54669D45}] => (Allow) C:\Program Files (x86)\Silhouette America\Silhouette Link\Resources\Resources\SPEC_LK\SilhouetteLinkServer.32.exe FirewallRules: [{87901CA5-AF13-4AF9-9DD1-D6CC049A8E42}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\DeviceSetup.exe FirewallRules: [{827BD9B1-D12F-457E-8888-146480263EBB}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicator.exe FirewallRules: [{34F98F02-3FDD-40BC-BF5A-721CE70F9DAA}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{A1A3588C-0FFD-4713-B54A-832B187AD868}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{4300C1D7-29E8-4BEE-90A7-E609500C27A5}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{B9BF142B-9EDF-444E-AFBF-9C8EF85643F4}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{4FC24485-7F00-4A5C-88E7-4271B08E8596}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{D46AD910-FE2E-410D-8DCA-BA1CCF494AFD}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{AE0C1F56-D9C7-4051-BA71-AABC0126D52E}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{AAE03384-BD64-4C1A-9734-1A70EA1B49DE}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{C451C23A-559C-4743-8967-31F5B8A67CBF}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{3AEE882F-C2FA-4FD6-BFB4-232094768E2C}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{6657C994-1DCD-45E1-8E14-09F1A7A31C66}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{B1377193-AB3F-4C3A-BF26-1A0A67E84C5B}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{0F003187-7357-4817-9935-F55FCDA464D3}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{AD43A1A4-DD8A-495C-9060-A523D70212B7}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{AFAFA1E7-3911-4321-8517-EF92A856EBCB}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{2843C2E1-BE26-4EBC-B115-0B27532A0B0D}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{397B3379-6311-4DBD-A104-BC9EA0DC6B73}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{D5BF0ED1-3D5F-48B8-B6AC-48C386802643}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{F9C36B6B-87F1-4F57-BD43-0E9F75E2AD6A}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{E3D05FEC-090D-4A42-B12D-018918311952}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{D50AF306-D37D-4E61-A86D-7E2DB0E5F525}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{534B5086-7971-45A2-99C9-B7CAB430C02A}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{9B239CB7-00CD-4482-93AE-8ABA968BDB30}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{0C3D50BB-4590-4D95-933B-6B7C9D48932B}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{B5CE0DAA-E3A8-4574-BD12-CB9D79726BDE}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{D59B3E36-74D5-479B-9BCA-C64488D02404}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{98C20A46-B12E-47DA-8F96-BDE4CB6EF401}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{3AE3B46B-2F14-4E4D-80C5-379B90EB37EB}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{4EAE7AD8-3012-4D13-AFF3-AF85C38396A1}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{1B03FE70-DEF9-4AA5-AD67-9AF531BE0615}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{62017417-BFF3-40EB-B41E-EC16F647C5B4}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{8B9E91E4-FF94-4CF6-BB09-8028EB3D27D2}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{731632A1-C8EC-457B-8AAA-93783BA8E4D6}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{26DE2B26-1A44-411C-9614-19CD7F1E39AD}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{1A91A1B1-6D6F-40A0-9ABF-C50D48615F72}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{DAFD3D59-0C52-415F-86C8-DF2195CBA66C}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{276EFC78-F505-480B-AEA5-D8FBFB188F01}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{B320A83B-E3CA-4F2A-BC06-BEC50306B525}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{B6331505-1E93-486E-9143-25FA28B77E58}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{053137EB-66B7-4AAB-BC5A-0B09671D49A0}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{F894D921-EEC6-494C-84FA-A193ADC15270}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{D7AB8D5A-8D8A-4644-BBEE-D9EC48B5B91D}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{F234CFB2-CDC8-458A-BB66-C64A91CD7F7E}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{5EC1243E-60C8-4F70-808C-4FCAA91C909B}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{81C9FC8E-184B-4EC4-A710-F94C2F157E5D}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{A762C034-D189-4204-B72B-9E0357F37F59}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{4D265CDE-1D8A-40A3-80C8-6994347DDBF0}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{F8F262E0-7066-4D48-94E3-7DDBB228C52C}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{67AE79B0-712A-4FFB-91A7-1F89EC9CD753}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{341D333F-020C-430E-BA97-0CE31D96D1E3}] => (Allow) C:\Program Files\Opera\56.0.3051.52\opera.exe FirewallRules: [{E391F228-6C1E-42CF-95FD-612F45847892}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{7C91652E-96EF-4A9F-86BB-36D92B5F4AAA}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{80E515D2-1021-44B6-B5B0-847FB4A9BEB9}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{64BBF7EE-4EE1-4976-8CC4-F1031D3003EE}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{9E39608F-6D27-4CC3-9754-CDB8D7B632B2}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{5557133A-7AFB-43E4-A279-DEEA4914859B}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{63B779B2-2355-4DEC-A8C2-DC42BF5C194F}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{2A0B080D-7F28-4799-9270-7304A091293C}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{64EFF598-A5F3-40FF-B960-8F276AED3B32}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{757D69DB-4307-4C1C-945E-439D3315C488}] => (Allow) C:\Program Files\Opera\56.0.3051.99\opera.exe FirewallRules: [{7AB434E3-99FB-4038-82AB-28BB57633C44}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe FirewallRules: [{A71721D4-8345-4A02-820D-3542C181B855}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{65791A5B-7F04-41AC-885A-271C9308D87B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{7E643056-9DF7-4D6B-B6E7-ECBF0FB4871F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{C21F8CA8-D18C-4A0F-BD1A-BB7BF49817A5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{5C3909DB-F402-4636-A255-61F506305906}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{712047EF-FED1-48B5-8D7B-DD342C1F505C}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{A91B5495-CB42-42BE-9949-439B8B6296A8}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{41A32139-30C1-4DD2-91DB-2E4BE3169C20}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{E7DEB653-A09C-4EB3-AD29-E33842C255CF}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{F98E92B0-E83F-46C4-9F0F-A0D68D0C95C2}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{96BAA2AE-8038-427C-9C9D-19B7B89F3B71}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{1ECFA2FF-6F0E-48ED-AD78-5AF937E49C61}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{CDE1F15A-D759-451F-8570-468923CDD818}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{B40CD56A-8B54-4EFE-B268-98512353C973}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{28AEA346-D0F7-4349-9878-C018C83B4F60}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{F7A449E9-978F-4603-BD13-B9F5A2B9F790}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{FF8A0E47-C6BC-4395-BB3B-B41E6C7754D6}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{02E7D4B9-D057-4E80-BA0B-39790DBE2EA3}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{6C719FEB-EC56-4E56-8A30-D398434E15C9}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{CE9AB76D-BBA0-4CED-BC10-145A03CF6E15}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{49754684-832B-49B6-9933-1E7876EDC687}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{31C3491D-E0F6-493C-851B-B4913132913F}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{08C52614-B8B0-4636-8B01-8DFAFBDDFA6F}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{9A02A70D-9DF4-424C-AA9A-9BEBC9B3EF38}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{6DC7C76B-0F53-4ADF-9B4E-DD28D6CFD1EA}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{2EE397CF-4581-456E-92FF-DAFD02CE4924}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{CDD00E64-957D-4B4F-A129-6CD228C4D2F6}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{6711641B-82C4-4536-9244-31D15B5217AA}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{F00DAB18-FACC-4D13-8568-BC39636D787E}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{0B82EE2E-8E5F-4A3A-844D-B45246CCF874}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{64803051-1F76-4FC1-A21B-EC3DB39C067B}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{9C3FF083-F673-4FF3-B843-CF96D05016CF}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{47E1F7AA-0C4E-4455-96BA-5D4425416C19}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{4396F9D4-3B5D-4FE6-97C7-0348571CC097}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{645AED59-74C6-4F0B-A2FB-A9F207EB67B2}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{80D6592C-202E-4CF7-AE99-56C19375AE11}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{A3A17FF0-F740-4578-B957-DD24B29BD7DF}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{8983048C-F85C-46EC-94CE-CECFDFAEF478}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{A85121C2-DE0C-4D60-94BA-1B05A187682B}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{7B945347-9E8B-4BA4-BE35-22FC9180B082}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{EC82A8F5-76D4-412C-BEA4-42B082C343FE}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe ==================== Wiederherstellungspunkte ========================= 17-10-2018 07:22:22 Installed Extended Asian Language font pack for Adobe Acrobat Reader DC. 26-10-2018 16:00:04 Geplanter Prüfpunkt 05-11-2018 07:39:58 Geplanter Prüfpunkt 08-11-2018 05:00:29 Installed iTunes 11-11-2018 15:27:03 11-11-2018 15:27:17 ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (11/11/2018 08:46:26 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Local Hostname DESKTOP-D6NM1SV.local already in use; will try DESKTOP-D6NM1SV-2.local instead Error: (11/11/2018 08:46:26 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: ProbeCount 1; will deregister 4 DESKTOP-D6NM1SV.local. Addr 192.168.0.10 Error: (11/11/2018 08:46:26 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 192.168.0.10:5353 16 DESKTOP-D6NM1SV.local. AAAA 2A02:8108:0280:1253:EF76:6081:35AB:62CA Error: (11/11/2018 06:54:28 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-D6NM1SV) Description: httphttp-2147467263 Error: (11/11/2018 06:51:29 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-D6NM1SV) Description: httphttp-2147467263 Error: (11/11/2018 06:14:04 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-D6NM1SV) Description: httphttp-2147467263 Error: (11/11/2018 05:17:50 PM) (Source: AviraOptimizerHost) (EventID: 0) (User: ) Description: Das Handle ist ungültig Error: (11/11/2018 05:13:29 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-D6NM1SV) Description: httphttp-2147467263 Error: (11/11/2018 04:20:46 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: mbamtray.exe, Version: 3.1.0.1644, Zeitstempel: 0x5bc8b2d1 Name des fehlerhaften Moduls: Qt5Core.dll, Version: 5.11.1.0, Zeitstempel: 0x5b9bc256 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0019d749 ID des fehlerhaften Prozesses: 0x25d8 Startzeit der fehlerhaften Anwendung: 0xmbamtray.exe0 Pfad der fehlerhaften Anwendung: mbamtray.exe1 Pfad des fehlerhaften Moduls: mbamtray.exe2 Berichtskennung: mbamtray.exe3 Vollständiger Name des fehlerhaften Pakets: mbamtray.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: mbamtray.exe5 Error: (11/11/2018 04:15:35 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: TiWorker.exe, Version: 10.0.17134.136, Zeitstempel: 0xe5c2d1d0 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.17134.319, Zeitstempel: 0x1e206b26 Ausnahmecode: 0x80000003 Fehleroffset: 0x00000000000ac5d2 ID des fehlerhaften Prozesses: 0x24e8 Startzeit der fehlerhaften Anwendung: 0xTiWorker.exe0 Pfad der fehlerhaften Anwendung: TiWorker.exe1 Pfad des fehlerhaften Moduls: TiWorker.exe2 Berichtskennung: TiWorker.exe3 Vollständiger Name des fehlerhaften Pakets: TiWorker.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: TiWorker.exe5 Systemfehler: ============= Error: (11/11/2018 08:55:28 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-D6NM1SV) Description: {9E175B6D-F52A-11D8-B9A5-505054503030} Error: (11/11/2018 08:55:17 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (11/11/2018 08:53:28 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-D6NM1SV) Description: {9E175B6D-F52A-11D8-B9A5-505054503030} Error: (11/11/2018 08:51:28 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-D6NM1SV) Description: {9E175B6D-F52A-11D8-B9A5-505054503030} Error: (11/11/2018 08:49:28 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-D6NM1SV) Description: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} Error: (11/11/2018 08:48:52 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalStartWindows.SecurityCenter.WscBrokerManagerNicht verfügbarNT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (11/11/2018 08:47:28 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT) Description: {9E175B6D-F52A-11D8-B9A5-505054503030} Error: (11/11/2018 08:45:33 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalAktivierung{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (11/11/2018 08:45:33 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalAktivierung{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (11/11/2018 08:45:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "MTEzOG" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 CodeIntegrity: =================================== Date: 2018-11-11 20:52:05.346 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-11-11 20:52:05.341 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-11-11 20:52:04.059 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-11-11 20:52:04.053 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-11-11 20:52:03.028 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-11-11 20:52:03.023 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-11-11 20:47:20.463 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-11-11 20:47:20.461 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-11-11 20:47:18.898 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-11-11 20:47:18.896 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz Prozentuale Nutzung des RAM: 44% Installierter physikalischer RAM: 8064.66 MB Verfügbarer physikalischer RAM: 4498.47 MB Summe virtueller Speicher: 11136.66 MB Verfügbarer virtueller Speicher: 7387.68 MB ==================== Laufwerke ================================ Drive c: (Windows) (Fixed) (Total:915.33 GB) (Free:683.97 GB) NTFS Drive d: (RECOVERY) (Fixed) (Total:14.95 GB) (Free:1.78 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: A50E1C7D) Partition: GPT. ==================== Ende von Addition.txt ============================ Code:
