|
Plagegeister aller Art und deren Bekämpfung: Einige Funde mit MalwarebytesWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
28.10.2019, 10:51 | #16 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Einige Funde mit Malwarebytes Ich brauche neue FRST-Logs . Haken setzen bei addition.txt dann auf Untersuchen klicken.
__________________ Logfiles bitte immer in CODE-Tags posten |
01.11.2019, 10:03 | #17 |
Einige Funde mit Malwarebytes FRST.txt
__________________Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:28-07-2015 durchgeführt von Stefanie (Administrator) auf FINN (01-11-2019 09:51:18) Gestartet von C:\Users\Stefanie\Desktop Geladene Profile: Stefanie (Verfügbare Profile: Stefanie) Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) konnte nicht auf den Prozess zugreifen -> Registry (Microsoft Corporation) C:\Windows\System32\fontdrvhost.exe konnte nicht auf den Prozess zugreifen -> Memory Compression (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe (Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe (HP) C:\Windows\System32\HPSIsvc.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe () C:\ProgramData\MobileBrServ\mbbService.exe (Microsoft Corporation) C:\Windows\System32\SecurityHealthService.exe (Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe (Microsoft Corporation) C:\Windows\System32\SgrmBroker.exe (Microsoft Corporation) C:\Windows\System32\fontdrvhost.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Microsoft Corporation) C:\Windows\System32\sihost.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Microsoft Corporation) C:\Windows\System32\taskhostw.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe (Microsoft Corporation) C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (TOSHIBA) C:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TDUSrv64.exe (RedFox) C:\Program Files (x86)\RedFox\CloneCD\CloneCDTray.exe (Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1910.4-0\MsMpEng.exe (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1910.4-0\NisSrv.exe (Microsoft Corporation) C:\Windows\System32\ApplicationFrameHost.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19101.10711.0_x64__8wekyb3d8bbwe\Music.UI.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17134.1063_none_c3f457ba6965bb0b\TiWorker.exe (Microsoft Corporation) C:\Windows\System32\taskhostw.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Registry (Nicht auf der Ausnahmeliste) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation) HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [179288 2014-01-05] (TOSHIBA Corporation) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA) HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\RedFox\CloneCD\CloneCDTray.exe [57344 2016-03-29] (RedFox) HKLM\...\Policies\Explorer: [NoFolderOptions] 0 HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [20488312 2018-04-12] (Microsoft Corporation) HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation) HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [20488312 2018-04-12] (Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation) HKU\S-1-5-21-581088433-320290056-2638895184-1001\...\Run: [OneDrive] => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\OneDrive.exe [1593464 2019-10-25] (Microsoft Corporation) HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Windows\System32\osk.exe [623104 2018-10-21] (Microsoft Corporation) HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Windows\System32\osk.exe [623104 2018-10-21] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-25] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-25] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-25] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-25] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-25] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-25] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll [2019-10-25] (Microsoft Corporation) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => Keine Datei ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\FileSyncShell.dll [2019-10-25] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\FileSyncShell.dll [2019-10-25] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\FileSyncShell.dll [2019-10-25] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\FileSyncShell.dll [2019-10-25] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\FileSyncShell.dll [2019-10-25] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\FileSyncShell.dll [2019-10-25] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\FileSyncShell.dll [2019-10-25] (Microsoft Corporation) CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ATTENTION ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-09b708085549b3cc HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-09b708085549b3cc HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm HKU\S-1-5-21-581088433-320290056-2638895184-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-09b708085549b3cc HKU\S-1-5-21-581088433-320290056-2638895184-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TEJB HKU\S-1-5-21-581088433-320290056-2638895184-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/symbaloo_c SearchScopes: HKLM -> DefaultScope {4A7A7036-93FB-4B53-9434-2E9D0BDBBC8E} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-219b8a270528f977&q={searchTerms} SearchScopes: HKLM -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = SearchScopes: HKLM -> {4A7A7036-93FB-4B53-9434-2E9D0BDBBC8E} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-219b8a270528f977&q={searchTerms} SearchScopes: HKLM -> {bce42d98-b1cd-493f-a64c-107aae7521be} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM -> {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM-x32 -> DefaultScope {4A7A7036-93FB-4B53-9434-2E9D0BDBBC8E} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-219b8a270528f977&q={searchTerms} SearchScopes: HKLM-x32 -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM-x32 -> {4A7A7036-93FB-4B53-9434-2E9D0BDBBC8E} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-219b8a270528f977&q={searchTerms} SearchScopes: HKLM-x32 -> {bce42d98-b1cd-493f-a64c-107aae7521be} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM-x32 -> {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\S-1-5-21-581088433-320290056-2638895184-1001 -> DefaultScope {1b31c9d2-7135-442b-bb93-7c002172adc6} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-219b8a270528f977&q={searchTerms} SearchScopes: HKU\S-1-5-21-581088433-320290056-2638895184-1001 -> {1b31c9d2-7135-442b-bb93-7c002172adc6} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-219b8a270528f977&q={searchTerms} SearchScopes: HKU\S-1-5-21-581088433-320290056-2638895184-1001 -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\S-1-5-21-581088433-320290056-2638895184-1001 -> {bce42d98-b1cd-493f-a64c-107aae7521be} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\S-1-5-21-581088433-320290056-2638895184-1001 -> {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2019-08-20] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2019-10-24] (Microsoft Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-10-22] (Microsoft Corporation) Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll [2018-06-08] (Microsoft Corporation) Handler-x32: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2018-06-08] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{75013482-b294-4535-9c56-b2178f6e757f}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{a516b4d1-81c3-4daa-bf24-f5142955b826}: [DhcpNameServer] 192.168.2.1 StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\Stefanie\AppData\Roaming\Mozilla\Firefox\Profiles\h857aa1h.default FF SelectedSearchEngine: Search Provided by Yahoo FF DefaultSearchEngine: Search Provided by Yahoo FF NewTab: about:newtab FF Homepage: https://www.bing.com/search?FORM=INCOH1&PC=IC04&PTAG=ICO-eb682354 FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll No File FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll No File FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-10-10] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-02] (Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-02] (Google LLC) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No File FF user.js: detected! => C:\Users\Stefanie\AppData\Roaming\Mozilla\Firefox\Profiles\h857aa1h.default\user.js [2014-10-20] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK StartMenuInternet: Firefox-308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\firefox.exe Chrome: ======= CHR Profile: C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Slides) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-30] CHR Extension: (Docs) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-30] CHR Extension: (Google Drive) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-06-30] CHR Extension: (YouTube) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-30] CHR Extension: (Sheets) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-30] CHR Extension: (Search Selector Beta) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gboaiodgdajeapekadgejlbmabjganof [2019-07-04] CHR Extension: (Google Docs Offline) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-06-30] CHR Extension: (Avast Online Security) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-09-29] CHR Extension: (Chrome Web Store Payments) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-30] CHR Extension: (Gmail) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-06-30] CHR Extension: (Chrome Media Router) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-30] CHR HKLM\...\Chrome\Extension: [gboaiodgdajeapekadgejlbmabjganof] - https://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-581088433-320290056-2638895184-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gboaiodgdajeapekadgejlbmabjganof] - https://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gboaiodgdajeapekadgejlbmabjganof] - https://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - https://clients2.google.com/service/update2/crx ==================== Services (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 AJRouter; C:\Windows\System32\AJRouter.dll [25088 2018-04-12] (Microsoft Corporation) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-03-19] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert] R3 BTAGService; C:\Windows\System32\BTAGService.dll [514048 2018-11-09] (Microsoft Corporation) R3 BthAvctpSvc; C:\Windows\System32\BthAvctpSvc.dll [399872 2018-11-09] (Microsoft Corporation) R3 camsvc; C:\Windows\system32\CapabilityAccessManager.dll [266752 2019-01-09] (Microsoft Corporation) R2 CDPSvc; C:\Windows\System32\CDPSvc.dll [632320 2018-10-21] (Microsoft Corporation) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058256 2019-02-13] (Microsoft Corporation) S3 ClipSVC; C:\Windows\System32\ClipSVC.dll [1033696 2019-06-13] (Microsoft Corporation) R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [885760 2018-12-08] (Microsoft Corporation) R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [567256 2018-12-08] (Microsoft Corporation) S3 DevQueryBroker; C:\Windows\system32\DevQueryBroker.dll [33792 2018-04-12] (Microsoft Corporation) S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [90112 2019-05-03] (Microsoft Corporation) S3 diagsvc; C:\Windows\system32\DiagSvc.dll [219648 2018-04-12] (Microsoft Corporation) S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [827392 2019-04-19] (Microsoft Corporation) S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [593408 2019-04-19] (Microsoft Corporation) S3 dmwappushservice; C:\Windows\system32\dmwappushsvc.dll [57856 2018-04-12] (Microsoft Corporation) R2 DoSvc; C:\Windows\System32\svchost.exe [85472 2019-01-09] (Microsoft Corporation) R2 DoSvc; C:\Windows\SysWOW64\svchost.exe [71456 2019-01-09] (Microsoft Corporation) R3 DsSvc; C:\Windows\System32\DsSvc.dll [155136 2019-09-04] (Microsoft Corporation) R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [21840 2014-03-03] () R2 DusmSvc; C:\Windows\System32\dusmsvc.dll [356352 2018-12-08] (Microsoft Corporation) S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [167424 2018-04-12] (Microsoft Corporation) S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [308736 2018-11-09] (Microsoft Corporation) S3 FrameServer; C:\Windows\system32\FrameServer.dll [673792 2018-06-08] (Microsoft Corporation) S3 GraphicsPerfSvc; C:\Windows\System32\GraphicsPerfSvc.dll [90624 2018-04-12] (Microsoft Corporation) S3 HvHost; C:\Windows\System32\hvhostsvc.dll [61736 2018-08-03] (Microsoft Corporation) S3 icssvc; C:\Windows\System32\tetheringservice.dll [241152 2018-11-01] (Microsoft Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [337888 2016-08-31] (Intel Corporation) S3 InstallService; C:\Windows\system32\InstallService.dll [1487360 2019-05-17] (Microsoft Corporation) S3 InstallService; C:\Windows\SysWOW64\InstallService.dll [1110528 2019-05-17] (Microsoft Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation) S3 IpxlatCfgSvc; C:\Windows\System32\IpxlatCfg.dll [63488 2018-04-12] (Microsoft Corporation) R3 lfsvc; C:\Windows\System32\lfsvc.dll [44544 2018-04-12] (Microsoft Corporation) R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [48640 2018-04-12] (Microsoft Corporation) S3 LxpSvc; C:\Windows\System32\LanguageOverlayServer.dll [199680 2018-04-12] (Microsoft Corporation) S2 MapsBroker; C:\Windows\System32\moshost.dll [91136 2018-07-06] (Microsoft Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes) R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239696 2013-07-23] () S3 NaturalAuthentication; C:\Windows\System32\NaturalAuth.dll [824832 2018-04-12] (Microsoft Corporation) S3 NetSetupSvc; C:\Windows\System32\NetSetupSvc.dll [335360 2019-07-09] (Microsoft Corporation) R3 NgcCtnrSvc; C:\Windows\System32\NgcCtnrSvc.dll [582144 2019-07-09] (Microsoft Corporation) R3 NgcSvc; C:\Windows\system32\ngcsvc.dll [784896 2019-04-19] (Microsoft Corporation) S3 PhoneSvc; C:\Windows\System32\PhoneService.dll [835584 2018-11-01] (Microsoft Corporation) S3 PushToInstall; C:\Windows\system32\PushToInstall.dll [262144 2018-07-14] (Microsoft Corporation) S3 RetailDemo; C:\Windows\system32\RDXService.dll [681984 2018-04-12] (Microsoft Corporation) S3 RmSvc; C:\Windows\System32\RMapi.dll [153600 2018-12-08] (Microsoft Corporation) R2 SecurityHealthService; C:\Windows\system32\SecurityHealthService.exe [760888 2018-07-14] (Microsoft Corporation) R2 sedsvc; C:\Program Files\rempl\sedsvc.exe [357680 2019-08-26] (Microsoft Corporation) R3 SEMgrSvc; C:\Windows\system32\SEMgrSvc.dll [1248768 2018-04-12] (Microsoft Corporation) S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1273344 2018-04-12] (Microsoft Corporation) S3 SensorService; C:\Windows\system32\SensorService.dll [712192 2018-04-12] (Microsoft Corporation) R2 SgrmBroker; C:\Windows\system32\SgrmBroker.exe [163336 2018-04-12] (Microsoft Corporation) S3 SharedRealitySvc; C:\Windows\System32\SharedRealitySvc.dll [713216 2019-06-13] (Microsoft Corporation) S4 shpamsvc; C:\Windows\system32\Windows.SharedPC.AccountManager.dll [195584 2018-04-12] (Microsoft Corporation) S3 SmsRouter; C:\Windows\system32\SmsRouterSvc.dll [590336 2018-04-12] (Microsoft Corporation) S3 spectrum; C:\Windows\system32\spectrum.exe [976384 2018-06-08] (Microsoft Corporation) S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] () R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [4970360 2018-06-08] (Microsoft Corporation) R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [4469832 2018-06-08] (Microsoft Corporation) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [287240 2018-03-28] (Synaptics Incorporated) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12135768 2019-09-24] (TeamViewer GmbH) S3 TieringEngineService; C:\Windows\system32\TieringEngineService.exe [303616 2018-04-12] (Microsoft Corporation) R3 TimeBrokerSvc; C:\Windows\System32\TimeBrokerServer.dll [176128 2018-04-12] (Microsoft Corporation) R3 TokenBroker; C:\Windows\System32\TokenBroker.dll [1400832 2019-07-09] (Microsoft Corporation) R3 TokenBroker; C:\Windows\SysWOW64\TokenBroker.dll [1003008 2019-07-09] (Microsoft Corporation) S4 tzautoupdate; C:\Windows\system32\tzautoupdate.dll [92160 2018-11-09] (Microsoft Corporation) S4 tzautoupdate; C:\Windows\SysWOW64\tzautoupdate.dll [72192 2018-04-12] (Microsoft Corporation) R2 UserManager; C:\Windows\System32\usermgr.dll [1027584 2019-05-17] (Microsoft Corporation) R2 UsoSvc; C:\Windows\system32\usocore.dll [1418240 2019-10-02] (Microsoft Corporation) S3 VacSvc; C:\Windows\System32\vac.dll [411256 2018-04-12] (Microsoft Corporation) S3 vmicrdv; C:\Windows\System32\icsvcext.dll [309760 2018-04-12] (Microsoft Corporation) S3 vmicvmsession; C:\Windows\System32\icsvc.dll [289792 2018-04-12] (Microsoft Corporation) S3 vmicvss; C:\Windows\System32\icsvcext.dll [309760 2018-04-12] (Microsoft Corporation) S3 WaaSMedicSvc; C:\Windows\System32\WaaSMedicSvc.dll [392704 2019-01-09] (Microsoft Corporation) S3 WalletService; C:\Windows\system32\WalletService.dll [427520 2018-04-12] (Microsoft Corporation) S3 WarpJITSvc; C:\Windows\System32\Windows.WARP.JITService.dll [31744 2018-04-12] (Microsoft Corporation) S3 WFDSConMgrSvc; C:\Windows\System32\wfdsconmgrsvc.dll [681984 2018-07-14] (Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-11-01] (Microsoft Corporation) S3 wisvc; C:\Windows\system32\flightsettings.dll [858112 2018-06-08] (Microsoft Corporation) S3 wisvc; C:\Windows\SysWOW64\flightsettings.dll [729088 2018-06-08] (Microsoft Corporation) S3 wlpasvc; C:\Windows\System32\lpasvc.dll [1364992 2019-02-16] (Microsoft Corporation) S3 WpcMonSvc; C:\Windows\System32\WpcDesktopMonSvc.dll [1456640 2018-06-06] (Microsoft Corporation) R2 WpnService; C:\Windows\system32\WpnService.dll [280576 2018-04-12] (Microsoft Corporation) S3 xbgm; C:\Windows\system32\xbgmsvc.exe [59512 2018-04-12] (Microsoft Corporation) S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [1115648 2018-04-12] (Microsoft Corporation) S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1308672 2018-04-12] (Microsoft Corporation) S3 XboxGipSvc; C:\Windows\System32\XboxGipSvc.dll [58880 2018-04-12] (Microsoft Corporation) S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1148928 2018-04-12] (Microsoft Corporation) S2 GamesAppIntegrationService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe" [X] S3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X] S2 HPSupportSolutionsFrameworkService; "C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe" [X] S3 TemproMonitoringService; "C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe" [X] S3 TPCHSrv; "C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe" [X] R3 WdNisSvc; "%ProgramData%\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe" [X] ==================== Drivers (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [20480 2018-04-12] (Microsoft Corporation) R1 afunix; C:\Windows\system32\drivers\afunix.sys [39424 2018-04-12] (Microsoft Corporation) S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [18432 2018-04-12] (Microsoft Corporation) S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533912 2018-04-12] (QLogic Corporation) R1 bam; C:\Windows\System32\drivers\bam.sys [60320 2018-04-12] (Microsoft Corporation) S3 BcastDVRUserService; No ImagePath S3 BcastDVRUserService_21f6f6; No ImagePath S3 bindflt; C:\Windows\system32\drivers\bindflt.sys [92472 2019-10-02] (Microsoft Corporation) S3 BluetoothUserService; No ImagePath S3 BluetoothUserService_21f6f6; No ImagePath R3 BthLEEnum; C:\Windows\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [86528 2018-04-12] (Microsoft Corporation) S0 bttflt; C:\Windows\System32\drivers\bttflt.sys [38304 2018-04-12] (Microsoft Corporation) S3 buttonconverter; C:\Windows\System32\drivers\buttonconverter.sys [39936 2018-04-12] (Microsoft Corporation) R3 CAD; C:\Windows\System32\drivers\CAD.sys [60320 2018-04-12] (Microsoft Corporation) S3 CapImg; C:\Windows\System32\drivers\capimg.sys [123392 2018-04-12] (Microsoft Corporation) S2 CDPUserSvc; No ImagePath R2 CDPUserSvc_21f6f6; No ImagePath S0 cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [321432 2018-04-12] (Chelsio Communications) S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [1836952 2018-04-12] (Chelsio Communications) R2 CldFlt; C:\Windows\System32\drivers\cldflt.sys [414720 2019-07-09] (Microsoft Corporation) S4 cnghwassist; C:\Windows\System32\DRIVERS\cnghwassist.sys [39328 2018-04-12] (Microsoft Corporation) R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_bcb89b3386563bd7\CompositeBus.sys [40448 2018-04-12] (Microsoft Corporation) S3 DevicePickerUserSvc; No ImagePath S3 DevicePickerUserSvc_21f6f6; No ImagePath S3 DevicesFlowUserSvc; No ImagePath S3 DevicesFlowUserSvc_21f6f6; No ImagePath S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3419032 2018-04-12] (QLogic Corporation) R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40872 2014-02-10] (SlySoft, Inc.) R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40872 2014-02-10] (SlySoft, Inc.) R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [55808 2018-04-12] (Microsoft Corporation) S3 GENERICDRV; C:\Program Files (x86)\UEFI WinFlash\amifldrv64.sys [15640 2012-07-27] () S3 genericusbfn; C:\Windows\System32\drivers\genericusbfn.sys [20992 2018-04-12] (Microsoft Corporation) R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2018-04-12] (Microsoft Corporation) S3 hidinterrupt; C:\Windows\System32\drivers\hidinterrupt.sys [50592 2018-04-12] (Microsoft Corporation) S4 hvcrash; C:\Windows\System32\drivers\hvcrash.sys [33184 2018-04-12] (Microsoft Corporation) S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [76304 2019-06-07] (Microsoft Corporation) S3 hwdatacard; C:\Windows\system32\DRIVERS\ewusbmdm.sys [115328 2015-02-26] (Huawei Technologies Co., Ltd.) [Datei ist nicht signiert] S3 HwNClx0101; C:\Windows\System32\Drivers\mshwnclx.sys [27136 2018-04-12] (Microsoft Corporation) S3 iagpio; C:\Windows\System32\drivers\iagpio.sys [36864 2018-04-12] (Intel(R) Corporation) S3 iai2c; C:\Windows\System32\drivers\iai2c.sys [91648 2018-04-12] (Intel(R) Corporation) S3 iaLPSS2i_GPIO2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [79360 2018-04-12] (Intel Corporation) S3 iaLPSS2i_GPIO2_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [88576 2018-04-12] (Intel Corporation) S3 iaLPSS2i_I2C; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [171520 2018-04-12] (Intel Corporation) S3 iaLPSS2i_I2C_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [174592 2018-04-12] (Intel Corporation) S0 iaStorAVC; C:\Windows\System32\drivers\iaStorAVC.sys [885144 2018-04-12] (Intel Corporation) S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [526232 2018-04-12] (Mellanox) S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [38912 2018-04-12] (Microsoft Corporation) R0 iorate; C:\Windows\System32\drivers\iorate.sys [58168 2018-12-08] (Microsoft Corporation) S3 IPT; C:\Windows\System32\drivers\ipt.sys [32256 2018-04-12] (Microsoft Corporation) S0 ItSas35i; C:\Windows\System32\drivers\ItSas35i.sys [145816 2018-04-12] (Avago Technologies) S0 LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [124312 2018-04-12] (LSI Corporation) S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [128408 2018-04-12] (Avago Technologies) S3 mausbhost; C:\Windows\System32\drivers\mausbhost.sys [505240 2018-04-12] (Microsoft Corporation) S3 mausbip; C:\Windows\System32\drivers\mausbip.sys [56736 2018-04-12] (Microsoft Corporation) S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-10-28] (Malwarebytes) S0 megasas; C:\Windows\System32\drivers\megasas.sys [59800 2018-04-12] (Avago Technologies) S0 megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [75160 2018-04-12] (Avago Technologies) S0 megasas35i; C:\Windows\System32\drivers\megasas35i.sys [82328 2018-04-12] (Avago Technologies) S3 MessagingService; No ImagePath S3 MessagingService_21f6f6; No ImagePath R3 Microsoft_Bluetooth_AvrcpTransport; C:\Windows\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation) S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [842648 2018-04-12] (Mellanox) R2 MMCSS; C:\Windows\system32\drivers\mmcss.sys [43008 2018-12-08] (Microsoft Corporation) S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [29192 2016-03-17] (Marvell Semiconductor, Inc.) S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [108952 2018-04-12] (Mellanox) S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [175104 2018-04-12] (Microsoft Corporation) S3 netvsc; C:\Windows\System32\drivers\netvsc.sys [197632 2018-04-12] (Microsoft Corporation) S3 nvdimm; C:\Windows\System32\drivers\nvdimm.sys [104448 2018-04-12] (Microsoft Corporation) S2 OneSyncSvc; No ImagePath R2 OneSyncSvc_21f6f6; No ImagePath S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58776 2018-04-12] (Avago Technologies) S0 percsas3i; C:\Windows\System32\drivers\percsas3i.sys [61848 2018-04-12] (Avago Technologies) S3 PimIndexMaintenanceSvc; No ImagePath R3 PimIndexMaintenanceSvc_21f6f6; No ImagePath S3 pmem; C:\Windows\System32\drivers\pmem.sys [105984 2018-04-12] (Microsoft Corporation) S3 PrintWorkflowUserSvc; No ImagePath S3 PrintWorkflowUserSvc_21f6f6; No ImagePath S0 Ramdisk; C:\Windows\System32\DRIVERS\ramdisk.sys [39840 2018-04-12] (Microsoft Corporation) S3 ReFSv1; C:\Windows\System32\Drivers\ReFSv1.sys [945464 2019-03-06] (Microsoft Corporation) S3 rhproxy; C:\Windows\System32\drivers\rhproxy.sys [104448 2018-04-12] (Microsoft Corporation) R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-09] (Realtek Semiconductor Corp.) S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [128920 2018-08-03] (Microsoft Corporation) S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [33176 2018-04-12] (Microsoft Corporation) R0 SgrmAgent; C:\Windows\System32\drivers\SgrmAgent.sys [63896 2018-04-12] (Microsoft Corporation) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [54792 2018-03-28] (Synaptics Incorporated) S3 SpatialGraphFilter; C:\Windows\System32\drivers\SpatialGraphFilter.sys [57752 2018-04-12] (Microsoft Corporation) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.) S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr)) R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [82432 2019-03-14] (Microsoft Corporation) S0 storufs; C:\Windows\System32\drivers\storufs.sys [48544 2018-06-15] (Microsoft Corporation) R3 swenum; C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_ea7b19c04e7a8136\swenum.sys [18336 2018-04-12] (Microsoft Corporation) R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [54424 2015-07-29] (Toshiba Corporation) R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation) S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [128512 2018-04-12] (Microsoft Corporation) S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [152576 2018-04-12] (Microsoft Corporation) S3 UcmUcsi; C:\Windows\System32\drivers\UcmUcsi.sys [57856 2018-04-12] (Microsoft Corporation) S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [45056 2018-04-12] (Microsoft Corporation) S3 Ufx01000; C:\Windows\System32\drivers\ufx01000.sys [282008 2018-04-12] (Microsoft Corporation) S3 UfxChipidea; C:\Windows\System32\drivers\UfxChipidea.sys [98200 2018-04-12] (Microsoft Corporation) S3 ufxsynopsys; C:\Windows\System32\drivers\ufxsynopsys.sys [144288 2018-04-12] (Microsoft Corporation) S3 UnistoreSvc; No ImagePath R3 UnistoreSvc_21f6f6; No ImagePath S3 UrsChipidea; C:\Windows\System32\drivers\urschipidea.sys [29088 2018-04-12] (Microsoft Corporation) S3 UrsCx01000; C:\Windows\System32\drivers\urscx01000.sys [67992 2018-04-12] (Microsoft Corporation) S3 UrsSynopsys; C:\Windows\System32\drivers\urssynopsys.sys [28064 2018-04-12] (Microsoft Corporation) S3 UserDataSvc; No ImagePath R3 UserDataSvc_21f6f6; No ImagePath S3 vhf; C:\Windows\System32\drivers\vhf.sys [36352 2018-10-21] (Microsoft Corporation) S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [10240 2018-08-03] (Microsoft Corporation) R0 volume; C:\Windows\System32\drivers\volume.sys [16288 2018-04-12] (Microsoft Corporation) R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [152072 2019-03-14] (Microsoft Corporation) R3 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [83456 2018-12-08] (Microsoft Corporation) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [46472 2019-11-01] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [351968 2019-11-01] (Microsoft Corporation) S3 wdiwifi; C:\Windows\System32\DRIVERS\wdiwifi.sys [787968 2019-05-17] (Microsoft Corporation) S3 WdmCompanionFilter; C:\Windows\System32\drivers\WdmCompanionFilter.sys [21408 2018-04-12] (Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [53984 2019-11-01] (Microsoft Corporation) R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [72768 2018-06-15] (Microsoft Corporation) R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [18472 2018-04-12] (Microsoft Corporation) S3 WinMad; C:\Windows\System32\drivers\winmad.sys [32152 2018-04-12] (Mellanox) S3 WinNat; C:\Windows\System32\drivers\winnat.sys [228864 2019-05-17] (Microsoft Corporation) S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [64920 2018-04-12] (Mellanox) S2 WpnUserService; No ImagePath R2 WpnUserService_21f6f6; No ImagePath S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [295424 2018-06-15] (Microsoft Corporation) S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [46592 2018-04-12] (Microsoft Corporation) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) NETSVC: InstallService -> C:\Windows\system32\InstallService.dll (Microsoft Corporation) NETSVC: LxpSvc -> C:\Windows\System32\LanguageOverlayServer.dll (Microsoft Corporation) NETSVC: shpamsvc -> C:\Windows\system32\Windows.SharedPC.AccountManager.dll (Microsoft Corporation) NETSVC: PushToInstall -> C:\Windows\system32\PushToInstall.dll (Microsoft Corporation) NETSVC: XblGameSave -> C:\Windows\System32\XblGameSave.dll (Microsoft Corporation) NETSVC: DmEnrollmentSvc -> C:\Windows\system32\Windows.Internal.Management.dll (Microsoft Corporation) NETSVC: XblAuthManager -> C:\Windows\System32\XblAuthManager.dll (Microsoft Corporation) NETSVC: NaturalAuthentication -> C:\Windows\System32\NaturalAuth.dll (Microsoft Corporation) NETSVC: NetSetupSvc -> C:\Windows\System32\NetSetupSvc.dll (Microsoft Corporation) NETSVC: UserManager -> C:\Windows\System32\usermgr.dll (Microsoft Corporation) NETSVC: XboxGipSvc -> C:\Windows\System32\XboxGipSvc.dll (Microsoft Corporation) NETSVC: TokenBroker -> C:\Windows\System32\TokenBroker.dll (Microsoft Corporation) NETSVC: dmwappushservice -> C:\Windows\system32\dmwappushsvc.dll (Microsoft Corporation) NETSVC: wisvc -> C:\Windows\system32\flightsettings.dll (Microsoft Corporation) NETSVC: WpnService -> C:\Windows\system32\WpnService.dll (Microsoft Corporation) NETSVC: XboxNetApiSvc -> C:\Windows\system32\XboxNetApiSvc.dll (Microsoft Corporation) NETSVC: UsoSvc -> C:\Windows\system32\usocore.dll (Microsoft Corporation) NETSVCx32: TokenBroker -> C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation) NETSVCx32: UserManager -> C:\Windows\SysWOW64\usermgr.dll ==> Keine Datei ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2019-11-01 08:43 - 2019-11-01 08:43 - 00000000 ___HD C:\OneDriveTemp 2019-10-28 06:42 - 2019-10-28 06:42 - 00275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2019-10-27 17:17 - 2019-10-28 06:44 - 00000276 _____ C:\WINDOWS\WindowsUpdate.log 2019-10-27 16:20 - 2019-10-27 16:20 - 00000000 ___HD C:\$WINDOWS.