![]() |
|
Log-Analyse und Auswertung: Web Companion, Lavasoft eingefangenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
![]() | #1 |
![]() | ![]() Web Companion, Lavasoft eingefangen Hallo liebe Helfer, hatte heute Bing anstatt Google als Startseite. Das hatte ich 2015 schon mal. Daraufhin habe ich heute Adware Cleaner und Malwarebytes laufen lassen und beide haben was gefunden. Könnt Ihr bitte helfen, das wieder loszuwerden? Bitte um etwas Nachsicht, wenn ich was nicht richtig mache. Habe nicht ganz viel Ahnung von so etwas. FRST folgt im nächsten Schritt... Code:
ATTFilter Malwarebytes www.malwarebytes.com -Protokolldetails- Scan-Datum: 27.03.19 Scan-Zeit: 19:33 Protokolldatei: c7ddfb0b-50be-11e9-98e0-8c736eb489bb.json -Softwaredaten- Version: 3.6.1.2711 Komponentenversion: 1.0.527 Version des Aktualisierungspakets: 1.0.9880 Lizenz: Kostenlos -Systemdaten- Betriebssystem: Windows 10 (Build 17763.379) CPU: x64 Dateisystem: NTFS Benutzer: laptop-marion\marion -Scan-Übersicht- Scan-Typ: Bedrohungs-Scan Scan gestartet von: Manuell Ergebnis: Abgeschlossen Gescannte Objekte: 321096 Erkannte Bedrohungen: 1 In die Quarantäne verschobene Bedrohungen: 1 Abgelaufene Zeit: 11 Min., 20 Sek. -Scan-Optionen- Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Erkennung PUM: Erkennung -Scan-Details- Prozess: 0 (keine bösartigen Elemente erkannt) Modul: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswert: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Daten-Stream: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Datei: 1 PUP.Optional.Conduit, C:\USERS\MARION\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WD1WHWLZ.DEFAULT\PREFS.JS, Ersetzt, [211], [301520],1.0.9880 Physischer Sektor: 0 (keine bösartigen Elemente erkannt) WMI: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter # ------------------------------- # Malwarebytes AdwCleaner 7.2.7.0 # ------------------------------- # Build: 01-30-2019 # Database: 2019-03-25.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 03-27-2019 # Duration: 00:00:14 # OS: Windows 10 Pro # Scanned: 31949 # Detected: 7 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\Main|Start Page PUP.Optional.WebCompanion HKCU\Software\Lavasoft\Web Companion PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Lavasoft\Web Companion PUP.Optional.WebCompanion HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries found. ***** [ Chromium URLs ] ***** No malicious Chromium URLs found. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. AdwCleaner[S00].txt - [1249 octets] - [12/04/2018 22:02:02] AdwCleaner[S01].txt - [1249 octets] - [12/04/2018 22:10:46] AdwCleaner[C01].txt - [1473 octets] - [12/04/2018 22:14:10] AdwCleaner[S02].txt - [1432 octets] - [07/08/2018 21:25:09] AdwCleaner[C02].txt - [1717 octets] - [07/08/2018 21:27:13] AdwCleaner[S03].txt - [1562 octets] - [06/10/2018 23:20:08] AdwCleaner[C03].txt - [1847 octets] - [06/10/2018 23:25:00] AdwCleaner[S04].txt - [1684 octets] - [01/11/2018 22:38:28] AdwCleaner[S05].txt - [1745 octets] - [01/11/2018 22:40:54] AdwCleaner[C05].txt - [2030 octets] - [01/11/2018 22:41:21] AdwCleaner[S06].txt - [1867 octets] - [02/12/2018 22:11:51] AdwCleaner[C06].txt - [2152 octets] - [02/12/2018 22:13:41] AdwCleaner[S07].txt - [1989 octets] - [29/12/2018 21:34:20] AdwCleaner[C07].txt - [2274 octets] - [29/12/2018 21:39:03] AdwCleaner[S08].txt - [2111 octets] - [08/02/2019 20:58:50] AdwCleaner[S09].txt - [2172 octets] - [08/02/2019 21:00:04] AdwCleaner[C09].txt - [2457 octets] - [08/02/2019 21:00:38] AdwCleaner[S10].txt - [2286 octets] - [18/02/2019 13:12:08] AdwCleaner[C10].txt - [2571 octets] - [18/02/2019 13:13:28] AdwCleaner[S11].txt - [2408 octets] - [22/02/2019 20:33:02] AdwCleaner[S12].txt - [2469 octets] - [06/03/2019 20:38:42] AdwCleaner[S13].txt - [2530 octets] - [12/03/2019 00:47:47] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S14].txt ########## Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:04-03-2016 durchgeführt von marion (2019-03-27 22:10:01) Gestartet von C:\Users\marion\Desktop Windows 10 Pro Version 1809 (X64) (2019-02-12 21:33:33) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-3140415436-1100377458-3732027645-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3140415436-1100377458-3732027645-503 - Limited - Disabled) Guest (S-1-5-21-3140415436-1100377458-3732027645-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3140415436-1100377458-3732027645-1002 - Limited - Enabled) marion (S-1-5-21-3140415436-1100377458-3732027645-1000 - Administrator - Enabled) => C:\Users\marion WDAGUtilityAccount (S-1-5-21-3140415436-1100377458-3732027645-504 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 7-Zip 16.04 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated) Apple Application Support (HKLM-x32\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.2.2364 - AVAST Software) Bing-Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.4.167.0 - Microsoft Corporation) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - ) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - ) Canon MG5100 series Benutzerregistrierung (HKLM-x32\...