ATTFilter Malwarebytes www.malwarebytes.com -Protokolldetails- Scan-Datum: 11.11.18 Scan-Zeit: 18:55 Protokolldatei: 0ab741b0-e5db-11e8-b6a2-28c63f8bc823.json -Softwaredaten- Version: 3.6.1.2711 Komponentenversion: 1.0.482 Version des Aktualisierungspakets: 1.0.7797 Lizenz: Testversion -Systemdaten- Betriebssystem: Windows 10 (Build 17134.345) CPU: x64 Dateisystem: NTFS Benutzer: DESKTOP-D6NM1SV\s_rep -Scan-Übersicht- Scan-Typ: Benutzerdefinierter Scan Scan gestartet von: Manuell Ergebnis: Abgeschlossen Gescannte Objekte: 435066 Erkannte Bedrohungen: 7 In die Quarantäne verschobene Bedrohungen: 7 Abgelaufene Zeit: 1 Std., 16 Min., 10 Sek. -Scan-Optionen- Speicher: Deaktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Deaktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Erkennung PUM: Erkennung -Scan-Details- Prozess: 0 (keine bösartigen Elemente erkannt) Modul: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswert: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Daten-Stream: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Datei: 7 Adware.Csdimonetize, C:\PROGRAM FILES\REMPL\S08D54A252QD0TO61JR7D5R4UY607K\UPDATEINSTALL.EXE, In Quarantäne, [5408], [596485],1.0.7797 Adware.Csdimonetize, C:\PROGRAM FILES\REMPL\S08D54A252QD0TO61JR7D5R4UY607K\-O2MZ4SVZO.EXE, In Quarantäne, [5408], [596409],1.0.7797 PUP.Optional.Reimage, C:\USERS\S_REP\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\E8MQT8NS.DEFAULT\CACHE2\ENTRIES\741B1365E3AE2C8AF4181B6C6EDC84D0028FDAFD, In Quarantäne, [1402], [331559],1.0.7797 PUP.Optional.SpyHunter, C:\USERS\S_REP\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\E8MQT8NS.DEFAULT\CACHE2\ENTRIES\9DB66D3DF678A025E7D30AEE8D48E2580643E3DF, In Quarantäne, [3918], [552698],1.0.7797 RiskWare.Patcher, C:\USERS\S_REP\DOWNLOADS\ALTE SICHERUNGEN\SICHERUNG SONJA 2\ALTE DOWNLOADS\OFFICE 2016\1\CYGISO\CYGISO\WIN10_ACTIVATOR.EXE, In Quarantäne, [7919], [19201],1.0.7797 Generic.Malware/Suspicious, C:\USERS\S_REP\DOWNLOADS\ALTE SICHERUNGEN\SICHERUNG SONJA 2\ALTE DOWNLOADS\OFFICE 2016\PRG ACTI PORT\KMSAUTO LITE PORTABLE V1.2.6\KMSAUTO.EXE, In Quarantäne, [0], [392686],1.0.7797 Generic.Malware/Suspicious, C:\USERS\S_REP\DOWNLOADS\ALTE SICHERUNGEN\SICHERUNG SONJA 2\PROGRAMME INSTALLIERT\OFFICE 2016\PRG ACTI PORT\KMSAUTO LITE PORTABLE V1.2.6\KMSAUTO.EXE, In Quarantäne, [0], [392686],1.0.7797 Physischer Sektor: 0 (keine bösartigen Elemente erkannt) WMI: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter # ------------------------------- # Malwarebytes AdwCleaner 7.2.4.0 # ------------------------------- # Build: 09-25-2018 # Database: 2018-11-05.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 11-11-2018 # Duration: 00:00:18 # OS: Windows 10 Home # Scanned: 32052 # Detected: 43 ***** [ Services ] ***** PUP.Optional.Legacy WCAssistantService ***** [ Folders ] ***** Adware.Agent C:\Windows\System32\config\systemprofile\AppData\Roaming\CRMSvc PUP.Optional.Chip C:\Windows\Installer\{503CA94E-0834-4CEE-AD92-BA17AF4E809A} PUP.Optional.DownloadSponsor C:\Users\s_rep\AppData\Local\Temp\DMR PUP.Optional.LookupPro C:\Users\s_rep\AppData\Roaming\LookupPro PUP.Optional.ProxyGate C:\Program Files (x86)\ProxyGate PUP.Optional.SmartBar C:\Windows\Temp\Smartbar PUP.Optional.WebCompanion C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** Adware.Agent HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D105DFE2-8DF6-4BA0-ABF1-392716658963} Adware.Agent HKLM\System\CurrentControlSet\Services\EventLog\Application\CRMSvc Adware.DNSUnlocker HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564 Adware.OnlineIO HKLM\Software\Wow6432Node\Microleaves PUP.Optional.Chip HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E49AC3054380EEC4DA29AB71FAE408A9 PUP.Optional.Chip HKLM\Software\Classes\Installer\Products\E49AC3054380EEC4DA29AB71FAE408A9 PUP.Optional.Chip HKLM\Software\Classes\Installer\Features\E49AC3054380EEC4DA29AB71FAE408A9 PUP.Optional.Chip HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\04A063A0BBEACF54EAEF493C49D9E3F6 PUP.Optional.Chip HKLM\Software\Classes\Installer\UpgradeCodes\04A063A0BBEACF54EAEF493C49D9E3F6 PUP.Optional.InstallCore HKCU\Software\csastats PUP.Optional.Legacy HKLM\Software\Wow6432Node\WMPNetworkAcSvc PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\Main|Default_Search_URL PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\Main|Default_Page_URL PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\Main|Start Page PUP.Optional.Legacy HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main|Search Page PUP.Optional.Legacy HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main|Default_Search_URL PUP.Optional.Legacy HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main|Default_Page_URL PUP.Optional.Legacy HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main|Start Page PUP.Optional.Legacy HKLM\Software\Microsoft\Internet Explorer\Main|Default_Page_URL PUP.Optional.Legacy HKLM\Software\Microsoft\Internet Explorer\Main|Start Page PUP.Optional.Legacy HKLM\Software\Microsoft\Internet Explorer\Main|Search Page PUP.Optional.Legacy HKLM\Software\Microsoft\Internet Explorer\Main|Default_Search_URL PUP.Optional.Microleaves HKU\S-1-5-18\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014} PUP.Optional.Microleaves HKU\.DEFAULT\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014} PUP.Optional.Microleaves HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\436F6625D7B77354DBCD89DDC6CFAB1A PUP.Optional.Microleaves HKLM\Software\Classes\Installer\Products\436F6625D7B77354DBCD89DDC6CFAB1A PUP.Optional.Microleaves HKLM\Software\Classes\Installer\Features\436F6625D7B77354DBCD89DDC6CFAB1A PUP.Optional.Wajam HKLM\Software\Wow6432Node\SrcAAAesom Browser Enhancer PUP.Optional.Wajam HKLM\Software\SrcAAAesom Browser Enhancer PUP.Optional.Wajam HKCU\Software\WajIEnhance PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Lavasoft\Web Companion PUP.Optional.WebCompanion HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries found. ***** [ Chromium URLs ] ***** No malicious Chromium URLs found. ***** [ Firefox (and derivatives) ] ***** PUP.Optional.Legacy Avira SafeSearch Plus ***** [ Firefox URLs ] ***** Adware.Linkury file:///C:/ProgramData/Polygens/ff.HP PUP.Optional.Legacy suggestqueries.google.com ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ########## Code:
ATTFilter # ------------------------------- # Malwarebytes AdwCleaner 7.2.4.0 # ------------------------------- # Build: 09-25-2018 # Database: 2018-11-05.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 11-11-2018 # Duration: 00:00:08 # OS: Windows 10 Home # Cleaned: 42 # Failed: 1 ***** [ Services ] ***** Deleted WCAssistantService ***** [ Folders ] ***** Deleted C:\Windows\System32\config\systemprofile\AppData\Roaming\CRMSvc Deleted C:\Windows\Installer\{503CA94E-0834-4CEE-AD92-BA17AF4E809A} Deleted C:\Users\s_rep\AppData\Local\Temp\DMR Deleted C:\Users\s_rep\AppData\Roaming\LookupPro Deleted C:\Program Files (x86)\ProxyGate Deleted C:\Windows\Temp\Smartbar Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D105DFE2-8DF6-4BA0-ABF1-392716658963} Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\CRMSvc Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564 Deleted HKLM\Software\Wow6432Node\Microleaves Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E49AC3054380EEC4DA29AB71FAE408A9 Deleted HKLM\Software\Classes\Installer\Products\E49AC3054380EEC4DA29AB71FAE408A9 Deleted HKLM\Software\Classes\Installer\Features\E49AC3054380EEC4DA29AB71FAE408A9 Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\04A063A0BBEACF54EAEF493C49D9E3F6 Deleted HKLM\Software\Classes\Installer\UpgradeCodes\04A063A0BBEACF54EAEF493C49D9E3F6 Deleted HKCU\Software\csastats Deleted HKLM\Software\Wow6432Node\WMPNetworkAcSvc Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Default_Search_URL Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Default_Page_URL Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main|Search Page Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main|Default_Search_URL Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main|Default_Page_URL Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main|Start Page Deleted HKLM\Software\Microsoft\Internet Explorer\Main|Default_Page_URL Deleted HKLM\Software\Microsoft\Internet Explorer\Main|Start Page Deleted HKLM\Software\Microsoft\Internet Explorer\Main|Search Page Deleted HKLM\Software\Microsoft\Internet Explorer\Main|Default_Search_URL Deleted HKU\S-1-5-18\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014} Deleted HKU\.DEFAULT\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014} Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\436F6625D7B77354DBCD89DDC6CFAB1A Deleted HKLM\Software\Classes\Installer\Products\436F6625D7B77354DBCD89DDC6CFAB1A Deleted HKLM\Software\Classes\Installer\Features\436F6625D7B77354DBCD89DDC6CFAB1A Deleted HKLM\Software\Wow6432Node\SrcAAAesom Browser Enhancer Deleted HKLM\Software\SrcAAAesom Browser Enhancer Deleted HKCU\Software\WajIEnhance Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** Deleted Avira SafeSearch Plus ***** [ Firefox URLs ] ***** Deleted file:///C:/ProgramData/Polygens/ff.HP Not Deleted suggestqueries.google.com ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [5181 octets] - [11/11/2018 16:55:12] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ########## Code:
ATTFilter # ------------------------------- # Malwarebytes AdwCleaner 7.2.4.0 # ------------------------------- # Build: 09-25-2018 # Database: 2018-11-05.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 11-11-2018 # Duration: 00:00:21 # OS: Windows 10 Home # Scanned: 32052 # Detected: 1 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Lavasoft\Web Companion ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries found. ***** [ Chromium URLs ] ***** No malicious Chromium URLs found. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. AdwCleaner[S00].txt - [5181 octets] - [11/11/2018 16:55:12] AdwCleaner[C00].txt - [4583 octets] - [11/11/2018 16:55:46] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ########## Code:
ATTFilter # ------------------------------- # Malwarebytes AdwCleaner 7.2.4.0 # ------------------------------- # Build: 09-25-2018 # Database: 2018-11-05.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 11-11-2018 # Duration: 00:00:06 # OS: Windows 10 Home # Cleaned: 1 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** No malicious folders cleaned. ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [5181 octets] - [11/11/2018 16:55:12] AdwCleaner[C00].txt - [4583 octets] - [11/11/2018 16:55:46] AdwCleaner[S01].txt - [1416 octets] - [11/11/2018 20:42:56] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ########## |
12.11.2018, 15:53 | #3 |
/// TB-Ausbilder | 2 merkwürdige "Programme" (Apps) eingefangen, die sich nicht mehr deinstallieren lassenMein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte vergewissere dich zuerst, dass du die folgenden Regeln und Hinweise für eine Bereinigung gelesen und verstanden hast: Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten? Und Avira hat nicht gemeckert und alles durchgehen lassen? Das ist ja mal ein Armutszeugnins... Dein Rechner ist vollgepackt mit Adware... wie hast du dir denn den ganzen Mist auf den Rechner geholt? Schritt 1
Schritt 2
Schritt 3
Bitte poste mit deiner nächsten Antwort
Geändert von M-K-D-B (12.11.2018 um 17:33 Uhr) |
13.11.2018, 09:36 | #4 |
| 2 merkwürdige "Programme" (Apps) eingefangen, die sich nicht mehr deinstallieren lassen Hi Matthias, erstmal lieben Dank, dass du mir hilfst. Heute früh hat Avira auch Alarm gemeldet... 6x wurde TR/injector.aouqc gefunden und in Quarantäne gesetzt Zu deinen Fragen: Avira hat gemeckert als ich wieder am Rechner war ja, da hab ich dann auch gleich Malwarebytes installiert und dieses AdwCleaner Programm, aber es war wohl zu spät. Vollgepackt...? Ups, ich dachte diese komischen 2 Sachen sind neu und haben den Alarm ausgelöst Wie ist ne gute Frage, ich weiß es nicht wirklich... mein Teenager-Sohn ist hin und wieder am Laptop und am Sonntag war er auch dran, was er aber genau gemacht hat, damit rückt er nicht raus Laptop Verbot ist jedenfalls bis auf Weiteres aktiv Ich scheitere jetzt allerdings schon an Schritt1... Habe den gesamten Teil der Box markiert und kopiert, dann FRST geöffnet und auf Entfernen geklickt... Allerdings zeigt mir das Programm dann folgendes an: fixlist.txt wurde nicht gefunden. Die fixlist.txt muss sich im gleichen Ordner/Verzeichnis wie das Programm befinden. Und dann schließt sich das Programm selbstständig. Habe auch schon einen Neustart gemacht, aber auch dann passiert genau das Gleiche. Schritt 2 ging sehr schnell, liegt vielleicht aber auch daran, dass Schritt 1 nicht funktioniert hat, habe es aber trotzdem mal gemacht: Code:
ATTFilter Farbar Recovery Scan Tool (x64) Version:13-04-2016 durchgeführt von s_rep (2018-11-13 09:22:34) Gestartet von C:\Users\s_rep\Desktop Start-Modus: Normal ================== Datei-Suche: "SearchAll: LookupPro;ProxyGate;WebCompanion;Microleaves;WajIEnhance;SrcAAAesom Browser Enhancer;Polygen;Foldershare;Wondersoft " ============= ====== Ende von Suche ====== Schritt 3: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:13-04-2016 durchgeführt von s_rep (Administrator) auf DESKTOP-D6NM1SV (13-11-2018 09:25:03) Gestartet von C:\Users\s_rep\Desktop Geladene Profile: s_rep (Verfügbare Profile: s_rep) Platform: Windows 10 Home Version 1803 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) konnte nicht auf den Prozess zugreifen -> Registry konnte nicht auf den Prozess zugreifen -> Memory Compression (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125121.inf_amd64_26ca8ba649abc040\igfxCUIService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125121.inf_amd64_26ca8ba649abc040\IntelCpHDCPSvc.exe (Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe (Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe (HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe (Intel Corporation) C:\Windows\System32\ibtsiva.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (Microsoft Corporation) C:\Windows\System32\SecurityHealthService.exe () C:\Program Files (x86)\Silhouette America\Silhouette Link\Resources\Resources\SPEC_LK\SilhouetteLinkServer.32.exe (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125121.inf_amd64_26ca8ba649abc040\IntelCpHeciSvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe () C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125121.inf_amd64_26ca8ba649abc040\igfxEM.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (HP Development Company, L.P.) C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeApp.exe (HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe (Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Avira) C:\Program Files (x86)\Avira\Safe Shopping\Avira Safe Shopping.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\AviraSoftwareUpdaterToastNotificationsBridge.exe (HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Microsoft Corporation) C:\Windows\System32\SgrmBroker.exe (HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11001.20083.0_x64__8wekyb3d8bbwe\HxOutlook.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11001.20083.0_x64__8wekyb3d8bbwe\HxTsr.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3665872 2017-10-18] (ELAN Microelectronics Corp.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9226752 2017-04-28] (Realtek Semiconductor) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [301880 2018-10-22] (Apple Inc.) HKLM\...\Run: [] => [X] HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [1062392 2017-03-15] (HP Inc.) HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [432264 2017-12-06] (Geek Software GmbH) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-10-09] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [64096 2018-03-22] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [] => [X] HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation) HKU\S-1-5-21-2101576799-1165526633-3082190696-1001\...\Run: [bUJwT-agtx.exe] => C:\Program Files\rempl\S08D54A252QD0TO61JR7D5R4UY607K\bUJwT-agtx.exe HKU\S-1-5-21-2101576799-1165526633-3082190696-1001\...\Run: [] => [X] CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\Parameters: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{0e66e665-d5bd-46c0-934a-b7e96667ad27}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{0e66e665-d5bd-46c0-934a-b7e96667ad27}: [DhcpNameServer] 8.8.8.8 Tcpip\..\Interfaces\{71d969ab-8a66-4800-a5f7-2a6cbadd02d6}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{71d969ab-8a66-4800-a5f7-2a6cbadd02d6}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{b5addf36-5134-484e-be4f-d4fe6c88c996}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{d313a7e1-5f52-47df-ae11-06e41f342765}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{eeee3bbc-e978-4405-9111-49a351b896a7}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{fc738cee-50af-4e2a-b13e-1ee31d0093ed}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{fd71aa8d-00d3-11e8-b870-806e6f6e6963}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{fffaf810-9921-4d4b-91fc-6f922045202a}: [NameServer] 8.8.8.8 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {3856EF5A-CFF4-4F06-801E-74B3AEE9CAE4} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {3856EF5A-CFF4-4F06-801E-74B3AEE9CAE4} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 SearchScopes: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 SearchScopes: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001 -> {3856EF5A-CFF4-4F06-801E-74B3AEE9CAE4} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2018-02-15] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-12-06] (HP Inc.) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-09-12] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-12-06] (HP Inc.) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\s_rep\AppData\Roaming\Mozilla\Firefox\Profiles\e8mqt8ns.default FF NewTab: file:///C:/ProgramData/Polygens/ff.NT FF Homepage: hxxps://www.google.com/ FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-12] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.) FF user.js: detected! => C:\Users\s_rep\AppData\Roaming\Mozilla\Firefox\Profiles\e8mqt8ns.default\user.js [2018-11-11] FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2017-09-12] (Microsoft Corporation) FF Extension: Kein Name - C:\Users\s_rep\AppData\Roaming\Mozilla\Firefox\Profiles\e8mqt8ns.default\Extensions\abs@avira.com.xpi [2018-10-26] FF Extension: Kein Name - C:\Users\s_rep\AppData\Roaming\Mozilla\Firefox\Profiles\e8mqt8ns.default\Extensions\passwordmanager@avira.com.xpi [2018-06-13] FF Extension: Kein Name - C:\Users\s_rep\AppData\Roaming\Mozilla\Firefox\Profiles\e8mqt8ns.default\Extensions\toolbar-ff@payback.de.xpi [2018-10-10] FF Extension: Kein Name - C:\Users\s_rep\AppData\Roaming\Mozilla\Firefox\Profiles\e8mqt8ns.default\Extensions\toolbar@web.de.xpi [2018-05-25] FF Extension: Kein Name - C:\Users\s_rep\AppData\Roaming\Mozilla\Firefox\Profiles\e8mqt8ns.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2018-04-13] FF Extension: Kein Name - C:\Users\s_rep\AppData\Roaming\Mozilla\Firefox\Profiles\e8mqt8ns.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2018-09-25] FF Extension: Kein Name - C:\Users\s_rep\AppData\Roaming\Mozilla\Firefox\Profiles\e8mqt8ns.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-10-31] FF Extension: Kein Name - C:\Users\s_rep\AppData\Roaming\Mozilla\Firefox\Profiles\e8mqt8ns.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2018-03-17] StartMenuInternet: FIREFOX.EXE - firefox.exe Chrome: ======= CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx StartMenuInternet: Google Chrome - Chrome.exe Opera: ======= OPR Extension: (Kein Name) - C:\Users\s_rep\AppData\Roaming\Opera Software\Opera Stable\Extensions\gkcgcddlhhlldmjffagogcoalhmfigoh [2018-11-11] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [891472 2018-10-16] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [248312 2018-10-16] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [248312 2018-10-16] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1162120 2018-10-16] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc.) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [431688 2018-10-09] (Avira Operations GmbH & Co. KG) R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2940584 2018-03-16] (Avira Operations GmbH & Co. KG) R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [102816 2018-10-11] (Avira Operations GmbH & Co. KG) S3 BcastDVRUserService; C:\Windows\System32\BcastDVRUserService.dll [1364992 2018-09-20] (Microsoft Corporation) S3 BcastDVRUserService_6e966; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation) S3 BcastDVRUserService_6e966; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation) S3 BluetoothUserService; C:\Windows\System32\Microsoft.Bluetooth.UserService.dll [464384 2018-04-12] (Microsoft Corporation) S3 BluetoothUserService_6e966; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation) S3 BluetoothUserService_6e966; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation) R3 BTAGService; C:\Windows\System32\BTAGService.dll [514048 2018-04-12] (Microsoft Corporation) R3 BthAvctpSvc; C:\Windows\System32\BthAvctpSvc.dll [395264 2018-04-12] (Microsoft Corporation) R3 camsvc; C:\Windows\system32\CapabilityAccessManager.dll [266752 2018-06-15] (Microsoft Corporation) S2 CDPUserSvc; C:\Windows\System32\CDPUserSvc.dll [453120 2018-04-12] (Microsoft Corporation) R2 CDPUserSvc_6e966; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation) R2 CDPUserSvc_6e966; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation) R3 cphs; C:\Windows\System32\DriverStore\FileRepository\ki125121.inf_amd64_26ca8ba649abc040\IntelCpHeciSvc.exe [397280 2017-11-03] (Intel Corporation) R2 cplspcon; C:\Windows\System32\DriverStore\FileRepository\ki125121.inf_amd64_26ca8ba649abc040\IntelCpHDCPSvc.exe [613352 2017-11-03] (Intel Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-12-18] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-12-18] (Dropbox, Inc.) S3 DevicePickerUserSvc; C:\Windows\System32\Windows.Devices.Picker.dll [400896 2018-04-12] (Microsoft Corporation) S3 DevicePickerUserSvc; C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll [312832 2018-04-12] (Microsoft Corporation) S3 DevicePickerUserSvc_6e966; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation) S3 DevicePickerUserSvc_6e966; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation) S3 DevicesFlowUserSvc; C:\Windows\System32\DevicesFlowBroker.dll [750080 2018-04-12] (Microsoft Corporation) S3 DevicesFlowUserSvc_6e966; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation) S3 DevicesFlowUserSvc_6e966; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation) S3 diagsvc; C:\Windows\system32\DiagSvc.dll [219648 2018-04-12] (Microsoft Corporation) R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2018-02-16] (Digital Wave Ltd.) R2 DusmSvc; C:\Windows\System32\dusmsvc.dll [356352 2018-04-12] (Microsoft Corporation) R2 esifsvc; C:\Windows\system32\Intel\DPTF\esif_uf.exe [2218552 2017-02-03] (Intel Corporation) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [153040 2017-10-18] (ELAN Microelectronics Corp.) S3 FrameServer; C:\Windows\system32\FrameServer.dll [673792 2018-06-08] (Microsoft Corporation) S3 GraphicsPerfSvc; C:\Windows\System32\GraphicsPerfSvc.dll [90624 2018-04-12] (Microsoft Corporation) R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1309184 2016-10-07] (HP Inc.) [Datei ist nicht signiert] R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-04-03] (HP Inc.) R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.) R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [630776 2017-02-06] (HP Inc.) S3 HvHost; C:\Windows\System32\hvhostsvc.dll [61736 2018-08-03] (Microsoft Corporation) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17976 2016-09-20] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\Windows\System32\DriverStore\FileRepository\ki125121.inf_amd64_26ca8ba649abc040\igfxCUIService.exe [415208 2017-11-03] (Intel Corporation) S3 InstallService; C:\Windows\system32\InstallService.dll [1487360 2018-06-15] (Microsoft Corporation) S3 InstallService; C:\WINDOWS\SysWOW64\InstallService.dll [1110528 2018-06-15] (Microsoft Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [630048 2016-10-13] (Intel(R) Corporation) S3 IpxlatCfgSvc; C:\Windows\System32\IpxlatCfg.dll [63488 2018-04-12] (Microsoft Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [196200 2016-12-19] (Intel Corporation) S3 LxpSvc; C:\Windows\System32\LanguageOverlayServer.dll [199680 2018-04-12] (Microsoft Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes) S3 NaturalAuthentication; C:\Windows\System32\NaturalAuth.dll [824832 2018-04-12] (Microsoft Corporation) R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [432264 2017-12-06] (Geek Software GmbH) S3 PrintWorkflowUserSvc; C:\Windows\System32\PrintWorkflowService.dll [170496 2018-04-12] (Microsoft Corporation) S3 PrintWorkflowUserSvc; C:\WINDOWS\SysWOW64\PrintWorkflowService.dll [138240 2018-04-12] (Microsoft Corporation) S3 PrintWorkflowUserSvc_6e966; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation) S3 PrintWorkflowUserSvc_6e966; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation) S3 PushToInstall; C:\Windows\system32\PushToInstall.dll [262144 2018-07-14] (Microsoft Corporation) S3 RmSvc; C:\Windows\System32\RMapi.dll [153600 2018-04-12] (Microsoft Corporation) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2017-04-28] (Realtek Semiconductor) R2 SecurityHealthService; C:\Windows\system32\SecurityHealthService.exe [760888 2018-07-14] (Microsoft Corporation) R3 SEMgrSvc; C:\Windows\system32\SEMgrSvc.dll [1248768 2018-04-12] (Microsoft Corporation) R2 SgrmBroker; C:\Windows\system32\SgrmBroker.exe [163336 2018-04-12] (Microsoft Corporation) S3 SharedRealitySvc; C:\Windows\System32\SharedRealitySvc.dll [713216 2018-08-28] (Microsoft Corporation) S4 shpamsvc; C:\Windows\system32\Windows.SharedPC.AccountManager.dll [195584 2018-04-12] (Microsoft Corporation) R2 SilhouetteLink; C:\Program Files (x86)\Silhouette America\Silhouette Link\Resources\Resources\SPEC_LK\SilhouetteLinkServer.32.exe [897200 2016-12-06] () S3 spectrum; C:\Windows\system32\spectrum.exe [976384 2018-06-08] (Microsoft Corporation) S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] () R3 TimeBrokerSvc; C:\Windows\System32\TimeBrokerServer.dll [176128 2018-04-12] (Microsoft Corporation) R3 TokenBroker; C:\Windows\System32\TokenBroker.dll [1395200 2018-08-03] (Microsoft Corporation) R3 TokenBroker; C:\WINDOWS\SysWOW64\TokenBroker.dll [1000448 2018-08-03] (Microsoft Corporation) S4 tzautoupdate; C:\WINDOWS\SysWOW64\tzautoupdate.dll [72192 2018-04-12] (Microsoft Corporation) S3 VacSvc; C:\Windows\System32\vac.dll [411256 2018-04-12] (Microsoft Corporation) S3 vmicrdv; C:\Windows\System32\icsvcext.dll [309760 2018-04-12] (Microsoft Corporation) S3 vmicvss; C:\Windows\System32\icsvcext.dll [309760 2018-04-12] (Microsoft Corporation) S3 WaaSMedicSvc; C:\Windows\System32\WaaSMedicSvc.dll [392704 2018-08-09] (Microsoft Corporation) S3 WarpJITSvc; C:\Windows\System32\Windows.WARP.JITService.dll [31744 2018-04-12] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation) S3 WFDSConMgrSvc; C:\Windows\System32\wfdsconmgrsvc.dll [681984 2018-07-14] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation) S3 wisvc; C:\Windows\system32\flightsettings.dll [858112 2018-06-08] (Microsoft Corporation) S3 wisvc; C:\WINDOWS\SysWOW64\flightsettings.dll [729088 2018-06-08] (Microsoft Corporation) S3 wlpasvc; C:\Windows\System32\lpasvc.dll [1359360 2018-07-14] (Microsoft Corporation) S3 WpcMonSvc; C:\Windows\System32\WpcDesktopMonSvc.dll [1456640 2018-06-02] (Microsoft Corporation) S2 