~BT 2019-10-27 16:08 - 2019-10-28 06:41 - 00000000 ____D C:\Program Files\Mozilla Firefox 2019-10-27 16:08 - 2019-10-27 16:59 - 00000000 ____D C:\AdwCleaner 2019-10-27 16:06 - 2019-10-27 16:06 - 07622344 _____ (Malwarebytes) C:\Users\Stefanie\Desktop\adwcleaner_7.4.2.exe 2019-10-26 10:00 - 2019-10-26 12:46 - 00000000 ____D C:\WINDOWS\UpdateAssistant 2019-10-24 11:00 - 2019-10-02 06:04 - 07519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2019-10-24 11:00 - 2019-10-02 05:47 - 06564368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2019-10-24 11:00 - 2019-10-02 05:40 - 25857024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2019-10-24 11:00 - 2019-10-02 05:32 - 22735872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2019-10-24 10:59 - 2019-10-02 12:10 - 04527072 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2019-10-24 10:59 - 2019-10-02 12:10 - 01616608 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2019-10-24 10:59 - 2019-10-02 11:53 - 04852736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2019-10-24 10:59 - 2019-10-02 11:52 - 12835840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2019-10-24 10:59 - 2019-10-02 11:52 - 08627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2019-10-24 10:59 - 2019-10-02 11:50 - 04491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe 2019-10-24 10:59 - 2019-10-02 11:47 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll 2019-10-24 10:59 - 2019-10-02 09:46 - 12037120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2019-10-24 10:59 - 2019-10-02 09:41 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll 2019-10-24 10:59 - 2019-10-02 06:20 - 03180080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2019-10-24 10:59 - 2019-10-02 06:04 - 02774120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2019-10-24 10:59 - 2019-10-02 06:04 - 01035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe 2019-10-24 10:59 - 2019-10-02 06:02 - 04404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2019-10-24 10:59 - 2019-10-02 06:02 - 01219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2019-10-24 10:59 - 2019-10-02 06:02 - 01027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2019-10-24 10:59 - 2019-10-02 06:01 - 02468048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2019-10-24 10:59 - 2019-10-02 06:00 - 09080632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2019-10-24 10:59 - 2019-10-02 06:00 - 02570824 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2019-10-24 10:59 - 2019-10-02 06:00 - 02371504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2019-10-24 10:59 - 2019-10-02 05:48 - 02331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2019-10-24 10:59 - 2019-10-02 05:48 - 01990056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2019-10-24 10:59 - 2019-10-02 05:47 - 04789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2019-10-24 10:59 - 2019-10-02 05:47 - 02260928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2019-10-24 10:59 - 2019-10-02 05:47 - 01979752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2019-10-24 10:59 - 2019-10-02 05:38 - 22016000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2019-10-24 10:59 - 2019-10-02 05:32 - 06661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2019-10-24 10:59 - 2019-10-02 05:31 - 08189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2019-10-24 10:59 - 2019-10-02 05:31 - 04388864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll 2019-10-24 10:59 - 2019-10-02 05:30 - 19385856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2019-10-24 10:59 - 2019-10-02 05:30 - 03403264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2019-10-24 10:59 - 2019-10-02 05:29 - 03392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2019-10-24 10:59 - 2019-10-02 05:29 - 02700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2019-10-24 10:59 - 2019-10-02 05:28 - 07573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2019-10-24 10:59 - 2019-10-02 05:28 - 04771840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2019-10-24 10:59 - 2019-10-02 05:28 - 01827328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll 2019-10-24 10:59 - 2019-10-02 05:27 - 05769728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2019-10-24 10:59 - 2019-10-02 05:27 - 02126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll 2019-10-24 10:59 - 2019-10-02 05:25 - 03091456 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2019-10-24 10:59 - 2019-10-02 05:25 - 02738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2019-10-24 10:59 - 2019-10-02 05:24 - 02379264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll 2019-10-24 10:59 - 2019-10-02 05:23 - 04938240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2019-10-24 10:59 - 2019-10-02 05:23 - 04517376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2019-10-24 10:59 - 2019-10-02 05:23 - 02166272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2019-10-24 10:59 - 2019-10-02 05:22 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2019-10-24 10:59 - 2019-09-10 08:17 - 23862272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll 2019-10-24 10:59 - 2019-09-10 08:16 - 19525632 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll 2019-10-24 10:58 - 2019-10-06 02:43 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2019-10-24 10:58 - 2019-10-06 02:43 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2019-10-24 10:58 - 2019-10-02 12:14 - 00349216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe 2019-10-24 10:58 - 2019-10-02 12:10 - 01640376 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2019-10-24 10:58 - 2019-10-02 12:08 - 02394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL 2019-10-24 10:58 - 2019-10-02 12:08 - 01047568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll 2019-10-24 10:58 - 2019-10-02 11:53 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll 2019-10-24 10:58 - 2019-10-02 11:50 - 02019840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll 2019-10-24 10:58 - 2019-10-02 11:50 - 00810496 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2019-10-24 10:58 - 2019-10-02 11:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe 2019-10-24 10:58 - 2019-10-02 11:48 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2019-10-24 10:58 - 2019-10-02 11:48 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll 2019-10-24 10:58 - 2019-10-02 11:48 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll 2019-10-24 10:58 - 2019-10-02 11:47 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll 2019-10-24 10:58 - 2019-10-02 11:47 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll 2019-10-24 10:58 - 2019-10-02 11:46 - 01364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll 2019-10-24 10:58 - 2019-10-02 11:46 - 01289216 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll 2019-10-24 10:58 - 2019-10-02 11:46 - 00740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2019-10-24 10:58 - 2019-10-02 11:46 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE 2019-10-24 10:58 - 2019-10-02 11:45 - 01180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2019-10-24 10:58 - 2019-10-02 11:45 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll 2019-10-24 10:58 - 2019-10-02 09:56 - 01628488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2019-10-24 10:58 - 2019-10-02 09:53 - 00917816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll 2019-10-24 10:58 - 2019-10-02 09:52 - 02206424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL 2019-10-24 10:58 - 2019-10-02 09:44 - 07991296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2019-10-24 10:58 - 2019-10-02 09:42 - 03397120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe 2019-10-24 10:58 - 2019-10-02 09:42 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE 2019-10-24 10:58 - 2019-10-02 09:41 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll 2019-10-24 10:58 - 2019-10-02 09:41 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll 2019-10-24 10:58 - 2019-10-02 06:21 - 02417744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2019-10-24 10:58 - 2019-10-02 06:19 - 00374584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2019-10-24 10:58 - 2019-10-02 06:05 - 00092472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys 2019-10-24 10:58 - 2019-10-02 06:04 - 01098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll 2019-10-24 10:58 - 2019-10-02 06:04 - 00494096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe 2019-10-24 10:58 - 2019-10-02 06:03 - 00778024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2019-10-24 10:58 - 2019-10-02 06:03 - 00193040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys 2019-10-24 10:58 - 2019-10-02 06:02 - 00568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe 2019-10-24 10:58 - 2019-10-02 06:02 - 00210448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys 2019-10-24 10:58 - 2019-10-02 06:02 - 00194352 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll 2019-10-24 10:58 - 2019-10-02 06:01 - 01288928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2019-10-24 10:58 - 2019-10-02 06:01 - 00723728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2019-10-24 10:58 - 2019-10-02 06:01 - 00722744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll 2019-10-24 10:58 - 2019-10-02 06:01 - 00527160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe 2019-10-24 10:58 - 2019-10-02 06:01 - 00491208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll 2019-10-24 10:58 - 2019-10-02 06:01 - 00439504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll 2019-10-24 10:58 - 2019-10-02 06:01 - 00435728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2019-10-24 10:58 - 2019-10-02 06:01 - 00159864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe 2019-10-24 10:58 - 2019-10-02 06:00 - 00433168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2019-10-24 10:58 - 2019-10-02 06:00 - 00248880 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll 2019-10-24 10:58 - 2019-10-02 06:00 - 00209936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2019-10-24 10:58 - 2019-10-02 06:00 - 00039032 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll 2019-10-24 10:58 - 2019-10-02 05:59 - 01784696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2019-10-24 10:58 - 2019-10-02 05:59 - 01459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2019-10-24 10:58 - 2019-10-02 05:59 - 01260776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2019-10-24 10:58 - 2019-10-02 05:59 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2019-10-24 10:58 - 2019-10-02 05:59 - 00983936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2019-10-24 10:58 - 2019-10-02 05:59 - 00930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2019-10-24 10:58 - 2019-10-02 05:59 - 00604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2019-10-24 10:58 - 2019-10-02 05:59 - 00260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2019-10-24 10:58 - 2019-10-02 05:49 - 00550512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll 2019-10-24 10:58 - 2019-10-02 05:49 - 00434728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe 2019-10-24 10:58 - 2019-10-02 05:49 - 00385000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll 2019-10-24 10:58 - 2019-10-02 05:49 - 00191800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2019-10-24 10:58 - 2019-10-02 05:49 - 00146712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe 2019-10-24 10:58 - 2019-10-02 05:48 - 00666248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2019-10-24 10:58 - 2019-10-02 05:48 - 00380216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2019-10-24 10:58 - 2019-10-02 05:48 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll 2019-10-24 10:58 - 2019-10-02 05:47 - 01380312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2019-10-24 10:58 - 2019-10-02 05:47 - 01130784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll 2019-10-24 10:58 - 2019-10-02 05:47 - 01020280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2019-10-24 10:58 - 2019-10-02 05:47 - 00829752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2019-10-24 10:58 - 2019-10-02 05:47 - 00607248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll 2019-10-24 10:58 - 2019-10-02 05:47 - 00129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll 2019-10-24 10:58 - 2019-10-02 05:29 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll 2019-10-24 10:58 - 2019-10-02 05:28 - 02929152 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll 2019-10-24 10:58 - 2019-10-02 05:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll 2019-10-24 10:58 - 2019-10-02 05:28 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll 2019-10-24 10:58 - 2019-10-02 05:28 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll 2019-10-24 10:58 - 2019-10-02 05:28 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll 2019-10-24 10:58 - 2019-10-02 05:28 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll 2019-10-24 10:58 - 2019-10-02 05:27 - 03554304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2019-10-24 10:58 - 2019-10-02 05:27 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll 2019-10-24 10:58 - 2019-10-02 05:27 - 00929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2019-10-24 10:58 - 2019-10-02 05:27 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2019-10-24 10:58 - 2019-10-02 05:27 - 00395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll 2019-10-24 10:58 - 2019-10-02 05:27 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2019-10-24 10:58 - 2019-10-02 05:27 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll 2019-10-24 10:58 - 2019-10-02 05:26 - 00908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL 2019-10-24 10:58 - 2019-10-02 05:26 - 00894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2019-10-24 10:58 - 2019-10-02 05:26 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2019-10-24 10:58 - 2019-10-02 05:26 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe 2019-10-24 10:58 - 2019-10-02 05:26 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe 2019-10-24 10:58 - 2019-10-02 05:26 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll 2019-10-24 10:58 - 2019-10-02 05:25 - 02258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2019-10-24 10:58 - 2019-10-02 05:25 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2019-10-24 10:58 - 2019-10-02 05:25 - 01862656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll 2019-10-24 10:58 - 2019-10-02 05:25 - 01540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll 2019-10-24 10:58 - 2019-10-02 05:25 - 01295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll 2019-10-24 10:58 - 2019-10-02 05:25 - 00808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll 2019-10-24 10:58 - 2019-10-02 05:25 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll 2019-10-24 10:58 - 2019-10-02 05:25 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll 2019-10-24 10:58 - 2019-10-02 05:25 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll 2019-10-24 10:58 - 2019-10-02 05:25 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll 2019-10-24 10:58 - 2019-10-02 05:24 - 01563648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2019-10-24 10:58 - 2019-10-02 05:24 - 01058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2019-10-24 10:58 - 2019-10-02 05:24 - 00857088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL 2019-10-24 10:58 - 2019-10-02 05:24 - 00582144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2019-10-24 10:58 - 2019-10-02 05:24 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2019-10-24 10:58 - 2019-10-02 05:23 - 01724928 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll 2019-10-24 10:58 - 2019-10-02 05:23 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe 2019-10-24 10:58 - 2019-10-02 05:23 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2019-10-24 10:58 - 2019-10-02 05:23 - 00735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll 2019-10-24 10:58 - 2019-10-02 05:23 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2019-10-24 10:58 - 2019-10-02 05:23 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2019-10-24 10:58 - 2019-10-02 05:22 - 01110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2019-10-24 10:58 - 2019-10-02 05:22 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll 2019-10-24 10:58 - 2019-10-02 05:22 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2019-10-24 10:58 - 2019-10-02 05:22 - 00532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2019-10-24 10:58 - 2019-10-02 05:22 - 