Einige Funde mit Malwarebytes

Djchaos · 29.09.2019, 12:26

Ich habe einen Laptop mit Malwarebytes gescannt und einige (127) Objekte gefunden.

Kann mir jemand bei der Reinigung helfen?

Habe einmal den Report von Malwarebytes beigefügt.

Code:

ATTFilter

Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 29.09.19
Scan-Zeit: 12:28
Protokolldatei: d21fcdce-e2a3-11e9-ba90-f8a963877fd0.json

-Softwaredaten-
Version: 3.6.1.2711
Komponentenversion: 1.0.519
Version des Aktualisierungspakets: 1.0.12693
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10 (Build 17134.1006)
CPU: x64
Dateisystem: NTFS
Benutzer: FINN\Stefanie

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 291332
Erkannte Bedrohungen: 127
In die Quarantäne verschobene Bedrohungen: 127
Abgelaufene Zeit: 12 Min., 53 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 32
PUP.Optional.Astromenda, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\WSE_Astromenda, In Quarantäne, [285], [175530],1.0.12693
PUP.Optional.Astromenda, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{038CC780-5E75-4C0D-8D8B-82BC0CB658DE}, In Quarantäne, [285], [175530],1.0.12693
PUP.Optional.Astromenda, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{038CC780-5E75-4C0D-8D8B-82BC0CB658DE}, In Quarantäne, [285], [175530],1.0.12693
PUP.Optional.IoloSC, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\IOLO SCU TASK ONE, In Quarantäne, [1209], [349240],1.0.12693
PUP.Optional.IoloSC, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{5E8D4DEB-BE65-448B-ABFA-01285579BD88}, In Quarantäne, [1209], [349240],1.0.12693
PUP.Optional.IoloSC, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{5E8D4DEB-BE65-448B-ABFA-01285579BD88}, In Quarantäne, [1209], [349240],1.0.12693
PUP.Optional.InstallCore, HKU\S-1-5-21-581088433-320290056-2638895184-1001\SOFTWARE\InstallCore, In Quarantäne, [453], [239563],1.0.12693
PUP.Optional.SysTweak, HKU\S-1-5-21-581088433-320290056-2638895184-1001\SOFTWARE\systweak, In Quarantäne, [738], [327156],1.0.12693
PUP.Optional.Astromenda, HKU\S-1-5-21-581088433-320290056-2638895184-1001\SOFTWARE\wse_astromenda, In Quarantäne, [285], [235611],1.0.12693
PUP.Optional.uTab, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\BPMMANDCADFLHNNAICLIPADOMFMDBJBP, In Quarantäne, [2194], [465110],1.0.12693
PUP.Optional.uTab, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\BPMMANDCADFLHNNAICLIPADOMFMDBJBP, In Quarantäne, [2194], [465110],1.0.12693
PUP.Optional.uTab, HKU\S-1-5-21-581088433-320290056-2638895184-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\bpmmandcadflhnnaiclipadomfmdbjbp, In Quarantäne, [2194], [465110],1.0.12693
PUP.Optional.RegCleanPro, HKU\S-1-5-21-581088433-320290056-2638895184-1001\SOFTWARE\REG\Clean, In Quarantäne, [4470], [347493],1.0.12693
PUP.Optional.SystemSpeedup, HKU\S-1-5-21-581088433-320290056-2638895184-1001\SOFTWARE\SYSTWEAK\ssd, In Quarantäne, [1601], [190781],1.0.12693
PUP.Optional.InstallCore, HKLM\SOFTWARE\WOW6432NODE\InstallCore, In Quarantäne, [453], [239564],1.0.12693
PUP.Optional.SysTweak, HKLM\SOFTWARE\WOW6432NODE\Systweak, In Quarantäne, [738], [327155],1.0.12693
PUP.Optional.IoloSC, HKLM\SOFTWARE\WOW6432NODE\IOLO\System Checkup, In Quarantäne, [1209], [349242],1.0.12693
PUP.Optional.CleanMyPC, HKLM\SOFTWARE\WOW6432NODE\REG\Clean, In Quarantäne, [3276], [348488],1.0.12693
PUP.Optional.SystemSpeedup, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\ssd, In Quarantäne, [1601], [190782],1.0.12693
PUP.Optional.Yontoo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Update Framed Display, In Quarantäne, [31], [253986],1.0.12693
PUP.Optional.Yontoo, HKLM\SOFTWARE\POLICIES\GOOGLE\CHROME, In Quarantäne, [31], [-1],0.0.0
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\CHROME, In Quarantäne, [31], [-1],0.0.0
PUP.Optional.WinYahoo.TskLnk, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5248BA88-02C8-6B08-B348-1B8863C8C808}, In Quarantäne, [820], [542290],1.0.12693
PUP.Optional.WinYahoo.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\{2B98FEB0-6DA7-A6C5-DCC0-4113E135866E}\productupdt, In Quarantäne, [218], [625617],1.0.12693
PUP.Optional.WinYahoo.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{60CD12CC-083B-4C1A-B5DC-FE8E11A8B11A}, In Quarantäne, [218], [625617],1.0.12693
PUP.Optional.WinYahoo.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{60CD12CC-083B-4C1A-B5DC-FE8E11A8B11A}, In Quarantäne, [218], [625617],1.0.12693
PUP.Optional.WinYahoo.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\{0C182351-B27D-9E7C-31EE-24E1077FF885}, In Quarantäne, [218], [521470],1.0.12693
PUP.Optional.WinYahoo.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E752AEC8-AC3D-4168-BA19-930CE67D97AE}, In Quarantäne, [218], [521470],1.0.12693
PUP.Optional.WinYahoo.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{E752AEC8-AC3D-4168-BA19-930CE67D97AE}, In Quarantäne, [218], [521470],1.0.12693
PUP.Optional.WinYahoo.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\{032FFC57-D991-AF4D-C890-0273D5EDC3FA}, In Quarantäne, [218], [521470],1.0.12693
PUP.Optional.WinYahoo.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E51CCA77-E57B-41A7-B83C-6A82FDD181C8}, In Quarantäne, [218], [521470],1.0.12693
PUP.Optional.WinYahoo.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{E51CCA77-E57B-41A7-B83C-6A82FDD181C8}, In Quarantäne, [218], [521470],1.0.12693

Registrierungswert: 6
PUP.Optional.Amazon1Button.AppFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, In Quarantäne, [2820], [-1],0.0.0
PUP.Optional.Amazon1Button.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, In Quarantäne, [2820], [-1],0.0.0
PUP.Optional.uTab, HKU\S-1-5-21-581088433-320290056-2638895184-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|BPMMANDCADFLHNNAICLIPADOMFMDBJBP, In Quarantäne, [2194], [465110],1.0.12693
PUP.Optional.NotChromeRun, HKU\S-1-5-21-581088433-320290056-2638895184-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|CHROMIUM, In Quarantäne, [6688], [391151],1.0.12693
PUP.Optional.Astromenda, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|APPPATH, In Quarantäne, [285], [235613],1.0.12693
PUP.Optional.Astromenda, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{038CC780-5E75-4C0D-8D8B-82BC0CB658DE}|PATH, In Quarantäne, [285], [348600],1.0.12693

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 18
PUP.Optional.Astromenda, C:\Program Files (x86)\WSE_Astromenda\BRS, In Quarantäne, [285], [174367],1.0.12693
PUP.Optional.Astromenda, C:\Program Files (x86)\WSE_Astromenda\bh, In Quarantäne, [285], [174367],1.0.12693
PUP.Optional.Astromenda, C:\PROGRAM FILES (X86)\WSE_Astromenda, In Quarantäne, [285], [174367],1.0.12693
PUP.Optional.Astromenda, C:\Users\Stefanie\AppData\Roaming\Astromenda\BRS, In Quarantäne, [285], [175529],1.0.12693
PUP.Optional.Astromenda, C:\USERS\STEFANIE\APPDATA\ROAMING\ASTROMENDA, In Quarantäne, [285], [175529],1.0.12693
PUP.Optional.Astromenda, C:\Users\Stefanie\AppData\Roaming\WSE_Astromenda\icons_3.5.1.2, In Quarantäne, [285], [175530],1.0.12693
PUP.Optional.Astromenda, C:\Users\Stefanie\AppData\Roaming\WSE_Astromenda\UpdateProc, In Quarantäne, [285], [175530],1.0.12693
PUP.Optional.Astromenda, C:\USERS\STEFANIE\APPDATA\ROAMING\WSE_ASTROMENDA, In Quarantäne, [285], [175530],1.0.12693
PUP.Optional.FramedDisplay, C:\PROGRAM FILES (X86)\FRAMED DISPLAY, In Quarantäne, [593], [177228],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\USERS\STEFANIE\APPDATA\LOCAL\{2B3B1D67-0F93-71DF-620B-54374663A8AF}, In Quarantäne, [820], [484244],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{94E1A2BD-B049-CE05-DDD1-EBEDF9B91775}\HowToRemove, In Quarantäne, [820], [484244],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\USERS\STEFANIE\APPDATA\LOCAL\{94E1A2BD-B049-CE05-DDD1-EBEDF9B91775}, In Quarantäne, [820], [484244],1.0.12693
PUP.Optional.SysTweak, C:\USERS\STEFANIE\APPDATA\ROAMING\SYSTWEAK, In Quarantäne, [738], [327152],1.0.12693
PUP.Optional.IoloSC, C:\PROGRAM FILES (X86)\IOLO\SYSTEM CHECKUP, In Quarantäne, [1209], [349237],1.0.12693
PUP.Optional.IoloSC, C:\PROGRAMDATA\IOLO\SCU, In Quarantäne, [1209], [349238],1.0.12693
PUP.Optional.Amazon1Button.AppFlsh, C:\PROGRAM FILES (X86)\AMAZON\AMAZON1BUTTONAPP, In Quarantäne, [2820], [464595],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{53AE65F2-7706-094A-1A9E-2CA23EF6D03A}\HowToRemove, In Quarantäne, [820], [542290],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\USERS\STEFANIE\APPDATA\LOCAL\{53AE65F2-7706-094A-1A9E-2CA23EF6D03A}, In Quarantäne, [820], [542290],1.0.12693

Datei: 71
PUP.Optional.Astromenda, C:\Program Files (x86)\WSE_Astromenda\BRS\Sqlite3.dll, In Quarantäne, [285], [174367],1.0.12693
PUP.Optional.Astromenda, C:\Program Files (x86)\WSE_Astromenda\astcnfg.dat, In Quarantäne, [285], [174367],1.0.12693
PUP.Optional.Astromenda, C:\Program Files (x86)\WSE_Astromenda\FavIcon.ico, In Quarantäne, [285], [174367],1.0.12693
PUP.Optional.Astromenda, C:\Program Files (x86)\WSE_Astromenda\Sqlite3.dll, In Quarantäne, [285], [174367],1.0.12693
PUP.Optional.Astromenda, C:\Program Files (x86)\WSE_Astromenda\uninst.dat, In Quarantäne, [285], [174367],1.0.12693
PUP.Optional.Astromenda, C:\WINDOWS\TASKS\WSE_Astromenda.job, In Quarantäne, [285], [235604],1.0.12693
PUP.Optional.Astromenda, C:\Users\Stefanie\AppData\Roaming\Astromenda\BRS\stats, In Quarantäne, [285], [175529],1.0.12693
PUP.Optional.Astromenda, C:\Users\Stefanie\AppData\Roaming\WSE_Astromenda\icons_3.5.1.2\ctr.ico, In Quarantäne, [285], [175530],1.0.12693
PUP.Optional.Astromenda, C:\Users\Stefanie\AppData\Roaming\WSE_Astromenda\UpdateProc\config.dat, In Quarantäne, [285], [175530],1.0.12693
PUP.Optional.Astromenda, C:\Users\Stefanie\AppData\Roaming\WSE_Astromenda\UpdateProc\info.dat, In Quarantäne, [285], [175530],1.0.12693
PUP.Optional.Astromenda, C:\Users\Stefanie\AppData\Roaming\WSE_Astromenda\UpdateProc\STTL.DAT, In Quarantäne, [285], [175530],1.0.12693
PUP.Optional.Astromenda, C:\Users\Stefanie\AppData\Roaming\WSE_Astromenda\UpdateProc\TTL.DAT, In Quarantäne, [285], [175530],1.0.12693
PUP.Optional.Astromenda, C:\Users\Stefanie\AppData\Roaming\WSE_Astromenda\UpdateProc\UpdateTask.exe, In Quarantäne, [285], [175530],1.0.12693
PUP.Optional.Astromenda, C:\WINDOWS\SYSTEM32\TASKS\WSE_Astromenda, In Quarantäne, [285], [175530],1.0.12693
PUP.Optional.IoloSC, C:\WINDOWS\SYSTEM32\TASKS\IOLO SCU TASK ONE, In Quarantäne, [1209], [349240],1.0.12693
PUP.Optional.SysTweak, C:\WINDOWS\SYSTEM32\ROBOOT64.EXE, In Quarantäne, [738], [395666],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\USERS\STEFANIE\APPDATA\LOCAL\{2B3B1D67-0F93-71DF-620B-54374663A8AF}\cete, In Quarantäne, [820], [484244],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\USERS\STEFANIE\APPDATA\LOCAL\{94E1A2BD-B049-CE05-DDD1-EBEDF9B91775}\sila, In Quarantäne, [820], [484244],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{94E1A2BD-B049-CE05-DDD1-EBEDF9B91775}\HowToRemove\chromium-min.jpg, In Quarantäne, [820], [484244],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{94E1A2BD-B049-CE05-DDD1-EBEDF9B91775}\HowToRemove\control panel-min-min.JPG, In Quarantäne, [820], [484244],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{94E1A2BD-B049-CE05-DDD1-EBEDF9B91775}\HowToRemove\down.png, In Quarantäne, [820], [484244],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{94E1A2BD-B049-CE05-DDD1-EBEDF9B91775}\HowToRemove\ff menu.JPG, In Quarantäne, [820], [484244],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{94E1A2BD-B049-CE05-DDD1-EBEDF9B91775}\HowToRemove\ff search engine-min.png, In Quarantäne, [820], [484244],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{94E1A2BD-B049-CE05-DDD1-EBEDF9B91775}\HowToRemove\HowToRemove.html, In Quarantäne, [820], [484244],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{94E1A2BD-B049-CE05-DDD1-EBEDF9B91775}\HowToRemove\hp-min ff.png, In Quarantäne, [820], [484244],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{94E1A2BD-B049-CE05-DDD1-EBEDF9B91775}\HowToRemove\hp-min ie.png, In Quarantäne, [820], [484244],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{94E1A2BD-B049-CE05-DDD1-EBEDF9B91775}\HowToRemove\search engine.gif, In Quarantäne, [820], [484244],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{94E1A2BD-B049-CE05-DDD1-EBEDF9B91775}\HowToRemove\setup pages.gif, In Quarantäne, [820], [484244],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{94E1A2BD-B049-CE05-DDD1-EBEDF9B91775}\HowToRemove\sp-min.png, In Quarantäne, [820], [484244],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{94E1A2BD-B049-CE05-DDD1-EBEDF9B91775}\HowToRemove\start-min.jpg, In Quarantäne, [820], [484244],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{94E1A2BD-B049-CE05-DDD1-EBEDF9B91775}\HowToRemove\up.png, In Quarantäne, [820], [484244],1.0.12693
PUP.Optional.IoloSC, C:\ProgramData\iolo\SCU\fileinfo.dll, In Quarantäne, [1209], [349238],1.0.12693
PUP.Optional.IoloSC, C:\ProgramData\iolo\SCU\scuebhtml.dll, In Quarantäne, [1209], [349238],1.0.12693
PUP.Optional.IoloSC, C:\ProgramData\iolo\SCU\sculnch.lnk, In Quarantäne, [1209], [349238],1.0.12693
PUP.Optional.IoloSC, C:\ProgramData\iolo\SCU\scutstr.dll, In Quarantäne, [1209], [349238],1.0.12693
PUP.Optional.IoloSC, C:\ProgramData\iolo\SCU\smscn.dll, In Quarantäne, [1209], [349238],1.0.12693
PUP.Optional.uTab, C:\USERS\STEFANIE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Ersetzt, [2194], [465110],1.0.12693
PUP.Optional.Yontoo, C:\DOCUMENTS AND SETTINGS\ALL USERS\NTUSER.POL, In Quarantäne, [31], [-1],0.0.0
PUP.Optional.Yontoo, C:\PROGRAMDATA\NTUSER.POL, In Quarantäne, [31], [-1],0.0.0
PUP.Optional.Yontoo, C:\WINDOWS\SYSTEM32\GROUPPOLICY\MACHINE\REGISTRY.POL, In Quarantäne, [31], [-1],0.0.0
PUP.Optional.WinYahoo.TskLnk, C:\PROGRAMDATA\Microsoft\Windows\Start Menu\Programs\HowToRemove.lnk, In Quarantäne, [820], [542290],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\USERS\STEFANIE\APPDATA\ROAMING\Microsoft\Windows\Start Menu\Programs\HowToRemove.lnk, In Quarantäne, [820], [542290],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\USERS\STEFANIE\APPDATA\LOCAL\{53AE65F2-7706-094A-1A9E-2CA23EF6D03A}\HOWTOREMOVE\HOWTOREMOVE.HTML, In Quarantäne, [820], [542290],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{53AE65F2-7706-094A-1A9E-2CA23EF6D03A}\HowToRemove\chromium-min.jpg, In Quarantäne, [820], [542290],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{53AE65F2-7706-094A-1A9E-2CA23EF6D03A}\HowToRemove\control panel-min-min.JPG, In Quarantäne, [820], [542290],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{53AE65F2-7706-094A-1A9E-2CA23EF6D03A}\HowToRemove\down.png, In Quarantäne, [820], [542290],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{53AE65F2-7706-094A-1A9E-2CA23EF6D03A}\HowToRemove\ff menu.JPG, In Quarantäne, [820], [542290],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{53AE65F2-7706-094A-1A9E-2CA23EF6D03A}\HowToRemove\ff search engine-min.png, In Quarantäne, [820], [542290],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{53AE65F2-7706-094A-1A9E-2CA23EF6D03A}\HowToRemove\hp-min ff.png, In Quarantäne, [820], [542290],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{53AE65F2-7706-094A-1A9E-2CA23EF6D03A}\HowToRemove\hp-min ie.png, In Quarantäne, [820], [542290],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{53AE65F2-7706-094A-1A9E-2CA23EF6D03A}\HowToRemove\search engine.gif, In Quarantäne, [820], [542290],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{53AE65F2-7706-094A-1A9E-2CA23EF6D03A}\HowToRemove\setup pages.gif, In Quarantäne, [820], [542290],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{53AE65F2-7706-094A-1A9E-2CA23EF6D03A}\HowToRemove\sp-min.png, In Quarantäne, [820], [542290],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{53AE65F2-7706-094A-1A9E-2CA23EF6D03A}\HowToRemove\start-min.jpg, In Quarantäne, [820], [542290],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{53AE65F2-7706-094A-1A9E-2CA23EF6D03A}\HowToRemove\up.png, In Quarantäne, [820], [542290],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{53AE65F2-7706-094A-1A9E-2CA23EF6D03A}\teserol, In Quarantäne, [820], [542290],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{53AE65F2-7706-094A-1A9E-2CA23EF6D03A}\torelom, In Quarantäne, [820], [542290],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{53AE65F2-7706-094A-1A9E-2CA23EF6D03A}\uninst.exe, In Quarantäne, [820], [542290],1.0.12693
PUP.Optional.WinYahoo.TskLnk, C:\Users\Stefanie\AppData\Local\{53AE65F2-7706-094A-1A9E-2CA23EF6D03A}\uninstp.dat, In Quarantäne, [820], [542290],1.0.12693
Generic.Malware/Suspicious, C:\USERS\STEFANIE\APPDATA\LOCAL\DSISETUP19777226252.EXE, In Quarantäne, [0], [392686],1.0.12693
PUP.Optional.WinYahoo, C:\USERS\STEFANIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H857AA1H.DEFAULT\SEARCHPLUGINS\SEARCH.YAHOO.COM.XML, In Quarantäne, [239], [388384],1.0.12693
Generic.Malware/Suspicious, C:\USERS\STEFANIE\APPDATA\LOCAL\DSISETUP10769842.EXE, In Quarantäne, [0], [392686],1.0.12693
PUP.Optional.WinYahoo.Generic, C:\WINDOWS\SYSTEM32\TASKS\{2B98FEB0-6DA7-A6C5-DCC0-4113E135866E}\productupdt, In Quarantäne, [218], [625617],1.0.12693
PUP.Optional.WinYahoo.Generic, C:\WINDOWS\TASKS\{0C182351-B27D-9E7C-31EE-24E1077FF885}.job, In Quarantäne, [218], [521470],1.0.12693
PUP.Optional.WinYahoo.Generic, C:\WINDOWS\SYSTEM32\TASKS\{0C182351-B27D-9E7C-31EE-24E1077FF885}, In Quarantäne, [218], [521470],1.0.12693
PUP.Optional.WinYahoo.Generic, C:\WINDOWS\TASKS\{032FFC57-D991-AF4D-C890-0273D5EDC3FA}.job, In Quarantäne, [218], [521470],1.0.12693
PUP.Optional.WinYahoo.Generic, C:\WINDOWS\SYSTEM32\TASKS\{032FFC57-D991-AF4D-C890-0273D5EDC3FA}, In Quarantäne, [218], [521470],1.0.12693
Adware.WinYahoo, C:\USERS\STEFANIE\APPDATA\ROAMING\2B98FEB06DA7A6C5DCC04113E135866E\TRZC022.TMP, In Quarantäne, [661], [740013],1.0.12693
PUP.Optional.ChipDe, C:\USERS\STEFANIE\DOWNLOADS\AVI PLAYER - CHIP-INSTALLER.EXE, In Quarantäne, [538], [621518],1.0.12693
PUP.Optional.IoloSC, C:\USERS\STEFANIE\DOWNLOADS\SCUDOWNLOADER.EXE, In Quarantäne, [1209], [349236],1.0.12693
PUP.Optional.DsiLoad, C:\USERS\STEFANIE\APPDATA\LOCAL\DSISETUP4729108752.EXE, In Quarantäne, [11665], [68115],1.0.12693

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)

WMI: 0
(keine bösartigen Elemente erkannt)


(end)

cosinus · 29.09.2019, 20:12

Lesestoff:
Hinweise für Hilfensuchende

Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?

Lesestoff:
Posten in CODE-Tags

Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Djchaos · 04.10.2019, 15:59

Hallo,
sorry ich konnte paar Tage nicht am Rechner sein. Hoffe das macht nix.
Habe mal FRST laufen lassen.

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:28-07-2015
durchgeführt von Stefanie (Administrator) auf FINN (04-10-2019 16:27:58)
Gestartet von C:\Users\Stefanie\Desktop
Geladene Profile: Stefanie (Verfügbare Profile: Stefanie)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

konnte nicht auf den Prozess zugreifen -> Registry
(Microsoft Corporation) C:\Windows\System32\fontdrvhost.exe
(Microsoft Corporation) C:\Windows\System32\fontdrvhost.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
konnte nicht auf den Prozess zugreifen -> Memory Compression
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(Microsoft Corporation) C:\Windows\System32\SecurityHealthService.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\System32\sihost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\taskhostw.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(TOSHIBA) C:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TDUSrv64.exe
(RedFox) C:\Program Files (x86)\RedFox\CloneCD\CloneCDTray.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Corporation) C:\Windows\System32\SgrmBroker.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\ApplicationFrameHost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\System32\SystemSettingsBroker.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.302\GoogleCrashHandler.exe
(Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.302\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\taskhostw.exe
(Microsoft Corporation) C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-10-09] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [179288 2014-01-05] (TOSHIBA Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296008 2013-10-22] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-09-29] (AVAST Software)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2013-08-06] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\RedFox\CloneCD\CloneCDTray.exe [57344 2016-03-29] (RedFox)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [20488312 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [20488312 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-581088433-320290056-2638895184-1001\...\Run: [OneDrive] => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\OneDrive.exe [1592440 2019-10-04] (Microsoft Corporation)
HKU\S-1-5-21-581088433-320290056-2638895184-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22714912 2019-08-15] (Piriform Ltd)
HKU\S-1-5-21-581088433-320290056-2638895184-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-581088433-320290056-2638895184-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-581088433-320290056-2638895184-1001\...\RunOnce: [Uninstall 19.152.0801.0009\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0801.0009\amd64"
HKU\S-1-5-21-581088433-320290056-2638895184-1001\...\RunOnce: [Uninstall 19.152.0801.0009] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0801.0009"
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Windows\System32\osk.exe [623104 2018-10-21] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Windows\System32\osk.exe [623104 2018-10-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-29] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileSyncShell.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileSyncShell.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileSyncShell.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileSyncShell.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileSyncShell.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileSyncShell.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileSyncShell.dll [2019-10-04] (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ATTENTION

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-09b708085549b3cc
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-09b708085549b3cc
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-581088433-320290056-2638895184-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-09b708085549b3cc
HKU\S-1-5-21-581088433-320290056-2638895184-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TEJB
HKU\S-1-5-21-581088433-320290056-2638895184-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/symbaloo_c
SearchScopes: HKLM -> DefaultScope {4A7A7036-93FB-4B53-9434-2E9D0BDBBC8E} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-219b8a270528f977&q={searchTerms}
SearchScopes: HKLM -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = 
SearchScopes: HKLM -> {4A7A7036-93FB-4B53-9434-2E9D0BDBBC8E} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-219b8a270528f977&q={searchTerms}
SearchScopes: HKLM -> {bce42d98-b1cd-493f-a64c-107aae7521be} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {4A7A7036-93FB-4B53-9434-2E9D0BDBBC8E} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-219b8a270528f977&q={searchTerms}
SearchScopes: HKLM-x32 -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {4A7A7036-93FB-4B53-9434-2E9D0BDBBC8E} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-219b8a270528f977&q={searchTerms}
SearchScopes: HKLM-x32 -> {bce42d98-b1cd-493f-a64c-107aae7521be} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-581088433-320290056-2638895184-1001 -> DefaultScope {1b31c9d2-7135-442b-bb93-7c002172adc6} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-219b8a270528f977&q={searchTerms}
SearchScopes: HKU\S-1-5-21-581088433-320290056-2638895184-1001 -> {1b31c9d2-7135-442b-bb93-7c002172adc6} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-219b8a270528f977&q={searchTerms}
SearchScopes: HKU\S-1-5-21-581088433-320290056-2638895184-1001 -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-581088433-320290056-2638895184-1001 -> {bce42d98-b1cd-493f-a64c-107aae7521be} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-581088433-320290056-2638895184-1001 -> {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2019-08-20] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2019-04-30] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-10-22] (Microsoft Corporation)
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll [2018-06-08] (Microsoft Corporation)
Handler-x32: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2018-06-08] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{75013482-b294-4535-9c56-b2178f6e757f}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{a516b4d1-81c3-4daa-bf24-f5142955b826}: [DhcpNameServer] 192.168.2.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Stefanie\AppData\Roaming\Mozilla\Firefox\Profiles\h857aa1h.default
FF SelectedSearchEngine: Search Provided by Yahoo
FF DefaultSearchEngine: Search Provided by Yahoo
FF NewTab: about:newtab
FF Homepage: https://www.bing.com/search?FORM=INCOH1&PC=IC04&PTAG=ICO-eb682354
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_255.dll [2019-09-11] ()
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_255.dll [2019-09-11] ()
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-10-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-02] (Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-02] (Google LLC)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-07-31] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Stefanie\AppData\Roaming\Mozilla\Firefox\Profiles\h857aa1h.default\user.js [2014-10-20]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome: 
=======
CHR Profile: C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Slides) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-30]
CHR Extension: (Docs) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-30]
CHR Extension: (Google Drive) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-06-30]
CHR Extension: (YouTube) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-30]
CHR Extension: (Sheets) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-30]
CHR Extension: (Search Selector Beta) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gboaiodgdajeapekadgejlbmabjganof [2019-07-04]
CHR Extension: (Google Docs Offline) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-06-30]
CHR Extension: (Avast Online Security) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-09-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-30]
CHR Extension: (Gmail) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-06-30]
CHR Extension: (Chrome Media Router) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-30]
CHR HKLM\...\Chrome\Extension: [gboaiodgdajeapekadgejlbmabjganof] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-581088433-320290056-2638895184-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gboaiodgdajeapekadgejlbmabjganof] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gboaiodgdajeapekadgejlbmabjganof] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - https://clients2.google.com/service/update2/crx