\Canon MG5100 series Benutzerregistrierung) (Version: - ) Canon MG5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series) (Version: - ) Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - ) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - ) Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6321 - CDBurnerXP) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) DeskUpdate (HKLM-x32\...\DeskUpdate_is1) (Version: 4.13.0116 - Fujitsu Technology Solutions) ElsterFormular (HKLM-x32\...\{94565AFD-3A15-46E7-A2F1-86F568FDBEC1}) (Version: 20.1 - Thüringer Landesfinanzdirektion) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) FJ Camera (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.52019.0 - Sonix) Free Music Zilla (HKLM-x32\...\Free Music Zilla_is1) (Version: - FreeMusicZilla.com) Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden GPL Ghostscript (HKLM\...\GPL Ghostscript 9.15) (Version: 9.15 - Artifex Software Inc.) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2372 - Intel Corporation) iTunes (HKLM\...\{0225AD21-F3E2-4916-BFF3-65D3F9052582}) (Version: 11.0.2.26 - Apple Inc.) Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation) Lexware Datenbank plus 2012 (HKLM-x32\...\{448DA1AD-D1CA-4967-8EFA-9482F31E7BFD}) (Version: 12.00.00.0116 - Haufe-Lexware GmbH & Co.KG) Lexware Elster (HKLM-x32\...\{9F6BFB0F-6B1F-4D1A-A9DA-42F6794C9188}) (Version: 13.00.00.0027 - Haufe-Lexware GmbH & Co.KG) Lexware Info Service (HKLM-x32\...\{8AE7E507-BC49-4DF0-A236-26878691AB53}) (Version: 2.90.00.0009 - Haufe-Lexware GmbH & Co.KG) Lexware reisekosten plus 2012 (HKLM-x32\...\{BE672587-331F-42F7-BC38-D59759311C75}) (Version: 12.01.00.0137 - Haufe-Lexware GmbH & Co.KG) Lexware reisekosten plus 2012 (x32 Version: 12.01.00.0137 - ) Hidden Malwarebytes Version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes) Microsoft Office Professional Plus 2019 - de-de (HKLM\...\ProPlus2019Volume - de-de) (Version: 16.0.10342.20010 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3140415436-1100377458-3732027645-1000\...\OneDriveSetup.exe) (Version: 19.012.0121.0011 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.1.177.0 - Microsoft Corporation) Mozilla Firefox 66.0.1 (x64 de) (HKLM\...\Mozilla Firefox 66.0.1 (x64 de)) (Version: 66.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 66.0.1.7020 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) No23 Recorder (HKLM-x32\...\No23 Recorder) (Version: 2.1.0.3 - No23) No23 Recorder (x32 Version: 2.1.0.3 - No23) Hidden NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (Version: 16.0.10342.20010 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.10342.20010 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (Version: 16.0.10342.20010 - Microsoft Corporation) Hidden PDF Blender (HKLM-x32\...\PDF Blender) (Version: - ) PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.36.1224.2010 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30120 - Realtek Semiconductor Corp.) SafeZone Stable 1.48.2066.95 (x32 Version: 1.48.2066.95 - Avast Software) Hidden Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 3.1 - Samsung) Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.16.0 - Synaptics Incorporated) TAXMAN 2013 (HKLM-x32\...\{F289D934-2224-473B-B57E-0040D2693F83}) (Version: 19.03.00.0001 - Haufe-Lexware GmbH & Co.KG) TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.0.6447 - TeamViewer) Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb) WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6900 - Broadcom Corporation) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-3140415436-1100377458-3732027645-1000_Classes\CLSID\{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}\localserver32 -> C:\Users\marion\AppData\Local\Microsoft\OneDrive\19.012.0121.0011\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3140415436-1100377458-3732027645-1000_Classes\CLSID\{389510b7-9e58-40d7-98bf-60b911cb0ea9}\localserver32 -> C:\Users\marion\AppData\Local\Microsoft\OneDrive\19.012.0121.0011\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3140415436-1100377458-3732027645-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\marion\AppData\Local\Microsoft\OneDrive\19.012.0121.0011\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3140415436-1100377458-3732027645-1000_Classes\CLSID\{94269C4E-071A-4116-90E6-52E557067E4E}\localserver32 -> C:\Users\marion\AppData\Local\Microsoft\OneDrive\19.012.0121.0011\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3140415436-1100377458-3732027645-1000_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> C:\Users\marion\AppData\Local\Microsoft\OneDrive\19.012.0121.0011\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3140415436-1100377458-3732027645-1000_Classes\CLSID\{A926714B-7BFC-4D08-A035-80021395FFA8}\localserver32 -> C:\Users\marion\AppData\Local\Microsoft\OneDrive\19.012.0121.0011\FileCoAuth.exe (Microsoft Corporation) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {02ABD6A5-7C66-4E8A-9BF7-B12354245E8F} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask Task: {031C55BC-D055-49F4-B5EF-98F40D8F7841} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession Task: {04F9AD8A-2271-43F1-9A70-956ECAA26293} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe Task: {09996B35-18E3-4A38-BA0A-331A4D6EA3CE} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates Task: {0BEA0CCB-55B5-400D-B394-C3BB4D69FB1E} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe Task: {0CAD4002-A672-45EE-B6E3-2EDFECFE05EE} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task Task: {0FBB7CB0-0D65-4679-B754-2CA0F234C7EC} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2019-03-20] (Microsoft Corporation) Task: {10B3FA49-D0E2-4D16-8BB9-3F74ADD128FB} - System32\Tasks\Microsoft\Windows\Chkdsk\SyspartRepair => C:\Windows\system32\bcdboot.exe [2018-09-15] (Microsoft Corporation) Task: {123AD11B-688B-4B4A-A14A-D8FC29F9B2A9} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand Task: {12CC247C-1ADD-4D26-9AFA-B5C68BF19EE4} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe Task: {1D8F6EF7-985B-41F2-B5D2-B683F1EFA4F8} - System32\Tasks\Microsoft\Windows\PushToInstall\LoginCheck => Sc.exe start pushtoinstall login Task: {22F49E68-1328-41E2-89D5-C032BCD84FD4} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\Windows\System32\XblGameSaveTask.exe [2018-09-15] (Microsoft Corporation) Task: {2EFBFFE2-F590-4239-9368-FA01D6A8495E} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\Windows\system32\ClipRenew.exe [2018-09-15] (Microsoft Corporation) Task: {3399BB39-6478-4901-B36F-C42C13E17BC4} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {3798B1C6-F2AF-4AE9-95B0-6A376246C766} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser Task: {37E0FFED-BBDC-473E-9D7A-E17B658830C4} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe Task: {38515CC9-0387-4267-BCE7-E1BA229DBD01} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe Task: {39D9CE1E-90AE-4BA5-A99F-3FBD703767FD} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2014-10-09] () Task: {4030C351-CB12-4FC1-B03C-31F6D392DBA3} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\Windows\system32\dxgiadaptercache.exe [2018-09-15] (Microsoft Corporation) Task: {40FFB949-9B71-4E84-A434-8A8293B4AEBD} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe Task: {4388348A-9475-46A9-A899-1D561AF31C03} - System32\Tasks\{172F5275-0A6D-4340-B38E-F8B00A067C28} => pcalua.exe -a C:\Users\marion\Downloads\BingDesktopSetup.exe -d C:\Users\marion\Downloads Task: {43E5E91E-19C1-4D5C-A3B7-3E3D76886BB2} - System32\Tasks\Microsoft\Windows\Printing\EduPrintProv => C:\Windows\system32\eduprintprov.exe [2018-09-15] (Microsoft Corporation) Task: {48DACFE5-D036-4EE0-8249-EA62540C227F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {5017D78C-A5C7-423D-85A4-B53DDD23D123} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates Task: {51A64932-31FC-4513-A825-BA96C9539DC5} - System32\Tasks\Microsoft\Windows\SMB\UninstallSMB1ClientTask => powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client" Task: {52E67AED-1AF7-4218-A9C9-A17C7EE98F70} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe Task: {5324331A-EAA2-4AE3-92AB-266870404E80} - System32\Tasks\{AAE204BC-D2F3-4C48-AC55-214579FB8B25} => pcalua.exe -a C:\Users\marion\Downloads\SYS-EXTENSION-DRVR_V1.20_WIN7-64_FPC46-1642-01(1).EXE -d C:\Users\marion\Downloads Task: {568664FE-54B0-44EB-9A09-8422D026F967} - System32\Tasks\Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh Task: {573F21CE-E43D-4404-A8BF-2080F315850D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-12-16] (Adobe