00506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll 2019-10-24 10:58 - 2019-10-02 05:22 - 00345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2019-10-24 10:58 - 2019-10-02 05:22 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll 2019-10-24 10:58 - 2019-10-02 05:22 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll 2019-10-24 10:58 - 2019-10-02 04:05 - 00001312 _____ C:\WINDOWS\system32\tcbres.wim 2019-10-24 10:58 - 2019-09-19 08:02 - 00868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll 2019-10-24 10:58 - 2019-09-10 07:56 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll 2019-10-24 10:58 - 2019-09-10 02:20 - 00353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll 2019-10-24 10:58 - 2019-09-10 02:20 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll 2019-10-24 10:58 - 2019-08-13 15:42 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll 2019-10-07 18:03 - 2019-10-24 21:10 - 00153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2019-10-07 18:03 - 2019-10-07 18:03 - 00001923 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2019-10-07 18:03 - 2019-10-07 18:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2019-10-07 18:03 - 2019-06-26 12:00 - 00020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2019-10-06 14:25 - 2019-10-27 17:35 - 00001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2019-10-06 14:25 - 2019-10-06 14:25 - 00001004 _____ C:\Users\Public\Desktop\Firefox.lnk 2019-10-06 14:23 - 2019-10-06 14:24 - 49818008 _____ (Mozilla) C:\Users\Stefanie\Downloads\Firefox Setup 69.0.2.exe 2019-10-04 15:31 - 2019-10-06 16:36 - 00064685 _____ C:\Users\Stefanie\Desktop\Addition.txt 2019-10-04 15:27 - 2019-11-01 09:52 - 00043105 _____ C:\Users\Stefanie\Desktop\FRST.txt 2019-10-04 15:27 - 2019-11-01 09:51 - 00000000 ____D C:\FRST 2019-10-04 15:25 - 2019-10-04 15:25 - 02169856 _____ (Farbar) C:\Users\Stefanie\Desktop\FRST64.exe 2019-10-04 12:59 - 2019-09-13 11:57 - 21409376 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2019-10-04 12:59 - 2019-09-13 05:49 - 05627280 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll 2019-10-04 12:59 - 2019-09-13 05:47 - 07445856 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2019-10-04 12:58 - 2019-10-24 10:01 - 00000000 ____D C:\Users\Stefanie\AppData\Local\CrashDumps 2019-10-04 12:58 - 2019-09-13 12:02 - 04040008 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2019-10-04 12:58 - 2019-09-13 11:57 - 01517480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2019-10-04 12:58 - 2019-09-13 11:47 - 06588416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2019-10-04 12:58 - 2019-09-13 11:41 - 01644032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll 2019-10-04 12:58 - 2019-09-13 11:40 - 03614208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2019-10-04 12:58 - 2019-09-13 10:16 - 01320128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2019-10-04 12:58 - 2019-09-13 10:15 - 20400656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2019-10-04 12:58 - 2019-09-13 10:15 - 03701184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2019-10-04 12:58 - 2019-09-13 10:05 - 05659136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2019-10-04 12:58 - 2019-09-13 10:00 - 02882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2019-10-04 12:58 - 2019-09-13 05:58 - 07900880 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2019-10-04 12:58 - 2019-09-13 05:58 - 01613096 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll 2019-10-04 12:58 - 2019-09-13 05:48 - 03290584 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2019-10-04 12:58 - 2019-09-13 05:36 - 02478152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2019-10-04 12:58 - 2019-09-13 05:35 - 06052272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2019-10-04 12:58 - 2019-09-13 05:27 - 16598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2019-10-04 12:58 - 2019-09-13 05:24 - 13878784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2019-10-04 12:58 - 2019-09-13 05:17 - 03148288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll 2019-10-04 12:58 - 2019-09-13 05:15 - 02913792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2019-10-04 12:58 - 2019-09-13 05:14 - 01854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll 2019-10-04 12:58 - 2019-09-13 05:14 - 01809408 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2019-10-04 12:58 - 2019-09-13 05:14 - 01222144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll 2019-10-04 12:58 - 2019-09-13 05:13 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll 2019-10-04 12:58 - 2019-09-13 05:12 - 01634304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2019-10-04 12:57 - 2019-09-13 12:03 - 00586680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll 2019-10-04 12:57 - 2019-09-13 11:57 - 01375456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2019-10-04 12:57 - 2019-09-13 11:56 - 00341392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll 2019-10-04 12:57 - 2019-09-13 11:44 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys 2019-10-04 12:57 - 2019-09-13 11:44 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll 2019-10-04 12:57 - 2019-09-13 11:41 - 01127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll 2019-10-04 12:57 - 2019-09-13 11:40 - 01725952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2019-10-04 12:57 - 2019-09-13 11:40 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll 2019-10-04 12:57 - 2019-09-13 11:40 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll 2019-10-04 12:57 - 2019-09-13 11:40 - 00402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll 2019-10-04 12:57 - 2019-09-13 11:40 - 00351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe 2019-10-04 12:57 - 2019-09-13 11:40 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll 2019-10-04 12:57 - 2019-09-13 11:39 - 02085888 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2019-10-04 12:57 - 2019-09-13 11:39 - 01262592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll 2019-10-04 12:57 - 2019-09-13 11:39 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll 2019-10-04 12:57 - 2019-09-13 10:18 - 00470512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll 2019-10-04 12:57 - 2019-09-13 10:17 - 01026280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2019-10-04 12:57 - 2019-09-13 10:01 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll 2019-10-04 12:57 - 2019-09-13 10:01 - 00622592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll 2019-10-04 12:57 - 2019-09-13 10:00 - 01530880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2019-10-04 12:57 - 2019-09-13 09:59 - 02017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2019-10-04 12:57 - 2019-09-13 05:56 - 05821448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2019-10-04 12:57 - 2019-09-13 05:56 - 01299472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll 2019-10-04 12:57 - 2019-09-13 05:49 - 00274792 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe 2019-10-04 12:57 - 2019-09-13 05:48 - 01659704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll 2019-10-04 12:57 - 2019-09-13 05:48 - 01363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2019-10-04 12:57 - 2019-09-13 05:48 - 00722744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll 2019-10-04 12:57 - 2019-09-13 05:48 - 00710240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2019-10-04 12:57 - 2019-09-13 05:48 - 00170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2019-10-04 12:57 - 2019-09-13 05:47 - 01947168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2019-10-04 12:57 - 2019-09-13 05:47 - 00713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll 2019-10-04 12:57 - 2019-09-13 05:47 - 00275768 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2019-10-04 12:57 - 2019-09-13 05:47 - 00081720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys 2019-10-04 12:57 - 2019-09-13 05:47 - 00039736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys 2019-10-04 12:57 - 2019-09-13 05:36 - 01252152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll 2019-10-04 12:57 - 2019-09-13 05:35 - 01559272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2019-10-04 12:57 - 2019-09-13 05:23 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll 2019-10-04 12:57 - 2019-09-13 05:21 - 00153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll 2019-10-04 12:57 - 2019-09-13 05:21 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll 2019-10-04 12:57 - 2019-09-13 05:21 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll 2019-10-04 12:57 - 2019-09-13 05:21 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpnotify.exe 2019-10-04 12:57 - 2019-09-13 05:21 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe 2019-10-04 12:57 - 2019-09-13 05:20 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe 2019-10-04 12:57 - 2019-09-13 05:20 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll 2019-10-04 12:57 - 2019-09-13 05:20 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll 2019-10-04 12:57 - 2019-09-13 05:20 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll 2019-10-04 12:57 - 2019-09-13 05:19 - 00514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe 2019-10-04 12:57 - 2019-09-13 05:18 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2019-10-04 12:57 - 2019-09-13 05:18 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe 2019-10-04 12:57 - 2019-09-13 05:17 - 00761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll 2019-10-04 12:57 - 2019-09-13 05:17 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll 2019-10-04 12:57 - 2019-09-13 05:17 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll 2019-10-04 12:57 - 2019-09-13 05:17 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll 2019-10-04 12:57 - 2019-09-13 05:17 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll 2019-10-04 12:57 - 2019-09-13 05:16 - 00910336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2019-10-04 12:57 - 2019-09-13 05:16 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll 2019-10-04 12:57 - 2019-09-13 05:15 - 01549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2019-10-04 12:57 - 2019-09-13 05:15 - 01023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll 2019-10-04 12:57 - 2019-09-13 05:15 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll 2019-10-04 12:57 - 2019-09-13 05:15 - 00517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll 2019-10-04 12:57 - 2019-09-13 05:15 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll 2019-10-04 12:57 - 2019-09-13 05:15 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\DavSyncProvider.dll 2019-10-04 12:57 - 2019-09-13 05:15 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll 2019-10-04 12:57 - 2019-09-13 05:14 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll 2019-10-04 12:57 - 2019-09-13 05:14 - 00602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll 2019-10-04 12:57 - 2019-09-13 05:14 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2019-10-04 12:57 - 2019-09-13 05:14 - 00257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll 2019-10-04 12:57 - 2019-09-13 05:13 - 02893312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll 2019-10-04 12:57 - 2019-09-13 05:13 - 01371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll 2019-10-04 12:57 - 2019-09-13 05:13 - 00927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll 2019-10-04 12:57 - 2019-09-13 05:13 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2019-10-04 12:57 - 2019-09-13 05:13 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2019-10-04 12:57 - 2019-09-13 05:13 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll 2019-10-04 12:57 - 2019-09-13 05:12 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2019-10-04 12:57 - 2019-09-13 05:12 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll 2019-10-04 12:57 - 2019-09-13 05:12 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll 2019-10-04 12:57 - 2019-09-13 05:11 - 00979456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll 2019-10-04 12:57 - 2019-09-13 05:11 - 00782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2019-10-04 12:57 - 2019-09-13 05:11 - 00735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll 2019-10-04 12:57 - 2019-09-13 05:11 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll 2019-10-04 12:57 - 2019-09-13 05:11 - 00536576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll 2019-10-04 12:57 - 2019-09-13 05:11 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DavSyncProvider.dll ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2019-11-01 09:47 - 2018-06-06 20:39 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2019-11-01 09:41 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\system32\sru 2019-11-01 09:01 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\AppReadiness 2019-11-01 08:55 - 2018-02-14 02:05 - 00000000 ____D C:\WINDOWS\system32\Drivers\wd 2019-11-01 08:43 - 2014-10-08 19:22 - 00000000 ___RD C:\Users\Stefanie\OneDrive 2019-10-28 06:49 - 2018-06-07 04:52 - 01718588 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2019-10-28 06:49 - 2018-04-12 17:13 - 00743096 _____ C:\WINDOWS\system32\perfh007.dat 2019-10-28 06:49 - 2018-04-12 17:13 - 00149732 _____ C:\WINDOWS\system32\perfc007.dat 2019-10-28 06:42 - 2019-09-29 14:50 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2019-10-28 06:41 - 2018-06-07 05:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2019-10-28 06:41 - 2016-12-02 19:29 - 00746616 _____ C:\WINDOWS\PFRO.log 2019-10-28 06:41 - 2014-10-08 20:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2019-10-28 06:40 - 2018-04-11 22:04 - 01048576 _____ C:\WINDOWS\system32\config\BBI 2019-10-27 17:32 - 2017-12-09 09:53 - 00000000 ___RD C:\Users\Stefanie\3D Objects 2019-10-27 17:14 - 2019-09-29 10:51 - 00000000 ____D C:\ProgramData\AVAST Software 2019-10-27 17:14 - 2018-06-06 20:39 - 00281408 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\zu-ZA 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\yo-NG 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\xh-ZA 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\wo-SN 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\tn-ZA 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\ti-ET 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\rw-RW 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\nso-ZA 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\ig-NG 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\zu-ZA 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\yo-NG 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\xh-ZA 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\wo-SN 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\uz-Latn-UZ 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\tn-ZA 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\ti-ET 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\sd-Arab-PK 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\rw-RW 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\quc-Latn-GT 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\pa-Arab-PK 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\nso-ZA 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\ku-Arab-IQ 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\ig-NG 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\ha-Latn-NG 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\chr-CHER-US 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\ca-ES-valencia 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\bs-Latn-BA 2019-10-27 17:09 - 2018-04-12 17:17 - 00000000 ____D C:\WINDOWS\system32\az-Latn-AZ 2019-10-27 17:09 - 2018-04-12 00:38 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2019-10-27 17:09 - 2018-04-12 00:38 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2019-10-27 17:09 - 2018-04-12 00:38 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2019-10-27 17:09 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\TextInput 2019-10-27 17:09 