==================== Services (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-09-11] (Adobe)
S3 AJRouter; C:\Windows\System32\AJRouter.dll [25088 2018-04-12] (Microsoft Corporation)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6085360 2019-09-29] (AVAST Software)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-03-19] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-09-29] (AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-09-29] (AVAST Software)
R3 BTAGService; C:\Windows\System32\BTAGService.dll [514048 2018-11-09] (Microsoft Corporation)
R3 BthAvctpSvc; C:\Windows\System32\BthAvctpSvc.dll [399872 2018-11-09] (Microsoft Corporation)
R3 camsvc; C:\Windows\system32\CapabilityAccessManager.dll [266752 2019-01-09] (Microsoft Corporation)
R2 CDPSvc; C:\Windows\System32\CDPSvc.dll [632320 2018-10-21] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058256 2019-02-13] (Microsoft Corporation)
R3 ClipSVC; C:\Windows\System32\ClipSVC.dll [1033696 2019-06-13] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [885760 2018-12-08] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [567256 2018-12-08] (Microsoft Corporation)
S3 DevQueryBroker; C:\Windows\system32\DevQueryBroker.dll [33792 2018-04-12] (Microsoft Corporation)
S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [90112 2019-05-03] (Microsoft Corporation)
S3 diagsvc; C:\Windows\system32\DiagSvc.dll [219648 2018-04-12] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [827392 2019-04-19] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [593408 2019-04-19] (Microsoft Corporation)
S3 dmwappushservice; C:\Windows\system32\dmwappushsvc.dll [57856 2018-04-12] (Microsoft Corporation)
R2 DoSvc; C:\Windows\System32\svchost.exe [85472 2019-01-09] (Microsoft Corporation)
R2 DoSvc; C:\Windows\SysWOW64\svchost.exe [71456 2019-01-09] (Microsoft Corporation)
R3 DsSvc; C:\Windows\System32\DsSvc.dll [155136 2019-09-04] (Microsoft Corporation)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [21840 2014-03-03] ()
R2 DusmSvc; C:\Windows\System32\dusmsvc.dll [356352 2018-12-08] (Microsoft Corporation)
S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [167424 2018-04-12] (Microsoft Corporation)
S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [308736 2018-11-09] (Microsoft Corporation)
S3 FrameServer; C:\Windows\system32\FrameServer.dll [673792 2018-06-08] (Microsoft Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-02-26] (WildTangent)
S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\elevation_service.exe [1106416 2019-09-18] (Google LLC)
S3 GraphicsPerfSvc; C:\Windows\System32\GraphicsPerfSvc.dll [90624 2018-04-12] (Microsoft Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [358264 2019-08-07] (HP Inc.)
S3 HvHost; C:\Windows\System32\hvhostsvc.dll [61736 2018-08-03] (Microsoft Corporation)
S3 icssvc; C:\Windows\System32\tetheringservice.dll [241152 2018-11-01] (Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [337888 2016-09-01] (Intel Corporation)
S3 InstallService; C:\Windows\system32\InstallService.dll [1487360 2019-05-17] (Microsoft Corporation)
S3 InstallService; C:\Windows\SysWOW64\InstallService.dll [1110528 2019-05-17] (Microsoft Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
S3 IpxlatCfgSvc; C:\Windows\System32\IpxlatCfg.dll [63488 2018-04-12] (Microsoft Corporation)
R3 lfsvc; C:\Windows\System32\lfsvc.dll [44544 2018-04-12] (Microsoft Corporation)
R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [48640 2018-04-12] (Microsoft Corporation)
S3 LxpSvc; C:\Windows\System32\LanguageOverlayServer.dll [199680 2018-04-12] (Microsoft Corporation)
S2 MapsBroker; C:\Windows\System32\moshost.dll [91136 2018-07-06] (Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239696 2013-07-23] ()
S3 NaturalAuthentication; C:\Windows\System32\NaturalAuth.dll [824832 2018-04-12] (Microsoft Corporation)
S3 NetSetupSvc; C:\Windows\System32\NetSetupSvc.dll [335360 2019-07-09] (Microsoft Corporation)
R3 NgcCtnrSvc; C:\Windows\System32\NgcCtnrSvc.dll [582144 2019-07-09] (Microsoft Corporation)
R3 NgcSvc; C:\Windows\system32\ngcsvc.dll [784896 2019-04-19] (Microsoft Corporation)
S3 PhoneSvc; C:\Windows\System32\PhoneService.dll [835584 2018-11-01] (Microsoft Corporation)
S3 PushToInstall; C:\Windows\system32\PushToInstall.dll [262144 2018-07-14] (Microsoft Corporation)
S3 RetailDemo; C:\Windows\system32\RDXService.dll [681984 2018-04-12] (Microsoft Corporation)
R3 RmSvc; C:\Windows\System32\RMapi.dll [153600 2018-12-08] (Microsoft Corporation)
R2 SecurityHealthService; C:\Windows\system32\SecurityHealthService.exe [760888 2018-07-14] (Microsoft Corporation)
R2 sedsvc; C:\Program Files\rempl\sedsvc.exe [357680 2019-08-26] (Microsoft Corporation)
R3 SEMgrSvc; C:\Windows\system32\SEMgrSvc.dll [1248768 2018-04-12] (Microsoft Corporation)
S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1273344 2018-04-12] (Microsoft Corporation)
S3 SensorService; C:\Windows\system32\SensorService.dll [712192 2018-04-12] (Microsoft Corporation)
R2 SgrmBroker; C:\Windows\system32\SgrmBroker.exe [163336 2018-04-12] (Microsoft Corporation)
S3 SharedRealitySvc; C:\Windows\System32\SharedRealitySvc.dll [713216 2019-06-13] (Microsoft Corporation)
S4 shpamsvc; C:\Windows\system32\Windows.SharedPC.AccountManager.dll [195584 2018-04-12] (Microsoft Corporation)
S3 SmsRouter; C:\Windows\system32\SmsRouterSvc.dll [590336 2018-04-12] (Microsoft Corporation)
S3 spectrum; C:\Windows\system32\spectrum.exe [976384 2018-06-08] (Microsoft Corporation)
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [4970360 2018-06-08] (Microsoft Corporation)
R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [4469832 2018-06-08] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [287240 2018-03-29] (Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12135768 2019-09-24] (TeamViewer GmbH)
R3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [120392 2015-11-17] (Toshiba Europe GmbH)
S3 TieringEngineService; C:\Windows\system32\TieringEngineService.exe [303616 2018-04-12] (Microsoft Corporation)
R3 TimeBrokerSvc; C:\Windows\System32\TimeBrokerServer.dll [176128 2018-04-12] (Microsoft Corporation)
R3 TokenBroker; C:\Windows\System32\TokenBroker.dll [1400832 2019-07-09] (Microsoft Corporation)
R3 TokenBroker; C:\Windows\SysWOW64\TokenBroker.dll [1003008 2019-07-09] (Microsoft Corporation)
S4 tzautoupdate; C:\Windows\system32\tzautoupdate.dll [92160 2018-11-09] (Microsoft Corporation)
S4 tzautoupdate; C:\Windows\SysWOW64\tzautoupdate.dll [72192 2018-04-12] (Microsoft Corporation)
R2 UserManager; C:\Windows\System32\usermgr.dll [1027584 2019-05-17] (Microsoft Corporation)
R2 UsoSvc; C:\Windows\system32\usocore.dll [1398272 2019-09-04] (Microsoft Corporation)
S3 VacSvc; C:\Windows\System32\vac.dll [411256 2018-04-12] (Microsoft Corporation)
S3 vmicrdv; C:\Windows\System32\icsvcext.dll [309760 2018-04-12] (Microsoft Corporation)
S3 vmicvmsession; C:\Windows\System32\icsvc.dll [289792 2018-04-12] (Microsoft Corporation)
S3 vmicvss; C:\Windows\System32\icsvcext.dll [309760 2018-04-12] (Microsoft Corporation)
S3 WaaSMedicSvc; C:\Windows\System32\WaaSMedicSvc.dll [392704 2019-01-09] (Microsoft Corporation)
S3 WalletService; C:\Windows\system32\WalletService.dll [427520 2018-04-12] (Microsoft Corporation)
S3 WarpJITSvc; C:\Windows\System32\Windows.WARP.JITService.dll [31744 2018-04-12] (Microsoft Corporation)
S3 WFDSConMgrSvc; C:\Windows\System32\wfdsconmgrsvc.dll [681984 2018-07-14] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1908.7-0\MsMpEng.exe [103168 2019-09-19] (Microsoft Corporation)
S3 wisvc; C:\Windows\system32\flightsettings.dll [858112 2018-06-08] (Microsoft Corporation)
S3 wisvc; C:\Windows\SysWOW64\flightsettings.dll [729088 2018-06-08] (Microsoft Corporation)
S3 wlpasvc; C:\Windows\System32\lpasvc.dll [1364992 2019-02-16] (Microsoft Corporation)
S3 WpcMonSvc; C:\Windows\System32\WpcDesktopMonSvc.dll [1456640 2018-06-06] (Microsoft Corporation)
R2 WpnService; C:\Windows\system32\WpnService.dll [280576 2018-04-12] (Microsoft Corporation)
S3 xbgm; C:\Windows\system32\xbgmsvc.exe [59512 2018-04-12] (Microsoft Corporation)
R3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [1115648 2018-04-12] (Microsoft Corporation)
S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1308672 2018-04-12] (Microsoft Corporation)
S3 XboxGipSvc; C:\Windows\System32\XboxGipSvc.dll [58880 2018-04-12] (Microsoft Corporation)
S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1148928 2018-04-12] (Microsoft Corporation)
S3 WdNisSvc; "%ProgramData%\Microsoft\Windows Defender\platform\4.18.1908.7-0\NisSrv.exe" [X]

==================== Drivers (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [20480 2018-04-12] (Microsoft Corporation)
R1 afunix; C:\Windows\system32\drivers\afunix.sys [39424 2018-04-12] (Microsoft Corporation)
S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [18432 2018-04-12] (Microsoft Corporation)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37616 2019-09-29] (AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [204824 2019-09-29] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [274456 2019-09-29] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [209552 2019-09-29] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [65120 2019-09-29] (AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [16304 2019-09-29] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [276952 2019-09-29] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42736 2019-09-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [171520 2019-09-29] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110320 2019-09-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [83792 2019-09-29] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [848432 2019-09-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460448 2019-09-30] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [236024 2019-09-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [316528 2019-09-29] (AVAST Software)
S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533912 2018-04-12] (QLogic Corporation)
R1 bam; C:\Windows\System32\drivers\bam.sys [60320 2018-04-12] (Microsoft Corporation)
S3 BcastDVRUserService; No ImagePath
S3 BcastDVRUserService_93ffe; No ImagePath
S3 bindflt; C:\Windows\system32\drivers\bindflt.sys [92704 2019-01-09] (Microsoft Corporation)
S3 BluetoothUserService; No ImagePath
S3 BluetoothUserService_93ffe; No ImagePath
R3 BthLEEnum; C:\Windows\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [86528 2018-04-12] (Microsoft Corporation)
S0 bttflt; C:\Windows\System32\drivers\bttflt.sys [38304 2018-04-12] (Microsoft Corporation)
S3 buttonconverter; C:\Windows\System32\drivers\buttonconverter.sys [39936 2018-04-12] (Microsoft Corporation)
R3 CAD; C:\Windows\System32\drivers\CAD.sys [60320 2018-04-12] (Microsoft Corporation)
S3 CapImg; C:\Windows\System32\drivers\capimg.sys [123392 2018-04-12] (Microsoft Corporation)
S2 CDPUserSvc; No ImagePath
R2 CDPUserSvc_93ffe; No ImagePath
S0 cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [321432 2018-04-12] (Chelsio Communications)
S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [1836952 2018-04-12] (Chelsio Communications)
R2 CldFlt; C:\Windows\System32\drivers\cldflt.sys [414720 2019-07-09] (Microsoft Corporation)
S4 cnghwassist; C:\Windows\System32\DRIVERS\cnghwassist.sys [39328 2018-04-12] (Microsoft Corporation)
R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_bcb89b3386563bd7\CompositeBus.sys [40448 2018-04-12] (Microsoft Corporation)
S3 DevicePickerUserSvc; No ImagePath
S3 DevicePickerUserSvc_93ffe; No ImagePath
S3 DevicesFlowUserSvc; No ImagePath
S3 DevicesFlowUserSvc_93ffe; No ImagePath
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3419032 2018-04-12] (QLogic Corporation)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40872 2014-02-10] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40872 2014-02-10] (SlySoft, Inc.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-12-04] (Malwarebytes)
R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [55808 2018-04-12] (Microsoft Corporation)
S3 GENERICDRV; C:\Program Files (x86)\UEFI WinFlash\amifldrv64.sys [15640 2012-07-27] ()
S3 genericusbfn; C:\Windows\System32\drivers\genericusbfn.sys [20992 2018-04-12] (Microsoft Corporation)
R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2018-04-12] (Microsoft Corporation)
S3 hidinterrupt; C:\Windows\System32\drivers\hidinterrupt.sys [50592 2018-04-12] (Microsoft Corporation)
S4 hvcrash; C:\Windows\System32\drivers\hvcrash.sys [33184 2018-04-12] (Microsoft Corporation)
S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [76304 2019-06-07] (Microsoft Corporation)
S3 hwdatacard; C:\Windows\system32\DRIVERS\ewusbmdm.sys [115328 2015-02-26] (Huawei Technologies Co., Ltd.) [Datei ist nicht signiert]
S3 HwNClx0101; C:\Windows\System32\Drivers\mshwnclx.sys [27136 2018-04-12] (Microsoft Corporation)
S3 iagpio; C:\Windows\System32\drivers\iagpio.sys [36864 2018-04-12] (Intel(R) Corporation)
S3 iai2c; C:\Windows\System32\drivers\iai2c.sys [91648 2018-04-12] (Intel(R) Corporation)
S3 iaLPSS2i_GPIO2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [79360 2018-04-12] (Intel Corporation)
S3 iaLPSS2i_GPIO2_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [88576 2018-04-12] (Intel Corporation)
S3 iaLPSS2i_I2C; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [171520 2018-04-12] (Intel Corporation)
S3 iaLPSS2i_I2C_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [174592 2018-04-12] (Intel Corporation)
S0 iaStorAVC; C:\Windows\System32\drivers\iaStorAVC.sys [885144 2018-04-12] (Intel Corporation)
S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [526232 2018-04-12] (Mellanox)
S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [38912 2018-04-12] (Microsoft Corporation)
R0 iorate; C:\Windows\System32\drivers\iorate.sys [58168 2018-12-08] (Microsoft Corporation)
S3 IPT; C:\Windows\System32\drivers\ipt.sys [32256 2018-04-12] (Microsoft Corporation)
S0 ItSas35i; C:\Windows\System32\drivers\ItSas35i.sys [145816 2018-04-12] (Avago Technologies)
S0 LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [124312 2018-04-12] (LSI Corporation)
S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [128408 2018-04-12] (Avago Technologies)
S3 mausbhost; C:\Windows\System32\drivers\mausbhost.sys [505240 2018-04-12] (Microsoft Corporation)
S3 mausbip; C:\Windows\System32\drivers\mausbip.sys [56736 2018-04-12] (Microsoft Corporation)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198512 2019-09-29] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [126624 2019-09-29] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [72536 2019-09-29] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [261032 2019-09-29] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [113016 2019-10-04] (Malwarebytes)
S0 megasas; C:\Windows\System32\drivers\megasas.sys [59800 2018-04-12] (Avago Technologies)
S0 megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [75160 2018-04-12] (Avago Technologies)
S0 megasas35i; C:\Windows\System32\drivers\megasas35i.sys [82328 2018-04-12] (Avago Technologies)
S3 MessagingService; No ImagePath
S3 MessagingService_93ffe; No ImagePath
R3 Microsoft_Bluetooth_AvrcpTransport; C:\Windows\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation)
S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [842648 2018-04-12] (Mellanox)
R2 MMCSS; C:\Windows\system32\drivers\mmcss.sys [43008 2018-12-08] (Microsoft Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [29192 2016-03-17] (Marvell Semiconductor, Inc.)
S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [108952 2018-04-12] (Mellanox)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [175104 2018-04-12] (Microsoft Corporation)
S3 netvsc; C:\Windows\System32\drivers\netvsc.sys [197632 2018-04-12] (Microsoft Corporation)
S3 nvdimm; C:\Windows\System32\drivers\nvdimm.sys [104448 2018-04-12] (Microsoft Corporation)
S2 OneSyncSvc; No ImagePath
R2 OneSyncSvc_93ffe; No ImagePath
S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58776 2018-04-12] (Avago Technologies)
S0 percsas3i; C:\Windows\System32\drivers\percsas3i.sys [61848 2018-04-12] (Avago Technologies)
S3 PimIndexMaintenanceSvc; No ImagePath
R3 PimIndexMaintenanceSvc_93ffe; No ImagePath
S3 pmem; C:\Windows\System32\drivers\pmem.sys [105984 2018-04-12] (Microsoft Corporation)
S3 PrintWorkflowUserSvc; No ImagePath
S3 PrintWorkflowUserSvc_93ffe; No ImagePath
S0 Ramdisk; C:\Windows\System32\DRIVERS\ramdisk.sys [39840 2018-04-12] (Microsoft Corporation)
S3 ReFSv1; C:\Windows\System32\Drivers\ReFSv1.sys [945464 2019-03-06] (Microsoft Corporation)
S3 rhproxy; C:\Windows\System32\drivers\rhproxy.sys [104448 2018-04-12] (Microsoft Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-09] (Realtek Semiconductor Corp.)
S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [128920 2018-08-03] (Microsoft Corporation)
S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [33176 2018-04-12] (Microsoft Corporation)
R0 SgrmAgent; C:\Windows\System32\drivers\SgrmAgent.sys [63896 2018-04-12] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [54792 2018-03-29] (Synaptics Incorporated)
S3 SpatialGraphFilter; C:\Windows\System32\drivers\SpatialGraphFilter.sys [57752 2018-04-12] (Microsoft Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [82432 2019-03-14] (Microsoft Corporation)
S0 storufs; C:\Windows\System32\drivers\storufs.sys [48544 2018-06-15] (Microsoft Corporation)
R3 swenum; C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_ea7b19c04e7a8136\swenum.sys [18336 2018-04-12] (Microsoft Corporation)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [54424 2015-07-29] (Toshiba Corporation)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [128512 2018-04-12] (Microsoft Corporation)
S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [152576 2018-04-12] (Microsoft Corporation)
S3 UcmUcsi; C:\Windows\System32\drivers\UcmUcsi.sys [57856 2018-04-12] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [45056 2018-04-12] (Microsoft Corporation)
S3 Ufx01000; C:\Windows\System32\drivers\ufx01000.sys [282008 2018-04-12] (Microsoft Corporation)
S3 UfxChipidea; C:\Windows\System32\drivers\UfxChipidea.sys [98200 2018-04-12] (Microsoft Corporation)
S3 ufxsynopsys; C:\Windows\System32\drivers\ufxsynopsys.sys [144288 2018-04-12] (Microsoft Corporation)
S3 UnistoreSvc; No ImagePath
R3 UnistoreSvc_93ffe; No ImagePath
S3 UrsChipidea; C:\Windows\System32\drivers\urschipidea.sys [29088 2018-04-12] (Microsoft Corporation)
S3 UrsCx01000; C:\Windows\System32\drivers\urscx01000.sys [67992 2018-04-12] (Microsoft Corporation)
S3 UrsSynopsys; C:\Windows\System32\drivers\urssynopsys.sys [28064 2018-04-12] (Microsoft Corporation)
S3 UserDataSvc; No ImagePath
R3 UserDataSvc_93ffe; No ImagePath
S3 vhf; C:\Windows\System32\drivers\vhf.sys [36352 2018-10-21] (Microsoft Corporation)
S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [10240 2018-08-03] (Microsoft Corporation)
R0 volume; C:\Windows\System32\drivers\volume.sys [16288 2018-04-12] (Microsoft Corporation)
R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [152072 2019-03-14] (Microsoft Corporation)
R3 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [83456 2018-12-08] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46472 2019-09-19] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [346336 2019-09-19] (Microsoft Corporation)
S3 wdiwifi; C:\Windows\System32\DRIVERS\wdiwifi.sys [787968 2019-05-17] (Microsoft Corporation)
S3 WdmCompanionFilter; C:\Windows\System32\drivers\WdmCompanionFilter.sys [21408 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [53984 2019-09-19] (Microsoft Corporation)
R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [72768 2018-06-15] (Microsoft Corporation)
R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [18472 2018-04-12] (Microsoft Corporation)
S3 WinMad; C:\Windows\System32\drivers\winmad.sys [32152 2018-04-12] (Mellanox)
S3 WinNat; C:\Windows\System32\drivers\winnat.sys [228864 2019-05-17] (Microsoft Corporation)
S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [64920 2018-04-12] (Mellanox)
S2 WpnUserService; No ImagePath
R2 WpnUserService_93ffe; No ImagePath
S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [295424 2018-06-15] (Microsoft Corporation)
S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [46592 2018-04-12] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

NETSVC: InstallService -> C:\Windows\system32\InstallService.dll (Microsoft Corporation)
NETSVC: LxpSvc -> C:\Windows\System32\LanguageOverlayServer.dll (Microsoft Corporation)
NETSVC: shpamsvc -> C:\Windows\system32\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
NETSVC: PushToInstall -> C:\Windows\system32\PushToInstall.dll (Microsoft Corporation)
NETSVC: XblGameSave -> C:\Windows\System32\XblGameSave.dll (Microsoft Corporation)
NETSVC: DmEnrollmentSvc -> C:\Windows\system32\Windows.Internal.Management.dll (Microsoft Corporation)
NETSVC: XblAuthManager -> C:\Windows\System32\XblAuthManager.dll (Microsoft Corporation)
NETSVC: NaturalAuthentication -> C:\Windows\System32\NaturalAuth.dll (Microsoft Corporation)
NETSVC: NetSetupSvc -> C:\Windows\System32\NetSetupSvc.dll (Microsoft Corporation)
NETSVC: UserManager -> C:\Windows\System32\usermgr.dll (Microsoft Corporation)
NETSVC: XboxGipSvc -> C:\Windows\System32\XboxGipSvc.dll (Microsoft Corporation)
NETSVC: TokenBroker -> C:\Windows\System32\TokenBroker.dll (Microsoft Corporation)
NETSVC: dmwappushservice -> C:\Windows\system32\dmwappushsvc.dll (Microsoft Corporation)
NETSVC: wisvc -> C:\Windows\system32\flightsettings.dll (Microsoft Corporation)
NETSVC: WpnService -> C:\Windows\system32\WpnService.dll (Microsoft Corporation)
NETSVC: XboxNetApiSvc -> C:\Windows\system32\XboxNetApiSvc.dll (Microsoft Corporation)
NETSVC: UsoSvc -> C:\Windows\system32\usocore.dll (Microsoft Corporation)
NETSVCx32: TokenBroker -> C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation)
NETSVCx32: UserManager -> C:\Windows\SysWOW64\usermgr.dll ==> Keine Datei