WpnUserService; C:\Windows\System32\WpnUserService.dll [96768 2018-04-12] (Microsoft Corporation) R2 WpnUserService_6e966; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation) R2 WpnUserService_6e966; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation) S3 xbgm; C:\Windows\system32\xbgmsvc.exe [59512 2018-04-12] (Microsoft Corporation) S3 XboxGipSvc; C:\Windows\System32\XboxGipSvc.dll [58880 2018-04-12] (Microsoft Corporation) R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X] S2 MTEzOG; rundll32.exe C:\WINDOWS\rusurngttj.rux RGSgaxSwymIJMiY [X] ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 Accelerometer; C:\Windows\System32\drivers\Accelerometer.sys [55696 2018-08-31] (HP) S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [20480 2018-04-12] (Microsoft Corporation) R1 afunix; C:\Windows\system32\drivers\afunix.sys [39424 2018-04-12] (Microsoft Corporation) S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [18432 2018-04-12] (Microsoft Corporation) R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [69656 2018-08-08] (Avira Operations GmbH & Co. KG) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [179376 2018-07-04] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [169864 2018-07-04] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [44488 2018-01-03] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [88488 2018-01-03] (Avira Operations GmbH & Co. KG) R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [38048 2018-01-03] (Avira Operations GmbH & Co. KG) S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533912 2018-04-12] (QLogic Corporation) R1 bam; C:\Windows\System32\drivers\bam.sys [60320 2018-04-12] (Microsoft Corporation) S3 bindflt; C:\Windows\system32\drivers\bindflt.sys [92056 2018-04-12] (Microsoft Corporation) R3 BthLEEnum; C:\Windows\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [86528 2018-04-12] (Microsoft Corporation) S0 bttflt; C:\Windows\System32\drivers\bttflt.sys [38304 2018-04-12] (Microsoft Corporation) R3 CAD; C:\Windows\System32\drivers\CAD.sys [60320 2018-04-12] (Microsoft Corporation) S0 cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [321432 2018-04-12] (Chelsio Communications) S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [1836952 2018-04-12] (Chelsio Communications) R2 CldFlt; C:\Windows\System32\drivers\cldflt.sys [414720 2018-07-14] (Microsoft Corporation) R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [72584 2017-02-03] (Intel Corporation) R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [67976 2017-02-03] (Intel Corporation) R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [355208 2017-02-03] (Intel Corporation) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-10-18] (Malwarebytes) R3 ETDSMBus; C:\Windows\System32\drivers\ETDSMBus.sys [32840 2017-04-14] (ELAN Microelectronic Corp.) R3 HID_PCI; C:\Windows\System32\drivers\HID_PCI.sys [31328 2016-08-10] (Intel) R0 hpdskflt; C:\Windows\System32\drivers\hpdskflt.sys [42384 2018-08-31] (HP) S4 hvcrash; C:\Windows\System32\drivers\hvcrash.sys [33184 2018-04-12] (Microsoft Corporation) S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [76088 2018-09-20] (Microsoft Corporation) S3 HwNClx0101; C:\Windows\System32\Drivers\mshwnclx.sys [27136 2018-04-12] (Microsoft Corporation) S3 iagpio; C:\Windows\System32\drivers\iagpio.sys [36864 2018-04-12] (Intel(R) Corporation) R3 iaLPSS2i_GPIO2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [79360 2018-04-12] (Intel Corporation) S3 iaLPSS2i_GPIO2_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [88576 2018-04-12] (Intel Corporation) S3 iaLPSS2i_I2C_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [174592 2018-04-12] (Intel Corporation) S0 iaStorAVC; C:\Windows\System32\drivers\iaStorAVC.sys [885144 2018-04-12] (Intel Corporation) R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [136128 2017-12-06] (Intel Corporation) R3 igfx; C:\Windows\System32\DriverStore\FileRepository\ki125121.inf_amd64_26ca8ba649abc040\igdkmd64.sys [12842984 2017-11-03] (Intel Corporation) S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [38912 2018-04-12] (Microsoft Corporation) R0 iorate; C:\Windows\System32\drivers\iorate.sys [58272 2018-04-12] (Microsoft Corporation) S3 IPT; C:\Windows\System32\drivers\ipt.sys [32256 2018-04-12] (Microsoft Corporation) R3 ISH; C:\Windows\System32\drivers\ISH.sys [143984 2016-09-19] (Intel) R3 ISH_BusDriver; C:\Windows\System32\drivers\ISH_BusDriver.sys [80496 2016-08-18] (Intel) S0 ItSas35i; C:\Windows\System32\drivers\ItSas35i.sys [145816 2018-04-12] (Avago Technologies) S3 mausbhost; C:\Windows\System32\drivers\mausbhost.sys [505240 2018-04-12] (Microsoft Corporation) S3 mausbip; C:\Windows\System32\drivers\mausbip.sys [56736 2018-04-12] (Microsoft Corporation) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198000 2018-11-11] (Malwarebytes) R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [119136 2018-11-13] (Malwarebytes) R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [63768 2018-11-13] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [260480 2018-11-13] (Malwarebytes) R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [111152 2018-11-13] (Malwarebytes) S0 megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [75160 2018-04-12] (Avago Technologies) S0 megasas35i; C:\Windows\System32\drivers\megasas35i.sys [82328 2018-04-12] (Avago Technologies) R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [204920 2016-12-02] (Intel Corporation) R3 Microsoft_Bluetooth_AvrcpTransport; C:\Windows\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation) S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [175104 2018-04-12] (Microsoft Corporation) R3 Netwtw04; C:\Windows\system32\DRIVERS\Netwtw04.sys [8623128 2018-04-04] (Intel Corporation) S3 nvdimm; C:\Windows\System32\drivers\nvdimm.sys [104448 2018-04-12] (Microsoft Corporation) S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58776 2018-04-12] (Avago Technologies) S3 pmem; C:\Windows\System32\drivers\pmem.sys [105984 2018-04-12] (Microsoft Corporation) S0 Ramdisk; C:\Windows\System32\DRIVERS\ramdisk.sys [39840 2018-04-12] (Microsoft Corporation) S3 rhproxy; C:\Windows\System32\drivers\rhproxy.sys [104448 2018-04-12] (Microsoft Corporation) R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [782304 2017-04-19] (Realsil Semiconductor Corporation) S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [128920 2018-08-03] (Microsoft Corporation) S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [33176 2018-04-12] (Microsoft Corporation) R0 SgrmAgent; C:\Windows\System32\drivers\SgrmAgent.sys [63896 2018-04-12] (Microsoft Corporation) S3 SpatialGraphFilter; C:\Windows\System32\drivers\SpatialGraphFilter.sys [57752 2018-04-12] (Microsoft Corporation) S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [152576 2018-04-12] (Microsoft Corporation) R3 VirtualButtons; C:\Windows\System32\drivers\VirtualButtons.sys [42000 2017-01-16] (Intel Corporation) S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [10240 2018-08-03] (Microsoft Corporation) R0 volume; C:\Windows\System32\drivers\volume.sys [16288 2018-04-12] (Microsoft Corporation) R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [151960 2018-04-12] (Microsoft Corporation) S3 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [82944 2018-04-12] (Microsoft Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation) S3 WdmCompanionFilter; C:\Windows\System32\drivers\WdmCompanionFilter.sys [21408 2018-04-12] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation) S3 WinNat; C:\Windows\System32\drivers\winnat.sys [227840 2018-07-14] (Microsoft Corporation) R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [35568 2018-08-31] (HP) U3 aspnet_state; kein ImagePath S1 ODk1NWNkZTRhY; \??\C:\WINDOWS\system32\drivers\ODk1NWNkZTRhY [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) NETSVC: InstallService -> C:\Windows\system32\InstallService.dll (Microsoft Corporation) NETSVC: LxpSvc -> C:\Windows\System32\LanguageOverlayServer.dll (Microsoft Corporation) NETSVC: shpamsvc -> C:\Windows\system32\Windows.SharedPC.AccountManager.dll (Microsoft Corporation) NETSVC: PushToInstall -> C:\Windows\system32\PushToInstall.dll (Microsoft Corporation) NETSVC: NaturalAuthentication -> C:\Windows\System32\NaturalAuth.dll (Microsoft Corporation) NETSVC: XboxGipSvc -> C:\Windows\System32\XboxGipSvc.dll (Microsoft Corporation) NETSVC: TokenBroker -> C:\Windows\System32\TokenBroker.dll (Microsoft Corporation) NETSVC: wisvc -> C:\Windows\system32\flightsettings.dll (Microsoft Corporation) NETSVC: WpnService -> C:\Windows\system32\WpnService.dll (Microsoft Corporation) NETSVCx32: TokenBroker -> C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2018-11-13 09:22 - 2018-11-13 09:22 - 00000372 _____ C:\Users\s_rep\Desktop\Search.txt 2018-11-13 08:32 - 2018-11-13 08:32 - 00260480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2018-11-13 08:32 - 2018-11-13 08:32 - 00119136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2018-11-13 08:32 - 2018-11-13 08:32 - 00111152 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2018-11-13 08:32 - 2018-11-13 08:32 - 00063768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2018-11-11 21:02 - 2018-11-11 21:02 - 00002679 _____ C:\Users\s_rep\Desktop\Malwarebytes.txt 2018-11-11 20:53 - 2018-11-11 20:55 - 00070328 _____ C:\Users\s_rep\Desktop\Addition.txt 2018-11-11 20:52 - 2018-11-13 09:25 - 00036507 _____ C:\Users\s_rep\Desktop\FRST.txt 2018-11-11 20:18 - 2018-11-11 20:18 - 00255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\2124B6DE.sys 2018-11-11 20:17 - 2018-11-11 20:42 - 00000000 ____D C:\Users\s_rep\Desktop\mbar 2018-11-11 20:17 - 2018-11-11 20:42 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2018-11-11 20:16 - 2018-11-11 20:16 - 14178840 _____ (Malwarebytes Corp.) C:\Users\s_rep\Desktop\mbar-1.10.3.1001.exe 2018-11-11 19:10 - 2018-11-13 09:25 - 00000000 ____D C:\FRST 2018-11-11 19:10 - 2018-11-11 19:10 - 02375168 _____ (Farbar) C:\Users\s_rep\Desktop\FRST64.exe 2018-11-11 19:08 - 2018-11-11 19:08 - 01725952 _____ (Farbar) C:\Users\s_rep\Downloads\FRST.exe 2018-11-11 18:17 - 2018-11-11 18:17 - 00000000 ___HD C:\$SysReset 2018-11-11 16:54 - 2018-11-11 16:55 - 00000000 ____D C:\AdwCleaner 2018-11-11 16:54 - 2018-11-11 16:54 - 07592144 _____ (Malwarebytes) C:\Users\s_rep\Desktop\adwcleaner_7.2.4.0.exe 2018-11-11 16:45 - 2018-11-11 16:46 - 04650564 _____ C:\Users\s_rep\Downloads\combocleaner.dmg 2018-11-11 16:13 - 2018-11-11 16:13 - 00000056 _____ C:\WINDOWS\wininit.ini 2018-11-11 16:06 - 2018-11-11 16:13 - 00000306 __RSH C:\ProgramData\ntuser.pol 2018-11-11 15:38 - 2018-11-11 15:38 - 00000000 ____D C:\Users\s_rep\AppData\Local\mbam 2018-11-11 15:37 - 2018-11-11 20:18 - 00000000 ____D C:\ProgramData\Malwarebytes 2018-11-11 15:37 - 2018-11-11 15:37 - 00198000 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2018-11-11 15:37 - 2018-11-11 15:37 - 00001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2018-11-11 15:37 - 2018-11-11 15:37 - 00000000 ____D C:\Users\s_rep\AppData\Local\mbamtray 2018-11-11 15:37 - 2018-11-11 15:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2018-11-11 15:37 - 2018-11-11 15:37 - 00000000 ____D C:\Program Files\Malwarebytes 2018-11-11 15:37 - 2018-10-18 08:44 - 00152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2018-11-11 15:29 - 2018-11-11 15:29 - 79596656 _____ (Malwarebytes ) C:\Users\s_rep\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.482-1.0.7783.exe 2018-11-11 15:19 - 2018-11-11 16:05 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\excdir 2018-11-11 15:16 - 2018-11-11 15:44 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\10g0mgchl40 2018-11-11 15:15 - 2018-11-11 15:46 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\q3cvj2ojp2m 2018-11-11 15:08 - 2018-11-11 16:05 - 00000000 ____D C:\Program Files (x86)\IwTmDCzJJIE 2018-11-11 15:08 - 2018-11-11 15:15 - 00000034 _____ C:\Users\Public\Documents\{DE764086-1C0A-4DD3-90BA-0B93BDD794BE} 2018-11-11 15:08 - 2018-11-11 15:08 - 00004256 _____ C:\WINDOWS\System32\Tasks\Benutzerdienstfür(AppXSVC) 2018-11-11 15:08 - 2018-11-11 15:08 - 00003008 _____ C:\WINDOWS\System32\Tasks\niYEcWwYibJfLQX2 2018-11-11 15:08 - 2018-11-11 15:08 - 00000000 ____D C:\ProgramData\zTXZmVxyKBKDhdVB 2018-11-11 15:07 - 2018-11-11 15:47 - 00000000 ____D C:\Program Files (x86)\UmTwpSvRUOfSC 2018-11-11 15:07 - 2018-11-11 15:47 - 00000000 ____D C:\Program Files (x86)\pbjpUXEkQjxU2 2018-11-11 15:07 - 2018-11-11 15:47 - 00000000 ____D C:\Program Files (x86)\hGGLWjvHZZUn 2018-11-11 15:07 - 2018-11-11 15:47 - 00000000 ____D C:\Program Files (x86)\BHXQvOBMsgKdEntstUR 2018-11-11 15:07 - 2018-11-11 15:41 - 00000000 ____D C:\Program Files (x86)\eEvEEOxmU 2018-11-11 15:07 - 2018-11-11 15:13 - 00000582 _____ C:\WINDOWS\Tasks\EZnVzpmjsBPJAOW.job 2018-11-11 15:07 - 2018-11-11 15:08 - 00000000 ____D C:\Program Files (x86)\nodejs 2018-11-11 15:07 - 2018-11-11 15:07 - 00003212 _____ C:\WINDOWS\System32\Tasks\OqUgsIhoyVOixP 2018-11-11 15:07 - 2018-11-11 15:07 - 00003034 _____ C:\WINDOWS\System32\Tasks\qdxgajDnKqmDPrtzQ2 2018-11-11 15:07 - 2018-11-11 15:07 - 00003026 _____ C:\WINDOWS\System32\Tasks\yKlRUxrwnsuFpeUeBWz2 2018-11-11 15:07 - 2018-11-11 15:07 - 00003014 _____ C:\WINDOWS\System32\Tasks\EZnVzpmjsBPJAOW 2018-11-11 15:07 - 2018-11-11 15:07 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\npm 2018-11-11 15:06 - 2018-11-11 15:16 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\ydti5ummqoo 2018-11-11 15:06 - 2018-11-11 15:06 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\Python 2018-11-11 15:06 - 2018-11-11 15:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondersoft 2018-11-11 15:05 - 2018-11-11 16:10 - 00000000 ____D C:\Program Files (x86)\SHSK 2018-11-11 15:05 - 2018-11-11 16:05 - 00000000 ____D C:\Program Files (x86)\Multitimer 2018-11-11 15:05 - 2018-11-11 15:49 - 00000000 ____D C:\Users\s_rep\AppData\Local\William 2018-11-11 15:05 - 2018-11-11 15:47 - 00000000 ____D C:\Program Files\Okawville 2018-11-11 15:05 - 2018-11-11 15:16 - 00003480 _____ C:\WINDOWS\System32\Tasks\{e6b1bd71-40ef-4173-8106-93b5f9032a6e} 2018-11-11 15:05 - 2018-11-11 15:16 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\41fvqqftwqx 2018-11-11 15:05 - 2018-11-11 15:13 - 00001546 _____ C:\WINDOWS\Tasks\Okawville.job 2018-11-11 15:05 - 2018-11-11 15:05 - 00140800 _____ C:\Users\s_rep\AppData\Local\installer.dat 2018-11-11 15:05 - 2018-11-11 15:05 - 00013984 _____ C:\WINDOWS\System32\Tasks\Okawville 2018-11-11 15:05 - 2018-11-11 15:05 - 00000000 ____D C:\Program Files (x86)\Wondersoft 2018-11-11 15:01 - 2018-11-11 15:03 - 00000000 ____D C:\ProgramData\Ver 2018-11-11 15:01 - 2018-11-11 15:01 - 00000000 ____D C:\Users\s_rep\Documents\MediaTrans 2018-11-11 15:01 - 2018-11-11 15:01 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\DearMob 2018-11-11 15:00 - 2018-11-11 15:00 - 00000000 ____D C:\Users\s_rep\AppData\Local\AdvinstAnalytics 2018-11-11 14:57 - 2018-11-11 15:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digiarty 2018-11-11 14:57 - 2018-11-11 15:01 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\Digiarty 2018-11-11 14:57 - 2018-11-11 14:57 - 31498016 _____ C:\Users\s_rep\Downloads\winx-mediatrans-5-6.exe 2018-11-11 14:57 - 2018-11-11 14:57 - 00000000 ____D C:\Program Files (x86)\Digiarty 2018-11-11 14:56 - 2018-11-11 15:10 - 00000000 ____D C:\Users\s_rep\Documents\LeaderTask 2018-11-11 14:55 - 2018-11-11 14:55 - 00000000 ____D C:\Users\s_rep\Downloads\WinX MediaTrans 63 Crack License Code Free Torrent 2018-11-11 14:54 - 2018-11-11 14:54 - 00593889 _____ C:\Users\s_rep\Downloads\WinX MediaTrans 63 Crack License Code Free Torrent.zip 2018-11-11 14:51 - 2018-11-11 14:51 - 00593844 _____ C:\Users\s_rep\Downloads\winx mediatrans 63 crack full version 2018(1).zip 2018-11-11 14:51 - 2018-11-11 14:51 - 00000000 ____D C:\Users\s_rep\Downloads\winx mediatrans 63 crack full version 2018(1) 2018-11-11 14:50 - 2018-11-11 14:50 - 00000000 _____ C:\Users\s_rep\Downloads\winx mediatrans 63 crack full version 2018.zip 2018-11-11 10:34 - 2018-11-11 10:34 - 00098201 _____ C:\WINDOWS\uninstaller.dat 2018-11-10 18:58 - 2018-11-10 18:58 - 00000000 ___HD C:\OneDriveTemp 2018-11-10 07:40 - 2018-11-10 07:40 - 49460656 _____ C:\Users\s_rep\Downloads\x-iphone-ringtone-maker-de.exe 2018-11-10 07:18 - 2018-11-10 07:41 - 00000000 ____D C:\Users\s_rep\Documents\Xilisoft 2018-11-10 07:18 - 2018-11-10 07:41 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\Xilisoft 2018-11-10 07:13 - 2018-11-10 07:13 - 00000000 ____D C:\Users\s_rep\Downloads\Xilisoft_iPhone_Magic_5.7.25_Platinum 2018-11-10 07:05 - 2018-11-10 07:05 - 02906754 _____ C:\Users\s_rep\Downloads\Loreen - Euphoria.m4r 2018-11-10 06:59 - 2018-11-10 07:03 - 71977205 _____ C:\Users\s_rep\Downloads\Xilisoft_iPhone_Magic_5.7.25_Platinum.rar 2018-11-09 14:22 - 2018-11-09 14:22 - 04958970 _____ C:\Users\s_rep\Downloads\_Miezo_Printable_SchnippSchnappAK_Lichterkette.zip 2018-11-09 14:22 - 2018-11-09 14:22 - 04177262 _____ C:\Users\s_rep\Downloads\_Miezo_Printable_SchnippSchnappAK_Nikolaus.zip 2018-11-09 14:22 - 2018-11-09 14:22 - 03357516 _____ C:\Users\s_rep\Downloads\_Miezo_Printable_SchnippSchnappAK_Reh_mit_Schleife.zip 2018-11-09 14:22 - 2018-11-09 14:22 - 03207965 _____ C:\Users\s_rep\Downloads\_Miezo_Printable_SchnippSchnappAK_Engel.zip 2018-11-09 14:22 - 2018-11-09 14:22 - 02136903 _____ C:\Users\s_rep\Downloads\_Miezo_Printable_SchnippSchnappAK_Zuckerstange.zip 2018-11-09 14:16 - 2018-11-09 14:16 - 03698950 _____ C:\Users\s_rep\Downloads\_Miezo Digistamp Drachenmädchen mit Laterne.zip 2018-11-09 10:51 - 2018-11-09 10:51 - 01710944 _____ C:\Users\s_rep\Downloads\IKEA FAMILY KARTE.pdf 2018-11-08 05:48 - 2018-11-08 06:00 - 00000000 ____D C:\Users\s_rep\AppData\Local\iMobie_Inc 2018-11-08 05:48 - 2018-11-08 05:59 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\iMobie 2018-11-08 05:47 - 2018-11-11 15:13 - 00000000 ____D C:\Program Files (x86)\iMobie 2018-11-08 05:47 - 2018-11-08 05:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMobie 2018-11-08 05:46 - 2018-11-08 05:46 - 02576312 _____ (iMobie Inc.) C:\Users\s_rep\Downloads\anytrans-ios-setup.exe 2018-11-08 05:31 - 2018-11-08 05:31 - 00000000 ____D C:\Users\s_rep\AppData\Local\Apple Computer 2018-11-08 05:05 - 2018-11-10 07:54 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\Apple Computer 2018-11-08 05:05 - 2018-11-08 05:05 - 00001823 _____ C:\Users\Public\Desktop\iTunes.lnk 2018-11-08 05:05 - 2018-11-08 05:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2018-11-08 05:05 - 2018-11-08 05:05 - 00000000 ____D C:\Program Files\iPod 2018-11-08 05:03 - 2018-11-08 05:05 - 00000000 ____D C:\Program Files\iTunes 2018-11-08 05:03 - 2018-11-08 05:03 - 00000000 ____D C:\ProgramData\Apple Computer 2018-11-08 05:00 - 2018-11-08 05:00 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2018-11-08 05:00 - 2018-11-08 05:00 - 00000000 ____D C:\Users\s_rep\AppData\Local\Apple 2018-11-08 05:00 - 2018-11-08 05:00 - 00000000 ____D C:\Program Files (x86)\Apple Software Update 2018-11-08 04:59 - 2018-11-08 04:59 - 00000000 ____D C:\Program Files\Bonjour 2018-11-08 04:59 - 2018-11-08 04:59 - 00000000 ____D C:\Program Files (x86)\Bonjour 2018-11-08 04:58 - 2018-11-08 04:59 - 00000000 ____D C:\Program Files\Common Files\Apple 2018-11-08 04:54 - 2018-11-08 04:55 - 270003016 _____ (Apple Inc.) C:\Users\s_rep\Downloads\iTunes64Setup.exe 2018-11-07 14:44 - 2018-11-07 14:44 - 06986360 _____ (ESET spol. s r.o.) C:\Users\s_rep\Downloads\ESETOnlineScanner_DEU.exe 2018-11-07 14:44 - 2018-11-07 14:44 - 00000000 ____D C:\Users\s_rep\AppData\Local\ESET 2018-11-07 12:53 - 2018-11-07 12:53 - 00000000 ____D C:\Users\s_rep\AppData\Local\D3DSCache 2018-11-06 06:32 - 2018-11-06 06:32 - 01681611 _____ C:\Users\s_rep\Downloads\Mother's Day.zip 2018-11-06 06:25 - 2018-11-06 06:25 - 03172822 _____ C:\Users\s_rep\Downloads\KINDNESS_IS_THE_WAY_CUST_FILES.zip 2018-11-06 05:55 - 2018-11-06 05:55 - 00029450 _____ C:\Users\s_rep\Downloads\copicnummern.pdf 2018-11-04 11:21 - 2018-11-04 11:21 - 00310110 _____ C:\Users\s_rep\Downloads\Steffies Bastelkammer Box zum binden Herz und Stern.studio3 2018-11-01 06:00 - 2018-11-01 08:19 - 00010552 _____ C:\Users\s_rep\Documents\Erbe Ausgaben.xlsx 2018-11-01 05:22 - 2018-11-01 05:22 - 00656584 _____ C:\Users\s_rep\Downloads\Steffie´s Bastelkammer 24 Lichter im Advent Portrait.studio3 2018-11-01 05:22 - 2018-11-01 05:22 - 00600163 _____ C:\Users\s_rep\Downloads\Steffie´s Bastelkammer 24 Lichter im Advent Cameo.studio3 2018-10-26 05:08 - 2018-10-26 05:08 - 00072472 _____ C:\Users\s_rep\Downloads\Briefmarken.12Stk.26.10.2018_0606.pdf 2018-10-26 04:57 - 2018-10-26 04:57 - 03693207 _____ C:\Users\s_rep\Downloads\Rund ums Basteln.pdf 2018-10-26 04:57 - 2018-10-26 04:57 - 00616315 _____ C:\Users\s_rep\Downloads\Steffies Bastelkammer Sternlicht.studio3 2018-10-22 08:32 - 2018-10-22 08:32 - 00509216 _____ C:\Users\s_rep\Downloads\Steffies Bastelkammer Karte für 10x15 Fotos.studio3 2018-10-19 17:45 - 2018-11-07 14:29 - 00004190 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1539967477 2018-10-19 17:45 - 2018-11-07 14:29 - 00001179 _____ C:\Users\s_rep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk 2018-10-19 17:43 - 2018-10-19 17:43 - 01921552 _____ (Opera Software) C:\Users\s_rep\Downloads\OperaSetup(1).exe 2018-10-19 16:35 - 2018-10-19 16:35 - 00066006 _____ C:\Users\s_rep\Downloads\Steffies Bastelkammer Karte zum aufstellen.studio3 2018-10-19 13:31 - 2018-10-19 13:31 - 81772586 _____ C:\Users\s_rep\Downloads\Wimpelkalender Zahlen.studio3 2018-10-19 12:31 - 2018-10-19 12:31 - 00121336 _____ C:\Users\s_rep\Downloads\Miezo Wimpelkalender(2).studio3 2018-10-19 04:06 - 2018-10-19 04:06 - 00111560 _____ C:\Users\s_rep\Downloads\Miezo Wimpelkalender(1).studio3 2018-10-18 09:03 - 2018-10-18 09:03 - 00611671 _____ C:\Users\s_rep\Downloads\adventskalender'kranz' rohling.studio3 2018-10-18 08:49 - 2018-10-18 08:49 - 00065540 _____ C:\Users\s_rep\Downloads\MiniAdventskranz.studio3 2018-10-18 08:47 - 2018-10-18 08:47 - 00649488 _____ C:\Users\s_rep\Downloads\HäuserBoxenLeer.studio3 2018-10-18 08:47 - 2018-10-18 08:47 - 00262512 _____ C:\Users\s_rep\Downloads\Würfelbox zum heraus ziehen.studio3 2018-10-18 04:28 - 2018-10-18 04:28 - 00111560 _____ C:\Users\s_rep\Downloads\Miezo Wimpelkalender.studio3 2018-10-17 12:30 - 2018-10-17 12:30 - 00286994 _____ C:\Users\s_rep\Downloads\Steffies Bastelkammer Karte mit Durchblick DIY.studio3 2018-10-17 07:21 - 2018-10-17 07:22 - 62543360 _____ C:\Users\s_rep\Downloads\FontPack1900820071_XtdAlf_Lang_DC.msi 2018-10-17 07:21 - 2018-10-17 07:21 - 00809182 _____ C:\Users\s_rep\Downloads\img001.pdf 2018-10-16 08:35 - 2018-10-16 08:35 - 00250423 _____ C:\Users\s_rep\Downloads\Miezo Pocket-Zahnstocherkalender.studio3 2018-10-15 13:16 - 2018-10-15 13:16 - 00153207 _____ C:\Users\s_rep\Downloads\Wichtige Infos rund um unsere Arbeit.pdf ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2018-11-13 09:22 - 2018-04-12 00:38 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2018-11-13 09:02 - 2017-12-17 17:42 - 00000000 ____D C:\Users\s_rep\AppData\LocalLow\Mozilla 2018-11-13 08:34 - 2018-03-28 16:14 - 00000000 ____D C:\Users\Public\Speedup Sessions 2018-11-13 08:33 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\AppReadiness 2018-11-13 08:33 - 2017-12-17 17:33 - 00000000 __SHD C:\Users\s_rep\IntelGraphicsProfiles 2018-11-13 08:32 - 2018-06-02 08:56 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2018-11-13 08:31 - 2018-04-11 22:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI 2018-11-13 08:06 - 2017-12-18 06:46 - 00000000 ____D C:\Users\s_rep\Documents\01 Dieter 2018-11-13 08:03 - 2018-04-12 00:38 - 00000000 ___HD C:\Program Files\WindowsApps 2018-11-13 07:55 - 2018-06-02 08:13 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2018-11-12 06:50 - 2017-12-18 07:07 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\com.silhouettesoftware 2018-11-12 06:50 - 2017-12-18 07:07 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\com.aspexsoftware.Silhouette_Studio 2018-11-12 06:46 - 2018-04-12 00:36 - 00000000 ____D C:\WINDOWS\INF 2018-11-12 06:00 - 2018-05-04 06:01 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\com.silhouettesoftware.scratch.1 2018-11-12 06:00 - 2018-05-04 06:01 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\com.aspexsoftware.ss_bluetooth 2018-11-11 20:50 - 2018-01-24 08:14 - 00000000 ____D C:\Users\s_rep\AppData\Local\Packages 2018-11-11 17:02 - 2018-01-16 10:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2018-11-11 17:02 - 2018-01-16 10:07 - 00000000 ____D C:\ProgramData\Avira 2018-11-11 17:02 - 2018-01-16 10:07 - 00000000 ____D C:\Program Files (x86)\Avira 2018-11-11 16:53 - 2018-06-02 08:21 - 01817928 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2018-11-11 16:53 - 2018-04-12 17:13 - 00781586 _____ C:\WINDOWS\system32\perfh007.dat 2018-11-11 16:53 - 2018-04-12 17:13 - 00166424 _____ C:\WINDOWS\system32\perfc007.dat 2018-11-11 16:30 - 2018-06-25 05:41 - 00000000 ____D C:\Program Files\Opera 2018-11-11 16:21 - 2018-04-12 00:30 - 00000000 ____D C:\WINDOWS\CbsTemp 2018-11-11 15:16 - 2017-12-17 17:42 - 00000000 ____D C:\Program Files\Mozilla Firefox 2018-11-11 15:14 - 2018-06-02 08:22 - 00000000 ____D C:\Users\s_rep 2018-11-11 15:06 - 2017-12-17 16:55 - 00000000 ____D C:\Program Files\Intel 2018-11-11 15:06 - 2017-10-12 00:37 - 00000000 ____D C:\ProgramData\Intel 2018-11-11 15:05 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2018-11-11 15:05 - 2018-01-12 13:01 - 00000000 ____D C:\Program Files\rempl 2018-11-11 15:05 - 2017-03-18 22:03 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy 2018-11-10 22:12 - 2017-12-17 17:40 - 00000000 ___RD C:\Users\s_rep\OneDrive 2018-11-10 17:00 - 2018-06-04 05:08 - 00559880 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2018-11-09 12:43 - 2017-12-17 17:35 - 00000000 ____D C:\Users\s_rep\AppData\Local\Comms 2018-11-08 08:47 - 2018-04-27 10:47 - 00000000 ____D C:\Users\s_rep\Downloads\Miezo 2018-11-08 04:59 - 2017-05-23 03:14 - 00000000 ____D C:\ProgramData\Apple 2018-11-07 12:56 - 2018-06-02 08:13 - 00621856 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2018-11-07 12:55 - 2017-12-17 17:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2018-11-02 05:08 - 2017-12-17 17:42 - 00001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2018-10-25 04:41 - 2017-12-18 15:30 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2018-10-22 13:49 - 2017-05-23 03:11 - 00000000 ____D C:\ProgramData\Package Cache 2018-10-19 17:45 - 2018-06-25 05:41 - 00000000 ____D C:\Users\s_rep\AppData\Local\Opera Software 2018-10-19 17:43 - 2018-06-25 05:41 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\Opera Software 2018-10-17 08:26 - 2018-06-02 08:56 - 00003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2101576799-1165526633-3082190696-1001 2018-10-17 08:26 - 2018-06-02 08:22 - 00002390 _____ C:\Users\s_rep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2018-10-16 04:30 - 2017-12-18 07:09 - 00000000 ____D C:\Users\s_rep\Downloads\Plotterdateien - später einsortieren 2018-10-16 04:07 - 2018-07-18 10:57 - 00000000 ____D C:\ProgramData\Packages ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2017-12-18 07:07 - 2017-12-18 07:07 - 0000008 _____ () C:\Users\s_rep\AppData\Roaming\com.silhouettesoftware.id 2018-11-11 15:05 - 2018-11-11 15:05 - 0140800 _____ () C:\Users\s_rep\AppData\Local\installer.dat 2018-07-31 15:06 - 2018-07-31 15:06 - 0000218 _____ () C:\Users\s_rep\AppData\Local\recently-used.xbel 2017-12-18 06:13 - 2017-12-18 06:13 - 0000057 _____ () C:\ProgramData\Ament.ini Einige Dateien in TEMP: ==================== C:\Users\s_rep\AppData\Local\Temp\Uninstall.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2018-06-02 08:13 ==================== Ende von FRST.txt ============================ |
13.11.2018, 09:37 | #5 |