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\SysWOW64\sk-SK 2019-10-27 17:09 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe 2019-10-27 17:09 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism 2019-10-27 17:09 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2019-10-27 17:09 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\system32\sk-SK 2019-10-27 17:09 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\system32\oobe 2019-10-27 17:09 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\ShellExperiences 2019-10-27 17:09 - 2018-04-11 22:04 - 00000000 ____D C:\WINDOWS\system32\Dism 2019-10-27 17:08 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\bcastdvr 2019-10-27 17:01 - 2017-02-08 18:37 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard 2019-10-27 17:01 - 2014-06-09 15:07 - 00000000 ____D C:\Program Files (x86)\TOSHIBA 2019-10-27 17:01 - 2014-05-22 01:03 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA 2019-10-27 17:01 - 2014-05-22 01:03 - 00000000 ____D C:\Program Files\TOSHIBA 2019-10-27 17:01 - 2014-05-22 00:54 - 00000000 ____D C:\ProgramData\TOSHIBA 2019-10-27 17:00 - 2017-07-03 20:33 - 00000000 ____D C:\Users\Stefanie\AppData\Roaming\Hewlett-Packard 2019-10-27 17:00 - 2017-02-10 16:56 - 00000000 ____D C:\ProgramData\Hewlett-Packard 2019-10-27 16:21 - 2018-05-30 19:46 - 00000000 ___DC C:\WINDOWS\Panther 2019-10-25 10:09 - 2018-06-07 05:08 - 00003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-581088433-320290056-2638895184-1001 2019-10-25 10:09 - 2018-06-07 04:37 - 00002434 _____ C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2019-10-24 11:25 - 2018-04-12 00:38 - 00017800 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml 2019-10-24 11:18 - 2018-04-12 00:30 - 00000000 ____D C:\WINDOWS\CbsTemp 2019-10-24 10:56 - 2014-10-10 18:28 - 00000000 ____D C:\WINDOWS\system32\MRT 2019-10-24 10:50 - 2014-10-10 18:27 - 127230528 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2019-10-24 10:36 - 2014-10-10 11:41 - 00000000 ____D C:\Program Files\Microsoft Office 15 2019-10-20 18:18 - 2018-06-07 08:41 - 00000000 ____D C:\Users\Stefanie\AppData\Local\D3DSCache 2019-10-07 18:04 - 2019-09-29 11:10 - 00000000 ____D C:\ProgramData\Malwarebytes 2019-10-07 18:03 - 2018-04-12 00:38 - 00000000 ___HD C:\WINDOWS\ELAMBKUP 2019-10-06 14:27 - 2014-10-08 19:51 - 00000000 ____D C:\ProgramData\Mozilla 2019-10-06 14:22 - 2014-05-22 00:54 - 00000000 ____D C:\Program Files (x86)\Google 2019-10-06 14:13 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2019-10-06 14:13 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\system32\Macromed 2019-10-06 14:12 - 2016-08-02 16:58 - 00000000 ____D C:\Program Files (x86)\Adobe 2019-10-05 16:58 - 2014-10-22 11:12 - 00000000 ____D C:\Users\Stefanie\Documents\Steffi Bewerbungsunterlagen 2019-10-05 16:25 - 2018-06-07 07:10 - 00000000 ____D C:\Users\Stefanie\AppData\Local\PlaceholderTileLogoFolder 2019-10-05 16:19 - 2018-07-03 17:52 - 00000000 ____D C:\ProgramData\Packages 2019-10-05 16:19 - 2017-12-09 09:20 - 00000000 ____D C:\Users\Stefanie\AppData\Local\Packages 2019-10-02 21:38 - 2018-06-07 05:08 - 00003632 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2019-10-02 21:38 - 2018-06-07 05:08 - 00003508 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2019-08-05 23:42 - 2019-08-05 23:42 - 0361562 _____ () C:\Users\Stefanie\AppData\Roaming\Bepacecudeto 2019-09-01 19:42 - 2019-09-01 19:42 - 0307024 _____ () C:\Users\Stefanie\AppData\Roaming\Budadet 2019-09-27 23:42 - 2019-09-27 23:42 - 0325862 _____ () C:\Users\Stefanie\AppData\Roaming\Cerepelu 2019-03-16 00:42 - 2019-03-16 00:42 - 0329892 _____ () C:\Users\Stefanie\AppData\Roaming\Cureheleloci 2019-04-27 23:42 - 2019-04-27 23:42 - 0335229 _____ () C:\Users\Stefanie\AppData\Roaming\Dehacimusuma 2019-02-19 00:42 - 2019-02-19 00:42 - 0337202 _____ () C:\Users\Stefanie\AppData\Roaming\Dofanapopele 2019-02-10 00:42 - 2019-02-10 00:42 - 0133167 _____ () C:\Users\Stefanie\AppData\Roaming\Fufaboliko 2019-05-14 23:42 - 2019-05-14 23:42 - 0304458 _____ () C:\Users\Stefanie\AppData\Roaming\Gaheme 2019-05-22 23:42 - 2019-05-22 23:42 - 0302882 _____ () C:\Users\Stefanie\AppData\Roaming\Gopib 2019-07-04 12:42 - 2019-07-04 12:42 - 0168331 _____ () C:\Users\Stefanie\AppData\Roaming\Gubiparo 2019-06-17 23:42 - 2019-06-17 23:42 - 0347448 _____ () C:\Users\Stefanie\AppData\Roaming\Hepotoca 2019-09-09 23:42 - 2019-09-09 23:42 - 0128371 _____ () C:\Users\Stefanie\AppData\Roaming\Hesumo 2019-09-04 23:42 - 2019-09-04 23:42 - 0364531 _____ () C:\Users\Stefanie\AppData\Roaming\Hesusakolit 2019-08-14 23:42 - 2019-08-14 23:42 - 0212389 _____ () C:\Users\Stefanie\AppData\Roaming\Hoginig 2019-08-22 23:42 - 2019-08-22 23:42 - 0327657 _____ () C:\Users\Stefanie\AppData\Roaming\Honekineneba 2019-07-12 23:28 - 2019-07-12 23:28 - 0157795 _____ () C:\Users\Stefanie\AppData\Roaming\Kecareh 2019-06-25 23:42 - 2019-06-25 23:42 - 0246789 _____ () C:\Users\Stefanie\AppData\Roaming\Kehenat 2016-10-29 14:01 - 2016-10-29 14:01 - 0018833 _____ () C:\Users\Stefanie\AppData\Roaming\Kelalipob 2019-04-19 23:10 - 2019-04-19 23:10 - 0313260 _____ () C:\Users\Stefanie\AppData\Roaming\Kunesamafo 2019-07-20 23:42 - 2019-07-20 23:42 - 0362819 _____ () C:\Users\Stefanie\AppData\Roaming\Lurusuhat 2019-05-05 23:42 - 2019-05-05 23:42 - 0164250 _____ () C:\Users\Stefanie\AppData\Roaming\Matedanafika 2019-02-28 00:42 - 2019-02-28 00:42 - 0286382 _____ () C:\Users\Stefanie\AppData\Roaming\Nibug 2019-09-19 11:28 - 2019-09-19 11:28 - 0292078 _____ () C:\Users\Stefanie\AppData\Roaming\Ninibokekimi 2019-07-28 23:42 - 2019-07-28 23:42 - 0359966 _____ () C:\Users\Stefanie\AppData\Roaming\Nodikolib 2019-04-10 23:46 - 2019-04-10 23:46 - 0315693 _____ () C:\Users\Stefanie\AppData\Roaming\Pitacarobere 2019-03-25 00:29 - 2019-03-25 00:29 - 0340540 _____ () C:\Users\Stefanie\AppData\Roaming\Pufure 2019-03-08 00:42 - 2019-03-08 00:42 - 0146702 _____ () C:\Users\Stefanie\AppData\Roaming\Rukeraf 2019-06-08 23:42 - 2019-06-08 23:42 - 0220511 _____ () C:\Users\Stefanie\AppData\Roaming\Sosimofem 2019-05-31 23:42 - 2019-05-31 23:42 - 0137171 _____ () C:\Users\Stefanie\AppData\Roaming\Teritet 2019-04-02 23:42 - 2019-04-02 23:42 - 0151565 _____ () C:\Users\Stefanie\AppData\Roaming\Tetetuco 2014-10-10 11:42 - 2019-09-27 23:42 - 0001093 _____ () C:\Users\Stefanie\AppData\Roaming\WB.CFG 2017-12-15 09:26 - 2017-12-15 09:26 - 0000068 _____ () C:\Users\Stefanie\AppData\Local\5qe2nbznbz 2014-10-12 20:42 - 2014-12-20 18:43 - 0000001 _____ () C:\Users\Stefanie\AppData\Local\DSI.DAT 2016-12-11 16:04 - 2017-02-14 22:17 - 0000041 _____ () C:\ProgramData\.zreglib 2017-09-15 08:45 - 2017-09-15 08:45 - 0000000 _____ () C:\ProgramData\DP45977C.lfl 2017-12-29 19:29 - 2017-12-29 19:29 - 0000016 _____ () C:\ProgramData\mntemp 2017-12-29 19:29 - 2017-12-29 19:29 - 0004935 _____ () C:\ProgramData\vfiakfjk.zeu ==================== Bamital & volsnap Check ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\System32\winlogon.exe => Datei ist digital signiert C:\Windows\System32\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\System32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\System32\services.exe => Datei ist digital signiert C:\Windows\System32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\System32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\System32\rpcss.dll => Datei ist digital signiert C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2018-06-06 20:39 ==================== Ende von log ============================ |
01.11.2019, 10:04 | #18 |
Einige Funde mit Malwarebytes Addition.txt
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:28-07-2015 durchgeführt von Stefanie (2019-11-01 09:54:56) Gestartet von C:\Users\Stefanie\Desktop Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-581088433-320290056-2638895184-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-581088433-320290056-2638895184-503 - Limited - Disabled) Gast (S-1-5-21-581088433-320290056-2638895184-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-581088433-320290056-2638895184-1005 - Limited - Enabled) Stefanie (S-1-5-21-581088433-320290056-2638895184-1001 - Administrator - Enabled) => C:\Users\Stefanie WDAGUtilityAccount (S-1-5-21-581088433-320290056-2638895184-504 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros) AVI Media Player 1.0.2 (HKLM-x32\...\AVI Media Player_is1) (Version: - vsevensoft.com) Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden CloneCD (HKLM-x32\...\CloneCD) (Version: 5.3.4.0 - SlySoft) Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden DTS Sound (HKLM-x32\...\{9B17BBEC-CF31-4C23-949E-E65A14365CE1}) (Version: 1.01.6100 - DTS, Inc.) Enchanted Cavern 2 (x32 Version: 2.2.0.110 - WildTangent) Hidden Evernote (HKLM-x32\...\Evernote) (Version: 1.0.0 - Evernote Launcher by Toshiba Europe GmbH) Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.35.301 - Google LLC) Hidden HP LaserJet Pro M11-M13 Series (HKLM\...\HP LaserJet Pro M11-M13 Series) (Version: - ) HP Support Solutions Framework (HKLM-x32\...\{AAE126B3-95C5-49E1-A590-7B5F6EDC7D60}) (Version: 12.13.42.1 - HP Inc.) HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4425 - Intel Corporation) Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation) Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden Malwarebytes Version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes) Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.5179.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-581088433-320290056-2638895184-1001\...\OneDriveSetup.exe) (Version: 19.174.0902.0013 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d07b0db5-8dad-40e1-be90-88026298a46b}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{2749c485-3a8b-4533-92ff-7cf6e8221cff}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.21.00.03 - Huawei Technologies Co.,Ltd) Movavi Video Converter 18 Premium (HKLM-x32\...\Movavi Video Converter 18 Premium) (Version: 18.1.0 - Movavi) Mozilla Firefox 70.0 (x64 de) (HKLM\...\Mozilla Firefox 70.0 (x64 de)) (Version: 70.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0.2 - Mozilla) My Kingdom for the Princess 3 (x32 Version: 2.2.0.110 - WildTangent) Hidden Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.5179.1000 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.5179.1000 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.5179.1000 - Microsoft Corporation) Hidden Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7173 - Realtek Semiconductor Corp.) Symbaloo (HKLM-x32\...\Symbaloo) (Version: 1.0.0 - Symbaloo Launcher by Toshiba Europe GmbH) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.4.3.182 - Synaptics Incorporated) TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.6.4835 - TeamViewer) tiptoi® Manager 4.0.1 (HKLM\...\{833392BB-E8C0-4066-9408-3A30FA43972F}_is1) (Version: 4.0.1 - Ravensburger AG) TOSHIBA Display Utility (HKLM\...\{F64E9295-E1B3-4EEA-86D3-AF44A0087B06}) (Version: 1.1.16.0 - Toshiba Corporation) TOSHIBA eco Utility (HKLM\...\{94D2A899-0C34-4420-880E-AE337E635AB0}) (Version: 2.4.2.6403 - Toshiba Corporation) TOSHIBA Function Key (HKLM\...\{1844CFE2-EBA3-490A-8A5E-9BFC646342FD}) (Version: 1.1.5.6402 - Toshiba Corporation) TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.19 - TOSHIBA) TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{59358FD4-252B-4B38-AB81-955C491A494F}) (Version: 2.0.0.15C - Toshiba Corporation) TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.2.00.56006005 - Toshiba Corporation) TOSHIBA Service Station (HKLM\...\{E3FCDCBE-0A13-4F73-95C1-000A51CF1C8C}) (Version: 2.6.16.0 - Toshiba Corporation) TOSHIBA Start Screen Option (HKLM\...\{06B71035-F19F-4F76-9875-FFCCD4FC3F83}) (Version: 1.00.01.6402 - Toshiba Corporation) TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0033 - Toshiba Corporation) Update for Windows 10 for x64-based Systems (KB4023057) (Version: 2.63.0.0 - Microsoft Corporation) Hidden UpdateAssistant (Version: 1.24.0.0 - Microsoft Corporation) Hidden Utility Common Driver (x32 Version: 1.0.53.3 - Compal) Hidden Virtual Villagers 5 - New Believers (x32 Version: 3.0.2.32 - WildTangent) Hidden Windows Phone app for desktop (HKLM-x32\...\{19773614-FC22-4ACC-AAA3-E6BDA81ACF92}) (Version: 1.1.2726.0 - Microsoft Corporation) Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}\localserver32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{389510b7-9e58-40d7-98bf-60b911cb0ea9}\localserver32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileCoAuthLib64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{94269C4E-071A-4116-90E6-52E557067E4E}\localserver32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{A926714B-7BFC-4D08-A035-80021395FFA8}\localserver32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll (Microsoft Corporation) ==================== Wiederherstellungspunkte ========================= 06-10-2019 14:09:31 Removed Adobe Acrobat Reader DC - Deutsch. 24-10-2019 10:47:39 Windows Update 01-11-2019 09:14:30 Windows Update ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {042D8A51-5878-4000-9C10-C04AFF122A1F} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand Task: {04B3E894-DE5B-4C4A-9AA7-CA8F7CE43583} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Cellular => C:\Windows\system32\ProvTool.exe [2018-04-12] (Microsoft Corporation) Task: {05C3BAB1-68F8-4EAF-B4AF-8C21E2478533} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime No Task File <==== ATTENTION Task: {05E09776-F708-4694-949B-E8993608CC2B} - System32\Tasks\Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate Task: {09131E27-3793-4B1E-A11E-77D3EAC118D1} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask Task: {0A7AA876-862F-4F81-AA4B-B73950FA632C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates Task: {0BA33681-9D00-4B31-9A87-01683672BFEF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d No Task File <==== ATTENTION Task: {0E55C40D-83F8-4F39-838C-C1D3707EA86A} - System32\Tasks\Microsoft\Windows\DUSM\dusmtask => C:\Windows\System32\dusmtask.exe [2018-11-01] (Microsoft Corporation) Task: {10A37F08-4ACD-47E1-AAB4-6ECDE6DDDE8A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.) Task: {175463A3-4AF2-4959-8504-C36C4397C393} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\IntegrityCheck Task: {1BE936D4-EE40-4F04-84E0-18FFD27C0A6A} - System32\Tasks\Microsoft\Windows\Chkdsk\SyspartRepair => C:\Windows\system32\bcdboot.exe [2018-04-12] (Microsoft Corporation) Task: {1C7A907A-6B30-4164-8565-B0A88C877376} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2019-02-13] (Microsoft Corporation) Task: {1FAE791A-9736-4412-823B-80AE3EE2C1CB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d No Task File <==== ATTENTION Task: {2231CAFE-FABE-41F5-A0B3-842D9319DBF9} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\Windows\system32\AppHostRegistrationVerifier.exe [2018-06-06] (Microsoft Corporation) Task: {226C52BC-0F62-4E67-A70D-74C22932AC02} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload => C:\Windows\system32\dmclient.exe [2018-04-12] (Microsoft Corporation) Task: {23ACACF5-2E96-4ECC-BE70-94CFCB2EF6DE} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Installation Task: {257A47C0-FECE-4A8E-BB35-161852DFF727} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-01-20] (Realtek Semiconductor) Task: {289D68A0-E96F-491B-9498-B0B602C5C53A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess No Task File <==== ATTENTION Task: {28C75830-5752-4F41-A94B-BFD5E8A0D7C8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d No Task File <==== ATTENTION Task: {294EF281-56B6-4F71-8115-BAC2919EF034} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task Task: {29F3A47A-C0DC-48D8-ACAF-89413EE0731D} - System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr => C:\Windows\System32\UNP\UpdateNotificationMgr.exe [2019-07-09] (Microsoft Corporation) Task: {2BB692C1-F60F-479E-ADC2-1CAF9422A2AC} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask Task: {2DBD790D-172A-4CFA-B3F7-824D7509680F} - System32\Tasks\Microsoft\Windows\PushToInstall\Registration => Sc.exe start pushtoinstall