==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2019-10-04 16:27 - 2019-10-04 16:29 - 00048353 _____ C:\Users\Stefanie\Desktop\FRST.txt
2019-10-04 16:27 - 2019-10-04 16:28 - 00000000 ____D C:\FRST
2019-10-04 16:25 - 2019-10-04 16:25 - 02169856 _____ (Farbar) C:\Users\Stefanie\Desktop\FRST64.exe
2019-10-04 13:58 - 2019-10-04 13:58 - 00000000 ____D C:\Users\Stefanie\AppData\Local\CrashDumps
2019-10-04 12:28 - 2019-10-04 12:28 - 00000000 ___HD C:\OneDriveTemp
2019-09-29 15:50 - 2019-09-29 15:50 - 00001123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 14.lnk
2019-09-29 15:50 - 2019-09-29 15:50 - 00001111 _____ C:\Users\Public\Desktop\TeamViewer 14.lnk
2019-09-29 15:50 - 2019-09-29 15:50 - 00000000 ____D C:\Users\Stefanie\AppData\Roaming\TeamViewer
2019-09-29 15:50 - 2019-09-29 15:50 - 00000000 ____D C:\Users\Stefanie\AppData\Local\TeamViewer
2019-09-29 15:50 - 2019-09-29 15:50 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2019-09-29 15:48 - 2019-09-29 15:49 - 26199544 _____ (TeamViewer GmbH) C:\Users\Stefanie\Downloads\TeamViewer_Setup.exe
2019-09-29 12:52 - 2019-09-29 12:52 - 00019785 _____ C:\Users\Stefanie\Desktop\Report_Malwarebytes.txt
2019-09-29 12:46 - 2019-09-29 12:46 - 00072536 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-09-29 12:45 - 2019-10-04 13:49 - 00113016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-09-29 12:45 - 2019-09-29 12:45 - 00126624 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-09-29 12:42 - 2019-09-29 12:46 - 00000306 __RSH C:\ProgramData\ntuser.pol
2019-09-29 12:27 - 2019-09-29 12:27 - 00000000 ____D C:\Users\Stefanie\AppData\Local\mbamtray
2019-09-29 12:27 - 2019-09-29 12:27 - 00000000 ____D C:\Users\Stefanie\AppData\Local\mbam
2019-09-29 12:21 - 2019-09-29 12:21 - 00198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-09-29 12:20 - 2019-09-29 12:45 - 00261032 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-09-29 12:20 - 2019-09-29 12:20 - 00001923 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-09-29 12:20 - 2019-09-29 12:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-09-29 12:20 - 2018-12-04 08:09 - 00152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-09-29 12:19 - 2019-09-29 12:19 - 00000000 ____D C:\Program Files\Malwarebytes
2019-09-29 12:10 - 2019-09-29 12:19 - 00000000 ____D C:\ProgramData\Malwarebytes
2019-09-29 12:08 - 2019-09-29 12:08 - 00000000 ____D C:\Users\Stefanie\AppData\Roaming\AVAST Software
2019-09-29 12:06 - 2019-09-29 12:07 - 22851472 _____ (Malwarebytes ) C:\Users\Stefanie\Downloads\mbam-setup-2.2.1.1043.exe
2019-09-29 12:03 - 2019-09-29 12:03 - 00002099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2019-09-29 12:03 - 2019-09-29 12:03 - 00002087 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-09-29 12:00 - 2019-09-29 12:00 - 00000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-09-29 11:58 - 2019-09-29 12:22 - 00004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-09-29 11:54 - 2019-09-30 15:58 - 00848432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-09-29 11:54 - 2019-09-30 15:58 - 00460448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-09-29 11:54 - 2019-09-29 11:59 - 00856960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys.156985192484301
2019-09-29 11:54 - 2019-09-29 11:59 - 00464608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys.156985192484301
2019-09-29 11:54 - 2019-09-29 11:54 - 00316528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-09-29 11:54 - 2019-09-29 11:54 - 00276952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-09-29 11:54 - 2019-09-29 11:54 - 00236024 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-09-29 11:54 - 2019-09-29 11:54 - 00171520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-09-29 11:54 - 2019-09-29 11:54 - 00110320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-09-29 11:54 - 2019-09-29 11:54 - 00083792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-09-29 11:54 - 2019-09-29 11:54 - 00042736 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-09-29 11:54 - 2019-09-29 11:54 - 00016304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2019-09-29 11:54 - 2019-09-29 11:54 - 00000000 ____D C:\Program Files\Common Files\AVAST Software
2019-09-29 11:54 - 2019-09-29 11:53 - 00355720 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-09-29 11:54 - 2019-09-29 11:53 - 00274456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-09-29 11:54 - 2019-09-29 11:53 - 00209552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-09-29 11:54 - 2019-09-29 11:53 - 00204824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-09-29 11:54 - 2019-09-29 11:53 - 00065120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-09-29 11:54 - 2019-09-29 11:53 - 00037616 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-09-29 11:52 - 2019-09-29 11:52 - 00000000 ____D C:\Program Files\AVAST Software
2019-09-29 11:51 - 2019-09-29 11:54 - 00003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-09-29 11:51 - 2019-09-29 11:54 - 00000874 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-09-29 11:51 - 2019-09-29 11:54 - 00000000 ____D C:\ProgramData\AVAST Software
2019-09-29 11:51 - 2019-09-29 11:51 - 00002872 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-09-29 11:51 - 2019-09-29 11:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-09-29 11:51 - 2019-09-29 11:51 - 00000000 ____D C:\Program Files\CCleaner
2019-09-29 11:50 - 2019-09-29 11:50 - 20889016 _____ (Piriform Software Ltd) C:\Users\Stefanie\Downloads\ccsetup561.exe
2019-09-28 09:12 - 2019-09-28 09:12 - 00002134 _____ C:\Users\Stefanie\Desktop\Chromium.lnk
2019-09-28 09:12 - 2019-09-28 09:12 - 00001777 _____ C:\Users\Stefanie\Desktop\Internet Explorer.lnk
2019-09-28 00:42 - 2019-09-28 00:42 - 00325862 _____ C:\Users\Stefanie\AppData\Roaming\Cerepelu
2019-09-21 08:49 - 2019-09-21 08:49 - 00000279 _____ C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papierkorb.lnk
2019-09-19 12:28 - 2019-09-19 12:28 - 00292078 _____ C:\Users\Stefanie\AppData\Roaming\Ninibokekimi
2019-09-11 05:22 - 2019-09-04 07:13 - 07519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-09-11 05:22 - 2019-09-04 07:02 - 06568280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-09-11 05:22 - 2019-09-04 06:55 - 25857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-09-11 05:22 - 2019-09-04 06:45 - 22734336 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-09-11 05:21 - 2019-09-04 12:16 - 02871608 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-09-11 05:21 - 2019-09-04 12:16 - 01721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-09-11 05:21 - 2019-09-04 12:16 - 00810808 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-09-11 05:21 - 2019-09-04 12:16 - 00740664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-09-11 05:21 - 2019-09-04 12:16 - 00324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-09-11 05:21 - 2019-09-04 12:15 - 00637752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-09-11 05:21 - 2019-09-04 12:15 - 00464696 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-09-11 05:21 - 2019-09-04 12:15 - 00164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-09-11 05:21 - 2019-09-04 12:15 - 00071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-09-11 05:21 - 2019-09-04 12:01 - 04527800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-09-11 05:21 - 2019-09-04 12:01 - 01516632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-09-11 05:21 - 2019-09-04 12:00 - 21399576 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-09-11 05:21 - 2019-09-04 12:00 - 01632112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-09-11 05:21 - 2019-09-04 12:00 - 01616840 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-09-11 05:21 - 2019-09-04 11:46 - 12838400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-09-11 05:21 - 2019-09-04 11:43 - 08627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-09-11 05:21 - 2019-09-04 11:40 - 03614208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-09-11 05:21 - 2019-09-04 11:40 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-09-11 05:21 - 2019-09-04 10:52 - 01453624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-09-11 05:21 - 2019-09-04 10:50 - 01320344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-09-11 05:21 - 2019-09-04 10:48 - 20393120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-09-11 05:21 - 2019-09-04 10:38 - 12039680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-09-11 05:21 - 2019-09-04 10:33 - 02882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-09-11 05:21 - 2019-09-04 07:25 - 03180080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2019-09-11 05:21 - 2019-09-04 07:25 - 01613096 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2019-09-11 05:21 - 2019-09-04 07:19 - 00513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-09-11 05:21 - 2019-09-04 07:19 - 00511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-09-11 05:21 - 2019-09-04 07:17 - 01213264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-09-11 05:21 - 2019-09-04 07:17 - 01035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-09-11 05:21 - 2019-09-04 07:15 - 05627280 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-09-11 05:21 - 2019-09-04 07:15 - 01219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-09-11 05:21 - 2019-09-04 07:15 - 01027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-09-11 05:21 - 2019-09-04 07:14 - 07437592 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-09-11 05:21 - 2019-09-04 07:14 - 03290584 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-09-11 05:21 - 2019-09-04 07:14 - 02469920 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-09-11 05:21 - 2019-09-04 07:13 - 09084424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-09-11 05:21 - 2019-09-04 07:13 - 04405232 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-09-11 05:21 - 2019-09-04 07:13 - 02773816 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-09-11 05:21 - 2019-09-04 07:13 - 02571848 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-09-11 05:21 - 2019-09-04 07:13 - 02371296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-09-11 05:21 - 2019-09-04 07:10 - 00415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-09-11 05:21 - 2019-09-04 07:03 - 06046096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-09-11 05:21 - 2019-09-04 07:03 - 02478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-09-11 05:21 - 2019-09-04 07:03 - 02331696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-09-11 05:21 - 2019-09-04 07:03 - 02261448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-09-11 05:21 - 2019-09-04 07:03 - 01993136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-09-11 05:21 - 2019-09-04 07:03 - 01980264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-09-11 05:21 - 2019-09-04 07:02 - 04790160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-09-11 05:21 - 2019-09-04 06:54 - 22017024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-09-11 05:21 - 2019-09-04 06:48 - 19385344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-09-11 05:21 - 2019-09-04 06:48 - 07057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2019-09-11 05:21 - 2019-09-04 06:46 - 09084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2019-09-11 05:21 - 2019-09-04 06:45 - 05883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2019-09-11 05:21 - 2019-09-04 06:44 - 04388864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-09-11 05:21 - 2019-09-04 06:44 - 03687424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-09-11 05:21 - 2019-09-04 06:43 - 04849664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-09-11 05:21 - 2019-09-04 06:43 - 03402240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-09-11 05:21 - 2019-09-04 06:42 - 07572992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-09-11 05:21 - 2019-09-04 06:42 - 06032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2019-09-11 05:21 - 2019-09-04 06:42 - 05769728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-09-11 05:21 - 2019-09-04 06:42 - 01765888 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-09-11 05:21 - 2019-09-04 06:41 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-09-11 05:21 - 2019-09-04 06:41 - 01634304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-09-11 05:21 - 2019-09-04 06:40 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-09-11 05:21 - 2019-09-04 06:40 - 02602496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-09-11 05:21 - 2019-09-04 06:40 - 02364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2019-09-11 05:21 - 2019-09-04 06:40 - 01808896 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-09-11 05:21 - 2019-09-04 06:39 - 03203072 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-09-11 05:21 - 2019-09-04 06:39 - 02166272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-09-11 05:21 - 2019-09-04 06:39 - 01920512 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-09-11 05:21 - 2019-09-04 06:38 - 01398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-09-11 05:21 - 2019-08-13 20:20 - 03701184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-09-11 05:21 - 2019-08-13 20:06 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-09-11 05:21 - 2019-08-13 16:46 - 06661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-09-11 05:21 - 2019-08-13 16:45 - 02969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-09-11 05:21 - 2019-08-13 12:14 - 04040008 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-09-11 05:21 - 2019-08-13 11:51 - 04853248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-09-11 05:21 - 2019-08-13 11:51 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2019-09-11 05:21 - 2019-08-13 11:50 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-09-11 05:21 - 2019-08-13 11:47 - 01262080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-09-11 05:21 - 2019-08-13 06:17 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-09-11 05:21 - 2019-08-13 06:16 - 08189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-09-11 05:21 - 2019-08-13 06:15 - 01626112 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-09-11 05:21 - 2019-08-13 06:14 - 01826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-09-11 05:21 - 2019-08-13 06:08 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-09-11 05:21 - 2019-08-13 04:51 - 00421376 _____ (curl, https://curl.haxx.se/) C:\WINDOWS\system32\curl.exe
2019-09-11 05:20 - 2019-09-04 12:06 - 00581016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-09-11 05:20 - 2019-09-04 12:06 - 00541200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-09-11 05:20 - 2019-09-04 12:06 - 00402016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2019-09-11 05:20 - 2019-09-04 12:01 - 00790936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-09-11 05:20 - 2019-09-04 12:01 - 00396088 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2019-09-11 05:20 - 2019-09-04 11:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-09-11 05:20 - 2019-09-04 11:44 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-09-11 05:20 - 2019-09-04 11:42 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\NcaSvc.dll
2019-09-11 05:20 - 2019-09-04 11:41 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-09-11 05:20 - 2019-09-04 11:40 - 01364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-09-11 05:20 - 2019-09-04 11:40 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-09-11 05:20 - 2019-09-04 11:39 - 00577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-09-11 05:20 - 2019-09-04 10:52 - 00467400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2019-09-11 05:20 - 2019-09-04 10:51 - 00662328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-09-11 05:20 - 2019-09-04 10:51 - 00322360 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2019-09-11 05:20 - 2019-09-04 10:50 - 00356896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2019-09-11 05:20 - 2019-09-04 10:38 - 07990784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-09-11 05:20 - 2019-09-04 10:35 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-09-11 05:20 - 2019-09-04 07:24 - 02417744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2019-09-11 05:20 - 2019-09-04 07:24 - 01298960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2019-09-11 05:20 - 2019-09-04 07:24 - 00705336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-09-11 05:20 - 2019-09-04 07:19 - 00036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-09-11 05:20 - 2019-09-04 07:15 - 00568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-09-11 05:20 - 2019-09-04 07:15 - 00500744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-09-11 05:20 - 2019-09-04 07:15 - 00491208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-09-11 05:20 - 2019-09-04 07:15 - 00323904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2019-09-11 05:20 - 2019-09-04 07:14 - 01934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-09-11 05:20 - 2019-09-04 07:14 - 01363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-09-11 05:20 - 2019-09-04 07:14 - 01209696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-09-11 05:20 - 2019-09-04 07:14 - 00594032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-09-11 05:20 - 2019-09-04 07:14 - 00420984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xbgmengine.dll
2019-09-11 05:20 - 2019-09-04 07:14 - 00361752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-09-11 05:20 - 2019-09-04 07:13 - 01459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-09-11 05:20 - 2019-09-04 07:13 - 01260776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-09-11 05:20 - 2019-09-04 07:13 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-09-11 05:20 - 2019-09-04 07:13 - 01098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-09-11 05:20 - 2019-09-04 07:13 - 00983936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-09-11 05:20 - 2019-09-04 07:13 - 00735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-09-11 05:20 - 2019-09-04 07:13 - 00713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-09-11 05:20 - 2019-09-04 07:13 - 00692352 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2019-09-11 05:20 - 2019-09-04 07:13 - 00545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-09-11 05:20 - 2019-09-04 07:13 - 00383288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-09-11 05:20 - 2019-09-04 07:13 - 00335672 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2019-09-11 05:20 - 2019-09-04 07:13 - 00260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-09-11 05:20 - 2019-09-04 07:13 - 00129040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-09-11 05:20 - 2019-09-04 07:05 - 00550520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-09-11 05:20 - 2019-09-04 07:04 - 00286616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-09-11 05:20 - 2019-09-04 07:03 - 01011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-09-11 05:20 - 2019-09-04 07:03 - 00581264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-09-11 05:20 - 2019-09-04 07:03 - 00538192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2019-09-11 05:20 - 2019-09-04 07:02 - 01805872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-09-11 05:20 - 2019-09-04 07:02 - 00560600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-09-11 05:20 - 2019-09-04 07:02 - 00129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-09-11 05:20 - 2019-09-04 06:46 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-09-11 05:20 - 2019-09-04 06:45 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-09-11 05:20 - 2019-09-04 06:45 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-09-11 05:20 - 2019-09-04 06:45 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ws2ifsl.sys
2019-09-11 05:20 - 2019-09-04 06:44 - 06647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2019-09-11 05:20 - 2019-09-04 06:43 - 05307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-09-11 05:20 - 2019-09-04 06:43 - 02825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2019-09-11 05:20 - 2019-09-04 06:43 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-09-11 05:20 - 2019-09-04 06:43 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2019-09-11 05:20 - 2019-09-04 06:43 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2019-09-11 05:20 - 2019-09-04 06:43 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-09-11 05:20 - 2019-09-04 06:43 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2019-09-11 05:20 - 2019-09-04 06:42 - 03381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2019-09-11 05:20 - 2019-09-04 06:42 - 02929152 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2019-09-11 05:20 - 2019-09-04 06:42 - 01862656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2019-09-11 05:20 - 2019-09-04 06:42 - 00894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-09-11 05:20 - 2019-09-04 06:42 - 00808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-09-11 05:20 - 2019-09-04 06:42 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-09-11 05:20 - 2019-09-04 06:42 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-09-11 05:20 - 2019-09-04 06:42 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2019-09-11 05:20 - 2019-09-04 06:42 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-09-11 05:20 - 2019-09-04 06:42 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-09-11 05:20 - 2019-09-04 06:41 - 02449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2019-09-11 05:20 - 2019-09-04 06:41 - 01986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2019-09-11 05:20 - 2019-09-04 06:41 - 01347584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2019-09-11 05:20 - 2019-09-04 06:41 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-09-11 05:20 - 2019-09-04 06:41 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-09-11 05:20 - 2019-09-04 06:40 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-09-11 05:20 - 2019-09-04 06:40 - 01563648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-09-11 05:20 - 2019-09-04 06:40 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-09-11 05:20 - 2019-09-04 06:40 - 00978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2019-09-11 05:20 - 2019-09-04 06:40 - 00851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-09-11 05:20 - 2019-09-04 06:40 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-09-11 05:20 - 2019-09-04 06:40 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 01264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 01225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 00976896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 00961536 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 00927744 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 00735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 00729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 00532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-09-11 05:20 - 2019-09-04 06:38 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-09-11 05:20 - 2019-09-04 06:38 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2019-09-11 05:20 - 2019-09-04 06:38 - 00705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2019-09-11 05:20 - 2019-09-04 06:38 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-09-11 05:20 - 2019-09-04 06:38 - 00506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-09-11 05:20 - 2019-09-04 05:22 - 00001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-09-11 05:20 - 2019-08-16 00:55 - 00786072 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-09-11 05:20 - 2019-08-16 00:55 - 00604000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-09-11 05:20 - 2019-08-15 11:59 - 00868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-09-11 05:20 - 2019-08-13 20:21 - 00665400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-09-11 05:20 - 2019-08-13 20:21 - 00221016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2019-09-11 05:20 - 2019-08-13 20:20 - 00106560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2019-09-11 05:20 - 2019-08-13 20:06 - 00668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2019-09-11 05:20 - 2019-08-13 20:06 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComputerDefaults.exe
2019-09-11 05:20 - 2019-08-13 20:05 - 02017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-09-11 05:20 - 2019-08-13 17:06 - 00443632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-09-11 05:20 - 2019-08-13 17:04 - 01651040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2019-09-11 05:20 - 2019-08-13 17:04 - 01585304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2019-09-11 05:20 - 2019-08-13 16:44 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2019-09-11 05:20 - 2019-08-13 16:43 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-09-11 05:20 - 2019-08-13 16:43 - 00624128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2019-09-11 05:20 - 2019-08-13 16:43 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2019-09-11 05:20 - 2019-08-13 16:42 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2019-09-11 05:20 - 2019-08-13 16:40 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-09-11 05:20 - 2019-08-13 16:39 - 00536064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-09-11 05:20 - 2019-08-13 12:09 - 00771384 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-09-11 05:20 - 2019-08-13 12:09 - 00571688 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-09-11 05:20 - 2019-08-13 12:08 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2019-09-11 05:20 - 2019-08-13 11:49 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-09-11 05:20 - 2019-08-13 11:49 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComputerDefaults.exe
2019-09-11 05:20 - 2019-08-13 11:46 - 02084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-09-11 05:20 - 2019-08-13 11:46 - 00757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2019-09-11 05:20 - 2019-08-13 08:37 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-09-11 05:20 - 2019-08-13 06:54 - 00790208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-09-11 05:20 - 2019-08-13 06:46 - 00611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-09-11 05:20 - 2019-08-13 06:46 - 00510288 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-09-11 05:20 - 2019-08-13 06:46 - 00194360 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-09-11 05:20 - 2019-08-13 06:45 - 02718736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-09-11 05:20 - 2019-08-13 06:45 - 00723216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-09-11 05:20 - 2019-08-13 06:45 - 00722960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-09-11 05:20 - 2019-08-13 06:44 - 02161288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2019-09-11 05:20 - 2019-08-13 06:44 - 01793472 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2019-09-11 05:20 - 2019-08-13 06:16 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-09-11 05:20 - 2019-08-13 06:13 - 00462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-09-11 05:20 - 2019-08-13 06:13 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2019-09-11 05:20 - 2019-08-13 06:12 - 01307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-09-11 05:20 - 2019-08-13 06:12 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-09-11 05:20 - 2019-08-13 06:12 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-09-11 05:20 - 2019-08-13 06:12 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2019-09-11 05:20 - 2019-08-13 06:12 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2019-09-11 05:20 - 2019-08-13 06:11 - 00737280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2019-09-11 05:20 - 2019-08-13 06:11 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-09-11 05:20 - 2019-08-13 06:11 - 00302592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2019-09-11 05:20 - 2019-08-13 06:08 - 00662016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-09-11 05:20 - 2019-08-13 06:08 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2019-09-11 05:20 - 2019-08-13 04:49 - 00806328 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-09-11 05:20 - 2019-08-13 04:49 - 00806328 _____ C:\WINDOWS\system32\locale.nls
2019-09-11 05:20 - 2019-08-13 02:57 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-09-11 05:20 - 2019-08-13 02:57 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-09-11 05:20 - 2019-08-13 02:57 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-09-11 05:20 - 2019-08-13 02:57 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-09-10 00:42 - 2019-09-10 00:42 - 00128371 _____ C:\Users\Stefanie\AppData\Roaming\Hesumo
2019-09-05 00:42 - 2019-09-05 00:42 - 00364531 _____ C:\Users\Stefanie\AppData\Roaming\Hesusakolit

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2019-10-04 16:21 - 2018-06-06 21:39 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2019-10-04 15:35 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\system32\sru
2019-10-04 14:27 - 2018-04-12 01:30 - 00000000 ____D C:\WINDOWS\CbsTemp
2019-10-04 12:28 - 2018-06-07 06:08 - 00003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-581088433-320290056-2638895184-1001
2019-10-04 12:28 - 2018-06-07 05:37 - 00002434 _____ C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-04 12:28 - 2014-10-08 20:22 - 00000000 ___RD C:\Users\Stefanie\OneDrive
2019-10-04 01:50 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\AppReadiness
2019-10-02 22:38 - 2018-06-07 06:08 - 00003632 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-10-02 22:38 - 2018-06-07 06:08 - 00003508 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-10-02 22:38 - 2014-05-22 01:54 - 00000000 ____D C:\Program Files (x86)\Google
2019-09-30 22:26 - 2017-12-09 10:20 - 00000000 ____D C:\Users\Stefanie\AppData\Local\Packages
2019-09-29 12:44 - 2018-06-07 06:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-09-29 12:43 - 2018-04-11 23:04 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2019-09-29 12:42 - 2018-11-10 14:11 - 00000000 ____D C:\WINDOWS\System32\Tasks\{2B98FEB0-6DA7-A6C5-DCC0-4113E135866E}
2019-09-29 12:42 - 2017-09-28 20:25 - 00000000 ____D C:\Users\Stefanie\AppData\Roaming\2b98feb06da7a6c5dcc04113e135866e
2019-09-29 12:42 - 2016-08-03 11:31 - 00000000 ____D C:\ProgramData\iolo
2019-09-29 12:42 - 2016-08-03 11:31 - 00000000 ____D C:\Program Files (x86)\iolo
2019-09-29 12:42 - 2014-05-22 01:53 - 00000000 ____D C:\Program Files (x86)\Amazon
2019-09-29 12:27 - 2018-06-07 05:52 - 01718588 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-09-29 12:27 - 2018-04-12 18:13 - 00743096 _____ C:\WINDOWS\system32\perfh007.dat
2019-09-29 12:27 - 2018-04-12 18:13 - 00149732 _____ C:\WINDOWS\system32\perfc007.dat
2019-09-29 12:23 - 2017-12-09 10:53 - 00000000 ___RD C:\Users\Stefanie\3D Objects
2019-09-29 12:19 - 2018-06-06 21:39 - 00282216 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-09-29 12:18 - 2016-12-02 20:29 - 00293436 _____ C:\WINDOWS\PFRO.log
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\zu-ZA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\yo-NG
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\xh-ZA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\wo-SN
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\tn-ZA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\ti-ET
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\rw-RW
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\nso-ZA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\ig-NG
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\chr-CHER-US
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2019-09-29 12:15 - 2018-04-12 01:38 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-09-29 12:15 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\TextInput
2019-09-29 12:15 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-09-29 12:15 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\system32\oobe
2019-09-29 12:15 - 2018-04-11 23:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2019-09-29 12:14 - 2018-04-12 01:38 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-09-29 12:14 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\ShellExperiences
2019-09-29 12:14 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2019-09-29 12:14 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\bcastdvr
2019-09-29 11:59 - 2018-05-30 20:46 - 00000000 ___DC C:\WINDOWS\Panther
2019-09-29 11:59 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2019-09-29 11:55 - 2018-04-12 01:38 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2019-09-29 11:47 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\system32\NDF
2019-09-28 09:13 - 2019-07-04 14:27 - 00000000 ____D C:\ProgramData\{558E69B2-7DA6-11CA-25FE-39E2CD16E13A}
2019-09-28 00:42 - 2014-10-10 12:42 - 00001093 _____ C:\Users\Stefanie\AppData\Roaming\WB.CFG
2019-09-25 20:37 - 2018-06-30 20:17 - 00002304 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-09-21 08:57 - 2016-12-02 19:45 - 00000000 ____D C:\Program Files\OnlineFotoservice
2019-09-21 08:55 - 2014-10-08 21:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-09-21 08:54 - 2018-10-17 19:55 - 00000000 ____D C:\Program Files\CEWE
2019-09-21 08:52 - 2019-06-25 19:46 - 00000000 ____D C:\Program Files\cewe-fotoservice
2019-09-19 12:35 - 2018-02-14 03:05 - 00000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-09-11 02:44 - 2018-06-07 06:08 - 00004626 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-09-11 02:44 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-09-11 02:44 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\system32\Macromed