| 2 merkwürdige "Programme" (Apps) eingefangen, die sich nicht mehr deinstallieren lassenCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:13-04-2016 durchgeführt von s_rep (2018-11-13 09:26:39) Gestartet von C:\Users\s_rep\Desktop Windows 10 Home Version 1803 (X64) (2018-06-02 07:57:52) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-2101576799-1165526633-3082190696-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2101576799-1165526633-3082190696-503 - Limited - Disabled) Gast (S-1-5-21-2101576799-1165526633-3082190696-501 - Limited - Disabled) s_rep (S-1-5-21-2101576799-1165526633-3082190696-1001 - Administrator - Enabled) => C:\Users\s_rep WDAGUtilityAccount (S-1-5-21-2101576799-1165526633-3082190696-504 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 123 Photo Version 2.0 (HKLM-x32\...\{68F08E04-F190-49B4-B159-3FA7E72A4EC8}_is1) (Version: 2.0 - Harald Wittke) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 19.008.20080 - Adobe Systems Incorporated) Any Video Converter 6.0.9 (HKLM-x32\...\Any Video Converter) (Version: 6.0.9 - Anvsoft) Apple Application Support (32-Bit) (HKLM-x32\...\{49F7DD82-FC83-48BF-86C6-CFE6E1E233E1}) (Version: 7.1 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{1FA68E27-2951-42E8-9F57-1A7F6581B4FD}) (Version: 7.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.) Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.) Avira (HKLM-x32\...\{2884d9b5-2fed-48df-b0e0-fe229e7eb781}) (Version: 1.2.121.24663 - Avira Operations GmbH & Co. KG) Avira (x32 Version: 1.2.121.24663 - Avira Operations GmbH & Co. KG) Hidden Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.42.11 - Avira Operations GmbH & Co. KG) Avira Safe Shopping (HKLM-x32\...\{573F6664-99E1-40D8-921A-7C9345EC03B2}) (Version: 1.1.5.3330 - Avira Operations GmbH & Co. KG) Avira Safe Shopping (x32 Version: 1.0.65.2672 - Avira Operations Gmbh & Co. KG) Hidden Avira Software Updater (HKLM-x32\...\{D4F0629A-3F4A-4098-ADFE-6F3551762251}) (Version: 2.0.6.4401 - Avira Operations GmbH & Co. KG) Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 4.8.0.7455 - Avira Operations GmbH & Co. KG) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Bullzip PDF Printer 11.5.0.2698 (HKLM\...\Bullzip PDF Printer_is1) (Version: 11.5.0.2698 - Bullzip) calibre (HKLM-x32\...\{5BC66570-E69F-4C93-9DF2-E93739A91A63}) (Version: 3.25.0 - Kovid Goyal) Dropbox 25 GB (HKLM-x32\...\{84D8451D-2ED6-3A59-ABA5-2A447F7C6310}) (Version: 4.1.2.0 - Dropbox, Inc.) Dropbox Update Helper (x32 Version: 1.3.141.1 - Dropbox, Inc.) Hidden ELAN Touchpad 18.2.15.7_X64_WHQL (HKLM\...\Elantech) (Version: 18.2.15.7 - ELAN Microelectronic Corp.) Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.) Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC13084E6700}) (Version: 19.008.20071 - Adobe Systems Incorporated) FlashPeak Slimjet (HKLM-x32\...\Slimjet) (Version: 19.0.4.0 - FlashPeak Inc.) foldershare (HKLM\...\foldershare) (Version: 7.3 - foldershare) FotoWorks XL 2018 (HKLM-x32\...\FotoWorks XL 2018_is1) (Version: Aktuelle Version - IN MEDIAKG TI) Free MP4 Video Converter (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.111.215 - Digital Wave Ltd) HP Audio Switch (HKLM-x32\...\{BC852AA8-58F6-4F07-ACB1-7377E52CA4F3}) (Version: 1.0.150.0 - HP Inc.) HP CoolSense (HKLM-x32\...\{20CC03C7-7B48-4130-B7FA-39BC128E3A9E}) (Version: 2.21.5 - HP Inc.) HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.) HP ePrint SW (HKLM-x32\...\{54da9769-2364-4bd3-8139-6400500778b3}) (Version: 5.3.22034 - HP Inc.) HP JumpStart Apps (HKLM-x32\...\HP JumpStart Apps) (Version: 7.0.21 - HP Inc.) HP JumpStart Bridge (HKLM-x32\...\{23D5C1E8-0442-4D70-9280-927EF36657CB}) (Version: 1.1.0.378 - HP Inc.) HP JumpStart Launch (HKLM-x32\...\{81CA40FD-E11B-4DC1-AE33-A71EB044B8B7}) (Version: 1.1.275.0 - HP Inc.) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Photosmart 5520 series - Grundlegende Software für das Gerät (HKLM\...\{4F396B08-301D-4E53-A372-95A7E93ABD04}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Photosmart 5520 series Hilfe (HKLM-x32\...\{640A03B3-4E6B-4440-A350-E6A8D6348F12}) (Version: 27.0.0 - Hewlett Packard) HP Support Assistant (HKLM-x32\...\{4780AF24-213D-4187-86F2-0014A6D6077B}) (Version: 8.3.50.9 - HP Inc.) HP Support Solutions Framework (HKLM-x32\...\{AAE126B3-95C5-49E1-A590-7B5F6EDC7D60}) (Version: 12.5.32.203 - HP Inc.) HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.29 - HP Inc.) HP System Event Utility (HKLM-x32\...\{1BB20774-0FA8-4CFF-AB69-7B7AAE2DCE6C}) (Version: 1.4.19 - HP Inc.) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) Inkscape 0.92.3 (HKLM-x32\...\Inkscape) (Version: 0.92.3 - Inkscape Project) Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11003.3588 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1047 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4627 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1643.1 - Intel Corporation) Intel(R) Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 1.1.1.22 - Intel Corporation) Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{DDE28492-B260-4DF0-BA99-7F96FC2932C1}) (Version: 19.60.0 - Intel Corporation) Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.40 - Intel(R) Corporation) Hidden Intel® Integrated Sensor Solution (HKLM-x32\...\{b3782b53-1b6c-436a-b0f0-f65d83ae74d9}) (Version: 3.0.30.1119 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{185db067-38cd-4521-a43e-c39b96ee1389}) (Version: 19.50.1 - Intel Corporation) IrfanView 4.50 (64-bit) (HKLM\...\IrfanView64) (Version: 4.50 - Irfan Skiljan) ISS_Drivers_x64 (Version: 3.0.30.1119 - Intel Corporation) Hidden iTunes (HKLM\...\{91B57967-C0E0-435A-AE53-A2336ECD8560}) (Version: 12.9.1.4 - Apple Inc.) LibreOffice 5.3.7.2 (HKLM\...\{117F3217-458C-4371-B222-00C69DE96CB2}) (Version: 5.3.7.2 - The Document Foundation) Malwarebytes Version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2101576799-1165526633-3082190696-1001\...\OneDriveSetup.exe) (Version: 18.172.0826.0010 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 63.0.1 (x64 de) (HKLM\...\Mozilla Firefox 63.0.1 (x64 de)) (Version: 63.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.2 - Mozilla) OpenOffice 4.1.4 (HKLM-x32\...\{5E9128B1-0AB8-40F5-9F71-69089C490855}) (Version: 4.14.9788 - Apache Software Foundation) Opera Stable 56.0.3051.99 (HKU\S-1-5-21-2101576799-1165526633-3082190696-1001\...\Opera 56.0.3051.99) (Version: 56.0.3051.99 - Opera Software) ORTMANN Cross Stitch Designer 4.0 (HKLM-x32\...\ORTMANN Media-Verlag Cross Stitch Designer 4.0) (Version: 4.0 - ORTMANN Media-Verlag) Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden PDF24 Creator 8.3.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) PhotoFiltre 7 (HKU\S-1-5-21-2101576799-1165526633-3082190696-1001\...\PhotoFiltre 7) (Version: - ) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.21299 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8135 - Realtek Semiconductor Corp.) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden Silhouette Link (HKLM-x32\...\{C2136C80-F9D4-4096-86D4-C641BB36DFF3}) (Version: 1.0.096 - Silhouette America) Silhouette Studio (HKLM-x32\...\{518EAEF4-3E9D-4E45-B4DB-041B7FCB86D0}) (Version: 4.1.442 - Silhouette America) Studie zur Verbesserung von HP Photosmart 5520 series Produkten (HKLM\...\{B99F865A-3ECB-4E65-B6CF-9C60EE0273A3}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) Update for Skype for Business 2015 (KB4461446) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFBBF6D0-F140-40E9-B5AE-BDE708FC4817}) (Version: - Microsoft) Update for Skype for Business 2015 (KB4461446) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFBBF6D0-F140-40E9-B5AE-BDE708FC4817}) (Version: - Microsoft) Update for Skype for Business 2015 (KB4461446) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{BFBBF6D0-F140-40E9-B5AE-BDE708FC4817}) (Version: - Microsoft) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{EC5A6438-850E-4AD1-9169-DD071C8EFFEF}) (Version: 2.10.0.0 - Microsoft Corporation) VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes) Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-3) (Version: 1.0.42.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.42.0 (Version: 1.0.42.0 - LunarG, Inc.) Hidden WinRAR 5.50 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) Wondersoft - Wonderful Weather - Enhance and safeguard your online experience (HKLM-x32\...\Wondersoft Wonderful Weather) (Version: "1.1.1" - "Wondersoft") ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001_Classes\CLSID\{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}\localserver32 -> C:\Users\s_rep\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001_Classes\CLSID\{389510b7-9e58-40d7-98bf-60b911cb0ea9}\localserver32 -> C:\Users\s_rep\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\s_rep\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001_Classes\CLSID\{94269C4E-071A-4116-90E6-52E557067E4E}\localserver32 -> C:\Users\s_rep\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> C:\Users\s_rep\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001_Classes\CLSID\{A926714B-7BFC-4D08-A035-80021395FFA8}\localserver32 -> C:\Users\s_rep\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\FileCoAuth.exe (Microsoft Corporation) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {042D8A51-5878-4000-9C10-C04AFF122A1F} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand Task: {04B3E894-DE5B-4C4A-9AA7-CA8F7CE43583} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Cellular => C:\Windows\system32\ProvTool.exe [2018-04-12] (Microsoft Corporation) Task: {0638E40C-2629-48D2-B3AA-EE49DDEAB986} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.) Task: {0967FAC8-6E28-4BBF-8387-9D6CEB7DE860} - System32\Tasks\Avira\Safe Shopping\Check => C:\Program Files (x86)\Avira\Safe Shopping\Updater\Updater.exe [2018-11-01] (Avira) Task: {0A7AA876-862F-4F81-AA4B-B73950FA632C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates Task: {0FD500DA-01C5-4676-9B10-1A481B381433} - System32\Tasks\S-1-5-21-2101576799-1165526633-3082190696-1001\DataSenseLiveTileTask => C:\Windows\System32\DataUsageLiveTileTask.exe [2018-04-12] (Microsoft Corporation) Task: {1966DF7C-DE3A-4B71-A0AC-AD8B72668ECD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-07] (HP Inc.) Task: {1BCC53CF-FE23-46A5-B81C-5FCE6B3BDF23} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\s_rep\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [2018-10-17] (Microsoft Corporation) Task: {1BE936D4-EE40-4F04-84E0-18FFD27C0A6A} - System32\Tasks\Microsoft\Windows\Chkdsk\SyspartRepair => C:\Windows\system32\bcdboot.exe [2018-04-12] (Microsoft Corporation) Task: {2231CAFE-FABE-41F5-A0B3-842D9319DBF9} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\Windows\system32\AppHostRegistrationVerifier.exe [2018-06-02] (Microsoft Corporation) Task: {26979C78-BE35-4BE1-9663-F25C0DD509D3} - System32\Tasks\Opera scheduled Autoupdate 1539967477 => C:\Program Files\Opera\launcher.exe [2018-11-06] (Opera Software) Task: {294EF281-56B6-4F71-8115-BAC2919EF034} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task Task: {29F3A47A-C0DC-48D8-ACAF-89413EE0731D} - System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr => C:\Windows\System32\UNP\UpdateNotificationMgr.exe [2018-07-15] (Microsoft Corporation) Task: {2BB692C1-F60F-479E-ADC2-1CAF9422A2AC} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask Task: {2DBD790D-172A-4CFA-B3F7-824D7509680F} - System32\Tasks\Microsoft\Windows\PushToInstall\Registration => Sc.exe start pushtoinstall registration Task: {301E6046-EE37-4B0D-ADEA-B79237AA4C23} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2018-10-16] (Avira Operations GmbH & Co. KG) Task: {42B682B8-0FA8-4CD6-8609-C90EFF7505D4} - System32\Tasks\HPCustParticipation HP Photosmart 5520 series => C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.) Task: {430852CB-A87C-492E-A659-075C7BF1710C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates Task: {4C7F4583-DD70-4B68-B5CF-3621E0C33708} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {51D31EBF-545E-411D-A21A-CB34004CC384} - System32\Tasks\Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh Task: {541BA5BF-1736-4A3E-B1E5-CE1C9EE13043} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates Task: {54A21C2F-028A-40D4-B5D5-88E4A584FB1B} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-10-13] (Intel(R) Corporation) Task: {56E6F3A6-3B2E-47FE-9C9E-E9669BA61EFC} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-12-18] (Dropbox, Inc.) Task: {57688D33-0857-43F4-B3D2-26F0D0623E39} - System32\Tasks\Benutzerdienstfür(AppXSVC) => C:\Program Files (x86)\nodejs\node.exe [2017-05-02] (Node.js) Task: {577C3956-E492-42A5-AEFB-FDC54A537C64} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange Task: {57A7E0DF-F70E-43B1-AA2C-5BA67DBBE753} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask Task: {5DB4FD20-4FF2-4C58-9801-ADD6F0149633} - System32\Tasks\Microsoft\Windows\EDP\EDP Inaccessible Credentials Task Task: {60221910-B7B0-4AB9-AC2D-71058A6720EE} - System32\Tasks\Avira\Safe Shopping\Launch => C:\Program Files (x86)\Avira\Safe Shopping\Updater\Updater.exe [2018-11-01] (Avira) Task: {62331915-A3E9-4B6E-9686-86034377E8CF} - System32\Tasks\Microsoft\Windows\USB\Usb-Notifications Task: {65A34F07-723D-4150-B109-13BD1AE3DFAA} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] () Task: {66969E28-CE77-4B5F-B1FF-A3B610DFCFD3} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {6AB34E6E-76B0-4D9C-B1AC-C0E5B26BC23E} - System32\Tasks\Avira\Safe Shopping\Update => C:\Program Files (x86)\Avira\Safe Shopping\Updater\Updater.exe [2018-11-01] (Avira) Task: {6DE4F7DC-0B8D-404A-A6C9-83241658F8CA} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\Windows\system32\AppHostRegistrationVerifier.exe [2018-06-02] (Microsoft Corporation) Task: {6F94A2F9-CA33-4FCC-AA69-57F57230173C} - System32\Tasks\EZnVzpmjsBPJAOW => Rundll32.exe "C:\Users\s_rep\AppData\Local\Temp\zJVJydIlxtaAifNHI\TtycKSJSKAhDHkWV\nSqksLm.dll",#1 /adp EIGH4BJGH4VJGH2XIGH7HKGH8XJGH4SJGH8RJGH8YJGH8DIGH0RIGH6LIGH2AIGH1OIGH0WIGH1 /site_id 756 Task: {7138D0D3-1873-4A77-86CF-4840F491C90F} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\Windows\System32\XblGameSaveTask.exe [2018-04-12] (Microsoft Corporation) Task: {72EC99D5-FDCE-482B-A8C4-79610E17629B} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-12-06] (HP Inc.) Task: {749E286C-C205-4C7C-B742-BE5023BF06DE} - System32\Tasks\Microsoft\Windows\PushToInstall\LoginCheck => Sc.exe start pushtoinstall login Task: {756535E6-76E8-42DF-9307-D2A8D82EDB1C} - System32\Tasks\HPEA3JOBS => C:\Program Task: {77DD4C0D-EEDB-4C1D-9A21-7B30E5F4C03A} - System32\Tasks\qdxgajDnKqmDPrtzQ2 => Rundll32.exe "C:\Program Files (x86)\BHXQvOBMsgKdEntstUR\LtVvruU.dll",#1 Task: {78BABCCD-20B8-49B7-B4F8-87490C41C875} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser Task: {7EAE5A6B-00F4-4B9F-A255-E1C163B587A1} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession Task: {7EED1416-89CD-4D52-8537-3E4860543030} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [2018-03-22] (Avira Operations GmbH & Co. KG) Task: {7EFE6C85-50FC-4D58-A3DF-10FEFC8CCB2D} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-12-18] (Dropbox, Inc.) Task: {83B7C57C-BF53-42F4-B3A0-B24ABFACE76A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {85F40D06-8916-40B8-ABA7-734BA60F90F2} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2016-11-28] (DropboxOEM) Task: {88026766-9562-4C3E-9C94-2E7DA5B61195} - System32\Tasks\yKlRUxrwnsuFpeUeBWz2 => Rundll32.exe "C:\Program Files (x86)\UmTwpSvRUOfSC\vKpdeLr.dll",#1 Task: {8CCDCCC3-88F0-4860-84BE-5AC16A1C6FA9} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => Rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance Task: {8D71F5C0-53E1-4F02-9A5D-851779424A0D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.) Task: {8F255F88-A87A-495F-B828-A4AFEC70BDB0} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\Windows\system32\dxgiadaptercache.exe [2018-04-12] (Microsoft Corporation) Task: {90331E02-BD0D-4D82-8804-1342EAAA2C9F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-12-06] (HP Inc.) Task: {97E8D66D-0085-423C-BA11-DD777A1258AB} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\Windows\system32\MDMAgent.exe [2018-04-12] (Microsoft Corporation) Task: {9CB242AA-EA28-4888-8DE0-98F1D6B05AC7} - System32\Tasks\DropboxUpdateTaskMachineCore1d377547997d14 => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-12-18] (Dropbox, Inc.) Task: {A167F6E0-ED47-419C-807E-2A11ECBA98D4} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation Task: {A305A840-EC8B-4C66-8EA8-5FF15F129CD2} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe [2018-04-12] (Microsoft Corporation) Task: {A5FE6B52-974F-492F-81F3-472223AD09D5} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\Windows\system32\ClipRenew.exe [2018-04-12] (Microsoft Corporation) Task: {AE1E6549-6E33-4D49-801B-F33E6D62356A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2016-12-06] (HP Inc.) Task: {B0952E0A-C54F-4E8B-95E9-90E560086B37} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand Task: {B14C88F4-4AAC-4F00-A94E-8EA180D7AEDC} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense Task: {B2F4AC84-A8D0-4524-9363-BFF5A5911A00} - System32\Tasks\Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask Task: {B3433942-FE11-4C11-839D-9C7589B6C5CB} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\Windows\system32\ClipRenew.exe [2018-04-12] (Microsoft Corporation) Task: {B96C2DB0-6A19-4E2B-89F6-84FD75E497A4} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback Task: {BDE8C0F4-1A50-4A42-ABFC-DFA37F8BF1C8} - System32\Tasks\OqUgsIhoyVOixP => Rundll32.exe "C:\Program Files (x86)\pbjpUXEkQjxU2\ydAhoPZsifauT.dll",#1 Task: {C161767E-4A22-4440-A1AF-1317A585F317} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [2018-03-28] (Avira Operations GmbH & Co. KG ) Task: {C2098BE2-A29A-4EB1-97F6-F0C57E086D4F} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\Windows\system32\speech_onecore\common\SpeechRuntime.exe [2018-06-02] (Microsoft Corporation) Task: {CDA5D686-5D6C-4730-9907-B66710DC3670} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange Task: {D010978C-B666-4072-B7F3-DD6340CDD629} - System32\Tasks\Microsoft\Windows\EDP\StorageCardEncryption Task Task: {D07E8395-3840-41C1-8931-34D62726BED3} - System32\Tasks\niYEcWwYibJfLQX2 => Rundll32.exe "C:\Program Files (x86)\eEvEEOxmU\ggsKtT.dll",#1 Task: {D1CC320B-9A47-4DB4-AFE4-2BCE1A964E7A} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources Task: {D795D83C-F41B-4403-B14E-A038C6FBD1B0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated) Task: {DBE92F66-907D-4220-8C26-5D55E5A5906F} - System32\Tasks\HP\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe [2017-01-12] (HP Development Company, L.P.) Task: {DD710A69-86C6-4932-97B1-01FB13ACFEF1} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged Task: {DDF46C27-D05A-4829-90A2-9E4A4DDD7FE9} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [2017-02-02] (HP Inc.) Task: {E0862994-9083-482D-A921-27B4860FFA21} - System32\Tasks\Microsoft\Windows\Printing\EduPrintProv => C:\Windows\system32\eduprintprov.exe [2018-04-12] (Microsoft Corporation) Task: {E3757DD2-B31D-4CB0-B696-8EC28DB525C3} - System32\Tasks\Okawville => C:\Program Files\Okawville\Okawville.exe Task: {E9D4B94B-01E1-4850-91EF-9E40BB4E670E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-12-06] (HP Inc.) Task: {EDF26610-088A-459C-8682-BED9EC60359F} - System32\Tasks\{e6b1bd71-40ef-4173-8106-93b5f9032a6e} => C:\Users\s_rep\AppData\Local\Temp\{2CF693F1-5E55-41CB-BE04-6E437DA0D4B9}.exe <==== ACHTUNG Task: {EFA86FF7-22AE-4997-AFD9-E89E1BF9B7D6} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\Windows\system32\devicecensus.exe [2018-04-12] (Microsoft Corporation) Task: {F002E6F5-6788-45A8-8F43-228E2955D617} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2101576799-1165526633-3082190696-1001 => C:\Users\s_rep\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [2018-10-17] (Microsoft Corporation) Task: {F955A09C-E83A-4AD5-9ABC-7D5D7A055117} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task Task: {FC779438-B7FD-4774-AA55-4DE2A4B098A4} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh Task: {FECF5D21-00E3-4960-8359-57CBFC4E2D73} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.) Task: {FF7C8D28-6205-4327-B2BE-BD3E5E07D9BA} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [2017-02-01] () (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore1d377547997d14.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\EZnVzpmjsBPJAOW.job => C:\Users\s_rep\AppData\Local\Temp\zJVJydIlxtaAifNHI\TtycKSJSKAhDHkWV\nSqksLm.dll <==== ACHTUNG Task: C:\WINDOWS\Tasks\Okawville.job => C:\Program Files\Okawville\Okawville.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2018-10-21 02:17 - 2018-10-21 02:17 - 00088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2018-10-21 02:17 - 2018-10-21 02:17 - 01356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2016-12-06 12:06 - 2016-12-06 12:06 - 00897200 _____ () C:\Program Files (x86)\Silhouette America\Silhouette Link\Resources\Resources\SPEC_LK\SilhouetteLinkServer.32.exe 2018-04-04 17:03 - 2018-04-04 17:03 - 00173760 _____ () C:\WINDOWS\system32\IntelWifiIhv04.dll 2018-11-11 15:37 - 2018-10-18 08:44 - 02821952 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2018-11-11 15:37 - 2018-10-18 08:44 - 02695360 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2017-02-01 10:50 - 2017-02-01 10:50 - 00459264 _____ () C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe 2018-04-12 00:34 - 2018-04-12 00:34 - 00491744 _____ () C:\Windows\System32\InputHost.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 00472064 _____ () C:\Windows\ShellExperiences\TileControl.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 02759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 00491744 _____ () C:\WINDOWS\SYSTEM32\InputHost.dll 2018-10-10 07:50 - 2018-09-20 04:38 - 02185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 00491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2018-10-16 04:05 - 2018-10-16 04:06 - 00009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll 2018-11-13 08:01 - 2018-11-13 08:01 - 00060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\ChakraBridge.dll 2018-11-13 08:01 - 2018-11-13 08:02 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll 2018-11-13 08:01 - 2018-11-13 08:01 - 10873344 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\LibWrapper.dll 2018-11-13 08:01 - 2018-11-13 08:02 - 02834432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\skypert.dll 2018-11-13 08:01 - 2018-11-13 08:02 - 00685568 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll 2018-11-13 08:01 - 2018-11-13 08:02 - 00183808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe 2018-10-22 13:59 - 2018-10-22 13:59 - 00088888 _____ () C:\Program Files\iTunes\zlib1.dll 2018-10-22 13:59 - 2018-10-22 13:59 - 01356088 _____ () C:\Program Files\iTunes\libxml2.dll 2018-11-07 05:13 - 2018-11-07 05:13 - 01434384 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11001.20083.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll 2018-11-11 15:05 - 2018-11-11 15:16 - 00228352 _____ () C:\Program Files\Mozilla Firefox\zlib1.dll 2018-08-08 14:36 - 2018-08-08 14:35 - 00243352 _____ () C:\Program Files (x86)\Avira\Antivirus\ssl-44.dll 2018-08-08 14:36 - 2018-08-08 14:35 - 01204472 _____ () C:\Program Files (x86)\Avira\Antivirus\crypto-42.dll 2018-03-16 16:03 - 2018-01-18 11:10 - 00114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll 2018-03-16 16:03 - 2018-01-18 11:10 - 00108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll 2018-03-16 16:03 - 2018-01-18 11:10 - 00024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll 2018-03-16 16:03 - 2018-01-18 11:10 - 00048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll 2018-11-01 11:43 - 2018-11-01 11:43 - 00078992 _____ () C:\Program Files (x86)\Avira\Safe Shopping\ScreenClick.dll 2018-10-12 13:51 - 2018-10-12 13:51 - 00153088 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\5a6824ba71791f4e5c689ddf33969597\BRIDGECommon.ni.dll 2018-10-12 13:52 - 2018-10-12 13:52 - 00326144 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\47497f5230d6bfbbb6565f725a2086ae\CleanStartController.ni.dll 2018-10-12 13:51 - 2018-10-12 13:51 - 00116736 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\40891bc946359c696fadcef1382449be\BridgeExtension.ni.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1" ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001\...\sharepoint.com -> hxxps://ecahk-files.sharepoint.com ==================== Hosts Inhalt: ========================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2017-03-18 22:03 - 2018-11-11 15:16 - 00000980 ____A C:\WINDOWS\system32\Drivers\etc\hosts 104.251.211.173 clients2.google.com 104.251.211.173 clients2.google.com 104.251.211.173 clients2.google.com 104.251.211.173 clients2.google.com ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-2101576799-1165526633-3082190696-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\s_rep\Documents\Wallpapers Bot\Wallpapers\zfAMY4rgtp5h33Qc.jpg DNS Servers: 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [WirelessDisplay-Infra-In-TCP] => (Allow) %systemroot%\system32\CastSrv.exe FirewallRules: [{439043F2-9AB9-4A4B-BFBE-FA623699EF00}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{3B0106F5-5C9F-4A3E-8056-9C4EC2BEA19C}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{677E5800-E1DF-49A2-A852-19B997DFE957}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{EC4B0CD1-E3AD-4240-A3CD-D7BB88847A2F}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{BCBD647B-FFEC-47FD-829E-1B05F44A12E6}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{BD67F4B2-6704-4DDF-BE67-C56288677333}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [UDP Query User{2F7241AE-72ED-401E-99C4-05313F54B160}C:\program files (x86)\avira\softwareupdater\avirasoftwareupdatertoastnotificationsbridge.exe] => (Allow) C:\program files (x86)\avira\softwareupdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [TCP Query User{8EA3B3FA-7B32-451F-93EA-DD2A8A2175E1}C:\program files (x86)\avira\softwareupdater\avirasoftwareupdatertoastnotificationsbridge.exe] => (Allow) C:\program files (x86)\avira\softwareupdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{B7052AEC-6E2C-46FD-8B02-6BE5265D139F}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{70658E0A-BCA3-4118-9B42-0EA07E1BFE05}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{A1549108-A290-49D9-B5EC-ED771DF44F8D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{1B586CB7-BE56-4AB0-9CAC-7453ABD88DD1}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{06C0F912-9378-457B-93BD-DCDEB82F5AD4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{37E293EB-09D3-496C-86DE-021CFBCA1C97}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [UDP Query User{047AF169-911B-485B-A0CD-39BB4A3F55BA}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{A60134A4-2C23-4282-B121-32B94999C6CA}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe FirewallRules: [{8EFA245C-82EE-4FFB-8BB1-B5655205979D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{A0044B33-F734-40D5-AC66-272F00226DFC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{0B34C0E6-0CAB-4577-B4D1-23395A092786}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe FirewallRules: [{D8BEE5B1-E632-4A06-BAA1-68516E9C65A6}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe FirewallRules: [{4B4AA8B4-8C91-412A-81C3-E75BA96964D3}] => (Allow) C:\Program Files (x86)\Silhouette America\Silhouette Link\SilhouetteLinkConsole.exe FirewallRules: [{3C469094-E9B2-47AF-A2D0-986D54669D45}] => (Allow) C:\Program Files (x86)\Silhouette America\Silhouette Link\Resources\Resources\SPEC_LK\SilhouetteLinkServer.32.exe FirewallRules: [{87901CA5-AF13-4AF9-9DD1-D6CC049A8E42}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\DeviceSetup.exe FirewallRules: [{827BD9B1-D12F-457E-8888-146480263EBB}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicator.exe FirewallRules: [{34F98F02-3FDD-40BC-BF5A-721CE70F9DAA}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{A1A3588C-0FFD-4713-B54A-832B187AD868}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{4300C1D7-29E8-4BEE-90A7-E609500C27A5}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{B9BF142B-9EDF-444E-AFBF-9C8EF85643F4}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{4FC24485-7F00-4A5C-88E7-4271B08E8596}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{D46AD910-FE2E-410D-8DCA-BA1CCF494AFD}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{AE0C1F56-D9C7-4051-BA71-AABC0126D52E}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{AAE03384-BD64-4C1A-9734-1A70EA1B49DE}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{C451C23A-559C-4743-8967-31F5B8A67CBF}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{3AEE882F-C2FA-4FD6-BFB4-232094768E2C}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{6657C994-1DCD-45E1-8E14-09F1A7A31C66}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{B1377193-AB3F-4C3A-BF26-1A0A67E84C5B}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{0F003187-7357-4817-9935-F55FCDA464D3}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{AD43A1A4-DD8A-495C-9060-A523D70212B7}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{AFAFA1E7-3911-4321-8517-EF92A856EBCB}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{2843C2E1-BE26-4EBC-B115-0B27532A0B0D}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{397B3379-6311-4DBD-A104-BC9EA0DC6B73}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{D5BF0ED1-3D5F-48B8-B6AC-48C386802643}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{F9C36B6B-87F1-4F57-BD43-0E9F75E2AD6A}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{E3D05FEC-090D-4A42-B12D-018918311952}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{D50AF306-D37D-4E61-A86D-7E2DB0E5F525}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{534B5086-7971-45A2-99C9-B7CAB430C02A}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{9B239CB7-00CD-4482-93AE-8ABA968BDB30}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{0C3D50BB-4590-4D95-933B-6B7C9D48932B}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{B5CE0DAA-E3A8-4574-BD12-CB9D79726BDE}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{D59B3E36-74D5-479B-9BCA-C64488D02404}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{98C20A46-B12E-47DA-8F96-BDE4CB6EF401}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{3AE3B46B-2F14-4E4D-80C5-379B90EB37EB}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{4EAE7AD8-3012-4D13-AFF3-AF85C38396A1}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{1B03FE70-DEF9-4AA5-AD67-9AF531BE0615}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{62017417-BFF3-40EB-B41E-EC16F647C5B4}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{8B9E91E4-FF94-4CF6-BB09-8028EB3D27D2}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{731632A1-C8EC-457B-8AAA-93783BA8E4D6}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{26DE2B26-1A44-411C-9614-19CD7F1E39AD}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{1A91A1B1-6D6F-40A0-9ABF-C50D48615F72}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{DAFD3D59-0C52-415F-86C8-DF2195CBA66C}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{276EFC78-F505-480B-AEA5-D8FBFB188F01}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{B320A83B-E3CA-4F2A-BC06-BEC50306B525}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{B6331505-1E93-486E-9143-25FA28B77E58}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{053137EB-66B7-4AAB-BC5A-0B09671D49A0}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{F894D921-EEC6-494C-84FA-A193ADC15270}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{D7AB8D5A-8D8A-4644-BBEE-D9EC48B5B91D}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{F234CFB2-CDC8-458A-BB66-C64A91CD7F7E}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{5EC1243E-60C8-4F70-808C-4FCAA91C909B}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{81C9FC8E-184B-4EC4-A710-F94C2F157E5D}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{A762C034-D189-4204-B72B-9E0357F37F59}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{4D265CDE-1D8A-40A3-80C8-6994347DDBF0}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{F8F262E0-7066-4D48-94E3-7DDBB228C52C}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{67AE79B0-712A-4FFB-91A7-1F89EC9CD753}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{341D333F-020C-430E-BA97-0CE31D96D1E3}] => (Allow) C:\Program Files\Opera\56.0.3051.52\opera.exe FirewallRules: [{E391F228-6C1E-42CF-95FD-612F45847892}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{7C91652E-96EF-4A9F-86BB-36D92B5F4AAA}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{80E515D2-1021-44B6-B5B0-847FB4A9BEB9}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{64BBF7EE-4EE1-4976-8CC4-F1031D3003EE}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{9E39608F-6D27-4CC3-9754-CDB8D7B632B2}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{5557133A-7AFB-43E4-A279-DEEA4914859B}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{63B779B2-2355-4DEC-A8C2-DC42BF5C194F}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{2A0B080D-7F28-4799-9270-7304A091293C}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{64EFF598-A5F3-40FF-B960-8F276AED3B32}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{757D69DB-4307-4C1C-945E-439D3315C488}] => (Allow) C:\Program Files\Opera\56.0.3051.99\opera.exe FirewallRules: [{7AB434E3-99FB-4038-82AB-28BB57633C44}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe FirewallRules: [{A71721D4-8345-4A02-820D-3542C181B855}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{65791A5B-7F04-41AC-885A-271C9308D87B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{7E643056-9DF7-4D6B-B6E7-ECBF0FB4871F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{C21F8CA8-D18C-4A0F-BD1A-BB7BF49817A5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{5C3909DB-F402-4636-A255-61F506305906}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{712047EF-FED1-48B5-8D7B-DD342C1F505C}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{A91B5495-CB42-42BE-9949-439B8B6296A8}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{41A32139-30C1-4DD2-91DB-2E4BE3169C20}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{E7DEB653-A09C-4EB3-AD29-E33842C255CF}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{F98E92B0-E83F-46C4-9F0F-A0D68D0C95C2}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{96BAA2AE-8038-427C-9C9D-19B7B89F3B71}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{1ECFA2FF-6F0E-48ED-AD78-5AF937E49C61}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{CDE1F15A-D759-451F-8570-468923CDD818}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{B40CD56A-8B54-4EFE-B268-98512353C973}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{28AEA346-D0F7-4349-9878-C018C83B4F60}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{F7A449E9-978F-4603-BD13-B9F5A2B9F790}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{FF8A0E47-C6BC-4395-BB3B-B41E6C7754D6}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{02E7D4B9-D057-4E80-BA0B-39790DBE2EA3}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{6C719FEB-EC56-4E56-8A30-D398434E15C9}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{CE9AB76D-BBA0-4CED-BC10-145A03CF6E15}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{49754684-832B-49B6-9933-1E7876EDC687}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{31C3491D-E0F6-493C-851B-B4913132913F}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{08C52614-B8B0-4636-8B01-8DFAFBDDFA6F}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{9A02A70D-9DF4-424C-AA9A-9BEBC9B3EF38}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{6DC7C76B-0F53-4ADF-9B4E-DD28D6CFD1EA}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{2EE397CF-4581-456E-92FF-DAFD02CE4924}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{CDD00E64-957D-4B4F-A129-6CD228C4D2F6}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{6711641B-82C4-4536-9244-31D15B5217AA}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{F00DAB18-FACC-4D13-8568-BC39636D787E}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{0B82EE2E-8E5F-4A3A-844D-B45246CCF874}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{64803051-1F76-4FC1-A21B-EC3DB39C067B}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{9C3FF083-F673-4FF3-B843-CF96D05016CF}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{47E1F7AA-0C4E-4455-96BA-5D4425416C19}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{4396F9D4-3B5D-4FE6-97C7-0348571CC097}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{645AED59-74C6-4F0B-A2FB-A9F207EB67B2}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{80D6592C-202E-4CF7-AE99-56C19375AE11}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{A3A17FF0-F740-4578-B957-DD24B29BD7DF}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{8983048C-F85C-46EC-94CE-CECFDFAEF478}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{A85121C2-DE0C-4D60-94BA-1B05A187682B}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{7B945347-9E8B-4BA4-BE35-22FC9180B082}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{EC82A8F5-76D4-412C-BEA4-42B082C343FE}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{F0207F3A-E0FB-487B-B658-938DAEE6BB77}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{0FC34F8A-26C8-4F2F-BBBD-1B7DF7DBEB16}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe FirewallRules: [{B79DEB5C-3E04-40D2-B007-B8CBEE80A30A}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe ==================== Wiederherstellungspunkte ========================= 26-10-2018 16:00:04 Geplanter Prüfpunkt 05-11-2018 07:39:58 Geplanter Prüfpunkt 08-11-2018 05:00:29 Installed iTunes 11-11-2018 15:27:03 11-11-2018 15:27:17 ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (11/13/2018 08:35:51 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: aspnet_stateC:\Windows\System32\aspnet_counters.dll8 Error: (11/13/2018 08:35:51 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: ASP.NET_4.0.30319C:\Windows\System32\aspnet_counters.dll8 Error: (11/13/2018 08:35:51 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: ASP.NETC:\Windows\System32\aspnet_counters.dll8 Error: (11/12/2018 11:15:45 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Local Hostname DESKTOP-D6NM1SV.local already in use; will try DESKTOP-D6NM1SV-2.local instead Error: (11/12/2018 11:15:45 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 DESKTOP-D6NM1SV.local. Addr 192.168.0.10 Error: (11/12/2018 11:15:45 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 192.168.0.10:5353 16 DESKTOP-D6NM1SV.local. AAAA 2A02:8108:0280:1253:EF76:6081:35AB:62CA Error: (11/12/2018 11:15:45 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 DESKTOP-D6NM1SV.local. AAAA FE80:0000:0000:0000:E161:A67E:0CD9:83D2 Error: (11/12/2018 11:15:45 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 192.168.0.10:5353 16 DESKTOP-D6NM1SV.local. AAAA 2A02:8108:0280:1253:EF76:6081:35AB:62CA Error: (11/12/2018 11:15:45 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 DESKTOP-D6NM1SV.local. AAAA 2A02:8108:0280:1253:A1C4:4F33:4A1F:4480 Error: (11/12/2018 11:15:45 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 192.168.0.10:5353 16 DESKTOP-D6NM1SV.local. AAAA 2A02:8108:0280:1253:EF76:6081:35AB:62CA Systemfehler: ============= Error: (11/13/2018 09:28:46 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-D6NM1SV) Description: {E48EDA45-43C6-48E0-9323-A7B2067D9CD5} Error: (11/13/2018 09:26:46 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-D6NM1SV) Description: {E48EDA45-43C6-48E0-9323-A7B2067D9CD5} Error: (11/13/2018 09:24:46 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-D6NM1SV) Description: {9E175B6D-F52A-11D8-B9A5-505054503030} Error: (11/13/2018 09:22:46 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-D6NM1SV) Description: {9E175B6D-F52A-11D8-B9A5-505054503030} Error: (11/13/2018 09:20:46 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-D6NM1SV) Description: {9E175B6D-F52A-11D8-B9A5-505054503030} Error: (11/13/2018 09:18:46 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-D6NM1SV) Description: {E48EDA45-43C6-48E0-9323-A7B2067D9CD5} Error: (11/13/2018 09:16:46 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-D6NM1SV) Description: {9E175B6D-F52A-11D8-B9A5-505054503030} Error: (11/13/2018 09:14:46 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-D6NM1SV) Description: {E48EDA45-43C6-48E0-9323-A7B2067D9CD5} Error: (11/13/2018 09:12:46 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-D6NM1SV) Description: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} Error: (11/13/2018 09:10:46 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-D6NM1SV) Description: {E48EDA45-43C6-48E0-9323-A7B2067D9CD5} CodeIntegrity: =================================== Date: 2018-11-13 09:02:07.609 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-11-13 09:02:07.607 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-11-13 08:51:56.033 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-11-13 08:51:56.033 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-11-13 08:36:37.524 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-11-13 08:36:37.518 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-11-13 08:36:35.288 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-11-13 08:36:35.282 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-11-13 08:36:15.534 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-11-13 08:36:15.532 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz Prozentuale Nutzung des RAM: 50% Installierter physikalischer RAM: 8064.66 MB Verfügbarer physikalischer RAM: 4026.69 MB Summe virtueller Speicher: 11136.66 MB Verfügbarer virtueller Speicher: 6890.61 MB ==================== Laufwerke ================================ Drive c: (Windows) (Fixed) (Total:915.33 GB) (Free:681.16 GB) NTFS Drive d: (RECOVERY) (Fixed) (Total:14.95 GB) (Free:1.78 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: A50E1C7D) Partition: GPT. ==================== Ende von Addition.txt ============================ |
13.11.2018, 10:55 | #6 | |
/// TB-Ausbilder | 2 merkwürdige "Programme" (Apps) eingefangen, die sich nicht mehr deinstallieren lassen Servus, wenn ein Schritt (so wie bei dir jetzt Schritt 1) nicht funktioniert, brauchst du die anderen Folgeschritte nicht ausführen, da sie aufeinander aufbauen... wobei ich aus der Logdatei von Schritt 2 sehe, dass du auch diesen Schritt falsch ausgeführt hast. Zitat:
Auch die Zeilen "start::" und "end::" müssen kopiert werden. Ich habe es selber gerade ausprobiert... es funktioniert einwandfrei. Bitte genau lesen und wiederholen.... du schaffst das bestimmt. |
13.11.2018, 15:06 | #7 | |
/// TB-Ausbilder | 2 merkwürdige "Programme" (Apps) eingefangen, die sich nicht mehr deinstallieren lassen Kleiner Nachtrag: Zitat:
Lesestoff: Illegale Software: Cracks, Keygens und Co Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html Es geht weiter wenn du alles Illegale entfernt hast. Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems. |
16.11.2018, 21:11 | #8 |
/// TB-Ausbilder | 2 merkwürdige "Programme" (Apps) eingefangen, die sich nicht mehr deinstallieren lassen Fehlende Rückmeldung Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten. PM inklusive Link zum Thema an mich falls du denoch weiter machen willst. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und einen eigenen Thread erstellen! |
Themen zu 2 merkwürdige "Programme" (Apps) eingefangen, die sich nicht mehr deinstallieren lassen |
adobe, antivirus, avdevprot, avira, bonjour, cpu, defender, einstellungen, entfernen, error, firefox, google, home, homepage, iexplore.exe, mozilla, prozesse, realtek, rundll, scan, services.exe, software, svchost.exe, system, temp, windows, windowsapps |