Systems Incorporated) Task: {57BB778E-9D15-4CE9-AA16-E3DCB9BCC554} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe Task: {5879C804-91DD-4F6B-8B41-CD3B5FE4F5E8} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\Windows\system32\AppHostRegistrationVerifier.exe [2018-09-15] (Microsoft Corporation) Task: {5C3FA92B-D543-47B2-8ED6-485B27030D41} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange Task: {5CFA5107-5848-407E-95C9-B2037C66175C} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => Rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance Task: {5EB3BF55-16F2-43A9-B290-A1C3A7DFD7BB} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged Task: {62BD4A0F-0069-49FE-8C6C-115486C0D6FC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {63326183-3B28-4CE7-A7CB-4C3AE514A594} - System32\Tasks\Microsoft\Windows\EDP\StorageCardEncryption Task Task: {640CD30E-8F60-43CD-904D-A10E0B54CF11} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe Task: {641EF3D6-4D3D-4B79-91B0-90AB709ED98D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2019-03-01] (Microsoft Corporation) Task: {6462C646-DD43-41FB-B5CC-43C72C793710} - System32\Tasks\Microsoft\Windows\PushToInstall\Registration => Sc.exe start pushtoinstall registration Task: {66E8F095-D15A-41D3-92DF-FA1A8F6B043B} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\Windows\system32\devicecensus.exe [2019-03-10] (Microsoft Corporation) Task: {67D30543-D967-4C83-9C38-9CD0218B22F9} - System32\Tasks\{0634C9A9-1474-41F9-BAE2-6F118990528B} => pcalua.exe -a C:\Users\marion\Downloads\SYS-EXTENSION-DRVR_V1.20_WIN7-64_FPC46-1642-01(2).EXE -d C:\Users\marion\Downloads Task: {6C906182-B49C-4AD5-833C-E4A943D1205A} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation) Task: {6E8B8A39-D529-4874-85BF-4DA4182F06D2} - System32\Tasks\Microsoft\Windows\USB\Usb-Notifications Task: {764B5AB5-2291-4561-B529-3F8FB88F13E2} - System32\Tasks\{E79E06DD-1871-46C2-81FB-A6A5CD6D255C} => pcalua.exe -a C:\Users\marion\Downloads\SYS-EXTENSION-DRVR_V1.20_WIN7-64_FPC46-1642-01.EXE -d C:\Users\marion\Downloads Task: {786E9D1E-5E72-4B28-8D2B-19629A08D7B8} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe Task: {7A35A2E3-3CB4-4E28-B98D-832C02003592} - System32\Tasks\Microsoft\Windows\Flighting\OneSettings\RefreshCache Task: {7B7C83F3-1978-4285-9C99-61FBBA3F3146} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources Task: {7F07A86C-2ACB-483B-930B-F5A17891CAC7} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\Windows\system32\ClipRenew.exe [2018-09-15] (Microsoft Corporation) Task: {7FED2659-3104-4EEE-83F2-480B7A607082} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe Task: {821783DA-438D-4A7F-8CD2-919AF89DE517} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task Task: {8653663C-92F9-430B-8453-1546EFD3DE84} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe Task: {8CF64D1C-E29A-4356-96C8-DB68645A4732} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe Task: {8E6D4183-F486-4D4D-9CA0-99FB900890A2} - System32\Tasks\Microsoft\Windows\EDP\EDP Inaccessible Credentials Task Task: {9134B28A-4AAF-4996-BAAD-8DABAA88B4B9} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-01-29] (Microsoft) Task: {9508BCD7-9DD1-4AF7-B077-39A62F2BD807} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2019-03-01] (Microsoft Corporation) Task: {968FB3F1-9DB9-4D9E-99DA-B71D4E6C980D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2019-03-20] (Microsoft Corporation) Task: {96B70B3E-B783-453E-9003-7624BE03F49B} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_Plugin.exe [2019-02-12] (Adobe Systems Incorporated) Task: {9E959007-0518-45B1-8ACB-C602AA46AAEF} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {9FD96F4A-1A13-44B9-B042-D4AE4BFBD1CF} - System32\Tasks\Microsoft\Windows\SMB\UninstallSMB1ServerTask => powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server" Task: {A2A5C3AB-6D58-496E-A920-93C8937C4BD3} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation) Task: {A7397E3E-2F19-4C3F-A311-365507773DC2} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe Task: {A75BC188-F12A-40C8-BCD4-DAFF7972B967} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh Task: {AD4E8AFB-A48C-4E13-BE83-B8D87600CFB4} - System32\Tasks\Microsoft\Windows\WlanSvc\CDSSync Task: {AF5CDFDF-D668-4791-A0A0-511CA3178DCA} - System32\Tasks\{E47A4FE7-042D-49BA-9926-F613D9563F3A} => pcalua.exe -a C:\Users\marion\Downloads\jre-8u65-windows-i586-iftw.exe -d C:\Users\marion\Downloads Task: {B02786EC-1D5F-4018-AAB3-37D27E7D6C9D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2019-03-01] (AVAST