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2019-08-06 00:42 - 2019-08-06 00:42 - 0361562 _____ () C:\Users\Stefanie\AppData\Roaming\Bepacecudeto
2019-09-01 20:42 - 2019-09-01 20:42 - 0307024 _____ () C:\Users\Stefanie\AppData\Roaming\Budadet
2019-09-28 00:42 - 2019-09-28 00:42 - 0325862 _____ () C:\Users\Stefanie\AppData\Roaming\Cerepelu
2019-03-16 01:42 - 2019-03-16 01:42 - 0329892 _____ () C:\Users\Stefanie\AppData\Roaming\Cureheleloci
2019-04-28 00:42 - 2019-04-28 00:42 - 0335229 _____ () C:\Users\Stefanie\AppData\Roaming\Dehacimusuma
2019-02-19 01:42 - 2019-02-19 01:42 - 0337202 _____ () C:\Users\Stefanie\AppData\Roaming\Dofanapopele
2019-02-10 01:42 - 2019-02-10 01:42 - 0133167 _____ () C:\Users\Stefanie\AppData\Roaming\Fufaboliko
2019-05-15 00:42 - 2019-05-15 00:42 - 0304458 _____ () C:\Users\Stefanie\AppData\Roaming\Gaheme
2019-05-23 00:42 - 2019-05-23 00:42 - 0302882 _____ () C:\Users\Stefanie\AppData\Roaming\Gopib
2019-07-04 13:42 - 2019-07-04 13:42 - 0168331 _____ () C:\Users\Stefanie\AppData\Roaming\Gubiparo
2019-06-18 00:42 - 2019-06-18 00:42 - 0347448 _____ () C:\Users\Stefanie\AppData\Roaming\Hepotoca
2019-09-10 00:42 - 2019-09-10 00:42 - 0128371 _____ () C:\Users\Stefanie\AppData\Roaming\Hesumo
2019-09-05 00:42 - 2019-09-05 00:42 - 0364531 _____ () C:\Users\Stefanie\AppData\Roaming\Hesusakolit
2019-08-15 00:42 - 2019-08-15 00:42 - 0212389 _____ () C:\Users\Stefanie\AppData\Roaming\Hoginig
2019-08-23 00:42 - 2019-08-23 00:42 - 0327657 _____ () C:\Users\Stefanie\AppData\Roaming\Honekineneba
2019-07-13 00:28 - 2019-07-13 00:28 - 0157795 _____ () C:\Users\Stefanie\AppData\Roaming\Kecareh
2019-06-26 00:42 - 2019-06-26 00:42 - 0246789 _____ () C:\Users\Stefanie\AppData\Roaming\Kehenat
2016-10-29 15:01 - 2016-10-29 15:01 - 0018833 _____ () C:\Users\Stefanie\AppData\Roaming\Kelalipob
2019-04-20 00:10 - 2019-04-20 00:10 - 0313260 _____ () C:\Users\Stefanie\AppData\Roaming\Kunesamafo
2019-07-21 00:42 - 2019-07-21 00:42 - 0362819 _____ () C:\Users\Stefanie\AppData\Roaming\Lurusuhat
2019-05-06 00:42 - 2019-05-06 00:42 - 0164250 _____ () C:\Users\Stefanie\AppData\Roaming\Matedanafika
2019-02-28 01:42 - 2019-02-28 01:42 - 0286382 _____ () C:\Users\Stefanie\AppData\Roaming\Nibug
2019-09-19 12:28 - 2019-09-19 12:28 - 0292078 _____ () C:\Users\Stefanie\AppData\Roaming\Ninibokekimi
2019-07-29 00:42 - 2019-07-29 00:42 - 0359966 _____ () C:\Users\Stefanie\AppData\Roaming\Nodikolib
2019-04-11 00:46 - 2019-04-11 00:46 - 0315693 _____ () C:\Users\Stefanie\AppData\Roaming\Pitacarobere
2019-03-25 01:29 - 2019-03-25 01:29 - 0340540 _____ () C:\Users\Stefanie\AppData\Roaming\Pufure
2019-03-08 01:42 - 2019-03-08 01:42 - 0146702 _____ () C:\Users\Stefanie\AppData\Roaming\Rukeraf
2019-06-09 00:42 - 2019-06-09 00:42 - 0220511 _____ () C:\Users\Stefanie\AppData\Roaming\Sosimofem
2019-06-01 00:42 - 2019-06-01 00:42 - 0137171 _____ () C:\Users\Stefanie\AppData\Roaming\Teritet
2019-04-03 00:42 - 2019-04-03 00:42 - 0151565 _____ () C:\Users\Stefanie\AppData\Roaming\Tetetuco
2014-10-10 12:42 - 2019-09-28 00:42 - 0001093 _____ () C:\Users\Stefanie\AppData\Roaming\WB.CFG
2017-12-15 10:26 - 2017-12-15 10:26 - 0000068 _____ () C:\Users\Stefanie\AppData\Local\5qe2nbznbz
2014-10-12 21:42 - 2014-12-20 19:43 - 0000001 _____ () C:\Users\Stefanie\AppData\Local\DSI.DAT
2016-12-11 17:04 - 2017-02-14 23:17 - 0000041 _____ () C:\ProgramData\.zreglib
2017-09-15 09:45 - 2017-09-15 09:45 - 0000000 _____ () C:\ProgramData\DP45977C.lfl
2017-12-29 20:29 - 2017-12-29 20:29 - 0000016 _____ () C:\ProgramData\mntemp
2017-12-29 20:29 - 2017-12-29 20:29 - 0004935 _____ () C:\ProgramData\vfiakfjk.zeu

Einige Dateien in TEMP:
====================
C:\Users\Stefanie\AppData\Local\Temp\jre-8u221-windows-au.exe


==================== Bamital & volsnap Check =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\System32\winlogon.exe => Datei ist digital signiert
C:\Windows\System32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\System32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\System32\services.exe => Datei ist digital signiert
C:\Windows\System32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\System32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\System32\rpcss.dll => Datei ist digital signiert
C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2018-06-06 21:39

==================== Ende von log ============================

Djchaos · 04.10.2019, 16:00

Addition.txt

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:28-07-2015
durchgeführt von Stefanie (2019-10-04 16:31:19)
Gestartet von C:\Users\Stefanie\Desktop
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-581088433-320290056-2638895184-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-581088433-320290056-2638895184-503 - Limited - Disabled)
Gast (S-1-5-21-581088433-320290056-2638895184-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-581088433-320290056-2638895184-1005 - Limited - Enabled)
Stefanie (S-1-5-21-581088433-320290056-2638895184-1001 - Administrator - Enabled) => C:\Users\Stefanie
WDAGUtilityAccount (S-1-5-21-581088433-320290056-2638895184-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 19.012.20040 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.255 - Adobe)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
AVI Media Player 1.0.2 (HKLM-x32\...\AVI Media Player_is1) (Version:  - vsevensoft.com)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
CloneCD (HKLM-x32\...\CloneCD) (Version: 5.3.4.0 - SlySoft)
Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3817.05 - CyberLink Corp.)
DTS Sound (HKLM-x32\...\{9B17BBEC-CF31-4C23-949E-E65A14365CE1}) (Version: 1.01.6100 - DTS, Inc.)
Enchanted Cavern 2 (x32 Version: 2.2.0.110 - WildTangent) Hidden
Evernote (HKLM-x32\...\Evernote) (Version: 1.0.0 - Evernote Launcher by Toshiba Europe GmbH)
Firefox Packages (HKU\S-1-5-21-581088433-320290056-2638895184-1001\...\Firefox Packages) (Version:  - ) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.90 - Google LLC)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.35.301 - Google LLC) Hidden
HP LaserJet Pro M11-M13 Series (HKLM\...\HP LaserJet Pro M11-M13 Series) (Version:  - )
HP Support Solutions Framework (HKLM-x32\...\{AAE126B3-95C5-49E1-A590-7B5F6EDC7D60}) (Version: 12.12.32.3 - HP Inc.)
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4425 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden
Malwarebytes Version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.5163.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-581088433-320290056-2638895184-1001\...\OneDriveSetup.exe) (Version: 19.152.0927.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d07b0db5-8dad-40e1-be90-88026298a46b}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{2749c485-3a8b-4533-92ff-7cf6e8221cff}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.21.00.03 - Huawei Technologies Co.,Ltd)
Movavi Video Converter 18 Premium (HKLM-x32\...\Movavi Video Converter 18 Premium) (Version: 18.1.0 - Movavi)
My Kingdom for the Princess 3 (x32 Version: 2.2.0.110 - WildTangent) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.5163.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.5163.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.5163.1000 - Microsoft Corporation) Hidden
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7173 - Realtek Semiconductor Corp.)
Symbaloo (HKLM-x32\...\Symbaloo) (Version: 1.0.0 - Symbaloo Launcher by Toshiba Europe GmbH)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.4.3.182 - Synaptics Incorporated)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.6.4835 - TeamViewer)
tiptoi® Manager 4.0.1 (HKLM\...\{833392BB-E8C0-4066-9408-3A30FA43972F}_is1) (Version: 4.0.1 - Ravensburger AG)
TOSHIBA Display Utility (HKLM\...\{F64E9295-E1B3-4EEA-86D3-AF44A0087B06}) (Version: 1.1.16.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{94D2A899-0C34-4420-880E-AE337E635AB0}) (Version: 2.4.2.6403 - Toshiba Corporation)
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.51.81.2C - TOSHIBA CORPORATION)
TOSHIBA Function Key (HKLM\...\{1844CFE2-EBA3-490A-8A5E-9BFC646342FD}) (Version: 1.1.5.6402 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.19 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{59358FD4-252B-4B38-AB81-955C491A494F}) (Version: 2.0.0.15C - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{B507386D-1F61-4E55-B05B-F56ACB0086B3}) (Version: 4.02.00.6400 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.2.00.56006005 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{E3FCDCBE-0A13-4F73-95C1-000A51CF1C8C}) (Version: 2.6.16.0 - Toshiba Corporation)
TOSHIBA Start Screen Option (HKLM\...\{06B71035-F19F-4F76-9875-FFCCD4FC3F83}) (Version: 1.00.01.6402 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0033 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{4D57ED72-6B01-40BD-9CA9-012B8FC09CEB}) (Version: 2.0.1.32003 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{E4C7D9D7-19D4-4623-AF0C-EA313C466411}) (Version: 5.0.0 - Toshiba Europe GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Utility Common Driver (x32 Version: 1.0.53.3 - Compal) Hidden
Virtual Villagers 5 - New Believers (x32 Version: 3.0.2.32 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.10.25 - WildTangent) Hidden
Windows Phone app for desktop (HKLM-x32\...\{19773614-FC22-4ACC-AAA3-E6BDA81ACF92}) (Version: 1.1.2726.0 - Microsoft Corporation)
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}\localserver32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{389510b7-9e58-40d7-98bf-60b911cb0ea9}\localserver32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileCoAuthLib64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{94269C4E-071A-4116-90E6-52E557067E4E}\localserver32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{A926714B-7BFC-4D08-A035-80021395FFA8}\localserver32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)

==================== Wiederherstellungspunkte =========================

19-09-2019 12:47:30 Geplanter Prüfpunkt
28-09-2019 23:37:48 Geplanter Prüfpunkt
04-10-2019 13:54:21 Windows Update

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {036673C3-F9B7-478F-949B-C77D696FFB0B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2019-02-13] (Microsoft Corporation)
Task: {042D8A51-5878-4000-9C10-C04AFF122A1F} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand
Task: {04B3E894-DE5B-4C4A-9AA7-CA8F7CE43583} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Cellular => C:\Windows\system32\ProvTool.exe [2018-04-12] (Microsoft Corporation)
Task: {05C3BAB1-68F8-4EAF-B4AF-8C21E2478533} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime No Task File <==== ATTENTION
Task: {05E09776-F708-4694-949B-E8993608CC2B} - System32\Tasks\Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate
Task: {09131E27-3793-4B1E-A11E-77D3EAC118D1} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask
Task: {0A7AA876-862F-4F81-AA4B-B73950FA632C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates
Task: {0BA33681-9D00-4B31-9A87-01683672BFEF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d No Task File <==== ATTENTION
Task: {0E55C40D-83F8-4F39-838C-C1D3707EA86A} - System32\Tasks\Microsoft\Windows\DUSM\dusmtask => C:\Windows\System32\dusmtask.exe [2018-11-01] (Microsoft Corporation)
Task: {10A37F08-4ACD-47E1-AAB4-6ECDE6DDDE8A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {130CBC05-E385-448F-9422-19563DD85832} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => C:\Windows\system32\MusNotification.exe [2019-07-09] (Microsoft Corporation)
Task: {175463A3-4AF2-4959-8504-C36C4397C393} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\IntegrityCheck
Task: {1BE936D4-EE40-4F04-84E0-18FFD27C0A6A} - System32\Tasks\Microsoft\Windows\Chkdsk\SyspartRepair => C:\Windows\system32\bcdboot.exe [2018-04-12] (Microsoft Corporation)
Task: {1FAE791A-9736-4412-823B-80AE3EE2C1CB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d No Task File <==== ATTENTION
Task: {2231CAFE-FABE-41F5-A0B3-842D9319DBF9} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\Windows\system32\AppHostRegistrationVerifier.exe [2018-06-06] (Microsoft Corporation)
Task: {226C52BC-0F62-4E67-A70D-74C22932AC02} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload => C:\Windows\system32\dmclient.exe [2018-04-12] (Microsoft Corporation)
Task: {23ACACF5-2E96-4ECC-BE70-94CFCB2EF6DE} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Installation
Task: {257A47C0-FECE-4A8E-BB35-161852DFF727} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-01-20] (Realtek Semiconductor)
Task: {289D68A0-E96F-491B-9498-B0B602C5C53A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess No Task File <==== ATTENTION
Task: {28C75830-5752-4F41-A94B-BFD5E8A0D7C8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d No Task File <==== ATTENTION
Task: {294EF281-56B6-4F71-8115-BAC2919EF034} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task
Task: {29F3A47A-C0DC-48D8-ACAF-89413EE0731D} - System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr => C:\Windows\System32\UNP\UpdateNotificationMgr.exe [2019-07-09] (Microsoft Corporation)
Task: {2BB692C1-F60F-479E-ADC2-1CAF9422A2AC} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask
Task: {2DB8F5ED-0B44-4E56-A57D-947B4AA4F7F6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2019-08-15] (Piriform Ltd)
Task: {2DBD790D-172A-4CFA-B3F7-824D7509680F} - System32\Tasks\Microsoft\Windows\PushToInstall\Registration => Sc.exe start pushtoinstall registration
Task: {2E2E003A-9792-4956-8F12-92797F584AB8} - System32\Tasks\Microsoft\Windows\License Manager\TempSignedLicenseExchange
Task: {3137ADB6-515F-4020-9DB9-0F91106BB27F} - \WPD\SqmUpload_S-1-5-21-581088433-320290056-2638895184-1001 No Task File <==== ATTENTION
Task: {3199A9F7-0492-4FC9-9EC1-A59CC69A8F52} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2015-11-17] (Toshiba Europe GmbH)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe
Task: {3790297B-C317-4FEB-9E8D-3B4C85520240} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig No Task File <==== ATTENTION
Task: {3C1365A1-11E1-4629-9B25-7D6A932E6B60} - System32\Tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Management Initialization
Task: {3D2803AB-6821-4975-98F2-784F0B5919E2} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2019-09-29] (AVAST Software)
Task: {3DF2FF36-8A3E-4F15-9221-D68F365A7872} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2019-09-12] (HP Inc.)
Task: {407E1879-1F5E-42B2-BA7F-53BCEF433805} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe [2018-04-12] (Microsoft Corporation)
Task: {430852CB-A87C-492E-A659-075C7BF1710C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates
Task: {46DDFBEA-7B80-499F-8D16-8FB7836BEBDC} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan => C:\Windows\system32\usoclient.exe [2019-07-09] (Microsoft Corporation)
Task: {4CB53382-6FBB-4666-B563-0ABC6429D301} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceSettingChange
Task: {4F662F7F-D75F-455E-A03A-8AD0D8313218} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B No Task File <==== ATTENTION
Task: {51B7FB15-4DCB-400E-9A98-10E802F21FB3} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceScreenOnOff
Task: {51D31EBF-545E-411D-A21A-CB34004CC384} - System32\Tasks\Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh
Task: {5294EF9E-88CD-432B-A10B-C3AC2FB364AC} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe [2019-08-26] (Microsoft Corporation)
Task: {536E4522-B726-480C-9063-126E74EEA4A4} - System32\Tasks\Microsoft\Windows\Maps\MapsUpdateTask
Task: {541BA5BF-1736-4A3E-B1E5-CE1C9EE13043} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates
Task: {577C3956-E492-42A5-AEFB-FDC54A537C64} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange
Task: {57A7E0DF-F70E-43B1-AA2C-5BA67DBBE753} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask
Task: {5BE358DF-C2F0-43BC-BA5A-77E36BF54A02} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics => C:\Windows\system32\disksnapshot.exe [2018-04-12] (Microsoft Corporation)
Task: {5DB4FD20-4FF2-4C58-9801-ADD6F0149633} - System32\Tasks\Microsoft\Windows\EDP\EDP Inaccessible Credentials Task
Task: {60C269FF-448A-4F10-886E-2C70F5086A5F} - System32\Tasks\Microsoft\Windows\Sysmain\ResPriStaticDbSync
Task: {62331915-A3E9-4B6E-9686-86034377E8CF} - System32\Tasks\Microsoft\Windows\USB\Usb-Notifications
Task: {65A34F07-723D-4150-B109-13BD1AE3DFAA} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6BFE7106-601B-4B34-8F8E-87B9A0DA6ACE} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterUserDevice
Task: {6DE4F7DC-0B8D-404A-A6C9-83241658F8CA} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\Windows\system32\AppHostRegistrationVerifier.exe [2018-06-06] (Microsoft Corporation)
Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => C:\Windows\system32\MusNotification.exe [2019-07-09] (Microsoft Corporation)
Task: {7138D0D3-1873-4A77-86CF-4840F491C90F} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\Windows\System32\XblGameSaveTask.exe [2018-04-12] (Microsoft Corporation)
Task: {749AC711-AA62-4D1D-B314-EF1C97E1CA56} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2018-04-12] (Microsoft Corporation)
Task: {749E286C-C205-4C7C-B742-BE5023BF06DE} - System32\Tasks\Microsoft\Windows\PushToInstall\LoginCheck => Sc.exe start pushtoinstall login
Task: {75522E26-6BE6-4F53-A0FA-14470ECAACAB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2019-09-04] (Microsoft Corporation)
Task: {7558573E-8172-4712-ACF4-9749EC2BE926} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation
Task: {78BABCCD-20B8-49B7-B4F8-87490C41C875} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser
Task: {7E964508-4868-4DB6-A10A-B96FAE223F77} - \Microsoft\Windows\UNP\RunCampaignManager No Task File <==== ATTENTION
Task: {7EAE5A6B-00F4-4B9F-A255-E1C163B587A1} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession
Task: {8AE856F2-278D-45AA-B794-F22C124638A7} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_255_Plugin.exe [2019-09-11] (Adobe)
Task: {8B4471CE-BE6B-4E3E-ACA5-46DEE1BBC895} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater – Install HPSA => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2019-07-31] (HP Inc.)
Task: {8CCDCCC3-88F0-4860-84BE-5AC16A1C6FA9} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => Rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
Task: {8D87C19D-6DCD-4EFE-B479-BA3F07C807AB} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2018-03-29] (Synaptics Incorporated)
Task: {8E7BB9A3-956E-4C6A-AE87-4F175197704F} - System32\Tasks\Microsoft\Windows\NlaSvc\WiFiTask => C:\Windows\System32\WiFiTask.exe [2018-04-12] (Microsoft Corporation)
Task: {8F255F88-A87A-495F-B828-A4AFEC70BDB0} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\Windows\system32\dxgiadaptercache.exe [2018-04-12] (Microsoft Corporation)
Task: {91AF4E1B-193C-48CF-9F8C-4E86CB77B10B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime No Task File <==== ATTENTION
Task: {931758D8-2EC2-4EAE-B3BA-A98DAEC67332} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {94C0F2F9-98DF-415E-BDC9-AAFF75D5EF69} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2018-04-12] (Microsoft Corporation)
Task: {95301ABB-6B78-4DEE-8319-BD138F73F8D3} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2018-04-12] (Microsoft Corporation)
Task: {97E8D66D-0085-423C-BA11-DD777A1258AB} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\Windows\system32\MDMAgent.exe [2019-06-13] (Microsoft Corporation)
Task: {9BD44F9F-0C01-4F78-9644-4C7596CD1E0A} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceAccountChange
Task: {9D6319E1-E88F-4D35-AD66-C4EED376E93E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d No Task File <==== ATTENTION
Task: {9E1DD7B4-6A7B-4AD3-B4AA-B4741028631C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent No Task File <==== ATTENTION
Task: {A19CD75C-08C3-42D5-9EB4-AE76B91A5550} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2018-04-12] (Microsoft Corporation)
Task: {A2E97D0A-9C58-44AB-89DC-55128ACA73C4} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {A305A840-EC8B-4C66-8EA8-5FF15F129CD2} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe [2018-04-12] (Microsoft Corporation)
Task: {A5FE6B52-974F-492F-81F3-472223AD09D5} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\Windows\system32\ClipRenew.exe [2018-04-12] (Microsoft Corporation)
Task: {A6A8CC4C-F0CA-4637-ACFE-CF91F3AC86A7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2019-08-15] (Piriform Software Ltd)
Task: {B0952E0A-C54F-4E8B-95E9-90E560086B37} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand
Task: {B14C88F4-4AAC-4F00-A94E-8EA180D7AEDC} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense
Task: {B2D1D0E5-4670-4493-9360-C9DD0E832A9D} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\CryptoPolicyTask
Task: {B2F4AC84-A8D0-4524-9363-BFF5A5911A00} - System32\Tasks\Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask
Task: {B320E058-C6FA-413F-876B-0C9B4428AE66} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic6
Task: {B3433942-FE11-4C11-839D-9C7589B6C5CB} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\Windows\system32\ClipRenew.exe [2018-04-12] (Microsoft Corporation)
Task: {B3D90CF4-FD50-4338-9755-85006ADC9978} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-09-11] (Adobe)
Task: {B6DCBB4A-0292-47AE-B9DC-F81CF086D721} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-581088433-320290056-2638895184-1001 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {B76ECE88-27B3-4CEC-9B37-1314B4602CAA} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic24
Task: {C2098BE2-A29A-4EB1-97F6-F0C57E086D4F} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\Windows\system32\speech_onecore\common\SpeechRuntime.exe [2018-06-06] (Microsoft Corporation)
Task: {C48D50E5-71A9-48D8-B7C1-3DA9AECBDEC3} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2019-05-17] (Microsoft Corporation)
Task: {C6B2579B-4962-4D12-883D-BBD420573A6C} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic1
Task: {C9B34E7E-3A1B-4940-B011-BF7F34B31D20} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2014-04-03] (TOSHIBA Corporation)
Task: {CB7F3B8F-F794-47DD-A8D2-AD8051F45A55} - System32\Tasks\Microsoft\Windows\WwanSvc\NotificationTask => C:\Windows\System32\WiFiTask.exe [2018-04-12] (Microsoft Corporation)
Task: {CCEF2C54-86E8-4168-B918-53DA443D8D00} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2019-07-31] (HP Inc.)
Task: {CD5CE6F3-171C-4C0F-8629-3F2126A0FB72} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => C:\Windows\system32\MusNotification.exe [2019-07-09] (Microsoft Corporation)
Task: {CDA5D686-5D6C-4730-9907-B66710DC3670} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange
Task: {D010978C-B666-4072-B7F3-DD6340CDD629} - System32\Tasks\Microsoft\Windows\EDP\StorageCardEncryption Task
Task: {D19A2726-897E-4F7D-9CE4-0773B449CE9E} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceConnectedToNetwork
Task: {D1CC320B-9A47-4DB4-AFE4-2BCE1A964E7A} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources
Task: {D427D1D6-119C-40F8-A697-571ACBFEE8DD} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback
Task: {D49C81A2-855C-417E-825F-1DC2AA1443D3} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon => C:\Windows\System32\XblGameSaveTask.exe [2018-04-12] (Microsoft Corporation)
Task: {D4A9B4EC-1635-4B25-9E3B-1C9BE9D98D00} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattelrunner.exe [2019-09-04] (Microsoft Corporation)
Task: {D8436F3C-DDFE-4877-A05C-2337758E98E9} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {DC3C4041-27B3-4040-9DE1-FA5EE922AA3B} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {DD710A69-86C6-4932-97B1-01FB13ACFEF1} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged
Task: {DDE89E5E-48CB-4C3D-A623-99BCA9174B97} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2019-07-24] (Adobe Systems)
Task: {E047CF5C-4040-476F-8737-408E3BA4B0B6} - System32\Tasks\Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate
Task: {E0862994-9083-482D-A921-27B4860FFA21} - System32\Tasks\Microsoft\Windows\Printing\EduPrintProv => C:\Windows\system32\eduprintprov.exe [2019-04-19] (Microsoft Corporation)
Task: {E82177E3-E19A-4321-84F6-90AA57815013} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2019-09-04] (Microsoft Corporation)
Task: {E8411C63-4393-40B6-9A25-7D31CD4897BE} - System32\Tasks\Microsoft\Windows\WCM\WiFiTask => C:\Windows\System32\WiFiTask.exe [2018-04-12] (Microsoft Corporation)
Task: {E907704E-6225-4B0A-A428-3ECE7F8277BE} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask
Task: {E9474EE3-C9D7-4FA3-9B3E-353E37D5814D} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Logon => C:\Windows\system32\ProvTool.exe [2018-04-12] (Microsoft Corporation)
Task: {EE263E86-FF16-45EE-94C8-2327B81F98CE} - System32\Tasks\Microsoft\Windows\Workplace Join\Recovery-Check => C:\Windows\System32\dsregcmd.exe [2018-04-12] (Microsoft Corporation)
Task: {EF7CFDCE-C0DD-449F-9DF2-CCEB2CE3AE8B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent No Task File <==== ATTENTION
Task: {EFA86FF7-22AE-4997-AFD9-E89E1BF9B7D6} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\Windows\system32\devicecensus.exe [2019-09-04] (Microsoft Corporation)
Task: {F066932D-862A-414E-B851-D3EA0B53207A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2019-09-29] (AVAST Software)
Task: {F084544B-322F-4CED-B874-EC696339C19E} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceManagerTask => C:\Windows\system32\spaceman.exe [2018-04-12] (Microsoft Corporation)
Task: {F35ACE16-1E96-431C-B189-F2F82BA8A4F9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d No Task File <==== ATTENTION
Task: {F781AB90-1860-4C91-9993-0C832C31E016} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2019-02-13] (Microsoft Corporation)
Task: {F955A09C-E83A-4AD5-9ABC-7D5D7A055117} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task
Task: {FC779438-B7FD-4774-AA55-4DE2A4B098A4} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh
Task: {FD0C7C89-E963-41B3-A6DE-3D6B2644A94D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {FE702A37-B3C1-4A15-B59D-86935E5097A7} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation
Task: {FEBC9EFC-F9E9-420F-AA49-0491E2CA5639} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install => C:\Windows\system32\usoclient.exe [2019-07-09] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2018-04-12 01:34 - 2018-04-12 01:34 - 00491744 _____ () C:\Windows\System32\InputHost.dll
2017-02-08 22:51 - 2016-02-25 16:39 - 00074240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HPM11M13PP.DLL
2014-10-10 12:41 - 2017-01-17 04:25 - 00117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-03-03 22:30 - 2014-03-03 22:30 - 00021840 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2015-03-01 13:37 - 2013-07-23 05:47 - 00239696 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
2019-09-29 12:20 - 2018-11-15 11:01 - 02712432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2019-09-29 12:20 - 2018-11-21 11:07 - 02842608 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 00491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 00472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2019-09-11 05:21 - 2019-09-04 06:39 - 02759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 00491744 _____ () C:\WINDOWS\SYSTEM32\InputHost.dll
2019-09-11 05:21 - 2019-09-04 06:39 - 02184192 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2012-07-19 03:38 - 2012-07-19 03:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2019-09-29 12:02 - 2019-09-29 12:02 - 108869848 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2019-08-15 13:30 - 2019-08-15 13:30 - 00109248 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2019-09-29 12:02 - 2019-09-29 12:02 - 02694872 _____ () C:\Program Files\AVAST Software\Avast\swiftshader\libglesv2.dll
2019-09-29 12:02 - 2019-09-29 12:02 - 00167128 _____ () C:\Program Files\AVAST Software\Avast\swiftshader\libegl.dll
2019-09-25 20:24 - 2019-09-25 20:25 - 00484352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2019-09-25 20:24 - 2019-09-25 20:25 - 80811520 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-10-05 09:13 - 2017-10-05 09:15 - 02523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2019-09-25 20:24 - 2019-09-25 20:25 - 00011264 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2019-05-03 18:52 - 2019-05-03 18:53 - 03707904 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2019-09-25 20:24 - 2019-09-25 20:25 - 13444096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2019-09-25 20:24 - 2019-09-25 20:24 - 03027968 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2019-05-03 18:52 - 2019-05-03 18:53 - 01014784 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2019-09-25 20:24 - 2019-09-25 20:25 - 00123904 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\AppSettingsCppCX.dll
2019-08-24 22:39 - 2019-08-24 22:40 - 01418240 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll
2019-08-24 22:39 - 2019-08-24 22:40 - 01398784 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2019-09-25 20:24 - 2019-09-25 20:25 - 00881664 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\OnlineMediaComponent.dll
2019-09-10 23:07 - 2019-09-10 23:07 - 26138624 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe
2019-09-10 23:07 - 2019-09-10 23:07 - 00289280 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.12011.0_x64__8wekyb3d8bbwe\SharedUI.dll
2017-12-03 19:33 - 2017-12-03 19:33 - 00902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.12011.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-11-28 23:15 - 2018-11-28 23:15 - 04202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.12011.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-09-10 23:07 - 2019-09-10 23:07 - 05704192 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.12011.0_x64__8wekyb3d8bbwe\EntCommon.dll
2019-09-10 23:07 - 2019-09-10 23:07 - 08989184 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.12011.0_x64__8wekyb3d8bbwe\EntPlat.dll
2019-09-30 22:24 - 2019-09-30 22:25 - 96078240 _____ () C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\libcef.dll
2019-09-30 22:24 - 2019-09-30 22:25 - 04884896 _____ () C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\libglesv2.dll
2019-09-30 22:24 - 2019-09-30 22:25 - 00326048 _____ () C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Program Files\Microsoft Office 15:Win32App_1
AlternateDataStreams: C:\Program Files\UNP:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Atheros:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\AVI Media Player:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Bluetooth Suite:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Spotify:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Toshiba TEMPRO:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\WildGames:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Windows Phone:Win32App_1
AlternateDataStreams: C:\ProgramData\Compal:Win32App_1
AlternateDataStreams: C:\Users\Stefanie\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity
AlternateDataStreams: C:\Users\Stefanie\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Stefanie\Documents\Ravensburger tiptoi:Win32App_1