registration Task: {2E2E003A-9792-4956-8F12-92797F584AB8} - System32\Tasks\Microsoft\Windows\License Manager\TempSignedLicenseExchange Task: {3137ADB6-515F-4020-9DB9-0F91106BB27F} - \WPD\SqmUpload_S-1-5-21-581088433-320290056-2638895184-1001 No Task File <==== ATTENTION Task: {3199A9F7-0492-4FC9-9EC1-A59CC69A8F52} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe Task: {3790297B-C317-4FEB-9E8D-3B4C85520240} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig No Task File <==== ATTENTION Task: {3C1365A1-11E1-4629-9B25-7D6A932E6B60} - System32\Tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Management Initialization Task: {3DF2FF36-8A3E-4F15-9221-D68F365A7872} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe Task: {407E1879-1F5E-42B2-BA7F-53BCEF433805} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe [2018-04-12] (Microsoft Corporation) Task: {430852CB-A87C-492E-A659-075C7BF1710C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates Task: {46DDFBEA-7B80-499F-8D16-8FB7836BEBDC} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan => C:\Windows\system32\usoclient.exe [2019-09-13] (Microsoft Corporation) Task: {4CB53382-6FBB-4666-B563-0ABC6429D301} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceSettingChange Task: {4F662F7F-D75F-455E-A03A-8AD0D8313218} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B No Task File <==== ATTENTION Task: {51B7FB15-4DCB-400E-9A98-10E802F21FB3} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceScreenOnOff Task: {51D31EBF-545E-411D-A21A-CB34004CC384} - System32\Tasks\Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh Task: {5294EF9E-88CD-432B-A10B-C3AC2FB364AC} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe [2019-08-26] (Microsoft Corporation) Task: {536E4522-B726-480C-9063-126E74EEA4A4} - System32\Tasks\Microsoft\Windows\Maps\MapsUpdateTask Task: {541BA5BF-1736-4A3E-B1E5-CE1C9EE13043} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates Task: {577C3956-E492-42A5-AEFB-FDC54A537C64} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange Task: {57A7E0DF-F70E-43B1-AA2C-5BA67DBBE753} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask Task: {5BE358DF-C2F0-43BC-BA5A-77E36BF54A02} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics => C:\Windows\system32\disksnapshot.exe [2018-04-12] (Microsoft Corporation) Task: {5DB4FD20-4FF2-4C58-9801-ADD6F0149633} - System32\Tasks\Microsoft\Windows\EDP\EDP Inaccessible Credentials Task Task: {60C269FF-448A-4F10-886E-2C70F5086A5F} - System32\Tasks\Microsoft\Windows\Sysmain\ResPriStaticDbSync Task: {62331915-A3E9-4B6E-9686-86034377E8CF} - System32\Tasks\Microsoft\Windows\USB\Usb-Notifications Task: {65A34F07-723D-4150-B109-13BD1AE3DFAA} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] () Task: {6BFE7106-601B-4B34-8F8E-87B9A0DA6ACE} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterUserDevice Task: {6DE4F7DC-0B8D-404A-A6C9-83241658F8CA} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\Windows\system32\AppHostRegistrationVerifier.exe [2018-06-06] (Microsoft Corporation) Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => C:\Windows\system32\MusNotification.exe [2019-10-02] (Microsoft Corporation) Task: {7138D0D3-1873-4A77-86CF-4840F491C90F} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\Windows\System32\XblGameSaveTask.exe [2018-04-12] (Microsoft Corporation) Task: {749AC711-AA62-4D1D-B314-EF1C97E1CA56} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2018-04-12] (Microsoft Corporation) Task: {749E286C-C205-4C7C-B742-BE5023BF06DE} - System32\Tasks\Microsoft\Windows\PushToInstall\LoginCheck => Sc.exe start pushtoinstall login Task: {75522E26-6BE6-4F53-A0FA-14470ECAACAB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2019-07-09] (Microsoft Corporation) Task: {7558573E-8172-4712-ACF4-9749EC2BE926} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation Task: {78BABCCD-20B8-49B7-B4F8-87490C41C875} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser Task: {7E964508-4868-4DB6-A10A-B96FAE223F77} - \Microsoft\Windows\UNP\RunCampaignManager No Task File <==== ATTENTION Task: {7EAE5A6B-00F4-4B9F-A255-E1C163B587A1} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession Task: {836F749C-D064-4E3A-8EEB-A8C21F65A018} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [2019-11-01] (Microsoft Corporation) Task: {88ACDE4D-32A9-43B2-8AFA-B40952AA4881} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [2019-11-01] (Microsoft Corporation) Task: {8B4471CE-BE6B-4E3E-ACA5-46DEE1BBC895} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater – Install HPSA => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe Task: {8CCDCCC3-88F0-4860-84BE-5AC16A1C6FA9} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => Rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance Task: {8D87C19D-6DCD-4EFE-B479-BA3F07C807AB} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2018-03-28] (Synaptics Incorporated) Task: {8DD63C04-476E-493C-861A-32E304334E76} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistant => C:\Windows\UpdateAssistant\UpdateAssistant.exe [2019-10-16] (Microsoft Corporation) Task: {8E7BB9A3-956E-4C6A-AE87-4F175197704F} - System32\Tasks\Microsoft\Windows\NlaSvc\WiFiTask => C:\Windows\System32\WiFiTask.exe [2018-04-12] (Microsoft Corporation) Task: {8F255F88-A87A-495F-B828-A4AFEC70BDB0} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\Windows\system32\dxgiadaptercache.exe [2018-04-12] (Microsoft Corporation) Task: {91AF4E1B-193C-48CF-9F8C-4E86CB77B10B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime No Task File <==== ATTENTION Task: {931758D8-2EC2-4EAE-B3BA-A98DAEC67332} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask Task: {94C0F2F9-98DF-415E-BDC9-AAFF75D5EF69} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2018-04-12] (Microsoft Corporation) Task: {95301ABB-6B78-4DEE-8319-BD138F73F8D3} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2018-04-12] (Microsoft Corporation) Task: {97A565C8-93ED-4888-94AF-BAFA03F733FE} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantWakeupRun => C:\Windows\UpdateAssistant\UpdateAssistant.exe [2019-10-16] (Microsoft Corporation) Task: {97E8D66D-0085-423C-BA11-DD777A1258AB} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\Windows\system32\MDMAgent.exe [2019-06-13] (Microsoft Corporation) Task: {9BD44F9F-0C01-4F78-9644-4C7596CD1E0A} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceAccountChange Task: {9D6319E1-E88F-4D35-AD66-C4EED376E93E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d No Task File <==== ATTENTION Task: {9E135150-470F-49FC-941B-E284A56AEDD1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [2019-11-01] (Microsoft Corporation) Task: {9E1DD7B4-6A7B-4AD3-B4AA-B4741028631C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent No Task File <==== ATTENTION Task: {9ED04639-82DC-496B-85A2-58B3C48CA3F3} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback Task: {A19CD75C-08C3-42D5-9EB4-AE76B91A5550} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2018-04-12] (Microsoft Corporation) Task: {A2E97D0A-9C58-44AB-89DC-55128ACA73C4} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager Task: {A305A840-EC8B-4C66-8EA8-5FF15F129CD2} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe [2018-04-12] (Microsoft Corporation) Task: {A5FE6B52-974F-492F-81F3-472223AD09D5} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\Windows\system32\ClipRenew.exe [2018-04-12] (Microsoft Corporation) Task: {B0952E0A-C54F-4E8B-95E9-90E560086B37} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand Task: {B14C88F4-4AAC-4F00-A94E-8EA180D7AEDC} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense Task: {B2D1D0E5-4670-4493-9360-C9DD0E832A9D} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\CryptoPolicyTask Task: {B2F4AC84-A8D0-4524-9363-BFF5A5911A00} - System32\Tasks\Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask Task: {B320E058-C6FA-413F-876B-0C9B4428AE66} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic6 Task: {B3433942-FE11-4C11-839D-9C7589B6C5CB} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\Windows\system32\ClipRenew.exe [2018-04-12] (Microsoft Corporation) Task: {B57429E8-8CBF-47A8-89FA-B5219D8376E3} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2019-02-13] (Microsoft Corporation) Task: {B6DCBB4A-0292-47AE-B9DC-F81CF086D721} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-581088433-320290056-2638895184-1001 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe Task: {B76ECE88-27B3-4CEC-9B37-1314B4602CAA} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic24 Task: {BD924DA8-2073-4BD4-8BCB-118ED4EDEB2C} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\AC Power Install => C:\Windows\system32\usoclient.exe [2019-09-13] (Microsoft Corporation) Task: {C2098BE2-A29A-4EB1-97F6-F0C57E086D4F} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\Windows\system32\speech_onecore\common\SpeechRuntime.exe [2018-06-06] (Microsoft Corporation) Task: {C48D50E5-71A9-48D8-B7C1-3DA9AECBDEC3} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2019-05-17] (Microsoft Corporation) Task: {C6B2579B-4962-4D12-883D-BBD420573A6C} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic1 Task: {C9B34E7E-3A1B-4940-B011-BF7F34B31D20} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2014-04-03] (TOSHIBA Corporation) Task: {CB7F3B8F-F794-47DD-A8D2-AD8051F45A55} - System32\Tasks\Microsoft\Windows\WwanSvc\NotificationTask => C:\Windows\System32\WiFiTask.exe [2018-04-12] (Microsoft Corporation) Task: {CCEF2C54-86E8-4168-B918-53DA443D8D00} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe Task: {CD5CE6F3-171C-4C0F-8629-3F2126A0FB72} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => C:\Windows\system32\MusNotification.exe [2019-10-02] (Microsoft Corporation) Task: {CDA5D686-5D6C-4730-9907-B66710DC3670} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange Task: {D010978C-B666-4072-B7F3-DD6340CDD629} - System32\Tasks\Microsoft\Windows\EDP\StorageCardEncryption Task Task: {D0300741-03C7-49FE-ABAC-C520084F6E67} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [2019-11-01] (Microsoft Corporation) Task: {D19A2726-897E-4F7D-9CE4-0773B449CE9E} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceConnectedToNetwork Task: {D1CC320B-9A47-4DB4-AFE4-2BCE1A964E7A} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources Task: {D49C81A2-855C-417E-825F-1DC2AA1443D3} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon => C:\Windows\System32\XblGameSaveTask.exe [2018-04-12] (Microsoft Corporation) Task: {D4A9B4EC-1635-4B25-9E3B-1C9BE9D98D00} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattelrunner.exe [2019-09-04] (Microsoft Corporation) Task: {D8436F3C-DDFE-4877-A05C-2337758E98E9} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr Task: {DC3C4041-27B3-4040-9DE1-FA5EE922AA3B} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures Task: {DD710A69-86C6-4932-97B1-01FB13ACFEF1} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged Task: {E047CF5C-4040-476F-8737-408E3BA4B0B6} - System32\Tasks\Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate Task: {E0862994-9083-482D-A921-27B4860FFA21} - System32\Tasks\Microsoft\Windows\Printing\EduPrintProv => C:\Windows\system32\eduprintprov.exe [2019-04-19] (Microsoft Corporation) Task: {E1CA9B6B-2358-49EA-9722-19B254DC558E} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantCalendarRun => C:\Windows\UpdateAssistant\UpdateAssistant.exe [2019-10-16] (Microsoft Corporation) Task: {E82177E3-E19A-4321-84F6-90AA57815013} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2019-09-04] (Microsoft Corporation) Task: {E8411C63-4393-40B6-9A25-7D31CD4897BE} - System32\Tasks\Microsoft\Windows\WCM\WiFiTask => C:\Windows\System32\WiFiTask.exe [2018-04-12] (Microsoft Corporation) Task: {E907704E-6225-4B0A-A428-3ECE7F8277BE} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask Task: {E9474EE3-C9D7-4FA3-9B3E-353E37D5814D} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Logon => C:\Windows\system32\ProvTool.exe [2018-04-12] (Microsoft Corporation) Task: {E9A40C11-F4D4-498B-B441-C0B6110AC9A4} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantAllUsersRun => C:\Windows\UpdateAssistant\UpdateAssistant.exe [2019-10-16] (Microsoft Corporation) Task: {EE263E86-FF16-45EE-94C8-2327B81F98CE} - System32\Tasks\Microsoft\Windows\Workplace Join\Recovery-Check => C:\Windows\System32\dsregcmd.exe [2018-04-12] (Microsoft Corporation) Task: {EF7CFDCE-C0DD-449F-9DF2-CCEB2CE3AE8B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent No Task File <==== ATTENTION Task: {EFA86FF7-22AE-4997-AFD9-E89E1BF9B7D6} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\Windows\system32\devicecensus.exe [2019-09-04] (Microsoft Corporation) Task: {F084544B-322F-4CED-B874-EC696339C19E} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceManagerTask => C:\Windows\system32\spaceman.exe [2018-04-12] (Microsoft Corporation) Task: {F35ACE16-1E96-431C-B189-F2F82BA8A4F9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d No Task File <==== ATTENTION Task: {F955A09C-E83A-4AD5-9ABC-7D5D7A055117} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task Task: {FC779438-B7FD-4774-AA55-4DE2A4B098A4} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh Task: {FD0C7C89-E963-41B3-A6DE-3D6B2644A94D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.) Task: {FE702A37-B3C1-4A15-B59D-86935E5097A7} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation Task: {FEBC9EFC-F9E9-420F-AA49-0491E2CA5639} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install => C:\Windows\system32\usoclient.exe [2019-09-13] (Microsoft Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2018-04-12 00:34 - 2018-04-12 00:34 - 00491744 _____ () C:\Windows\System32\InputHost.dll 2017-02-08 21:51 - 2016-02-25 15:39 - 00074240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HPM11M13PP.DLL 2014-10-10 11:41 - 2017-01-17 03:25 - 00117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2014-03-03 21:30 - 2014-03-03 21:30 - 00021840 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe 2015-03-01 12:37 - 2013-07-23 04:47 - 00239696 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe 2018-04-12 00:34 - 2018-04-12 00:34 - 00472064 _____ () C:\Windows\ShellExperiences\TileControl.dll 2019-09-11 04:21 - 2019-09-04 05:39 - 02759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 00491744 _____ () C:\WINDOWS\SYSTEM32\InputHost.dll 2019-10-24 10:59 - 2019-10-02 05:23 - 02184192 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 00491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2019-09-25 19:24 - 2019-09-25 19:25 - 00484352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2019-09-25 19:24 - 2019-09-25 19:25 - 80811520 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2019-09-25 19:24 - 2019-09-25 19:25 - 00011264 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll 2019-05-03 17:52 - 2019-05-03 17:53 - 03707904 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll 2017-10-05 08:13 - 2017-10-05 08:15 - 02523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll 2019-09-25 19:24 - 2019-09-25 19:25 - 13444096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll 2019-09-25 19:24 - 2019-09-25 19:24 - 03027968 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll 2019-05-03 17:52 - 2019-05-03 17:53 - 01014784 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll 2019-09-25 19:24 - 2019-09-25 19:25 - 00123904 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\AppSettingsCppCX.dll 2019-08-24 21:39 - 2019-08-24 21:40 - 01418240 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll 2019-08-24 21:39 - 2019-08-24 21:40 - 01398784 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll 2019-09-25 19:24 - 2019-09-25 19:25 - 00881664 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\OnlineMediaComponent.dll 2019-11-01 08:52 - 2019-11-01 08:54 - 23313408 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19101.10711.0_x64__8wekyb3d8bbwe\Music.UI.exe 2019-11-01 08:52 - 2019-11-01 08:54 - 00289280 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19101.10711.0_x64__8wekyb3d8bbwe\SharedUI.dll 2017-12-03 18:33 - 2017-12-03 18:33 - 00902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19101.10711.