Software) Task: {B0EA6622-29DF-464A-AE99-E8786E3DDACD} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe Task: {B36F9319-17C8-48B7-BD93-BF76BD5FBF07} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe Task: {B7086EC4-7807-436C-86D7-ECDAA88F1438} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\Windows\system32\MDMAgent.exe [2018-09-15] (Microsoft Corporation) Task: {B8173805-BB75-4619-A1B1-DDB0C03EA977} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2019-02-08] (AVAST Software) Task: {BC4EE581-4607-479C-859F-4CBC824465D7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-14] (Piriform Ltd) Task: {BD21C377-5B30-4E5A-B6F2-37D2086885E5} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker Encrypt All Drives Task: {BE2617E4-3DB7-4387-9167-0614EDEB0171} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3140415436-1100377458-3732027645-1000 => C:\Users\marion\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [2019-03-06] (Microsoft Corporation) Task: {C15E5539-FDD7-43F0-99E0-91B019A6B966} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe [2018-09-15] (Microsoft Corporation) Task: {C17E3484-5F3B-4AB5-B4CC-6A7E332AD0B3} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation) Task: {C39F1F04-0C42-4B88-AAB0-83019179081D} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange Task: {C6BAE98B-A717-4047-B3B1-07EEC2BC8444} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation Task: {C8A5839E-322A-4FA9-BACC-DFF4F1EE7F88} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {CBF05E8B-6F7B-4638-BD81-7213C2A8D388} - System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr => C:\Windows\System32\UNP\UpdateNotificationMgr.exe [2018-09-15] (Microsoft Corporation) Task: {D0598B56-8181-445C-BA00-707FD20E2AD9} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Cellular => C:\Windows\system32\ProvTool.exe [2019-01-08] (Microsoft Corporation) Task: {D2F2DA30-315B-4C98-B20D-03168F7F23BF} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates Task: {D4F949A4-CD9D-4367-AB3D-6A4EEC0C38FE} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\Windows\system32\AppHostRegistrationVerifier.exe [2018-09-15] (Microsoft Corporation) Task: {D6CF4858-B91A-4CA0-90AD-92D2FF66D1D7} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe Task: {D91C2011-3729-4BA1-9CAC-2F1BBC90F77D} - System32\Tasks\SafeZone scheduled Autoupdate 1458661089 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe Task: {D9B6FF7D-1BC2-48EE-99C8-E79AB2C2E8B3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2019-03-20] (Microsoft Corporation) Task: {DC541E3D-B910-4A6E-A4A6-DDAE607D540C} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {DD8BA954-CA9C-416F-9673-3DC49E21D651} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2019-02-04] (Piriform Software Ltd) Task: {E13652ED-F383-432D-9539-A79AC6412811} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand Task: {E39F8E32-F4B6-44B2-B8AF-D84A6CFEB7B8} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-09-15] () Task: {E451DDBC-B625-4F6B-9FED-12CE5FC2B2B6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2019-03-20] (Microsoft Corporation) Task: {E9549B46-B4ED-491A-BD01-0044CE382349} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense Task: {F05EEAB4-60BC-4A6A-AB2B-635C1C84A0F5} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe Task: {F08B695C-1B6E-4FE0-9E7C-B1D7AC3B6984} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation) Task: {F5AF6E4F-A26E-493C-A71B-3E620142B809} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\Windows\system32\speech_onecore\common\SpeechRuntime.exe [2018-09-15] (Microsoft Corporation) Task: {F8DCA0E0-0057-412C-9308-EF9B677E8F5C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-02-12] (Adobe Systems Incorporated) Task: {F9860EFB-3733-4058-AC90-53645D6C3211} - System32\Tasks\Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask Task: {FAFD4D4D-9F3D-49F8-B0E0-6BD805EEC22A} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {FB4755B2-BFE9-43B6-AEB6-91463FA454FF} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2019-03-10 20:58 - 2019-03-10 20:58 - 00833064 _____ () C:\Windows\SYSTEM32\inputhost.dll 2019-03-10 20:58 - 2019-03-10 20:58 - 00833064 _____ () C:\Windows\System32\InputHost.dll 2019-03-13 19:39 - 2019-03-13 22:40 - 08999504 _____ () C:\Program Files\Microsoft Office\root\Office16\1031\GrooveIntlResource.dll 2018-09-15 08:28 - 2018-09-15 08:28 - 00474624 _____ () C:\Windows\ShellExperiences\TileControl.dll 2019-02-12 21:14 - 2019-02-12 21:14 - 02801152 