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52} => ""="Firmware"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52} => ""="Firmware"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer trusted/restricted ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-581088433-320290056-2638895184-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Stefanie\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\DSCN0705.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [WirelessDisplay-Infra-In-TCP] => (Allow) %systemroot%\system32\CastSrv.exe
FirewallRules: [{43F0A6BA-6580-4322-976C-3526326A1F5B}] => (Allow) LPort=161
FirewallRules: [{79DCE212-6583-418B-98D3-5BC300532550}] => (Allow) LPort=427
FirewallRules: [{C25042E1-630B-4AD4-A979-6FFE4140A5A5}] => (Allow) LPort=9100
FirewallRules: [{DD929EDE-1337-40E5-9E5D-0A0723880007}] => (Allow) C:\Program Files\HP\HP LaserJet Pro M11-M13 Series\wificonfig.exe
FirewallRules: [{FB50C379-0382-4110-B384-6355710DB51D}] => (Allow) C:\Program Files\HP\HP LaserJet Pro M11-M13 Series\wificonfig.exe
FirewallRules: [{5EE32BE0-2A09-4972-B8EA-D82C4B0BB0A3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{7F78D69A-2287-4026-8902-716FAD84865A}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{6BCFBC3B-73FA-437C-A0F0-B6BD0DBA46E5}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{2518B1F5-B266-462C-967E-1FE500565A1D}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{B8CD2042-38C7-4279-BDC6-2D3F0B7950AB}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{EC3E7A9C-1F3E-4496-9679-41A8BB2070C8}] => (Allow) C:\Users\Stefanie\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{DD5C4696-91CB-4D58-A8CB-611D9AFE6647}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{4996D0CA-46A7-4EE4-9126-AEFF8C204305}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{48F144F7-DE7A-4999-AC43-DAC45F28266E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{BB53FFB9-F70E-4372-BD56-29255A0AA6F2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{C1FFB7C0-CB49-405F-AAFB-075A914B021F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E45C0CBB-AE89-4F63-838D-67945D8AB01B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{5DE48DF5-3D61-404A-B2C9-F07C1F539A97}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{2E5306FB-6E3C-412B-B791-7D5446BF4330}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{58E5ED33-30E1-44CF-9884-71D7CB4DE6F7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{39C630F8-E86D-4709-AAF2-80D42663BE65}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{05433D25-F9D2-47BF-A6B8-239999187D56}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{30EB44EC-BD4F-4017-91E2-5904E4563256}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{3BB607EF-D19F-42B0-8EB5-6A0CFCB2C0D4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{29DAA745-1F95-400A-8E60-B93D822FCCED}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{B0BDDE87-16E7-459C-88B2-A1065D8D0764}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{4ACEC861-5733-451B-B4A9-E444522920C9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{3D4B3F98-002F-4641-88AF-35D314E01FAC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{CC0F69FA-6D86-4AB9-85A1-6C9D39F74A6F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{CE69EE57-F033-4D46-8854-FBE98B18D62E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{73A3BF34-A4EC-405F-BE8C-FA3899A84833}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{F9147934-B002-4CE2-BC0D-3E4ABE117951}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{A19A7D11-CF1C-4937-ADE6-9FF3BF77E7F0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{3D7324D6-AB05-4CD1-8453-6946CE24AA27}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{13A4CEF4-3B93-40DA-B2D0-1088F7375CFD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{319681FC-6A8D-4626-8CA8-0756C33578F7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{A342A1BA-5BBF-407D-BF14-59BF45ADE7AC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{08E7051B-889F-48BA-ABE4-04BF0438AF8E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{CA4D3ECA-8BDD-44F4-9332-9D723CB92B42}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{BEDE9B37-22B7-4B59-BB89-C4CBA1FD0A14}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E28FA4B3-61C9-4D7D-9D60-B73453BD3562}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{525158E3-7566-43A6-AA60-3A84DB9E2F5C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{F573BB4D-92E7-487C-8926-CE508D81D643}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{BD851E31-E1EE-4436-B1A9-B9DBE0B47B22}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{7C78242F-04B7-48C3-A87F-36834A7182A1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{AB0E1EF2-2758-4CCD-A7DA-18C62BA12DC1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{8C65DC10-A379-40E3-AA3E-6B5C9D39AB24}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{33A23490-514E-4A49-BDE0-79C8E1FB0410}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{6B9F3EDA-CA0E-4155-B74F-EBD9FD892B32}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{8D1990B1-2BF9-40B1-A47F-71A9F90D6B41}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{4E9F3EFA-8D84-4DA4-B67F-AE764E7A5D6B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{1764FA75-2F99-4692-9946-5BBC226DE11B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{5E386AEE-D841-473C-81FC-96C8163FC521}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{B728E216-134F-4D62-B5D4-A44ED6DC4EC0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{80E4337B-4555-44C3-B4C3-2AA671E2A20A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E5FB16D9-00BB-452C-A48E-3FF586352F82}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{0A212600-E0C3-49F1-836A-0968CEC685C7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{244B592A-D1CF-4E06-949E-B6849142FCC4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{794F5D4C-6F6B-4235-B06F-606000888ED5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{0951EC61-382E-465E-9EFD-B9B509C23954}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{92ADB20F-3803-45B0-AFCB-8FC6A46AEB3F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{7334221C-39EC-42D6-9044-4CCC81F543AA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{063DD2C7-3803-471C-B64B-E262140A0A11}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C47BC493-BC55-4AE9-8E92-F7CA888F688C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{2997190C-70D4-4081-A1F7-870374B23FD1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{D35E5F26-8B4D-4E7B-9042-FF068828E392}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{557D208A-3A7B-4467-9AB8-E8CD058D5CB4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{9C187E98-BA6E-45AE-B679-40E03C48E6B8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{6BB99833-8F48-4433-9A50-AEC2D944F19C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{D4189CD5-E8F8-45E2-96E9-33FE7393A7C7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{8E3E1A78-6808-4441-B23B-2CFA7636B341}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{4B7ED5B4-DB83-4B01-BEA9-E78DFD8D7EB5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (10/04/2019 04:23:19 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FINN)
Description: httphttp-2147467263

Error: (10/04/2019 04:23:17 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FINN)
Description: httphttp-2147467263

Error: (10/04/2019 01:58:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxext.exe, Version: 6.15.10.4425, Zeitstempel: 0x5702a8b4
Name des fehlerhaften Moduls: igfxext.exe, Version: 6.15.10.4425, Zeitstempel: 0x5702a8b4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000084b0
ID des fehlerhaften Prozesses: 0x14f0
Startzeit der fehlerhaften Anwendung: 0xigfxext.exe0
Pfad der fehlerhaften Anwendung: igfxext.exe1
Pfad des fehlerhaften Moduls: igfxext.exe2
Berichtskennung: igfxext.exe3
Vollständiger Name des fehlerhaften Pakets: igfxext.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxext.exe5

Error: (09/29/2019 01:21:31 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FINN)
Description: httphttp-2147467263

Error: (09/29/2019 12:52:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TPCHSrv.exe, Version: 1.0.0.31, Zeitstempel: 0x54729b5e
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.17134.799, Zeitstempel: 0x7f828745
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000f479b
ID des fehlerhaften Prozesses: 0x1478
Startzeit der fehlerhaften Anwendung: 0xTPCHSrv.exe0
Pfad der fehlerhaften Anwendung: TPCHSrv.exe1
Pfad des fehlerhaften Moduls: TPCHSrv.exe2
Berichtskennung: TPCHSrv.exe3
Vollständiger Name des fehlerhaften Pakets: TPCHSrv.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: TPCHSrv.exe5

Error: (09/29/2019 11:55:11 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Microsoft.Photos.exe, Version 2019.19071.17920.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 5e0

Startzeit: 01d574a202dacb38

Beendigungszeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

Berichts-ID: ada155d4-25d7-49a6-ad10-a7126b45c55f

Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe

Auf das fehlerhafte Paket bezogene Anwendungs-ID: App

Error: (09/29/2019 11:16:10 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FINN)
Description: httphttp-2147467263

Error: (09/29/2019 11:16:07 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FINN)
Description: httphttp-2147467263

Error: (09/13/2019 08:42:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxext.exe, Version: 6.15.10.4425, Zeitstempel: 0x5702a8b4
Name des fehlerhaften Moduls: igfxext.exe, Version: 6.15.10.4425, Zeitstempel: 0x5702a8b4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000084b0
ID des fehlerhaften Prozesses: 0x2dfc
Startzeit der fehlerhaften Anwendung: 0xigfxext.exe0
Pfad der fehlerhaften Anwendung: igfxext.exe1
Pfad des fehlerhaften Moduls: igfxext.exe2
Berichtskennung: igfxext.exe3
Vollständiger Name des fehlerhaften Pakets: igfxext.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxext.exe5

Error: (09/13/2019 08:22:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Microsoft.Photos.exe, Version 2019.19061.18920.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 11c8

Startzeit: 01d562874b56497b

Beendigungszeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

Berichts-ID: a6e60de0-3022-4902-b37c-c5069befa47b

Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe

Auf das fehlerhafte Paket bezogene Anwendungs-ID: App


Systemfehler:
=============
Error: (10/04/2019 04:21:57 PM) (Source: DCOM) (EventID: 10016) (User: FINN)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}FinnStefanieS-1-5-21-581088433-320290056-2638895184-1001LocalHost (unter Verwendung von LRPC)SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0Nicht verfügbar

Error: (10/04/2019 01:59:18 PM) (Source: DCOM) (EventID: 10016) (User: FINN)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}FinnStefanieS-1-5-21-581088433-320290056-2638895184-1001LocalHost (unter Verwendung von LRPC)SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0Nicht verfügbar

Error: (10/03/2019 04:56:27 AM) (Source: DCOM) (EventID: 10016) (User: FINN)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}FinnStefanieS-1-5-21-581088433-320290056-2638895184-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewyS-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723

Error: (10/02/2019 08:21:35 PM) (Source: DCOM) (EventID: 10016) (User: FINN)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}FinnStefanieS-1-5-21-581088433-320290056-2638895184-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewyS-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723

Error: (10/02/2019 12:18:47 AM) (Source: DCOM) (EventID: 10016) (User: FINN)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}FinnStefanieS-1-5-21-581088433-320290056-2638895184-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewyS-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723

Error: (09/30/2019 04:40:30 AM) (Source: DCOM) (EventID: 10016) (User: FINN)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}FinnStefanieS-1-5-21-581088433-320290056-2638895184-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewyS-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723

Error: (09/30/2019 12:54:02 AM) (Source: DCOM) (EventID: 10016) (User: FINN)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}FinnStefanieS-1-5-21-581088433-320290056-2638895184-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewyS-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723

Error: (09/30/2019 12:09:27 AM) (Source: DCOM) (EventID: 10016) (User: FINN)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}FinnStefanieS-1-5-21-581088433-320290056-2638895184-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewyS-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723

Error: (09/29/2019 08:41:57 PM) (Source: DCOM) (EventID: 10016) (User: FINN)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}FinnStefanieS-1-5-21-581088433-320290056-2638895184-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewyS-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723

Error: (09/29/2019 04:42:21 PM) (Source: DCOM) (EventID: 10016) (User: FINN)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}FinnStefanieS-1-5-21-581088433-320290056-2638895184-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewyS-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723


Microsoft Office:
=========================
Error: (10/04/2019 04:23:19 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FINN)
Description: httphttp-2147467263

Error: (10/04/2019 04:23:17 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FINN)
Description: httphttp-2147467263

Error: (10/04/2019 01:58:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxext.exe6.15.10.44255702a8b4igfxext.exe6.15.10.44255702a8b4c000000500000000000084b014f001d57aaafa4d0292C:\WINDOWS\system32\igfxext.exeC:\WINDOWS\system32\igfxext.exe54444b65-0ddd-4503-832d-ff1960ae65db

Error: (09/29/2019 01:21:31 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FINN)
Description: httphttp-2147467263

Error: (09/29/2019 12:52:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TPCHSrv.exe1.0.0.3154729b5entdll.dll10.0.17134.7997f828745c000037400000000000f479b147801d576b3ed2f2c0eC:\Program Files\TOSHIBA\TPHM\TPCHSrv.exeC:\WINDOWS\SYSTEM32\ntdll.dllb24c563d-e2b9-4340-8588-614baa752ebd

Error: (09/29/2019 11:55:11 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Microsoft.Photos.exe2019.19071.17920.05e001d574a202dacb384294967295C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exeada155d4-25d7-49a6-ad10-a7126b45c55fMicrosoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbweApp

Error: (09/29/2019 11:16:10 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FINN)
Description: httphttp-2147467263

Error: (09/29/2019 11:16:07 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FINN)
Description: httphttp-2147467263

Error: (09/13/2019 08:42:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxext.exe6.15.10.44255702a8b4igfxext.exe6.15.10.44255702a8b4c000000500000000000084b02dfc01d56a6305fa4e75C:\WINDOWS\system32\igfxext.exeC:\WINDOWS\system32\igfxext.exe9825ba5a-941d-4733-bcf3-bd44a97653ea

Error: (09/13/2019 08:22:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Microsoft.Photos.exe2019.19061.18920.011c801d562874b56497b4294967295C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exea6e60de0-3022-4902-b37c-c5069befa47bMicrosoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbweApp


CodeIntegrity:
===================================
  Date: 2018-09-25 09:26:00.839
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-09-25 09:26:00.604
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-09-25 09:26:00.245
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

Processor: Intel(R) Celeron(R) CPU N2830 @ 2.16GHz
Percentage of memory in use: 65%
Total physical RAM: 3982.88 MB
Available physical RAM: 1374.33 MB
Total Virtual: 4686.88 MB
Available Virtual: 1304.93 MB

==================== Drives ================================

Drive c: (TI31338300A) (Fixed) (Total:453.31 GB) (Free:254.55 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== Ende von log ============================

cosinus · 04.10.2019, 17:01

Da muss einiges deinstalliert werden. Unnötiger oder alter Krempel. Auch Avast, völliger Unsinn. m besten auch Google Chrome durch Firefox ersetzen siehe Lesestoff unten.

Adobe Acrobat Reader DC
Adobe Flash Player 32 NPAPI
Avast Free Antivirus
CCleaner
Firefox Packages
Google Chrome

Lesestoff:
Google Chrome

Offensichtlich nutzt du den Browser Chrome von Google. Von der Verwendung dieses Browsers muss man aus Datenschutzgründen dringend abraten. Siehe auch Google: Chrome-Browser scannt lokale Dateien auf Windows-PCs

Installiere Mozilla Firefox, damit lassen sich auch Profildaten aus Chrome importieren, anschließend Google Chrome deinstallieren.

Djchaos · 06.10.2019, 14:27

Hi,

ich habe nun mal die angegebenen Programme deinstalliert.
Bei den Firefox Packages ging es nicht, da die uninstaller.exe nicht gefunden wurde.

Firefox ist auch installiert.

cosinus · 06.10.2019, 14:48

Ich brauche neue FRST-Logs . Haken setzen bei addition.txt dann auf Untersuchen klicken.

Djchaos · 06.10.2019, 16:40

Hier die neuen Logs von FRST

FRST.TXT

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:28-07-2015
durchgeführt von Stefanie (Administrator) auf FINN (06-10-2019 17:27:46)
Gestartet von C:\Users\Stefanie\Desktop
Geladene Profile: Stefanie (Verfügbare Profile: Stefanie)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

konnte nicht auf den Prozess zugreifen -> Registry
(Microsoft Corporation) C:\Windows\System32\fontdrvhost.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
konnte nicht auf den Prozess zugreifen -> Memory Compression
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(Microsoft Corporation) C:\Windows\System32\SecurityHealthService.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Corporation) C:\Windows\System32\SgrmBroker.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.302\GoogleCrashHandler.exe
(Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.302\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\fontdrvhost.exe
(Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\System32\sihost.exe
(Microsoft Corporation) C:\Windows\System32\taskhostw.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\taskhostw.exe
(Microsoft Corporation) C:\Windows\System32\wermgr.exe
(Microsoft Corporation) C:\Windows\System32\MusNotification.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe
(Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe
(Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe
(Microsoft Corporation) C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(TOSHIBA) C:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TDUSrv64.exe
(RedFox) C:\Program Files (x86)\RedFox\CloneCD\CloneCDTray.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-10-09] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [179288 2014-01-05] (TOSHIBA Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296008 2013-10-22] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2013-08-06] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\RedFox\CloneCD\CloneCDTray.exe [57344 2016-03-29] (RedFox)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [20488312 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [20488312 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-581088433-320290056-2638895184-1001\...\Run: [OneDrive] => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\OneDrive.exe [1592440 2019-10-04] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Windows\System32\osk.exe [623104 2018-10-21] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Windows\System32\osk.exe [623104 2018-10-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileSyncShell.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileSyncShell.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileSyncShell.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileSyncShell.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileSyncShell.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileSyncShell.dll [2019-10-04] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileSyncShell.dll [2019-10-04] (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ATTENTION

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-09b708085549b3cc
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-09b708085549b3cc
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-581088433-320290056-2638895184-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-09b708085549b3cc
HKU\S-1-5-21-581088433-320290056-2638895184-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TEJB
HKU\S-1-5-21-581088433-320290056-2638895184-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/symbaloo_c
SearchScopes: HKLM -> DefaultScope {4A7A7036-93FB-4B53-9434-2E9D0BDBBC8E} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-219b8a270528f977&q={searchTerms}
SearchScopes: HKLM -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = 
SearchScopes: HKLM -> {4A7A7036-93FB-4B53-9434-2E9D0BDBBC8E} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-219b8a270528f977&q={searchTerms}
SearchScopes: HKLM -> {bce42d98-b1cd-493f-a64c-107aae7521be} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {4A7A7036-93FB-4B53-9434-2E9D0BDBBC8E} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-219b8a270528f977&q={searchTerms}
SearchScopes: HKLM-x32 -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {4A7A7036-93FB-4B53-9434-2E9D0BDBBC8E} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-219b8a270528f977&q={searchTerms}
SearchScopes: HKLM-x32 -> {bce42d98-b1cd-493f-a64c-107aae7521be} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-581088433-320290056-2638895184-1001 -> DefaultScope {1b31c9d2-7135-442b-bb93-7c002172adc6} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-219b8a270528f977&q={searchTerms}
SearchScopes: HKU\S-1-5-21-581088433-320290056-2638895184-1001 -> {1b31c9d2-7135-442b-bb93-7c002172adc6} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-219b8a270528f977&q={searchTerms}
SearchScopes: HKU\S-1-5-21-581088433-320290056-2638895184-1001 -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-581088433-320290056-2638895184-1001 -> {bce42d98-b1cd-493f-a64c-107aae7521be} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-581088433-320290056-2638895184-1001 -> {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2019-08-20] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2019-04-30] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-10-22] (Microsoft Corporation)
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll [2018-06-08] (Microsoft Corporation)
Handler-x32: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2018-06-08] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{75013482-b294-4535-9c56-b2178f6e757f}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{a516b4d1-81c3-4daa-bf24-f5142955b826}: [DhcpNameServer] 192.168.2.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Stefanie\AppData\Roaming\Mozilla\Firefox\Profiles\h857aa1h.default
FF SelectedSearchEngine: Search Provided by Yahoo
FF DefaultSearchEngine: Search Provided by Yahoo
FF NewTab: about:newtab
FF Homepage: https://www.bing.com/search?FORM=INCOH1&PC=IC04&PTAG=ICO-eb682354
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll No File
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-10-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-02] (Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-02] (Google LLC)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF user.js: detected! => C:\Users\Stefanie\AppData\Roaming\Mozilla\Firefox\Profiles\h857aa1h.default\user.js [2014-10-20]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
StartMenuInternet: Firefox-308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\firefox.exe

Chrome: 
=======
CHR Profile: C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Slides) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-30]
CHR Extension: (Docs) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-30]
CHR Extension: (Google Drive) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-06-30]
CHR Extension: (YouTube) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-30]
CHR Extension: (Sheets) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-30]
CHR Extension: (Search Selector Beta) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gboaiodgdajeapekadgejlbmabjganof [2019-07-04]
CHR Extension: (Google Docs Offline) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-06-30]
CHR Extension: (Avast Online Security) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-09-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-30]
CHR Extension: (Gmail) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-06-30]
CHR Extension: (Chrome Media Router) - C:\Users\Stefanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-30]
CHR HKLM\...\Chrome\Extension: [gboaiodgdajeapekadgejlbmabjganof] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-581088433-320290056-2638895184-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gboaiodgdajeapekadgejlbmabjganof] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gboaiodgdajeapekadgejlbmabjganof] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - https://clients2.google.com/service/update2/crx