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll 2018-11-28 22:15 - 2018-11-28 22:15 - 04202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19101.10711.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2019-11-01 08:52 - 2019-11-01 08:54 - 05704704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19101.10711.0_x64__8wekyb3d8bbwe\EntCommon.dll 2019-10-24 11:04 - 2019-10-24 11:09 - 95419808 _____ () C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\libcef.dll 2019-10-24 11:04 - 2019-10-24 11:09 - 05865888 _____ () C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\libglesv2.dll 2019-10-24 11:04 - 2019-10-24 11:09 - 00320416 _____ () C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\libegl.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\Program Files\Microsoft Office 15:Win32App_1 AlternateDataStreams: C:\Program Files\UNP:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\Atheros:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\AVI Media Player:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\Bluetooth Suite:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\Spotify:Win32App_1 AlternateDataStreams: C:\Program Files (x86)\Windows Phone:Win32App_1 AlternateDataStreams: C:\ProgramData\Compal:Win32App_1 AlternateDataStreams: C:\Users\Stefanie\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity AlternateDataStreams: C:\Users\Stefanie\OneDrive:ms-properties AlternateDataStreams: C:\Users\Stefanie\Documents\Ravensburger tiptoi:Win32App_1 ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52} => ""="Firmware" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52} => ""="Firmware" ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer trusted/restricted =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-581088433-320290056-2638895184-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Stefanie\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\DSCN0705.jpg DNS Servers: 192.168.2.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [WirelessDisplay-Infra-In-TCP] => (Allow) %systemroot%\system32\CastSrv.exe FirewallRules: [{43F0A6BA-6580-4322-976C-3526326A1F5B}] => (Allow) LPort=161 FirewallRules: [{79DCE212-6583-418B-98D3-5BC300532550}] => (Allow) LPort=427 FirewallRules: [{C25042E1-630B-4AD4-A979-6FFE4140A5A5}] => (Allow) LPort=9100 FirewallRules: [{DD929EDE-1337-40E5-9E5D-0A0723880007}] => (Allow) C:\Program Files\HP\HP LaserJet Pro M11-M13 Series\wificonfig.exe FirewallRules: [{FB50C379-0382-4110-B384-6355710DB51D}] => (Allow) C:\Program Files\HP\HP LaserJet Pro M11-M13 Series\wificonfig.exe FirewallRules: [{5EE32BE0-2A09-4972-B8EA-D82C4B0BB0A3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe FirewallRules: [{7F78D69A-2287-4026-8902-716FAD84865A}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe FirewallRules: [{6BCFBC3B-73FA-437C-A0F0-B6BD0DBA46E5}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe FirewallRules: [{2518B1F5-B266-462C-967E-1FE500565A1D}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe FirewallRules: [{B8CD2042-38C7-4279-BDC6-2D3F0B7950AB}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe FirewallRules: [{EC3E7A9C-1F3E-4496-9679-41A8BB2070C8}] => (Allow) C:\Users\Stefanie\AppData\Local\Chromium\Application\chrome.exe FirewallRules: [{DD5C4696-91CB-4D58-A8CB-611D9AFE6647}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{4996D0CA-46A7-4EE4-9126-AEFF8C204305}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{48F144F7-DE7A-4999-AC43-DAC45F28266E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{BB53FFB9-F70E-4372-BD56-29255A0AA6F2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{C1FFB7C0-CB49-405F-AAFB-075A914B021F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{E45C0CBB-AE89-4F63-838D-67945D8AB01B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{5DE48DF5-3D61-404A-B2C9-F07C1F539A97}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{2E5306FB-6E3C-412B-B791-7D5446BF4330}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{58E5ED33-30E1-44CF-9884-71D7CB4DE6F7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{39C630F8-E86D-4709-AAF2-80D42663BE65}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{05433D25-F9D2-47BF-A6B8-239999187D56}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{30EB44EC-BD4F-4017-91E2-5904E4563256}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{3BB607EF-D19F-42B0-8EB5-6A0CFCB2C0D4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{29DAA745-1F95-400A-8E60-B93D822FCCED}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{B0BDDE87-16E7-459C-88B2-A1065D8D0764}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{4ACEC861-5733-451B-B4A9-E444522920C9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{3D4B3F98-002F-4641-88AF-35D314E01FAC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{CC0F69FA-6D86-4AB9-85A1-6C9D39F74A6F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{CE69EE57-F033-4D46-8854-FBE98B18D62E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{73A3BF34-A4EC-405F-BE8C-FA3899A84833}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{F9147934-B002-4CE2-BC0D-3E4ABE117951}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{A19A7D11-CF1C-4937-ADE6-9FF3BF77E7F0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{3D7324D6-AB05-4CD1-8453-6946CE24AA27}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{13A4CEF4-3B93-40DA-B2D0-1088F7375CFD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{319681FC-6A8D-4626-8CA8-0756C33578F7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{A342A1BA-5BBF-407D-BF14-59BF45ADE7AC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{08E7051B-889F-48BA-ABE4-04BF0438AF8E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{CA4D3ECA-8BDD-44F4-9332-9D723CB92B42}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{BEDE9B37-22B7-4B59-BB89-C4CBA1FD0A14}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{E28FA4B3-61C9-4D7D-9D60-B73453BD3562}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{525158E3-7566-43A6-AA60-3A84DB9E2F5C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{F573BB4D-92E7-487C-8926-CE508D81D643}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{BD851E31-E1EE-4436-B1A9-B9DBE0B47B22}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{7C78242F-04B7-48C3-A87F-36834A7182A1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{AB0E1EF2-2758-4CCD-A7DA-18C62BA12DC1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{8C65DC10-A379-40E3-AA3E-6B5C9D39AB24}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{33A23490-514E-4A49-BDE0-79C8E1FB0410}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{6B9F3EDA-CA0E-4155-B74F-EBD9FD892B32}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{8D1990B1-2BF9-40B1-A47F-71A9F90D6B41}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{4E9F3EFA-8D84-4DA4-B67F-AE764E7A5D6B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{1764FA75-2F99-4692-9946-5BBC226DE11B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{5E386AEE-D841-473C-81FC-96C8163FC521}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{B728E216-134F-4D62-B5D4-A44ED6DC4EC0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{80E4337B-4555-44C3-B4C3-2AA671E2A20A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{E5FB16D9-00BB-452C-A48E-3FF586352F82}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{0A212600-E0C3-49F1-836A-0968CEC685C7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{244B592A-D1CF-4E06-949E-B6849142FCC4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{794F5D4C-6F6B-4235-B06F-606000888ED5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{92ADB20F-3803-45B0-AFCB-8FC6A46AEB3F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{7334221C-39EC-42D6-9044-4CCC81F543AA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{063DD2C7-3803-471C-B64B-E262140A0A11}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{C47BC493-BC55-4AE9-8E92-F7CA888F688C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{09E8295D-C252-4219-9869-E210EA8B3AB0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{DFFB18C3-019D-42CD-9AB1-3A8EC7BCFE8E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{5D97C3F7-6412-4C57-8BFA-2289D1AEE544}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{6CC13204-DBC1-4456-87A8-EAEEE46968EC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{E155A94C-01EA-42BB-BC5C-7366458AD490}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{7646AA3B-92AD-431F-996A-91ABC915ECFA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{72CB5C21-7D66-468E-83CA-819BEC90EB2A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{A4C1EF6E-B165-420C-A3C6-0F2A9020AE81}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{AAB7BD92-4570-43B8-97F0-A68B8A9E54FE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{407C1A7D-0FFC-4340-809D-61403D8703E9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{96995451-F6EB-4D08-9DA4-A1CA07B526A6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{64D53E24-B1EA-4C9C-9AEB-6C9528E03D3C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{FA0CA4FF-D002-4B60-B284-109F09D44703}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{55D5E618-2CA3-49BA-9379-61146CB3AEF9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{3EF6F584-A247-40B3-B574-932F6A9635EA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{4C97CA9A-BABE-4452-B607-AF99A96EA30D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{A0D7B789-B835-45A8-AAC0-CEEC4E2D9BF2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{7FB6BC8F-3D97-469D-A437-5FF319660C17}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{50998D75-C944-4DBF-8AFE-064E167AD044}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{7363A9AF-BDEE-4370-8DD7-39EF7289A9D3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{545AF423-F6B8-40BC-85ED-EE6B31C3EEEB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{B4F7E179-C922-43EB-BE83-D5CC2CB7BF24}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{ECC4D9EF-B77A-4CE5-A6DD-F56BD1024C2D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{E4346D0F-393C-4029-BC6D-337629F64BA2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{B6E59659-3FF8-45C9-9ADD-AFD91AEB9937}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{EAB17B20-2A2B-4E37-B92B-DFB2454F595E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (10/28/2019 06:45:43 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm SearchUI.exe, Version 10.0.17134.1067 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 360 Startzeit: 01d58d52af172ac6 Beendigungszeit: 4294967295 Anwendungspfad: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe Berichts-ID: 1696ef40-c99d-44e8-9ce6-afa210466031 Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Cortana_1.10.8.17134_neutral_neutral_cw5n1h2txyewy Auf das fehlerhafte Paket bezogene Anwendungs-ID: CortanaUI Error: (10/27/2019 05:01:26 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig. . Vorgang: Asynchroner Vorgang wird ausgeführt Kontext: Aktueller Status: DoSnapshotSet Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddWin32ServiceFiles: Unable to back up image of service Avast Antivirus since QueryServiceConfig API failed System Error: Das System kann die angegebene Datei nicht finden. . Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddWin32ServiceFiles: Unable to back up image of service aswbIDSAgent since QueryServiceConfig API failed System Error: Das System kann die angegebene Datei nicht finden. . Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary aswVmm. System Error: Das System kann die angegebene Datei nicht finden. . Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary aswSP. System Error: Das System kann die angegebene Datei nicht finden. . Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary aswSnx. System Error: Das System kann die angegebene Datei nicht finden. . Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary aswRvrt. System Error: Das System kann die angegebene Datei nicht finden. . Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary aswRdr. System Error: Das System kann die angegebene Datei nicht finden. . Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary aswMonFlt. System Error: Das System kann die angegebene Datei nicht finden. . Systemfehler: ============= Error: (11/01/2019 08:57:07 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d02 fehlgeschlagen: 9NCBCSZSJRSB-SpotifyAB.SpotifyMusic Error: (11/01/2019 08:48:35 AM) (Source: DCOM) (EventID: 10016) (User: FINN) Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}FinnStefanieS-1-5-21-581088433-320290056-2638895184-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewyS-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723 Error: (11/01/2019 08:48:23 AM) (Source: DCOM) (EventID: 10016) (User: FINN) Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}FinnStefanieS-1-5-21-581088433-320290056-2638895184-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewyS-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723 Error: (11/01/2019 08:44:16 AM) (Source: DCOM) (EventID: 10016) (User: FINN) Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}FinnStefanieS-1-5-21-581088433-320290056-2638895184-1001LocalHost (unter Verwendung von LRPC)SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0Nicht verfügbar Error: (11/01/2019 08:43:56 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT) Description: {784E29F4-5EBE-4279-9948-1E8FE941646D} Error: (11/01/2019 08:42:26 AM) (Source: DCOM) (EventID: 10016) (User: FINN) Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}FinnStefanieS-1-5-21-581088433-320290056-2638895184-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewyS-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723 Error: (11/01/2019 08:40:56 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalAktivierung{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (11/01/2019 08:40:56 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalAktivierung{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (11/01/2019 08:40:54 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (10/28/2019 06:48:05 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalStartWindows.SecurityCenter.WscBrokerManagerNicht verfügbarNT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Microsoft Office: ========================= Error: (10/28/2019 06:45:43 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: SearchUI.exe10.0.17134.106736001d58d52af172ac64294967295C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe1696ef40-c99d-44e8-9ce6-afa210466031Microsoft.Windows.Cortana_1.10.8.17134_neutral_neutral_cw5n1h2txyewyCortanaUI Error: (10/27/2019 05:01:26 PM) (Source: VSS) (EventID: 8193) (User: ) Description: QueryFullProcessImageNameW0x80070006, Das Handle ist ungültig. Vorgang: Asynchroner Vorgang wird ausgeführt Kontext: Aktueller Status: DoSnapshotSet Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddWin32ServiceFiles: Unable to back up image of service Avast Antivirus since QueryServiceConfig API failed System Error: Das System kann die angegebene Datei nicht finden. Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddWin32ServiceFiles: Unable to back up image of service aswbIDSAgent since QueryServiceConfig API failed System Error: Das System kann die angegebene Datei nicht finden. Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddLegacyDriverFiles: Unable to back up image of binary aswVmm. System Error: Das System kann die angegebene Datei nicht finden. Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddLegacyDriverFiles: Unable to back up image of binary aswSP. System Error: Das System kann die angegebene Datei nicht finden. Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddLegacyDriverFiles: Unable to back up image of binary aswSnx. System Error: Das System kann die angegebene Datei nicht finden. Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddLegacyDriverFiles: Unable to back up image of binary aswRvrt. System Error: Das System kann die angegebene Datei nicht finden. Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddLegacyDriverFiles: Unable to back up image of binary aswRdr. System Error: Das System kann die angegebene Datei nicht finden. Error: (10/27/2019 04:59:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddLegacyDriverFiles: Unable to back up image of binary aswMonFlt. System Error: Das System kann die angegebene Datei nicht finden. CodeIntegrity: =================================== Date: 2019-10-07 19:05:43.488 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-09-25 09:26:00.839 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements. Date: 2018-09-25 09:26:00.604 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements. Date: 2018-09-25 09:26:00.245 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements. ==================== Speicherinformationen =========================== Processor: Intel(R) Celeron(R) CPU N2830 @ 2.16GHz Percentage of memory in use: 57% Total physical RAM: 3982.88 MB Available physical RAM: 1685.45 MB Total Virtual: 4686.88 MB Available Virtual: 1690.15 MB ==================== Drives ================================ Drive c: (TI31338300A) (Fixed) (Total:453.31 GB) (Free:318.02 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000) Partition: GPT Partition Type. ==================== Ende von log ============================ |