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2010-07-15 05:44 - 2010-07-15 05:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll 2017-09-26 18:16 - 2010-04-05 20:55 - 00116104 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE 2019-03-10 20:58 - 2019-03-10 20:58 - 00833064 _____ () C:\Windows\SYSTEM32\InputHost.dll 2019-03-10 20:58 - 2019-03-10 20:58 - 01740288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2019-03-12 17:10 - 2019-03-12 17:10 - 07296512 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20594.0_x64__8wekyb3d8bbwe\YourPhone.exe 2019-03-12 17:10 - 2019-03-12 17:10 - 02776576 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20594.0_x64__8wekyb3d8bbwe\YourPhone.AppCore.dll 2019-03-12 17:10 - 2019-03-12 17:10 - 00256512 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20594.0_x64__8wekyb3d8bbwe\AppConfig.dll 2019-02-12 23:20 - 2019-02-12 23:25 - 01004032 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20594.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll 2019-03-12 17:10 - 2019-03-12 17:10 - 00468480 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20594.0_x64__8wekyb3d8bbwe\YourPhone.DataStore.dll 2019-03-12 17:10 - 2019-03-12 17:10 - 03145728 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20594.0_x64__8wekyb3d8bbwe\PhoneCommunicationAppService.dll 2019-02-13 18:46 - 2019-02-13 18:46 - 04380232 _____ () C:\Program Files\WindowsApps\Microsoft.UI.Xaml.2.0_2.1810.18004.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2019-03-14 20:39 - 2019-03-14 20:43 - 00182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe 2018-09-15 18:40 - 2018-09-15 18:40 - 00009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll 2019-03-14 20:39 - 2019-03-14 20:39 - 00060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\ChakraBridge.dll 2019-01-26 19:57 - 2019-01-26 19:57 - 93695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2019-02-08 18:36 - 2019-02-08 18:36 - 00321928 _____ () C:\Program Files\AVAST Software\Avast\serialization.dll 2019-02-08 18:36 - 2019-02-08 18:36 - 00654216 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll 2017-03-09 01:16 - 2017-03-09 01:16 - 00112264 _____ () C:\Windows\System32\IccLibDll_x64.dll 2019-02-13 19:18 - 2019-02-13 19:19 - 00282624 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll 2019-02-13 19:17 - 2019-02-13 19:18 - 02538056 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2019-02-13 19:17 - 2019-02-13 19:18 - 01757696 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll 2019-02-13 19:58 - 2019-02-13 19:58 - 00017408 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe 2019-02-13 19:58 - 2019-02-13 19:58 - 16974848 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.dll 2019-02-13 19:01 - 2019-02-13 19:01 - 05391752 _____ () C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe\Microsoft.Advertising.dll 2018-09-15 18:41 - 2018-09-15 18:41 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll 2018-10-02 20:28 - 2019-02-09 19:11 - 02712432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2012-11-28 14:13 - 2012-11-28 14:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2012-11-28 14:13 - 2012-11-28 14:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1" ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\S-1-5-21-3140415436-1100377458-3732027645-1000\...\localhost -> localhost ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 03:34 - 2019-01-04 20:53 - 00000856 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-3140415436-1100377458-3732027645-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\marion\AppData\Local\Microsoft\BingDesktop\themes\2019-03-24.jpg DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\startupfolder: C:^Users^marion^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Free Music Zilla.lnk => C:\Windows\pss\Free Music Zilla.lnk.Startup MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: LexwareInfoService => C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe /autostart MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [WirelessDisplay-Infra-In-TCP] => (Allow) %systemroot%\system32\CastSrv.exe FirewallRules: [Microsoft-Windows-DeviceManagement-CertificateInstall-TCP-Out] => (Allow) %SystemRoot%\system32\dmcertinst.exe FirewallRules: [Microsoft-Windows-DeviceManagement-OmaDmClient-TCP-Out] => (Allow) %SystemRoot%\system32\omadmclient.exe FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) %systemroot%\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe FirewallRules: [{4BD4608F-449F-46A8-9408-DBF5A730F3D3}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe FirewallRules: [{0B1BAAEB-C836-4FE8-9E9B-ABB182A0B278}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe FirewallRules: [{ACC34B9A-68CA-4C15-9DD3-217FAC24E055}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe FirewallRules: [{B067F68D-034B-4BE4-8431-143264449C6C}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe FirewallRules: [{15C3CAB6-5C03-4643-AAC1-50F9DDE4FBDF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{9D766162-558B-4863-8ECF-DEC5A64D5776}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{084D0EA8-04DC-4F16-B408-5CF4EDCDEF34}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{31FDE8C6-F725-4BA6-9941-405B6A1E32D3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [UDP Query User{C2634F3D-78B6-47BD-8E2B-9D703AAF59A1}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{DC9C13F1-16B6-4011-A65E-A87575B892A0}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{36D67045-7125-4ECE-B411-1FDCFCD5A9DF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{579F5A06-3E30-4E79-8C65-5C417A401D3C}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{D3D6FE07-1669-453E-AD77-B4A715729316}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{6F2D9D7D-D65E-435F-B72B-11381EEEA731}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{C5D4D23B-BF57-4835-83BD-AD66EC77BD7A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{CC3D4D2D-034C-4777-8032-9B0B43D66B41}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{726EDF64-C163-42AE-82B4-91E30935EB62}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{9AC3B49D-BE8D-4448-BB31-D5B64CAE3EE2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{D23A733A-1284-441C-8478-3B368ACE8998}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{EBC4879F-FCE5-471D-A6B4-4412821901E7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{378CEFF3-DC45-4E0A-A069-0F2E59693CFB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Free Music Zilla\FMZilla.exe] => Enabled:FMZilla ==================== Wiederherstellungspunkte ========================= ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (03/27/2019 09:25:37 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: SystemLook_x64.exe, Version: 0.0.0.0, Zeitstempel: 0x4e33b6ee Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.17763.348, Zeitstempel: 0xd620e319 Ausnahmecode: 0xc0000409 Fehleroffset: 0x0000000000020a63 ID des fehlerhaften Prozesses: 0xe78 Startzeit der fehlerhaften Anwendung: 0xSystemLook_x64.exe0 Pfad der fehlerhaften Anwendung: SystemLook_x64.exe1 Pfad des fehlerhaften Moduls: SystemLook_x64.exe2 Berichtskennung: SystemLook_x64.exe3 Vollständiger Name des fehlerhaften Pakets: SystemLook_x64.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SystemLook_x64.exe5 Error: (03/27/2019 05:17:30 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\srtasks.exe ExecuteScheduledSPPCreation; Beschreibung = Geplanter Prüfpunkt; Fehler = 0x80070422). Error: (03/27/2019 05:09:28 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: MicrosoftEdgeCP.exe, Version: 11.0.17763.1, Zeitstempel: 0x90f701bc Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000409 Fehleroffset: 0x0000000000000203 ID des fehlerhaften Prozesses: 0x1a44 Startzeit der fehlerhaften Anwendung: 0xMicrosoftEdgeCP.exe0 Pfad der fehlerhaften Anwendung: MicrosoftEdgeCP.exe1 Pfad des fehlerhaften Moduls: MicrosoftEdgeCP.exe2 Berichtskennung: MicrosoftEdgeCP.exe3 Vollständiger Name des fehlerhaften Pakets: MicrosoftEdgeCP.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdgeCP.exe5 Error: (03/24/2019 09:10:57 PM) (Source: Windows Search Service) (EventID: 1019) (User: ) Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "mapi15://{S-1-5-21-3140415436-1100377458-3732027645-1000}/">. Error: (03/24/2019 09:10:39 PM) (Source: Windows Search Service) (EventID: 7010) (User: ) Description: Der Index kann nicht initialisiert werden. Details: Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an. (HRESULT : 0x80040d06) (0x80040d06) Error: (03/24/2019 09:10:39 PM) (Source: Windows Search Service) (EventID: 3058) (User: ) Description: Die Anwendung kann nicht initialisiert werden. Kontext: Windows Anwendung Details: Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an. (HRESULT : 0x80040d06) (0x80040d06) Error: (03/24/2019 09:10:39 PM) (Source: Windows Search Service) (EventID: 3028) (User: ) Description: Das Gatherer-Objekt kann nicht initialisiert werden. Kontext: Windows Anwendung, SystemIndex Katalog Details: Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an. (HRESULT : 0x80040d06) (0x80040d06) Error: (03/24/2019 09:10:39 PM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden. Kontext: Windows Anwendung, SystemIndex Katalog Details: Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an. (HRESULT : 0x80040d06) (0x80040d06) Error: (03/24/2019 09:10:37 PM) (Source: Windows Search Service) (EventID: 3057) (User: ) Description: Der Plug-In-Manager <Search.TripoliIndexer> kann nicht initialisiert werden. Kontext: Windows Anwendung Details: (HRESULT : 0x8e5e0713) (0x8e5e0713) Error: (03/24/2019 09:10:37 PM) (Source: Windows Search Service) (EventID: 7042) (User: ) Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet. Details: Der Inhaltsindexkatalog ist fehlerhaft. 0xc0041801 (0xc0041801) Systemfehler: ============= Error: (03/27/2019 07:51:49 PM) (Source: DCOM) (EventID: 10016) (User: laptop-marion) Description: AnwendungsspezifischLokalAktivierung{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}{15C20B67-12E7-4BB6-92BB-7AFF07997402}laptop-marionmarionS-1-5-21-3140415436-1100377458-3732027645-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (03/27/2019 07:51:49 PM) (Source: DCOM) (EventID: 10016) (User: laptop-marion) Description: AnwendungsspezifischLokalAktivierung{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}{15C20B67-12E7-4BB6-92BB-7AFF07997402}laptop-marionmarionS-1-5-21-3140415436-1100377458-3732027645-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (03/27/2019 07:50:09 PM) (Source: DCOM) (EventID: 10016) (User: laptop-marion) Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}laptop-marionmarionS-1-5-21-3140415436-1100377458-3732027645-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (03/27/2019 07:50:08 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst BingDesktopUpdate erreicht. Error: (03/27/2019 07:31:14 PM) (Source: DCOM) (EventID: 10016) (User: laptop-marion) Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}laptop-marionmarionS-1-5-21-3140415436-1100377458-3732027645-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (03/27/2019 07:31:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst BingDesktopUpdate erreicht. Error: (03/27/2019 07:30:39 PM) (Source: DCOM) (EventID: 10010) (User: laptop-marion) Description: Microsoft.Windows.ShellExperienceHost_10.0.17763.1_neutral_neutral_cw5n1h2txyewy!App Error: (03/27/2019 07:30:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Lexware Datenbank Plus" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (03/27/2019 07:30:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Microsoft Office-Klick-und-Los-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts. Error: (03/27/2019 07:30:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Bluetooth Driver Management Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. CodeIntegrity: =================================== Date: 2019-03-27 19:50:12.599 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-03-27 19:50:12.393 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-03-27 19:31:18.281 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-03-27 17:23:12.078 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-03-27 17:23:12.043 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-03-27 17:23:11.971 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-03-27 17:23:11.959 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-03-27 17:09:44.343 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\ashShell.dll that did not meet the Microsoft signing level requirements. Date: 2019-03-24 21:10:39.564 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-03-24 21:10:39.550 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz Prozentuale Nutzung des RAM: 62% Installierter physikalischer RAM: 3944.67 MB Verfügbarer physikalischer RAM: 1497.17 MB Summe virtueller Speicher: 7912.67 MB Verfügbarer virtueller Speicher: 5107.6 MB ==================== Laufwerke ================================ Drive c: (Internal) (Fixed) (Total:232.88 GB) (Free:178.58 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)] ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 232.9 GB) (Disk ID: E9266275) Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS) ==================== Ende von Addition.txt ============================ |
Themen zu Web Companion, Lavasoft eingefangen |
adware, ahnung, appdata, chromium, cleaner, code, detected, dll, eingefangen, explorer, firefox, gen, google, internet, internet explorer, lavasoft, malwarebytes, microsoft, mozilla, quarantäne, registry, roaming, services, shortcuts, speechruntime.exe, web, windows, windowsapps |