==================== Services (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AJRouter; C:\Windows\System32\AJRouter.dll [25088 2018-04-12] (Microsoft Corporation)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-03-19] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R3 BTAGService; C:\Windows\System32\BTAGService.dll [514048 2018-11-09] (Microsoft Corporation)
R3 BthAvctpSvc; C:\Windows\System32\BthAvctpSvc.dll [399872 2018-11-09] (Microsoft Corporation)
R3 camsvc; C:\Windows\system32\CapabilityAccessManager.dll [266752 2019-01-09] (Microsoft Corporation)
R2 CDPSvc; C:\Windows\System32\CDPSvc.dll [632320 2018-10-21] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058256 2019-02-13] (Microsoft Corporation)
R3 ClipSVC; C:\Windows\System32\ClipSVC.dll [1033696 2019-06-13] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [885760 2018-12-08] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [567256 2018-12-08] (Microsoft Corporation)
S3 DevQueryBroker; C:\Windows\system32\DevQueryBroker.dll [33792 2018-04-12] (Microsoft Corporation)
S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [90112 2019-05-03] (Microsoft Corporation)
S3 diagsvc; C:\Windows\system32\DiagSvc.dll [219648 2018-04-12] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [827392 2019-04-19] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [593408 2019-04-19] (Microsoft Corporation)
S3 dmwappushservice; C:\Windows\system32\dmwappushsvc.dll [57856 2018-04-12] (Microsoft Corporation)
R2 DoSvc; C:\Windows\System32\svchost.exe [85472 2019-01-09] (Microsoft Corporation)
R2 DoSvc; C:\Windows\SysWOW64\svchost.exe [71456 2019-01-09] (Microsoft Corporation)
R3 DsSvc; C:\Windows\System32\DsSvc.dll [155136 2019-09-04] (Microsoft Corporation)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [21840 2014-03-03] ()
R2 DusmSvc; C:\Windows\System32\dusmsvc.dll [356352 2018-12-08] (Microsoft Corporation)
S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [167424 2018-04-12] (Microsoft Corporation)
S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [308736 2018-11-09] (Microsoft Corporation)
S3 FrameServer; C:\Windows\system32\FrameServer.dll [673792 2018-06-08] (Microsoft Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-02-26] (WildTangent)
S3 GraphicsPerfSvc; C:\Windows\System32\GraphicsPerfSvc.dll [90624 2018-04-12] (Microsoft Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [358264 2019-08-07] (HP Inc.)
S3 HvHost; C:\Windows\System32\hvhostsvc.dll [61736 2018-08-03] (Microsoft Corporation)
S3 icssvc; C:\Windows\System32\tetheringservice.dll [241152 2018-11-01] (Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [337888 2016-09-01] (Intel Corporation)
S3 InstallService; C:\Windows\system32\InstallService.dll [1487360 2019-05-17] (Microsoft Corporation)
S3 InstallService; C:\Windows\SysWOW64\InstallService.dll [1110528 2019-05-17] (Microsoft Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
S3 IpxlatCfgSvc; C:\Windows\System32\IpxlatCfg.dll [63488 2018-04-12] (Microsoft Corporation)
R3 lfsvc; C:\Windows\System32\lfsvc.dll [44544 2018-04-12] (Microsoft Corporation)
R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [48640 2018-04-12] (Microsoft Corporation)
S3 LxpSvc; C:\Windows\System32\LanguageOverlayServer.dll [199680 2018-04-12] (Microsoft Corporation)
S2 MapsBroker; C:\Windows\System32\moshost.dll [91136 2018-07-06] (Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239696 2013-07-23] ()
S3 NaturalAuthentication; C:\Windows\System32\NaturalAuth.dll [824832 2018-04-12] (Microsoft Corporation)
S3 NetSetupSvc; C:\Windows\System32\NetSetupSvc.dll [335360 2019-07-09] (Microsoft Corporation)
R3 NgcCtnrSvc; C:\Windows\System32\NgcCtnrSvc.dll [582144 2019-07-09] (Microsoft Corporation)
R3 NgcSvc; C:\Windows\system32\ngcsvc.dll [784896 2019-04-19] (Microsoft Corporation)
S3 PhoneSvc; C:\Windows\System32\PhoneService.dll [835584 2018-11-01] (Microsoft Corporation)
S3 PushToInstall; C:\Windows\system32\PushToInstall.dll [262144 2018-07-14] (Microsoft Corporation)
S3 RetailDemo; C:\Windows\system32\RDXService.dll [681984 2018-04-12] (Microsoft Corporation)
R3 RmSvc; C:\Windows\System32\RMapi.dll [153600 2018-12-08] (Microsoft Corporation)
R2 SecurityHealthService; C:\Windows\system32\SecurityHealthService.exe [760888 2018-07-14] (Microsoft Corporation)
R2 sedsvc; C:\Program Files\rempl\sedsvc.exe [357680 2019-08-26] (Microsoft Corporation)
R3 SEMgrSvc; C:\Windows\system32\SEMgrSvc.dll [1248768 2018-04-12] (Microsoft Corporation)
S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1273344 2018-04-12] (Microsoft Corporation)
S3 SensorService; C:\Windows\system32\SensorService.dll [712192 2018-04-12] (Microsoft Corporation)
R2 SgrmBroker; C:\Windows\system32\SgrmBroker.exe [163336 2018-04-12] (Microsoft Corporation)
S3 SharedRealitySvc; C:\Windows\System32\SharedRealitySvc.dll [713216 2019-06-13] (Microsoft Corporation)
S4 shpamsvc; C:\Windows\system32\Windows.SharedPC.AccountManager.dll [195584 2018-04-12] (Microsoft Corporation)
S3 SmsRouter; C:\Windows\system32\SmsRouterSvc.dll [590336 2018-04-12] (Microsoft Corporation)
S3 spectrum; C:\Windows\system32\spectrum.exe [976384 2018-06-08] (Microsoft Corporation)
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [4970360 2018-06-08] (Microsoft Corporation)
R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [4469832 2018-06-08] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [287240 2018-03-29] (Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12135768 2019-09-24] (TeamViewer GmbH)
R3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [120392 2015-11-17] (Toshiba Europe GmbH)
S3 TieringEngineService; C:\Windows\system32\TieringEngineService.exe [303616 2018-04-12] (Microsoft Corporation)
R3 TimeBrokerSvc; C:\Windows\System32\TimeBrokerServer.dll [176128 2018-04-12] (Microsoft Corporation)
R3 TokenBroker; C:\Windows\System32\TokenBroker.dll [1400832 2019-07-09] (Microsoft Corporation)
R3 TokenBroker; C:\Windows\SysWOW64\TokenBroker.dll [1003008 2019-07-09] (Microsoft Corporation)
S4 tzautoupdate; C:\Windows\system32\tzautoupdate.dll [92160 2018-11-09] (Microsoft Corporation)
S4 tzautoupdate; C:\Windows\SysWOW64\tzautoupdate.dll [72192 2018-04-12] (Microsoft Corporation)
R2 UserManager; C:\Windows\System32\usermgr.dll [1027584 2019-05-17] (Microsoft Corporation)
R2 UsoSvc; C:\Windows\system32\usocore.dll [1398272 2019-09-04] (Microsoft Corporation)
S3 VacSvc; C:\Windows\System32\vac.dll [411256 2018-04-12] (Microsoft Corporation)
S3 vmicrdv; C:\Windows\System32\icsvcext.dll [309760 2018-04-12] (Microsoft Corporation)
S3 vmicvmsession; C:\Windows\System32\icsvc.dll [289792 2018-04-12] (Microsoft Corporation)
S3 vmicvss; C:\Windows\System32\icsvcext.dll [309760 2018-04-12] (Microsoft Corporation)
S3 WaaSMedicSvc; C:\Windows\System32\WaaSMedicSvc.dll [392704 2019-01-09] (Microsoft Corporation)
S3 WalletService; C:\Windows\system32\WalletService.dll [427520 2018-04-12] (Microsoft Corporation)
S3 WarpJITSvc; C:\Windows\System32\Windows.WARP.JITService.dll [31744 2018-04-12] (Microsoft Corporation)
S3 WFDSConMgrSvc; C:\Windows\System32\wfdsconmgrsvc.dll [681984 2018-07-14] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1908.7-0\MsMpEng.exe [103168 2019-09-19] (Microsoft Corporation)
S3 wisvc; C:\Windows\system32\flightsettings.dll [858112 2018-06-08] (Microsoft Corporation)
S3 wisvc; C:\Windows\SysWOW64\flightsettings.dll [729088 2018-06-08] (Microsoft Corporation)
S3 wlpasvc; C:\Windows\System32\lpasvc.dll [1364992 2019-02-16] (Microsoft Corporation)
S3 WpcMonSvc; C:\Windows\System32\WpcDesktopMonSvc.dll [1456640 2018-06-06] (Microsoft Corporation)
R2 WpnService; C:\Windows\system32\WpnService.dll [280576 2018-04-12] (Microsoft Corporation)
S3 xbgm; C:\Windows\system32\xbgmsvc.exe [59512 2018-04-12] (Microsoft Corporation)
S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [1115648 2018-04-12] (Microsoft Corporation)
S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1308672 2018-04-12] (Microsoft Corporation)
S3 XboxGipSvc; C:\Windows\System32\XboxGipSvc.dll [58880 2018-04-12] (Microsoft Corporation)
S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1148928 2018-04-12] (Microsoft Corporation)
S3 WdNisSvc; "%ProgramData%\Microsoft\Windows Defender\platform\4.18.1908.7-0\NisSrv.exe" [X]

==================== Drivers (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [20480 2018-04-12] (Microsoft Corporation)
R1 afunix; C:\Windows\system32\drivers\afunix.sys [39424 2018-04-12] (Microsoft Corporation)
S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [18432 2018-04-12] (Microsoft Corporation)
S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533912 2018-04-12] (QLogic Corporation)
R1 bam; C:\Windows\System32\drivers\bam.sys [60320 2018-04-12] (Microsoft Corporation)
S3 BcastDVRUserService; No ImagePath
S3 BcastDVRUserService_1d39ebed; No ImagePath
S3 bindflt; C:\Windows\system32\drivers\bindflt.sys [92704 2019-01-09] (Microsoft Corporation)
S3 BluetoothUserService; No ImagePath
S3 BluetoothUserService_1d39ebed; No ImagePath
R3 BthLEEnum; C:\Windows\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [86528 2018-04-12] (Microsoft Corporation)
S0 bttflt; C:\Windows\System32\drivers\bttflt.sys [38304 2018-04-12] (Microsoft Corporation)
S3 buttonconverter; C:\Windows\System32\drivers\buttonconverter.sys [39936 2018-04-12] (Microsoft Corporation)
R3 CAD; C:\Windows\System32\drivers\CAD.sys [60320 2018-04-12] (Microsoft Corporation)
S3 CapImg; C:\Windows\System32\drivers\capimg.sys [123392 2018-04-12] (Microsoft Corporation)
S2 CDPUserSvc; No ImagePath
R2 CDPUserSvc_1d39ebed; No ImagePath
S0 cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [321432 2018-04-12] (Chelsio Communications)
S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [1836952 2018-04-12] (Chelsio Communications)
R2 CldFlt; C:\Windows\System32\drivers\cldflt.sys [414720 2019-07-09] (Microsoft Corporation)
S4 cnghwassist; C:\Windows\System32\DRIVERS\cnghwassist.sys [39328 2018-04-12] (Microsoft Corporation)
R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_bcb89b3386563bd7\CompositeBus.sys [40448 2018-04-12] (Microsoft Corporation)
S3 DevicePickerUserSvc; No ImagePath
S3 DevicePickerUserSvc_1d39ebed; No ImagePath
S3 DevicesFlowUserSvc; No ImagePath
S3 DevicesFlowUserSvc_1d39ebed; No ImagePath
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3419032 2018-04-12] (QLogic Corporation)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40872 2014-02-10] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40872 2014-02-10] (SlySoft, Inc.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-12-04] (Malwarebytes)
R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [55808 2018-04-12] (Microsoft Corporation)
S3 GENERICDRV; C:\Program Files (x86)\UEFI WinFlash\amifldrv64.sys [15640 2012-07-27] ()
S3 genericusbfn; C:\Windows\System32\drivers\genericusbfn.sys [20992 2018-04-12] (Microsoft Corporation)
R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2018-04-12] (Microsoft Corporation)
S3 hidinterrupt; C:\Windows\System32\drivers\hidinterrupt.sys [50592 2018-04-12] (Microsoft Corporation)
S4 hvcrash; C:\Windows\System32\drivers\hvcrash.sys [33184 2018-04-12] (Microsoft Corporation)
S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [76304 2019-06-07] (Microsoft Corporation)
S3 hwdatacard; C:\Windows\system32\DRIVERS\ewusbmdm.sys [115328 2015-02-26] (Huawei Technologies Co., Ltd.) [Datei ist nicht signiert]
S3 HwNClx0101; C:\Windows\System32\Drivers\mshwnclx.sys [27136 2018-04-12] (Microsoft Corporation)
S3 iagpio; C:\Windows\System32\drivers\iagpio.sys [36864 2018-04-12] (Intel(R) Corporation)
S3 iai2c; C:\Windows\System32\drivers\iai2c.sys [91648 2018-04-12] (Intel(R) Corporation)
S3 iaLPSS2i_GPIO2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [79360 2018-04-12] (Intel Corporation)
S3 iaLPSS2i_GPIO2_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [88576 2018-04-12] (Intel Corporation)
S3 iaLPSS2i_I2C; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [171520 2018-04-12] (Intel Corporation)
S3 iaLPSS2i_I2C_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [174592 2018-04-12] (Intel Corporation)
S0 iaStorAVC; C:\Windows\System32\drivers\iaStorAVC.sys [885144 2018-04-12] (Intel Corporation)
S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [526232 2018-04-12] (Mellanox)
S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [38912 2018-04-12] (Microsoft Corporation)
R0 iorate; C:\Windows\System32\drivers\iorate.sys [58168 2018-12-08] (Microsoft Corporation)
S3 IPT; C:\Windows\System32\drivers\ipt.sys [32256 2018-04-12] (Microsoft Corporation)
S0 ItSas35i; C:\Windows\System32\drivers\ItSas35i.sys [145816 2018-04-12] (Avago Technologies)
S0 LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [124312 2018-04-12] (LSI Corporation)
S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [128408 2018-04-12] (Avago Technologies)
S3 mausbhost; C:\Windows\System32\drivers\mausbhost.sys [505240 2018-04-12] (Microsoft Corporation)
S3 mausbip; C:\Windows\System32\drivers\mausbip.sys [56736 2018-04-12] (Microsoft Corporation)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198512 2019-09-29] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [126624 2019-09-29] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [72536 2019-09-29] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [261032 2019-09-29] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [113016 2019-10-06] (Malwarebytes)
S0 megasas; C:\Windows\System32\drivers\megasas.sys [59800 2018-04-12] (Avago Technologies)
S0 megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [75160 2018-04-12] (Avago Technologies)
S0 megasas35i; C:\Windows\System32\drivers\megasas35i.sys [82328 2018-04-12] (Avago Technologies)
S3 MessagingService; No ImagePath
S3 MessagingService_1d39ebed; No ImagePath
R3 Microsoft_Bluetooth_AvrcpTransport; C:\Windows\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation)
S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [842648 2018-04-12] (Mellanox)
R2 MMCSS; C:\Windows\system32\drivers\mmcss.sys [43008 2018-12-08] (Microsoft Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [29192 2016-03-17] (Marvell Semiconductor, Inc.)
S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [108952 2018-04-12] (Mellanox)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [175104 2018-04-12] (Microsoft Corporation)
S3 netvsc; C:\Windows\System32\drivers\netvsc.sys [197632 2018-04-12] (Microsoft Corporation)
S3 nvdimm; C:\Windows\System32\drivers\nvdimm.sys [104448 2018-04-12] (Microsoft Corporation)
S2 OneSyncSvc; No ImagePath
U2 OneSyncSvc_1d39ebed; No ImagePath
S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58776 2018-04-12] (Avago Technologies)
S0 percsas3i; C:\Windows\System32\drivers\percsas3i.sys [61848 2018-04-12] (Avago Technologies)
S3 PimIndexMaintenanceSvc; No ImagePath
S3 PimIndexMaintenanceSvc_1d39ebed; No ImagePath
S3 pmem; C:\Windows\System32\drivers\pmem.sys [105984 2018-04-12] (Microsoft Corporation)
S3 PrintWorkflowUserSvc; No ImagePath
S3 PrintWorkflowUserSvc_1d39ebed; No ImagePath
S0 Ramdisk; C:\Windows\System32\DRIVERS\ramdisk.sys [39840 2018-04-12] (Microsoft Corporation)
S3 ReFSv1; C:\Windows\System32\Drivers\ReFSv1.sys [945464 2019-03-06] (Microsoft Corporation)
S3 rhproxy; C:\Windows\System32\drivers\rhproxy.sys [104448 2018-04-12] (Microsoft Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-09] (Realtek Semiconductor Corp.)
S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [128920 2018-08-03] (Microsoft Corporation)
S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [33176 2018-04-12] (Microsoft Corporation)
R0 SgrmAgent; C:\Windows\System32\drivers\SgrmAgent.sys [63896 2018-04-12] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [54792 2018-03-29] (Synaptics Incorporated)
S3 SpatialGraphFilter; C:\Windows\System32\drivers\SpatialGraphFilter.sys [57752 2018-04-12] (Microsoft Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [82432 2019-03-14] (Microsoft Corporation)
S0 storufs; C:\Windows\System32\drivers\storufs.sys [48544 2018-06-15] (Microsoft Corporation)
R3 swenum; C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_ea7b19c04e7a8136\swenum.sys [18336 2018-04-12] (Microsoft Corporation)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [54424 2015-07-29] (Toshiba Corporation)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [128512 2018-04-12] (Microsoft Corporation)
S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [152576 2018-04-12] (Microsoft Corporation)
S3 UcmUcsi; C:\Windows\System32\drivers\UcmUcsi.sys [57856 2018-04-12] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [45056 2018-04-12] (Microsoft Corporation)
S3 Ufx01000; C:\Windows\System32\drivers\ufx01000.sys [282008 2018-04-12] (Microsoft Corporation)
S3 UfxChipidea; C:\Windows\System32\drivers\UfxChipidea.sys [98200 2018-04-12] (Microsoft Corporation)
S3 ufxsynopsys; C:\Windows\System32\drivers\ufxsynopsys.sys [144288 2018-04-12] (Microsoft Corporation)
S3 UnistoreSvc; No ImagePath
R3 UnistoreSvc_1d39ebed; No ImagePath
S3 UrsChipidea; C:\Windows\System32\drivers\urschipidea.sys [29088 2018-04-12] (Microsoft Corporation)
S3 UrsCx01000; C:\Windows\System32\drivers\urscx01000.sys [67992 2018-04-12] (Microsoft Corporation)
S3 UrsSynopsys; C:\Windows\System32\drivers\urssynopsys.sys [28064 2018-04-12] (Microsoft Corporation)
S3 UserDataSvc; No ImagePath
R3 UserDataSvc_1d39ebed; No ImagePath
S3 vhf; C:\Windows\System32\drivers\vhf.sys [36352 2018-10-21] (Microsoft Corporation)
S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [10240 2018-08-03] (Microsoft Corporation)
R0 volume; C:\Windows\System32\drivers\volume.sys [16288 2018-04-12] (Microsoft Corporation)
R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [152072 2019-03-14] (Microsoft Corporation)
R3 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [83456 2018-12-08] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46472 2019-09-19] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [346336 2019-09-19] (Microsoft Corporation)
S3 wdiwifi; C:\Windows\System32\DRIVERS\wdiwifi.sys [787968 2019-05-17] (Microsoft Corporation)
S3 WdmCompanionFilter; C:\Windows\System32\drivers\WdmCompanionFilter.sys [21408 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [53984 2019-09-19] (Microsoft Corporation)
R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [72768 2018-06-15] (Microsoft Corporation)
R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [18472 2018-04-12] (Microsoft Corporation)
S3 WinMad; C:\Windows\System32\drivers\winmad.sys [32152 2018-04-12] (Mellanox)
S3 WinNat; C:\Windows\System32\drivers\winnat.sys [228864 2019-05-17] (Microsoft Corporation)
S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [64920 2018-04-12] (Mellanox)
S2 WpnUserService; No ImagePath
R2 WpnUserService_1d39ebed; No ImagePath
S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [295424 2018-06-15] (Microsoft Corporation)
S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [46592 2018-04-12] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

NETSVC: InstallService -> C:\Windows\system32\InstallService.dll (Microsoft Corporation)
NETSVC: LxpSvc -> C:\Windows\System32\LanguageOverlayServer.dll (Microsoft Corporation)
NETSVC: shpamsvc -> C:\Windows\system32\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
NETSVC: PushToInstall -> C:\Windows\system32\PushToInstall.dll (Microsoft Corporation)
NETSVC: XblGameSave -> C:\Windows\System32\XblGameSave.dll (Microsoft Corporation)
NETSVC: DmEnrollmentSvc -> C:\Windows\system32\Windows.Internal.Management.dll (Microsoft Corporation)
NETSVC: XblAuthManager -> C:\Windows\System32\XblAuthManager.dll (Microsoft Corporation)
NETSVC: NaturalAuthentication -> C:\Windows\System32\NaturalAuth.dll (Microsoft Corporation)
NETSVC: NetSetupSvc -> C:\Windows\System32\NetSetupSvc.dll (Microsoft Corporation)
NETSVC: UserManager -> C:\Windows\System32\usermgr.dll (Microsoft Corporation)
NETSVC: XboxGipSvc -> C:\Windows\System32\XboxGipSvc.dll (Microsoft Corporation)
NETSVC: TokenBroker -> C:\Windows\System32\TokenBroker.dll (Microsoft Corporation)
NETSVC: dmwappushservice -> C:\Windows\system32\dmwappushsvc.dll (Microsoft Corporation)
NETSVC: wisvc -> C:\Windows\system32\flightsettings.dll (Microsoft Corporation)
NETSVC: WpnService -> C:\Windows\system32\WpnService.dll (Microsoft Corporation)
NETSVC: XboxNetApiSvc -> C:\Windows\system32\XboxNetApiSvc.dll (Microsoft Corporation)
NETSVC: UsoSvc -> C:\Windows\system32\usocore.dll (Microsoft Corporation)
NETSVCx32: TokenBroker -> C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation)
NETSVCx32: UserManager -> C:\Windows\SysWOW64\usermgr.dll ==> Keine Datei