01.11.2019, 11:03 | #19 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Einige Funde mit Malwarebytes Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ATTENTION FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll No File FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll No File FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No File FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK Task: {05C3BAB1-68F8-4EAF-B4AF-8C21E2478533} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime No Task File <==== ATTENTION Task: {0BA33681-9D00-4B31-9A87-01683672BFEF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d No Task File <==== ATTENTION Task: {1FAE791A-9736-4412-823B-80AE3EE2C1CB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d No Task File <==== ATTENTION Task: {289D68A0-E96F-491B-9498-B0B602C5C53A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess No Task File <==== ATTENTION Task: {28C75830-5752-4F41-A94B-BFD5E8A0D7C8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d No Task File <==== ATTENTION Task: {3137ADB6-515F-4020-9DB9-0F91106BB27F} - \WPD\SqmUpload_S-1-5-21-581088433-320290056-2638895184-1001 No Task File <==== ATTENTION Task: {3790297B-C317-4FEB-9E8D-3B4C85520240} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig No Task File <==== ATTENTION Task: {4F662F7F-D75F-455E-A03A-8AD0D8313218} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B No Task File <==== ATTENTION Task: {7E964508-4868-4DB6-A10A-B96FAE223F77} - \Microsoft\Windows\UNP\RunCampaignManager No Task File <==== ATTENTION Task: {91AF4E1B-193C-48CF-9F8C-4E86CB77B10B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime No Task File <==== ATTENTION Task: {9D6319E1-E88F-4D35-AD66-C4EED376E93E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d No Task File <==== ATTENTION Task: {9E1DD7B4-6A7B-4AD3-B4AA-B4741028631C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent No Task File <==== ATTENTION Task: {EF7CFDCE-C0DD-449F-9DF2-CCEB2CE3AE8B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent No Task File <==== ATTENTION Task: {F35ACE16-1E96-431C-B189-F2F82BA8A4F9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d No Task File <==== ATTENTION C:\Program Files (x86)\McAfee C:\Program Files\McAfee emptytemp: Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
01.11.2019, 12:12 | #20 |
Einige Funde mit MalwarebytesCode:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:28-07-2015 durchgeführt von Stefanie (2019-11-01 11:57:06) Run:1 Gestartet von C:\Users\Stefanie\Desktop Geladene Profile: Stefanie (Verfügbare Profile: Stefanie) Start-Modus: Normal ============================================== fixlist Inhalt: ***************** CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ATTENTION FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll No File FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll No File FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No File FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK Task: {05C3BAB1-68F8-4EAF-B4AF-8C21E2478533} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime No Task File <==== ATTENTION Task: {0BA33681-9D00-4B31-9A87-01683672BFEF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d No Task File <==== ATTENTION Task: {1FAE791A-9736-4412-823B-80AE3EE2C1CB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d No Task File <==== ATTENTION Task: {289D68A0-E96F-491B-9498-B0B602C5C53A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess No Task File <==== ATTENTION Task: {28C75830-5752-4F41-A94B-BFD5E8A0D7C8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d No Task File <==== ATTENTION Task: {3137ADB6-515F-4020-9DB9-0F91106BB27F} - \WPD\SqmUpload_S-1-5-21-581088433-320290056-2638895184-1001 No Task File <==== ATTENTION Task: {3790297B-C317-4FEB-9E8D-3B4C85520240} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig No Task File <==== ATTENTION Task: {4F662F7F-D75F-455E-A03A-8AD0D8313218} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B No Task File <==== ATTENTION Task: {7E964508-4868-4DB6-A10A-B96FAE223F77} - \Microsoft\Windows\UNP\RunCampaignManager No Task File <==== ATTENTION Task: {91AF4E1B-193C-48CF-9F8C-4E86CB77B10B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime No Task File <==== ATTENTION Task: {9D6319E1-E88F-4D35-AD66-C4EED376E93E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d No Task File <==== ATTENTION Task: {9E1DD7B4-6A7B-4AD3-B4AA-B4741028631C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent No Task File <==== ATTENTION Task: {EF7CFDCE-C0DD-449F-9DF2-CCEB2CE3AE8B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent No Task File <==== ATTENTION Task: {F35ACE16-1E96-431C-B189-F2F82BA8A4F9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d No Task File <==== ATTENTION C:\Program Files (x86)\McAfee C:\Program Files\McAfee emptytemp: ***************** "HKLM\SOFTWARE\Policies\Google" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Schlüssel erfolgreich entfernt "HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10" => Schlüssel erfolgreich entfernt "HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/MSC,version=10" => Schlüssel erfolgreich entfernt C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll nicht gefunden. "HKLM\Software\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0" => Schlüssel erfolgreich entfernt C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll nicht gefunden. HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\msktbird@mcafee.com => Wert erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{05C3BAB1-68F8-4EAF-B4AF-8C21E2478533}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05C3BAB1-68F8-4EAF-B4AF-8C21E2478533}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0BA33681-9D00-4B31-9A87-01683672BFEF}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0BA33681-9D00-4B31-9A87-01683672BFEF}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1FAE791A-9736-4412-823B-80AE3EE2C1CB}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1FAE791A-9736-4412-823B-80AE3EE2C1CB}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{289D68A0-E96F-491B-9498-B0B602C5C53A}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{289D68A0-E96F-491B-9498-B0B602C5C53A}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{28C75830-5752-4F41-A94B-BFD5E8A0D7C8}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{28C75830-5752-4F41-A94B-BFD5E8A0D7C8}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3137ADB6-515F-4020-9DB9-0F91106BB27F}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3137ADB6-515F-4020-9DB9-0F91106BB27F}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-581088433-320290056-2638895184-1001" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3790297B-C317-4FEB-9E8D-3B4C85520240}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3790297B-C317-4FEB-9E8D-3B4C85520240}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4F662F7F-D75F-455E-A03A-8AD0D8313218}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F662F7F-D75F-455E-A03A-8AD0D8313218}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7E964508-4868-4DB6-A10A-B96FAE223F77}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E964508-4868-4DB6-A10A-B96FAE223F77}" => Schlüssel erfolgreich entfernt HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => Schlüssel nicht gefunden. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{91AF4E1B-193C-48CF-9F8C-4E86CB77B10B}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{91AF4E1B-193C-48CF-9F8C-4E86CB77B10B}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9D6319E1-E88F-4D35-AD66-C4EED376E93E}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9D6319E1-E88F-4D35-AD66-C4EED376E93E}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9E1DD7B4-6A7B-4AD3-B4AA-B4741028631C}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9E1DD7B4-6A7B-4AD3-B4AA-B4741028631C}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EF7CFDCE-C0DD-449F-9DF2-CCEB2CE3AE8B}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EF7CFDCE-C0DD-449F-9DF2-CCEB2CE3AE8B}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F35ACE16-1E96-431C-B189-F2F82BA8A4F9}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F35ACE16-1E96-431C-B189-F2F82BA8A4F9}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => Schlüssel erfolgreich entfernt "C:\Program Files (x86)\McAfee" => Datei/Ordner nicht gefunden. "C:\Program Files\McAfee" => Datei/Ordner nicht gefunden. EmptyTemp: => 6.5 GB temporäre Dateien entfernt. Das System musste neu gestartet werden.. ==== Ende von Fixlog 11:58:40 ==== |
01.11.2019, 12:13 | #21 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Einige Funde mit Malwarebytes Kontrollscans mit Malwarebytes + ESET Online Scanner bitte.
__________________ --> Einige Funde mit Malwarebytes |
01.11.2019, 17:34 | #22 |
Einige Funde mit Malwarebytes ESET Online Scanner Code:
ATTFilter 12:34:31 # product=EOS # version=8 # ESETOnlineScanner_DEU.exe=3.1.10.0 # country="Germany" # lang=1031 12:35:20 Updating 12:35:20 Update Init 12:35:23 Update Download 12:41:55 esets_scanner_reload returned 0 12:41:55 g_uiModuleBuild: 43300 12:41:55 Update Finalize 12:41:55 Call m_esets_charon_send 12:41:55 Call m_esets_charon_destroy 12:41:55 Updated modules version: 43300 12:42:16 Call m_esets_charon_setup_create 12:42:16 Call m_esets_charon_create 12:42:16 m_esets_charon_create OK 12:42:17 Call m_esets_charon_start_send_thread 12:42:17 Call m_esets_charon_setup_set 12:42:17 m_esets_charon_setup_set OK 12:42:17 Scanner engine: 43300 16:55:43 # product=EOS # version=8 # flags=0 # av=0 # fw=7 # admin=1 # ESETOnlineScanner_DEU.exe=3.1.10.0 # EOSSerial=14e6e202ebea79429ec08cb90afe4a97 # engine=43300 # end=finished # bannerClicked=0 # remove_checked=true # archives_checked=false # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # sfx_checked=true # utc_time=2019-11-01 15:55:42 # local_time=2019-11-01 16:55:42 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1031 # osver=10.0.17134 NT # compatibility_mode_1='' # compatibility_mode=5893 16776573 100 94 28733 49134104 0 0 # scanned=280304 # found=6 # cleaned=6 # scan_time=15144 # scan_type=2 # flow=2019-11-01 12:34:35|scr|eula|2019-11-01 12:34:42|scr|welcome|2019-11-01 12:34:50|scr|consents|2019-11-01 12:34:56|scr|scan_type|2019-11-01 12:35:00|scr|pua|2019-11-01 12:35:20|scr|updating|2019-11-01 12:36:31|promo|eis|2019-11-01 12:41:56|scr|scanning|2019-11-01 13:09:51|click|minimize|2019-11-01 16:54:22|scr|all_cleaned|2019-11-01 16:55:15|scr|periodic_offer|2019-11-01 16:55:24|scr|upsell|2019-11-01 16:55:29|scr|thanks # periodic=0,1 # stats_enabled=1 sh=F8E1E9F41C0F75101ECF97F739CAD15867ED9906 ft=0 fh=0000000000000fbf vn="JS/Adware.Chromex.Agent.M Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\Stefanie\AppData\Local\Chromium\User Data\Default\Extensions\bpmmandcadflhnnaiclipadomfmdbjbp\2.4.1_0\stats.js" sh=57109D3ACFAC8456F6C83466E3FA48B7A29C2230 ft=1 fh=00000000020d3428 vn="Win32/OpenCandy potenziell unsichere Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\Stefanie\Documents\sicherung\FreeYouTubeToMP3-35Converter.exe" sh=EDCF4EA293DD0C7475D73797276FBE9E45EBBC29 ft=1 fh=00000000005906f8 vn="Variante von Win32/FileTypeAdvisor.A potenziell unerwünschte Anwendung,Win32/Somoto.E potenziell unerwünschte Anwendung,Variante von Win32/Somoto.V potenziell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\Stefanie\Documents\sicherung\m4a-to80-mp3-converter.exe" sh=70554D4FA9BB0357E867B9D8F5FD4170D6556D9B ft=1 fh=00000000000a9d60 vn="Variante von MSIL/DownloadGuide.D potenziell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\Stefanie\Documents\sicherung\showcreator142-Downloader.exe" sh=510F9ECCDEF59D5A22F78C368FF1C0782778DCF2 ft=1 fh=0000000000c7c728 vn="Win32/OpenCandy potenziell unsichere Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\Stefanie\Documents\sicherung\winamp563_full_emusic-7plus_de-de.exe" sh=A70840939A26D36FAC9DDEEB93D7E6EA3C159477 ft=1 fh=000000000cc8f748 vn="Variante von MSIL/Toshiba3rdParty.A potenziell unerwünschte Anwendung (gelöscht)" ac=C fn="C:\Users\Stefanie\Downloads\TCA0114800E.exe" 16:55:43 RecursiveRemoveDirectoryAndAllFiles: C:\Users\Stefanie\AppData\Local\ESET\ESETOnlineScanner\Modules\ 16:55:43 RecursiveRemoveDirectoryAndAllFiles: C:\Users\Stefanie\AppData\Local\ESET\ESETOnlineScanner\OldModules\ 16:55:43 DeleteEstsApi: C:\Users\Stefanie\AppData\Local\ESET\ESETOnlineScanner 16:55:44 DeleteApiStgFile: C:\Users\Stefanie\AppData\Local\ESET\ESETOnlineScanner 16:55:44 DeletePeriodicNotifyFiles: C:\Users\Stefanie\AppData\Local\ESET\ESETOnlineScanner 16:55:44 RecursiveRemoveDirectoryAndAllFiles: C:\Users\Stefanie\AppData\Local\ESET\ESETOnlineScanner\Char_Cache\ 16:55:45 Call m_esets_charon_send 16:55:45 Call m_esets_charon_destroy Code:
ATTFilter Malwarebytes www.malwarebytes.com -Protokolldetails- Scan-Datum: 01.11.19 Scan-Zeit: 16:59 Protokolldatei: a4ab3b12-fcc0-11e9-a9c5-f8a963877fd0.json -Softwaredaten- Version: 3.8.3.2965 Komponentenversion: 1.0.629 Version des Aktualisierungspakets: 1.0.13141 Lizenz: Kostenlos -Systemdaten- Betriebssystem: Windows 10 (Build 17134.1069) CPU: x64 Dateisystem: NTFS Benutzer: FINN\Stefanie -Scan-Übersicht- Scan-Typ: Bedrohungs-Scan Scan gestartet von: Manuell Ergebnis: Abgeschlossen Gescannte Objekte: 294399 Erkannte Bedrohungen: 0 In die Quarantäne verschobene Bedrohungen: 0 Abgelaufene Zeit: 15 Min., 10 Sek. -Scan-Optionen- Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Erkennung PUM: Erkennung -Scan-Details- Prozess: 0 (keine bösartigen Elemente erkannt) Modul: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswert: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Daten-Stream: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Datei: 0 (keine bösartigen Elemente erkannt) Physischer Sektor: 0 (keine bösartigen Elemente erkannt) WMI: 0 (keine bösartigen Elemente erkannt) (end) |
01.11.2019, 19:52 | #23 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Einige Funde mit Malwarebytes Dann wären wir durch! Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen. Abschließend bitte noch einen Cleanup mit unserem TB-Cleanup-Script durchführen und unbedingt die Sicherheitsmaßnahmen lesen und umsetzen - beides ist in folgendem Lesestoff verlinkt:
__________________ Logfiles bitte immer in CODE-Tags posten |
02.11.2019, 09:52 | #24 |
Einige Funde mit Malwarebytes Dann vielen Danke für deine Hilfe |
Themen zu Einige Funde mit Malwarebytes |
.dll, appdata, c:\windows, code, explorer, files, firefox, gen, google, icons, internet, internet explorer, laptop, log, malwarebytes, microsoft, mozilla, quarantäne, roaming, secure, services, setup, system32, update, windows |