==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2019-10-06 17:27 - 2019-10-06 17:27 - 00000000 ___HD C:\OneDriveTemp
2019-10-06 15:25 - 2019-10-06 15:25 - 00001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-10-06 15:25 - 2019-10-06 15:25 - 00001004 _____ C:\Users\Public\Desktop\Firefox.lnk
2019-10-06 15:24 - 2019-10-06 15:24 - 00000000 ____D C:\Program Files\Mozilla Firefox
2019-10-06 15:23 - 2019-10-06 15:24 - 49818008 _____ (Mozilla) C:\Users\Stefanie\Downloads\Firefox Setup 69.0.2.exe
2019-10-04 16:31 - 2019-10-04 16:35 - 00070902 _____ C:\Users\Stefanie\Desktop\Addition.txt
2019-10-04 16:27 - 2019-10-06 17:28 - 00000000 ____D C:\FRST
2019-10-04 16:27 - 2019-10-06 17:27 - 00044074 _____ C:\Users\Stefanie\Desktop\FRST.txt
2019-10-04 16:25 - 2019-10-04 16:25 - 02169856 _____ (Farbar) C:\Users\Stefanie\Desktop\FRST64.exe
2019-10-04 13:58 - 2019-10-04 17:19 - 00000000 ____D C:\Users\Stefanie\AppData\Local\CrashDumps
2019-09-29 15:50 - 2019-09-29 15:50 - 00001123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 14.lnk
2019-09-29 15:50 - 2019-09-29 15:50 - 00001111 _____ C:\Users\Public\Desktop\TeamViewer 14.lnk
2019-09-29 15:50 - 2019-09-29 15:50 - 00000000 ____D C:\Users\Stefanie\AppData\Roaming\TeamViewer
2019-09-29 15:50 - 2019-09-29 15:50 - 00000000 ____D C:\Users\Stefanie\AppData\Local\TeamViewer
2019-09-29 15:50 - 2019-09-29 15:50 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2019-09-29 15:48 - 2019-09-29 15:49 - 26199544 _____ (TeamViewer GmbH) C:\Users\Stefanie\Downloads\TeamViewer_Setup.exe
2019-09-29 12:52 - 2019-09-29 12:52 - 00019785 _____ C:\Users\Stefanie\Desktop\Report_Malwarebytes.txt
2019-09-29 12:46 - 2019-09-29 12:46 - 00072536 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-09-29 12:45 - 2019-10-06 14:59 - 00113016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-09-29 12:45 - 2019-09-29 12:45 - 00126624 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-09-29 12:42 - 2019-09-29 12:46 - 00000306 __RSH C:\ProgramData\ntuser.pol
2019-09-29 12:27 - 2019-09-29 12:27 - 00000000 ____D C:\Users\Stefanie\AppData\Local\mbamtray
2019-09-29 12:27 - 2019-09-29 12:27 - 00000000 ____D C:\Users\Stefanie\AppData\Local\mbam
2019-09-29 12:21 - 2019-09-29 12:21 - 00198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-09-29 12:20 - 2019-09-29 12:45 - 00261032 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-09-29 12:20 - 2019-09-29 12:20 - 00001923 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-09-29 12:20 - 2019-09-29 12:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-09-29 12:20 - 2018-12-04 08:09 - 00152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-09-29 12:19 - 2019-09-29 12:19 - 00000000 ____D C:\Program Files\Malwarebytes
2019-09-29 12:10 - 2019-09-29 12:19 - 00000000 ____D C:\ProgramData\Malwarebytes
2019-09-29 12:08 - 2019-09-29 12:08 - 00000000 ____D C:\Users\Stefanie\AppData\Roaming\AVAST Software
2019-09-29 12:06 - 2019-09-29 12:07 - 22851472 _____ (Malwarebytes ) C:\Users\Stefanie\Downloads\mbam-setup-2.2.1.1043.exe
2019-09-29 12:03 - 2019-09-29 12:03 - 00002099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2019-09-29 12:03 - 2019-09-29 12:03 - 00002087 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-09-29 11:54 - 2019-09-30 15:58 - 00848432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw6628da15bfb023de.tmp
2019-09-29 11:54 - 2019-09-30 15:58 - 00460448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbb00d5506afbf00d.tmp
2019-09-29 11:54 - 2019-09-29 11:59 - 00856960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys.156985192484301
2019-09-29 11:54 - 2019-09-29 11:59 - 00464608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys.156985192484301
2019-09-29 11:54 - 2019-09-29 11:54 - 00316528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswd93cbf2bb74ed39d.tmp
2019-09-29 11:54 - 2019-09-29 11:54 - 00276952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw7725644aceb28575.tmp
2019-09-29 11:54 - 2019-09-29 11:54 - 00236024 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswc09f1aaa7ecf305c.tmp
2019-09-29 11:54 - 2019-09-29 11:54 - 00171520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw68594f7727e55d28.tmp
2019-09-29 11:54 - 2019-09-29 11:54 - 00110320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw1cd3342fff195b97.tmp
2019-09-29 11:54 - 2019-09-29 11:54 - 00083792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswd5c56a17e2f83be3.tmp
2019-09-29 11:54 - 2019-09-29 11:54 - 00042736 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw02f1e72a6b4ce91a.tmp
2019-09-29 11:54 - 2019-09-29 11:54 - 00016304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw8bf716967ddc3324.tmp
2019-09-29 11:54 - 2019-09-29 11:54 - 00000000 ____D C:\Program Files\Common Files\AVAST Software
2019-09-29 11:54 - 2019-09-29 11:53 - 00355720 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-09-29 11:54 - 2019-09-29 11:53 - 00274456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw34a9b079378bc57b.tmp
2019-09-29 11:54 - 2019-09-29 11:53 - 00209552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw54f2df87fb8e5188.tmp
2019-09-29 11:54 - 2019-09-29 11:53 - 00204824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswc02b8fcb80d13b27.tmp
2019-09-29 11:54 - 2019-09-29 11:53 - 00065120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw4de6767cdab830e4.tmp
2019-09-29 11:54 - 2019-09-29 11:53 - 00037616 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswcd7242a34ab7b133.tmp
2019-09-29 11:52 - 2019-09-29 11:52 - 00000000 ____D C:\Program Files\AVAST Software
2019-09-29 11:51 - 2019-09-29 11:54 - 00000000 ____D C:\ProgramData\AVAST Software
2019-09-29 11:50 - 2019-09-29 11:50 - 20889016 _____ (Piriform Software Ltd) C:\Users\Stefanie\Downloads\ccsetup561.exe
2019-09-28 09:12 - 2019-09-28 09:12 - 00002134 _____ C:\Users\Stefanie\Desktop\Chromium.lnk
2019-09-28 09:12 - 2019-09-28 09:12 - 00001777 _____ C:\Users\Stefanie\Desktop\Internet Explorer.lnk
2019-09-28 00:42 - 2019-09-28 00:42 - 00325862 _____ C:\Users\Stefanie\AppData\Roaming\Cerepelu
2019-09-21 08:49 - 2019-09-21 08:49 - 00000279 _____ C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papierkorb.lnk
2019-09-19 12:28 - 2019-09-19 12:28 - 00292078 _____ C:\Users\Stefanie\AppData\Roaming\Ninibokekimi
2019-09-11 05:22 - 2019-09-04 07:13 - 07519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-09-11 05:22 - 2019-09-04 07:02 - 06568280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-09-11 05:22 - 2019-09-04 06:55 - 25857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-09-11 05:22 - 2019-09-04 06:45 - 22734336 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-09-11 05:21 - 2019-09-04 12:16 - 02871608 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-09-11 05:21 - 2019-09-04 12:16 - 01721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-09-11 05:21 - 2019-09-04 12:16 - 00810808 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-09-11 05:21 - 2019-09-04 12:16 - 00740664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-09-11 05:21 - 2019-09-04 12:16 - 00324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-09-11 05:21 - 2019-09-04 12:15 - 00637752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-09-11 05:21 - 2019-09-04 12:15 - 00464696 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-09-11 05:21 - 2019-09-04 12:15 - 00164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-09-11 05:21 - 2019-09-04 12:15 - 00071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-09-11 05:21 - 2019-09-04 12:01 - 04527800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-09-11 05:21 - 2019-09-04 12:01 - 01516632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-09-11 05:21 - 2019-09-04 12:00 - 21399576 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-09-11 05:21 - 2019-09-04 12:00 - 01632112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-09-11 05:21 - 2019-09-04 12:00 - 01616840 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-09-11 05:21 - 2019-09-04 11:46 - 12838400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-09-11 05:21 - 2019-09-04 11:43 - 08627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-09-11 05:21 - 2019-09-04 11:40 - 03614208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-09-11 05:21 - 2019-09-04 11:40 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-09-11 05:21 - 2019-09-04 10:52 - 01453624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-09-11 05:21 - 2019-09-04 10:50 - 01320344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-09-11 05:21 - 2019-09-04 10:48 - 20393120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-09-11 05:21 - 2019-09-04 10:38 - 12039680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-09-11 05:21 - 2019-09-04 10:33 - 02882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-09-11 05:21 - 2019-09-04 07:25 - 03180080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2019-09-11 05:21 - 2019-09-04 07:25 - 01613096 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2019-09-11 05:21 - 2019-09-04 07:19 - 00513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-09-11 05:21 - 2019-09-04 07:19 - 00511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-09-11 05:21 - 2019-09-04 07:17 - 01213264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-09-11 05:21 - 2019-09-04 07:17 - 01035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-09-11 05:21 - 2019-09-04 07:15 - 05627280 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-09-11 05:21 - 2019-09-04 07:15 - 01219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-09-11 05:21 - 2019-09-04 07:15 - 01027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-09-11 05:21 - 2019-09-04 07:14 - 07437592 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-09-11 05:21 - 2019-09-04 07:14 - 03290584 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-09-11 05:21 - 2019-09-04 07:14 - 02469920 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-09-11 05:21 - 2019-09-04 07:13 - 09084424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-09-11 05:21 - 2019-09-04 07:13 - 04405232 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-09-11 05:21 - 2019-09-04 07:13 - 02773816 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-09-11 05:21 - 2019-09-04 07:13 - 02571848 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-09-11 05:21 - 2019-09-04 07:13 - 02371296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-09-11 05:21 - 2019-09-04 07:10 - 00415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-09-11 05:21 - 2019-09-04 07:03 - 06046096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-09-11 05:21 - 2019-09-04 07:03 - 02478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-09-11 05:21 - 2019-09-04 07:03 - 02331696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-09-11 05:21 - 2019-09-04 07:03 - 02261448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-09-11 05:21 - 2019-09-04 07:03 - 01993136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-09-11 05:21 - 2019-09-04 07:03 - 01980264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-09-11 05:21 - 2019-09-04 07:02 - 04790160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-09-11 05:21 - 2019-09-04 06:54 - 22017024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-09-11 05:21 - 2019-09-04 06:48 - 19385344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-09-11 05:21 - 2019-09-04 06:48 - 07057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2019-09-11 05:21 - 2019-09-04 06:46 - 09084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2019-09-11 05:21 - 2019-09-04 06:45 - 05883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2019-09-11 05:21 - 2019-09-04 06:44 - 04388864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-09-11 05:21 - 2019-09-04 06:44 - 03687424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-09-11 05:21 - 2019-09-04 06:43 - 04849664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-09-11 05:21 - 2019-09-04 06:43 - 03402240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-09-11 05:21 - 2019-09-04 06:42 - 07572992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-09-11 05:21 - 2019-09-04 06:42 - 06032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2019-09-11 05:21 - 2019-09-04 06:42 - 05769728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-09-11 05:21 - 2019-09-04 06:42 - 01765888 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-09-11 05:21 - 2019-09-04 06:41 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-09-11 05:21 - 2019-09-04 06:41 - 01634304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-09-11 05:21 - 2019-09-04 06:40 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-09-11 05:21 - 2019-09-04 06:40 - 02602496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-09-11 05:21 - 2019-09-04 06:40 - 02364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2019-09-11 05:21 - 2019-09-04 06:40 - 01808896 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-09-11 05:21 - 2019-09-04 06:39 - 03203072 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-09-11 05:21 - 2019-09-04 06:39 - 02166272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-09-11 05:21 - 2019-09-04 06:39 - 01920512 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-09-11 05:21 - 2019-09-04 06:38 - 01398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-09-11 05:21 - 2019-08-13 20:20 - 03701184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-09-11 05:21 - 2019-08-13 20:06 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-09-11 05:21 - 2019-08-13 16:46 - 06661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-09-11 05:21 - 2019-08-13 16:45 - 02969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-09-11 05:21 - 2019-08-13 12:14 - 04040008 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-09-11 05:21 - 2019-08-13 11:51 - 04853248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-09-11 05:21 - 2019-08-13 11:51 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2019-09-11 05:21 - 2019-08-13 11:50 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-09-11 05:21 - 2019-08-13 11:47 - 01262080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-09-11 05:21 - 2019-08-13 06:17 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-09-11 05:21 - 2019-08-13 06:16 - 08189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-09-11 05:21 - 2019-08-13 06:15 - 01626112 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-09-11 05:21 - 2019-08-13 06:14 - 01826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-09-11 05:21 - 2019-08-13 06:08 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-09-11 05:21 - 2019-08-13 04:51 - 00421376 _____ (curl, https://curl.haxx.se/) C:\WINDOWS\system32\curl.exe
2019-09-11 05:20 - 2019-09-04 12:06 - 00581016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-09-11 05:20 - 2019-09-04 12:06 - 00541200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-09-11 05:20 - 2019-09-04 12:06 - 00402016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2019-09-11 05:20 - 2019-09-04 12:01 - 00790936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-09-11 05:20 - 2019-09-04 12:01 - 00396088 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2019-09-11 05:20 - 2019-09-04 11:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-09-11 05:20 - 2019-09-04 11:44 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-09-11 05:20 - 2019-09-04 11:42 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\NcaSvc.dll
2019-09-11 05:20 - 2019-09-04 11:41 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-09-11 05:20 - 2019-09-04 11:40 - 01364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-09-11 05:20 - 2019-09-04 11:40 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-09-11 05:20 - 2019-09-04 11:39 - 00577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-09-11 05:20 - 2019-09-04 10:52 - 00467400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2019-09-11 05:20 - 2019-09-04 10:51 - 00662328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-09-11 05:20 - 2019-09-04 10:51 - 00322360 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2019-09-11 05:20 - 2019-09-04 10:50 - 00356896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2019-09-11 05:20 - 2019-09-04 10:38 - 07990784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-09-11 05:20 - 2019-09-04 10:35 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-09-11 05:20 - 2019-09-04 07:24 - 02417744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2019-09-11 05:20 - 2019-09-04 07:24 - 01298960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2019-09-11 05:20 - 2019-09-04 07:24 - 00705336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-09-11 05:20 - 2019-09-04 07:19 - 00036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-09-11 05:20 - 2019-09-04 07:15 - 00568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-09-11 05:20 - 2019-09-04 07:15 - 00500744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-09-11 05:20 - 2019-09-04 07:15 - 00491208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-09-11 05:20 - 2019-09-04 07:15 - 00323904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2019-09-11 05:20 - 2019-09-04 07:14 - 01934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-09-11 05:20 - 2019-09-04 07:14 - 01363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-09-11 05:20 - 2019-09-04 07:14 - 01209696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-09-11 05:20 - 2019-09-04 07:14 - 00594032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-09-11 05:20 - 2019-09-04 07:14 - 00420984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xbgmengine.dll
2019-09-11 05:20 - 2019-09-04 07:14 - 00361752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-09-11 05:20 - 2019-09-04 07:13 - 01459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-09-11 05:20 - 2019-09-04 07:13 - 01260776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-09-11 05:20 - 2019-09-04 07:13 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-09-11 05:20 - 2019-09-04 07:13 - 01098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-09-11 05:20 - 2019-09-04 07:13 - 00983936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-09-11 05:20 - 2019-09-04 07:13 - 00735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-09-11 05:20 - 2019-09-04 07:13 - 00713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-09-11 05:20 - 2019-09-04 07:13 - 00692352 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2019-09-11 05:20 - 2019-09-04 07:13 - 00545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-09-11 05:20 - 2019-09-04 07:13 - 00383288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-09-11 05:20 - 2019-09-04 07:13 - 00335672 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2019-09-11 05:20 - 2019-09-04 07:13 - 00260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-09-11 05:20 - 2019-09-04 07:13 - 00129040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-09-11 05:20 - 2019-09-04 07:05 - 00550520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-09-11 05:20 - 2019-09-04 07:04 - 00286616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-09-11 05:20 - 2019-09-04 07:03 - 01011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-09-11 05:20 - 2019-09-04 07:03 - 00581264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-09-11 05:20 - 2019-09-04 07:03 - 00538192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2019-09-11 05:20 - 2019-09-04 07:02 - 01805872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-09-11 05:20 - 2019-09-04 07:02 - 00560600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-09-11 05:20 - 2019-09-04 07:02 - 00129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-09-11 05:20 - 2019-09-04 06:46 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-09-11 05:20 - 2019-09-04 06:45 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-09-11 05:20 - 2019-09-04 06:45 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-09-11 05:20 - 2019-09-04 06:45 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ws2ifsl.sys
2019-09-11 05:20 - 2019-09-04 06:44 - 06647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2019-09-11 05:20 - 2019-09-04 06:43 - 05307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-09-11 05:20 - 2019-09-04 06:43 - 02825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2019-09-11 05:20 - 2019-09-04 06:43 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-09-11 05:20 - 2019-09-04 06:43 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2019-09-11 05:20 - 2019-09-04 06:43 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2019-09-11 05:20 - 2019-09-04 06:43 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-09-11 05:20 - 2019-09-04 06:43 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2019-09-11 05:20 - 2019-09-04 06:42 - 03381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2019-09-11 05:20 - 2019-09-04 06:42 - 02929152 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2019-09-11 05:20 - 2019-09-04 06:42 - 01862656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2019-09-11 05:20 - 2019-09-04 06:42 - 00894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-09-11 05:20 - 2019-09-04 06:42 - 00808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-09-11 05:20 - 2019-09-04 06:42 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-09-11 05:20 - 2019-09-04 06:42 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-09-11 05:20 - 2019-09-04 06:42 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2019-09-11 05:20 - 2019-09-04 06:42 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-09-11 05:20 - 2019-09-04 06:42 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-09-11 05:20 - 2019-09-04 06:41 - 02449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2019-09-11 05:20 - 2019-09-04 06:41 - 01986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2019-09-11 05:20 - 2019-09-04 06:41 - 01347584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2019-09-11 05:20 - 2019-09-04 06:41 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-09-11 05:20 - 2019-09-04 06:41 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-09-11 05:20 - 2019-09-04 06:40 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-09-11 05:20 - 2019-09-04 06:40 - 01563648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-09-11 05:20 - 2019-09-04 06:40 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-09-11 05:20 - 2019-09-04 06:40 - 00978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2019-09-11 05:20 - 2019-09-04 06:40 - 00851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-09-11 05:20 - 2019-09-04 06:40 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-09-11 05:20 - 2019-09-04 06:40 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 01264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 01225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 00976896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 00961536 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 00927744 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 00735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 00729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 00532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-09-11 05:20 - 2019-09-04 06:39 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-09-11 05:20 - 2019-09-04 06:38 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-09-11 05:20 - 2019-09-04 06:38 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2019-09-11 05:20 - 2019-09-04 06:38 - 00705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2019-09-11 05:20 - 2019-09-04 06:38 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-09-11 05:20 - 2019-09-04 06:38 - 00506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-09-11 05:20 - 2019-09-04 05:22 - 00001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-09-11 05:20 - 2019-08-16 00:55 - 00786072 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-09-11 05:20 - 2019-08-16 00:55 - 00604000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-09-11 05:20 - 2019-08-15 11:59 - 00868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-09-11 05:20 - 2019-08-13 20:21 - 00665400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-09-11 05:20 - 2019-08-13 20:21 - 00221016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2019-09-11 05:20 - 2019-08-13 20:20 - 00106560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2019-09-11 05:20 - 2019-08-13 20:06 - 00668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2019-09-11 05:20 - 2019-08-13 20:06 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComputerDefaults.exe
2019-09-11 05:20 - 2019-08-13 20:05 - 02017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-09-11 05:20 - 2019-08-13 17:06 - 00443632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-09-11 05:20 - 2019-08-13 17:04 - 01651040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2019-09-11 05:20 - 2019-08-13 17:04 - 01585304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2019-09-11 05:20 - 2019-08-13 16:44 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2019-09-11 05:20 - 2019-08-13 16:43 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-09-11 05:20 - 2019-08-13 16:43 - 00624128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2019-09-11 05:20 - 2019-08-13 16:43 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2019-09-11 05:20 - 2019-08-13 16:42 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2019-09-11 05:20 - 2019-08-13 16:40 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-09-11 05:20 - 2019-08-13 16:39 - 00536064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-09-11 05:20 - 2019-08-13 12:09 - 00771384 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-09-11 05:20 - 2019-08-13 12:09 - 00571688 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-09-11 05:20 - 2019-08-13 12:08 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2019-09-11 05:20 - 2019-08-13 11:49 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-09-11 05:20 - 2019-08-13 11:49 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComputerDefaults.exe
2019-09-11 05:20 - 2019-08-13 11:46 - 02084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-09-11 05:20 - 2019-08-13 11:46 - 00757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2019-09-11 05:20 - 2019-08-13 08:37 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-09-11 05:20 - 2019-08-13 06:54 - 00790208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-09-11 05:20 - 2019-08-13 06:46 - 00611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-09-11 05:20 - 2019-08-13 06:46 - 00510288 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-09-11 05:20 - 2019-08-13 06:46 - 00194360 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-09-11 05:20 - 2019-08-13 06:45 - 02718736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-09-11 05:20 - 2019-08-13 06:45 - 00723216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-09-11 05:20 - 2019-08-13 06:45 - 00722960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-09-11 05:20 - 2019-08-13 06:44 - 02161288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2019-09-11 05:20 - 2019-08-13 06:44 - 01793472 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2019-09-11 05:20 - 2019-08-13 06:16 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-09-11 05:20 - 2019-08-13 06:13 - 00462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-09-11 05:20 - 2019-08-13 06:13 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2019-09-11 05:20 - 2019-08-13 06:12 - 01307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-09-11 05:20 - 2019-08-13 06:12 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-09-11 05:20 - 2019-08-13 06:12 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-09-11 05:20 - 2019-08-13 06:12 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2019-09-11 05:20 - 2019-08-13 06:12 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2019-09-11 05:20 - 2019-08-13 06:11 - 00737280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2019-09-11 05:20 - 2019-08-13 06:11 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-09-11 05:20 - 2019-08-13 06:11 - 00302592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2019-09-11 05:20 - 2019-08-13 06:08 - 00662016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-09-11 05:20 - 2019-08-13 06:08 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2019-09-11 05:20 - 2019-08-13 04:49 - 00806328 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-09-11 05:20 - 2019-08-13 04:49 - 00806328 _____ C:\WINDOWS\system32\locale.nls
2019-09-11 05:20 - 2019-08-13 02:57 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-09-11 05:20 - 2019-08-13 02:57 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-09-11 05:20 - 2019-08-13 02:57 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-09-11 05:20 - 2019-08-13 02:57 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-09-10 00:42 - 2019-09-10 00:42 - 00128371 _____ C:\Users\Stefanie\AppData\Roaming\Hesumo

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2019-10-06 17:28 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\system32\sru
2019-10-06 17:27 - 2014-10-08 20:22 - 00000000 ___RD C:\Users\Stefanie\OneDrive
2019-10-06 17:26 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\AppReadiness
2019-10-06 15:27 - 2014-10-08 20:51 - 00000000 ____D C:\ProgramData\Mozilla
2019-10-06 15:25 - 2014-10-08 21:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-10-06 15:22 - 2014-05-22 01:54 - 00000000 ____D C:\Program Files (x86)\Google
2019-10-06 15:13 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-10-06 15:13 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\system32\Macromed
2019-10-06 15:12 - 2016-08-02 17:58 - 00000000 ____D C:\Program Files (x86)\Adobe
2019-10-05 17:58 - 2018-06-06 21:39 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2019-10-05 17:58 - 2014-10-22 12:12 - 00000000 ____D C:\Users\Stefanie\Documents\Steffi Bewerbungsunterlagen
2019-10-05 17:25 - 2018-06-07 08:10 - 00000000 ____D C:\Users\Stefanie\AppData\Local\PlaceholderTileLogoFolder
2019-10-05 17:19 - 2018-07-03 18:52 - 00000000 ____D C:\ProgramData\Packages
2019-10-05 17:19 - 2017-12-09 10:20 - 00000000 ____D C:\Users\Stefanie\AppData\Local\Packages
2019-10-04 14:27 - 2018-04-12 01:30 - 00000000 ____D C:\WINDOWS\CbsTemp
2019-10-04 12:28 - 2018-06-07 06:08 - 00003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-581088433-320290056-2638895184-1001
2019-10-04 12:28 - 2018-06-07 05:37 - 00002434 _____ C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-02 22:38 - 2018-06-07 06:08 - 00003632 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-10-02 22:38 - 2018-06-07 06:08 - 00003508 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-09-29 12:44 - 2018-06-07 06:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-09-29 12:43 - 2018-04-11 23:04 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2019-09-29 12:42 - 2018-11-10 14:11 - 00000000 ____D C:\WINDOWS\System32\Tasks\{2B98FEB0-6DA7-A6C5-DCC0-4113E135866E}
2019-09-29 12:42 - 2017-09-28 20:25 - 00000000 ____D C:\Users\Stefanie\AppData\Roaming\2b98feb06da7a6c5dcc04113e135866e
2019-09-29 12:42 - 2016-08-03 11:31 - 00000000 ____D C:\ProgramData\iolo
2019-09-29 12:42 - 2016-08-03 11:31 - 00000000 ____D C:\Program Files (x86)\iolo
2019-09-29 12:42 - 2014-05-22 01:53 - 00000000 ____D C:\Program Files (x86)\Amazon
2019-09-29 12:27 - 2018-06-07 05:52 - 01718588 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-09-29 12:27 - 2018-04-12 18:13 - 00743096 _____ C:\WINDOWS\system32\perfh007.dat
2019-09-29 12:27 - 2018-04-12 18:13 - 00149732 _____ C:\WINDOWS\system32\perfc007.dat
2019-09-29 12:23 - 2017-12-09 10:53 - 00000000 ___RD C:\Users\Stefanie\3D Objects
2019-09-29 12:19 - 2018-06-06 21:39 - 00282216 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-09-29 12:18 - 2016-12-02 20:29 - 00293436 _____ C:\WINDOWS\PFRO.log
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\zu-ZA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\yo-NG
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\xh-ZA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\wo-SN
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\tn-ZA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\ti-ET
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\rw-RW
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\nso-ZA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\ig-NG
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\chr-CHER-US
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2019-09-29 12:15 - 2018-04-12 18:17 - 00000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2019-09-29 12:15 - 2018-04-12 01:38 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-09-29 12:15 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\TextInput
2019-09-29 12:15 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-09-29 12:15 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\system32\oobe
2019-09-29 12:15 - 2018-04-11 23:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2019-09-29 12:14 - 2018-04-12 01:38 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-09-29 12:14 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\ShellExperiences
2019-09-29 12:14 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2019-09-29 12:14 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\bcastdvr
2019-09-29 11:59 - 2018-05-30 20:46 - 00000000 ___DC C:\WINDOWS\Panther
2019-09-29 11:59 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2019-09-29 11:55 - 2018-04-12 01:38 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2019-09-29 11:47 - 2018-04-12 01:38 - 00000000 ____D C:\WINDOWS\system32\NDF
2019-09-28 09:13 - 2019-07-04 14:27 - 00000000 ____D C:\ProgramData\{558E69B2-7DA6-11CA-25FE-39E2CD16E13A}
2019-09-28 00:42 - 2014-10-10 12:42 - 00001093 _____ C:\Users\Stefanie\AppData\Roaming\WB.CFG
2019-09-21 08:57 - 2016-12-02 19:45 - 00000000 ____D C:\Program Files\OnlineFotoservice
2019-09-21 08:54 - 2018-10-17 19:55 - 00000000 ____D C:\Program Files\CEWE
2019-09-21 08:52 - 2019-06-25 19:46 - 00000000 ____D C:\Program Files\cewe-fotoservice
2019-09-19 12:35 - 2018-02-14 03:05 - 00000000 ____D C:\WINDOWS\system32\Drivers\wd

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2019-08-06 00:42 - 2019-08-06 00:42 - 0361562 _____ () C:\Users\Stefanie\AppData\Roaming\Bepacecudeto
2019-09-01 20:42 - 2019-09-01 20:42 - 0307024 _____ () C:\Users\Stefanie\AppData\Roaming\Budadet
2019-09-28 00:42 - 2019-09-28 00:42 - 0325862 _____ () C:\Users\Stefanie\AppData\Roaming\Cerepelu
2019-03-16 01:42 - 2019-03-16 01:42 - 0329892 _____ () C:\Users\Stefanie\AppData\Roaming\Cureheleloci
2019-04-28 00:42 - 2019-04-28 00:42 - 0335229 _____ () C:\Users\Stefanie\AppData\Roaming\Dehacimusuma
2019-02-19 01:42 - 2019-02-19 01:42 - 0337202 _____ () C:\Users\Stefanie\AppData\Roaming\Dofanapopele
2019-02-10 01:42 - 2019-02-10 01:42 - 0133167 _____ () C:\Users\Stefanie\AppData\Roaming\Fufaboliko
2019-05-15 00:42 - 2019-05-15 00:42 - 0304458 _____ () C:\Users\Stefanie\AppData\Roaming\Gaheme
2019-05-23 00:42 - 2019-05-23 00:42 - 0302882 _____ () C:\Users\Stefanie\AppData\Roaming\Gopib
2019-07-04 13:42 - 2019-07-04 13:42 - 0168331 _____ () C:\Users\Stefanie\AppData\Roaming\Gubiparo
2019-06-18 00:42 - 2019-06-18 00:42 - 0347448 _____ () C:\Users\Stefanie\AppData\Roaming\Hepotoca
2019-09-10 00:42 - 2019-09-10 00:42 - 0128371 _____ () C:\Users\Stefanie\AppData\Roaming\Hesumo
2019-09-05 00:42 - 2019-09-05 00:42 - 0364531 _____ () C:\Users\Stefanie\AppData\Roaming\Hesusakolit
2019-08-15 00:42 - 2019-08-15 00:42 - 0212389 _____ () C:\Users\Stefanie\AppData\Roaming\Hoginig
2019-08-23 00:42 - 2019-08-23 00:42 - 0327657 _____ () C:\Users\Stefanie\AppData\Roaming\Honekineneba
2019-07-13 00:28 - 2019-07-13 00:28 - 0157795 _____ () C:\Users\Stefanie\AppData\Roaming\Kecareh
2019-06-26 00:42 - 2019-06-26 00:42 - 0246789 _____ () C:\Users\Stefanie\AppData\Roaming\Kehenat
2016-10-29 15:01 - 2016-10-29 15:01 - 0018833 _____ () C:\Users\Stefanie\AppData\Roaming\Kelalipob
2019-04-20 00:10 - 2019-04-20 00:10 - 0313260 _____ () C:\Users\Stefanie\AppData\Roaming\Kunesamafo
2019-07-21 00:42 - 2019-07-21 00:42 - 0362819 _____ () C:\Users\Stefanie\AppData\Roaming\Lurusuhat
2019-05-06 00:42 - 2019-05-06 00:42 - 0164250 _____ () C:\Users\Stefanie\AppData\Roaming\Matedanafika
2019-02-28 01:42 - 2019-02-28 01:42 - 0286382 _____ () C:\Users\Stefanie\AppData\Roaming\Nibug
2019-09-19 12:28 - 2019-09-19 12:28 - 0292078 _____ () C:\Users\Stefanie\AppData\Roaming\Ninibokekimi
2019-07-29 00:42 - 2019-07-29 00:42 - 0359966 _____ () C:\Users\Stefanie\AppData\Roaming\Nodikolib
2019-04-11 00:46 - 2019-04-11 00:46 - 0315693 _____ () C:\Users\Stefanie\AppData\Roaming\Pitacarobere
2019-03-25 01:29 - 2019-03-25 01:29 - 0340540 _____ () C:\Users\Stefanie\AppData\Roaming\Pufure
2019-03-08 01:42 - 2019-03-08 01:42 - 0146702 _____ () C:\Users\Stefanie\AppData\Roaming\Rukeraf
2019-06-09 00:42 - 2019-06-09 00:42 - 0220511 _____ () C:\Users\Stefanie\AppData\Roaming\Sosimofem
2019-06-01 00:42 - 2019-06-01 00:42 - 0137171 _____ () C:\Users\Stefanie\AppData\Roaming\Teritet
2019-04-03 00:42 - 2019-04-03 00:42 - 0151565 _____ () C:\Users\Stefanie\AppData\Roaming\Tetetuco
2014-10-10 12:42 - 2019-09-28 00:42 - 0001093 _____ () C:\Users\Stefanie\AppData\Roaming\WB.CFG
2017-12-15 10:26 - 2017-12-15 10:26 - 0000068 _____ () C:\Users\Stefanie\AppData\Local\5qe2nbznbz
2014-10-12 21:42 - 2014-12-20 19:43 - 0000001 _____ () C:\Users\Stefanie\AppData\Local\DSI.DAT
2016-12-11 17:04 - 2017-02-14 23:17 - 0000041 _____ () C:\ProgramData\.zreglib
2017-09-15 09:45 - 2017-09-15 09:45 - 0000000 _____ () C:\ProgramData\DP45977C.lfl
2017-12-29 20:29 - 2017-12-29 20:29 - 0000016 _____ () C:\ProgramData\mntemp
2017-12-29 20:29 - 2017-12-29 20:29 - 0004935 _____ () C:\ProgramData\vfiakfjk.zeu

Einige Dateien in TEMP:
====================
C:\Users\Stefanie\AppData\Local\Temp\jre-8u221-windows-au.exe


==================== Bamital & volsnap Check =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\System32\winlogon.exe => Datei ist digital signiert
C:\Windows\System32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\System32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\System32\services.exe => Datei ist digital signiert
C:\Windows\System32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\System32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\System32\rpcss.dll => Datei ist digital signiert
C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2018-06-06 21:39

==================== Ende von log ============================

Djchaos · 06.10.2019, 16:41

und das Addition.txt LOG

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:28-07-2015
durchgeführt von Stefanie (2019-10-06 17:33:45)
Gestartet von C:\Users\Stefanie\Desktop
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-581088433-320290056-2638895184-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-581088433-320290056-2638895184-503 - Limited - Disabled)
Gast (S-1-5-21-581088433-320290056-2638895184-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-581088433-320290056-2638895184-1005 - Limited - Enabled)
Stefanie (S-1-5-21-581088433-320290056-2638895184-1001 - Administrator - Enabled) => C:\Users\Stefanie
WDAGUtilityAccount (S-1-5-21-581088433-320290056-2638895184-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
AVI Media Player 1.0.2 (HKLM-x32\...\AVI Media Player_is1) (Version:  - vsevensoft.com)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CloneCD (HKLM-x32\...\CloneCD) (Version: 5.3.4.0 - SlySoft)
Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3817.05 - CyberLink Corp.)
DTS Sound (HKLM-x32\...\{9B17BBEC-CF31-4C23-949E-E65A14365CE1}) (Version: 1.01.6100 - DTS, Inc.)
Enchanted Cavern 2 (x32 Version: 2.2.0.110 - WildTangent) Hidden
Evernote (HKLM-x32\...\Evernote) (Version: 1.0.0 - Evernote Launcher by Toshiba Europe GmbH)
Firefox Packages (HKU\S-1-5-21-581088433-320290056-2638895184-1001\...\Firefox Packages) (Version:  - ) <==== ATTENTION
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.35.301 - Google LLC) Hidden
HP LaserJet Pro M11-M13 Series (HKLM\...\HP LaserJet Pro M11-M13 Series) (Version:  - )
HP Support Solutions Framework (HKLM-x32\...\{AAE126B3-95C5-49E1-A590-7B5F6EDC7D60}) (Version: 12.12.32.3 - HP Inc.)
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4425 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden
Malwarebytes Version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.5163.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-581088433-320290056-2638895184-1001\...\OneDriveSetup.exe) (Version: 19.152.0927.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d07b0db5-8dad-40e1-be90-88026298a46b}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{2749c485-3a8b-4533-92ff-7cf6e8221cff}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.21.00.03 - Huawei Technologies Co.,Ltd)
Movavi Video Converter 18 Premium (HKLM-x32\...\Movavi Video Converter 18 Premium) (Version: 18.1.0 - Movavi)
Mozilla Firefox 69.0.2 (x64 de) (HKLM\...\Mozilla Firefox 69.0.2 (x64 de)) (Version: 69.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0.2 - Mozilla)
My Kingdom for the Princess 3 (x32 Version: 2.2.0.110 - WildTangent) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.5163.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.5163.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.5163.1000 - Microsoft Corporation) Hidden
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7173 - Realtek Semiconductor Corp.)
Symbaloo (HKLM-x32\...\Symbaloo) (Version: 1.0.0 - Symbaloo Launcher by Toshiba Europe GmbH)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.4.3.182 - Synaptics Incorporated)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.6.4835 - TeamViewer)
tiptoi® Manager 4.0.1 (HKLM\...\{833392BB-E8C0-4066-9408-3A30FA43972F}_is1) (Version: 4.0.1 - Ravensburger AG)
TOSHIBA Display Utility (HKLM\...\{F64E9295-E1B3-4EEA-86D3-AF44A0087B06}) (Version: 1.1.16.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{94D2A899-0C34-4420-880E-AE337E635AB0}) (Version: 2.4.2.6403 - Toshiba Corporation)
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.51.81.2C - TOSHIBA CORPORATION)
TOSHIBA Function Key (HKLM\...\{1844CFE2-EBA3-490A-8A5E-9BFC646342FD}) (Version: 1.1.5.6402 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.19 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{59358FD4-252B-4B38-AB81-955C491A494F}) (Version: 2.0.0.15C - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{B507386D-1F61-4E55-B05B-F56ACB0086B3}) (Version: 4.02.00.6400 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.2.00.56006005 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{E3FCDCBE-0A13-4F73-95C1-000A51CF1C8C}) (Version: 2.6.16.0 - Toshiba Corporation)
TOSHIBA Start Screen Option (HKLM\...\{06B71035-F19F-4F76-9875-FFCCD4FC3F83}) (Version: 1.00.01.6402 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0033 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{4D57ED72-6B01-40BD-9CA9-012B8FC09CEB}) (Version: 2.0.1.32003 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{E4C7D9D7-19D4-4623-AF0C-EA313C466411}) (Version: 5.0.0 - Toshiba Europe GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Utility Common Driver (x32 Version: 1.0.53.3 - Compal) Hidden
Virtual Villagers 5 - New Believers (x32 Version: 3.0.2.32 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.10.25 - WildTangent) Hidden
Windows Phone app for desktop (HKLM-x32\...\{19773614-FC22-4ACC-AAA3-E6BDA81ACF92}) (Version: 1.1.2726.0 - Microsoft Corporation)
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}\localserver32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{389510b7-9e58-40d7-98bf-60b911cb0ea9}\localserver32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileCoAuthLib64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{94269C4E-071A-4116-90E6-52E557067E4E}\localserver32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{A926714B-7BFC-4D08-A035-80021395FFA8}\localserver32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-581088433-320290056-2638895184-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Stefanie\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll (Microsoft Corporation)

==================== Wiederherstellungspunkte =========================

19-09-2019 12:47:30 Geplanter Prüfpunkt
28-09-2019 23:37:48 Geplanter Prüfpunkt
04-10-2019 13:54:21 Windows Update
06-10-2019 15:09:31 Removed Adobe Acrobat Reader DC - Deutsch.

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {036673C3-F9B7-478F-949B-C77D696FFB0B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2019-02-13] (Microsoft Corporation)
Task: {042D8A51-5878-4000-9C10-C04AFF122A1F} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand
Task: {04B3E894-DE5B-4C4A-9AA7-CA8F7CE43583} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Cellular => C:\Windows\system32\ProvTool.exe [2018-04-12] (Microsoft Corporation)
Task: {05C3BAB1-68F8-4EAF-B4AF-8C21E2478533} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime No Task File <==== ATTENTION
Task: {05E09776-F708-4694-949B-E8993608CC2B} - System32\Tasks\Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate
Task: {09131E27-3793-4B1E-A11E-77D3EAC118D1} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask
Task: {0A7AA876-862F-4F81-AA4B-B73950FA632C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates
Task: {0BA33681-9D00-4B31-9A87-01683672BFEF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d No Task File <==== ATTENTION
Task: {0E55C40D-83F8-4F39-838C-C1D3707EA86A} - System32\Tasks\Microsoft\Windows\DUSM\dusmtask => C:\Windows\System32\dusmtask.exe [2018-11-01] (Microsoft Corporation)
Task: {10A37F08-4ACD-47E1-AAB4-6ECDE6DDDE8A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {175463A3-4AF2-4959-8504-C36C4397C393} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\IntegrityCheck
Task: {1BE936D4-EE40-4F04-84E0-18FFD27C0A6A} - System32\Tasks\Microsoft\Windows\Chkdsk\SyspartRepair => C:\Windows\system32\bcdboot.exe [2018-04-12] (Microsoft Corporation)
Task: {1FAE791A-9736-4412-823B-80AE3EE2C1CB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d No Task File <==== ATTENTION
Task: {2231CAFE-FABE-41F5-A0B3-842D9319DBF9} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\Windows\system32\AppHostRegistrationVerifier.exe [2018-06-06] (Microsoft Corporation)
Task: {226C52BC-0F62-4E67-A70D-74C22932AC02} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload => C:\Windows\system32\dmclient.exe [2018-04-12] (Microsoft Corporation)
Task: {23ACACF5-2E96-4ECC-BE70-94CFCB2EF6DE} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Installation
Task: {257A47C0-FECE-4A8E-BB35-161852DFF727} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-01-20] (Realtek Semiconductor)
Task: {289D68A0-E96F-491B-9498-B0B602C5C53A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess No Task File <==== ATTENTION
Task: {28C75830-5752-4F41-A94B-BFD5E8A0D7C8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d No Task File <==== ATTENTION
Task: {294EF281-56B6-4F71-8115-BAC2919EF034} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task
Task: {29F3A47A-C0DC-48D8-ACAF-89413EE0731D} - System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr => C:\Windows\System32\UNP\UpdateNotificationMgr.exe [2019-07-09] (Microsoft Corporation)
Task: {2BB692C1-F60F-479E-ADC2-1CAF9422A2AC} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask
Task: {2DBD790D-172A-4CFA-B3F7-824D7509680F} - System32\Tasks\Microsoft\Windows\PushToInstall\Registration => Sc.exe start pushtoinstall registration
Task: {2E2E003A-9792-4956-8F12-92797F584AB8} - System32\Tasks\Microsoft\Windows\License Manager\TempSignedLicenseExchange
Task: {3137ADB6-515F-4020-9DB9-0F91106BB27F} - \WPD\SqmUpload_S-1-5-21-581088433-320290056-2638895184-1001 No Task File <==== ATTENTION
Task: {3199A9F7-0492-4FC9-9EC1-A59CC69A8F52} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2015-11-17] (Toshiba Europe GmbH)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe
Task: {3790297B-C317-4FEB-9E8D-3B4C85520240} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig No Task File <==== ATTENTION
Task: {3C1365A1-11E1-4629-9B25-7D6A932E6B60} - System32\Tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Management Initialization
Task: {3DF2FF36-8A3E-4F15-9221-D68F365A7872} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2019-09-12] (HP Inc.)
Task: {407E1879-1F5E-42B2-BA7F-53BCEF433805} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe [2018-04-12] (Microsoft Corporation)
Task: {430852CB-A87C-492E-A659-075C7BF1710C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates
Task: {46DDFBEA-7B80-499F-8D16-8FB7836BEBDC} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan => C:\Windows\system32\usoclient.exe [2019-07-09] (Microsoft Corporation)
Task: {4CB53382-6FBB-4666-B563-0ABC6429D301} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceSettingChange
Task: {4F662F7F-D75F-455E-A03A-8AD0D8313218} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B No Task File <==== ATTENTION
Task: {51B7FB15-4DCB-400E-9A98-10E802F21FB3} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceScreenOnOff
Task: {51D31EBF-545E-411D-A21A-CB34004CC384} - System32\Tasks\Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh
Task: {5294EF9E-88CD-432B-A10B-C3AC2FB364AC} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe [2019-08-26] (Microsoft Corporation)
Task: {536E4522-B726-480C-9063-126E74EEA4A4} - System32\Tasks\Microsoft\Windows\Maps\MapsUpdateTask
Task: {541BA5BF-1736-4A3E-B1E5-CE1C9EE13043} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates
Task: {577C3956-E492-42A5-AEFB-FDC54A537C64} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange
Task: {57A7E0DF-F70E-43B1-AA2C-5BA67DBBE753} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask
Task: {5BE358DF-C2F0-43BC-BA5A-77E36BF54A02} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics => C:\Windows\system32\disksnapshot.exe [2018-04-12] (Microsoft Corporation)
Task: {5DB4FD20-4FF2-4C58-9801-ADD6F0149633} - System32\Tasks\Microsoft\Windows\EDP\EDP Inaccessible Credentials Task
Task: {60C269FF-448A-4F10-886E-2C70F5086A5F} - System32\Tasks\Microsoft\Windows\Sysmain\ResPriStaticDbSync
Task: {62331915-A3E9-4B6E-9686-86034377E8CF} - System32\Tasks\Microsoft\Windows\USB\Usb-Notifications
Task: {65A34F07-723D-4150-B109-13BD1AE3DFAA} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6BFE7106-601B-4B34-8F8E-87B9A0DA6ACE} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterUserDevice
Task: {6DE4F7DC-0B8D-404A-A6C9-83241658F8CA} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\Windows\system32\AppHostRegistrationVerifier.exe [2018-06-06] (Microsoft Corporation)
Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => C:\Windows\system32\MusNotification.exe [2019-07-09] (Microsoft Corporation)
Task: {7138D0D3-1873-4A77-86CF-4840F491C90F} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\Windows\System32\XblGameSaveTask.exe [2018-04-12] (Microsoft Corporation)
Task: {749AC711-AA62-4D1D-B314-EF1C97E1CA56} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2018-04-12] (Microsoft Corporation)
Task: {749E286C-C205-4C7C-B742-BE5023BF06DE} - System32\Tasks\Microsoft\Windows\PushToInstall\LoginCheck => Sc.exe start pushtoinstall login
Task: {75522E26-6BE6-4F53-A0FA-14470ECAACAB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2019-09-04] (Microsoft Corporation)
Task: {7558573E-8172-4712-ACF4-9749EC2BE926} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation
Task: {78115EA0-7766-426E-94BA-632EB6A6C132} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Driver Install => C:\Windows\system32\usoclient.exe [2019-07-09] (Microsoft Corporation)
Task: {78BABCCD-20B8-49B7-B4F8-87490C41C875} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser
Task: {7E964508-4868-4DB6-A10A-B96FAE223F77} - \Microsoft\Windows\UNP\RunCampaignManager No Task File <==== ATTENTION
Task: {7EAE5A6B-00F4-4B9F-A255-E1C163B587A1} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession
Task: {8B4471CE-BE6B-4E3E-ACA5-46DEE1BBC895} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater – Install HPSA => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2019-07-31] (HP Inc.)
Task: {8CCDCCC3-88F0-4860-84BE-5AC16A1C6FA9} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => Rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
Task: {8D87C19D-6DCD-4EFE-B479-BA3F07C807AB} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2018-03-29] (Synaptics Incorporated)
Task: {8E7BB9A3-956E-4C6A-AE87-4F175197704F} - System32\Tasks\Microsoft\Windows\NlaSvc\WiFiTask => C:\Windows\System32\WiFiTask.exe [2018-04-12] (Microsoft Corporation)
Task: {8F255F88-A87A-495F-B828-A4AFEC70BDB0} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\Windows\system32\dxgiadaptercache.exe [2018-04-12] (Microsoft Corporation)
Task: {91AF4E1B-193C-48CF-9F8C-4E86CB77B10B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime No Task File <==== ATTENTION
Task: {931758D8-2EC2-4EAE-B3BA-A98DAEC67332} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {94C0F2F9-98DF-415E-BDC9-AAFF75D5EF69} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2018-04-12] (Microsoft Corporation)
Task: {95301ABB-6B78-4DEE-8319-BD138F73F8D3} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2018-04-12] (Microsoft Corporation)
Task: {97E8D66D-0085-423C-BA11-DD777A1258AB} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\Windows\system32\MDMAgent.exe [2019-06-13] (Microsoft Corporation)
Task: {9BD44F9F-0C01-4F78-9644-4C7596CD1E0A} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceAccountChange
Task: {9D6319E1-E88F-4D35-AD66-C4EED376E93E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d No Task File <==== ATTENTION
Task: {9E1DD7B4-6A7B-4AD3-B4AA-B4741028631C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent No Task File <==== ATTENTION
Task: {A19CD75C-08C3-42D5-9EB4-AE76B91A5550} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2018-04-12] (Microsoft Corporation)
Task: {A2E97D0A-9C58-44AB-89DC-55128ACA73C4} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {A305A840-EC8B-4C66-8EA8-5FF15F129CD2} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe [2018-04-12] (Microsoft Corporation)
Task: {A5FE6B52-974F-492F-81F3-472223AD09D5} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\Windows\system32\ClipRenew.exe [2018-04-12] (Microsoft Corporation)
Task: {B0952E0A-C54F-4E8B-95E9-90E560086B37} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand
Task: {B14C88F4-4AAC-4F00-A94E-8EA180D7AEDC} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense
Task: {B2D1D0E5-4670-4493-9360-C9DD0E832A9D} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\CryptoPolicyTask
Task: {B2F4AC84-A8D0-4524-9363-BFF5A5911A00} - System32\Tasks\Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask
Task: {B320E058-C6FA-413F-876B-0C9B4428AE66} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic6
Task: {B3433942-FE11-4C11-839D-9C7589B6C5CB} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\Windows\system32\ClipRenew.exe [2018-04-12] (Microsoft Corporation)
Task: {B6DCBB4A-0292-47AE-B9DC-F81CF086D721} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-581088433-320290056-2638895184-1001 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {B76ECE88-27B3-4CEC-9B37-1314B4602CAA} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic24
Task: {C2098BE2-A29A-4EB1-97F6-F0C57E086D4F} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\Windows\system32\speech_onecore\common\SpeechRuntime.exe [2018-06-06] (Microsoft Corporation)
Task: {C48D50E5-71A9-48D8-B7C1-3DA9AECBDEC3} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2019-05-17] (Microsoft Corporation)
Task: {C6B2579B-4962-4D12-883D-BBD420573A6C} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic1
Task: {C9B34E7E-3A1B-4940-B011-BF7F34B31D20} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2014-04-03] (TOSHIBA Corporation)
Task: {CB7F3B8F-F794-47DD-A8D2-AD8051F45A55} - System32\Tasks\Microsoft\Windows\WwanSvc\NotificationTask => C:\Windows\System32\WiFiTask.exe [2018-04-12] (Microsoft Corporation)
Task: {CCEF2C54-86E8-4168-B918-53DA443D8D00} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2019-07-31] (HP Inc.)
Task: {CD5CE6F3-171C-4C0F-8629-3F2126A0FB72} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => C:\Windows\system32\MusNotification.exe [2019-07-09] (Microsoft Corporation)
Task: {CDA5D686-5D6C-4730-9907-B66710DC3670} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange
Task: {D010978C-B666-4072-B7F3-DD6340CDD629} - System32\Tasks\Microsoft\Windows\EDP\StorageCardEncryption Task
Task: {D19A2726-897E-4F7D-9CE4-0773B449CE9E} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceConnectedToNetwork
Task: {D1CC320B-9A47-4DB4-AFE4-2BCE1A964E7A} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources
Task: {D427D1D6-119C-40F8-A697-571ACBFEE8DD} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback
Task: {D49C81A2-855C-417E-825F-1DC2AA1443D3} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon => C:\Windows\System32\XblGameSaveTask.exe [2018-04-12] (Microsoft Corporation)
Task: {D4A9B4EC-1635-4B25-9E3B-1C9BE9D98D00} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattelrunner.exe [2019-09-04] (Microsoft Corporation)
Task: {D8436F3C-DDFE-4877-A05C-2337758E98E9} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {DC3C4041-27B3-4040-9DE1-FA5EE922AA3B} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {DD710A69-86C6-4932-97B1-01FB13ACFEF1} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged
Task: {DDE89E5E-48CB-4C3D-A623-99BCA9174B97} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2019-07-24] (Adobe Systems)
Task: {E047CF5C-4040-476F-8737-408E3BA4B0B6} - System32\Tasks\Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate
Task: {E0862994-9083-482D-A921-27B4860FFA21} - System32\Tasks\Microsoft\Windows\Printing\EduPrintProv => C:\Windows\system32\eduprintprov.exe [2019-04-19] (Microsoft Corporation)
Task: {E82177E3-E19A-4321-84F6-90AA57815013} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2019-09-04] (Microsoft Corporation)
Task: {E8411C63-4393-40B6-9A25-7D31CD4897BE} - System32\Tasks\Microsoft\Windows\WCM\WiFiTask => C:\Windows\System32\WiFiTask.exe [2018-04-12] (Microsoft Corporation)
Task: {E907704E-6225-4B0A-A428-3ECE7F8277BE} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask
Task: {E9474EE3-C9D7-4FA3-9B3E-353E37D5814D} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Logon => C:\Windows\system32\ProvTool.exe [2018-04-12] (Microsoft Corporation)
Task: {EE263E86-FF16-45EE-94C8-2327B81F98CE} - System32\Tasks\Microsoft\Windows\Workplace Join\Recovery-Check => C:\Windows\System32\dsregcmd.exe [2018-04-12] (Microsoft Corporation)
Task: {EF7CFDCE-C0DD-449F-9DF2-CCEB2CE3AE8B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent No Task File <==== ATTENTION
Task: {EFA86FF7-22AE-4997-AFD9-E89E1BF9B7D6} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\Windows\system32\devicecensus.exe [2019-09-04] (Microsoft Corporation)
Task: {F084544B-322F-4CED-B874-EC696339C19E} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceManagerTask => C:\Windows\system32\spaceman.exe [2018-04-12] (Microsoft Corporation)
Task: {F35ACE16-1E96-431C-B189-F2F82BA8A4F9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d No Task File <==== ATTENTION
Task: {F781AB90-1860-4C91-9993-0C832C31E016} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2019-02-13] (Microsoft Corporation)
Task: {F955A09C-E83A-4AD5-9ABC-7D5D7A055117} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task
Task: {FC779438-B7FD-4774-AA55-4DE2A4B098A4} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh
Task: {FD0C7C89-E963-41B3-A6DE-3D6B2644A94D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {FE702A37-B3C1-4A15-B59D-86935E5097A7} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation
Task: {FEBC9EFC-F9E9-420F-AA49-0491E2CA5639} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install => C:\Windows\system32\usoclient.exe [2019-07-09] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2018-04-12 01:34 - 2018-04-12 01:34 - 00491744 _____ () C:\Windows\System32\InputHost.dll
2017-02-08 22:51 - 2016-02-25 16:39 - 00074240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HPM11M13PP.DLL
2014-10-10 12:41 - 2017-01-17 04:25 - 00117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-03-03 22:30 - 2014-03-03 22:30 - 00021840 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2015-03-01 13:37 - 2013-07-23 05:47 - 00239696 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
2019-09-29 12:20 - 2018-11-15 11:01 - 02712432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2019-09-29 12:20 - 2018-11-21 11:07 - 02842608 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 00472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2019-09-11 05:21 - 2019-09-04 06:39 - 02759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 00491744 _____ () C:\WINDOWS\SYSTEM32\InputHost.dll
2019-09-11 05:21 - 2019-09-04 06:39 - 02184192 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 00491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 00491744 _____ () C:\WINDOWS\system32\InputHost.dll
2019-07-10 23:11 - 2019-07-10 23:11 - 08837120 _____ () C:\Program Files\WindowsApps\Microsoft.OneConnect_5.1906.1791.0_x64__8wekyb3d8bbwe\OneConnect.dll
2019-04-17 01:59 - 2019-04-17 01:59 - 02834944 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.1902.633.0_x64__8wekyb3d8bbwe\People.BackgroundTasks.dll
2019-04-17 01:59 - 2019-04-17 01:59 - 00120320 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.1902.633.0_x64__8wekyb3d8bbwe\PeopleUtilRT.dll
2019-09-19 12:37 - 2019-09-19 12:38 - 00069120 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11909.1002.3.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2012-07-19 03:38 - 2012-07-19 03:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Program Files\Microsoft Office 15:Win32App_1
AlternateDataStreams: C:\Program Files\UNP:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Atheros:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\AVI Media Player:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Bluetooth Suite:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Spotify:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Toshiba TEMPRO:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\WildGames:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Windows Phone:Win32App_1
AlternateDataStreams: C:\ProgramData\Compal:Win32App_1
AlternateDataStreams: C:\Users\Stefanie\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity
AlternateDataStreams: C:\Users\Stefanie\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Stefanie\Documents\Ravensburger tiptoi:Win32App_1

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52} => ""="Firmware"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52} => ""="Firmware"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer trusted/restricted ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-581088433-320290056-2638895184-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Stefanie\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\DSCN0705.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [WirelessDisplay-Infra-In-TCP] => (Allow) %systemroot%\system32\CastSrv.exe
FirewallRules: [{43F0A6BA-6580-4322-976C-3526326A1F5B}] => (Allow) LPort=161
FirewallRules: [{79DCE212-6583-418B-98D3-5BC300532550}] => (Allow) LPort=427
FirewallRules: [{C25042E1-630B-4AD4-A979-6FFE4140A5A5}] => (Allow) LPort=9100
FirewallRules: [{DD929EDE-1337-40E5-9E5D-0A0723880007}] => (Allow) C:\Program Files\HP\HP LaserJet Pro M11-M13 Series\wificonfig.exe
FirewallRules: [{FB50C379-0382-4110-B384-6355710DB51D}] => (Allow) C:\Program Files\HP\HP LaserJet Pro M11-M13 Series\wificonfig.exe
FirewallRules: [{5EE32BE0-2A09-4972-B8EA-D82C4B0BB0A3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{7F78D69A-2287-4026-8902-716FAD84865A}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{6BCFBC3B-73FA-437C-A0F0-B6BD0DBA46E5}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{2518B1F5-B266-462C-967E-1FE500565A1D}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{B8CD2042-38C7-4279-BDC6-2D3F0B7950AB}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{EC3E7A9C-1F3E-4496-9679-41A8BB2070C8}] => (Allow) C:\Users\Stefanie\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{DD5C4696-91CB-4D58-A8CB-611D9AFE6647}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{4996D0CA-46A7-4EE4-9126-AEFF8C204305}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{48F144F7-DE7A-4999-AC43-DAC45F28266E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{BB53FFB9-F70E-4372-BD56-29255A0AA6F2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{C1FFB7C0-CB49-405F-AAFB-075A914B021F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E45C0CBB-AE89-4F63-838D-67945D8AB01B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{5DE48DF5-3D61-404A-B2C9-F07C1F539A97}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{2E5306FB-6E3C-412B-B791-7D5446BF4330}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{58E5ED33-30E1-44CF-9884-71D7CB4DE6F7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{39C630F8-E86D-4709-AAF2-80D42663BE65}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{05433D25-F9D2-47BF-A6B8-239999187D56}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{30EB44EC-BD4F-4017-91E2-5904E4563256}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{3BB607EF-D19F-42B0-8EB5-6A0CFCB2C0D4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{29DAA745-1F95-400A-8E60-B93D822FCCED}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{B0BDDE87-16E7-459C-88B2-A1065D8D0764}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{4ACEC861-5733-451B-B4A9-E444522920C9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{3D4B3F98-002F-4641-88AF-35D314E01FAC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{CC0F69FA-6D86-4AB9-85A1-6C9D39F74A6F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{CE69EE57-F033-4D46-8854-FBE98B18D62E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{73A3BF34-A4EC-405F-BE8C-FA3899A84833}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{F9147934-B002-4CE2-BC0D-3E4ABE117951}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{A19A7D11-CF1C-4937-ADE6-9FF3BF77E7F0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{3D7324D6-AB05-4CD1-8453-6946CE24AA27}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{13A4CEF4-3B93-40DA-B2D0-1088F7375CFD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{319681FC-6A8D-4626-8CA8-0756C33578F7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{A342A1BA-5BBF-407D-BF14-59BF45ADE7AC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{08E7051B-889F-48BA-ABE4-04BF0438AF8E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{CA4D3ECA-8BDD-44F4-9332-9D723CB92B42}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{BEDE9B37-22B7-4B59-BB89-C4CBA1FD0A14}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E28FA4B3-61C9-4D7D-9D60-B73453BD3562}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{525158E3-7566-43A6-AA60-3A84DB9E2F5C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{F573BB4D-92E7-487C-8926-CE508D81D643}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.109.383.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{BD851E31-E1EE-4436-B1A9-B9DBE0B47B22}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{7C78242F-04B7-48C3-A87F-36834A7182A1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{AB0E1EF2-2758-4CCD-A7DA-18C62BA12DC1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{8C65DC10-A379-40E3-AA3E-6B5C9D39AB24}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{33A23490-514E-4A49-BDE0-79C8E1FB0410}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{6B9F3EDA-CA0E-4155-B74F-EBD9FD892B32}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{8D1990B1-2BF9-40B1-A47F-71A9F90D6B41}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{4E9F3EFA-8D84-4DA4-B67F-AE764E7A5D6B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.110.540.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{1764FA75-2F99-4692-9946-5BBC226DE11B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{5E386AEE-D841-473C-81FC-96C8163FC521}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{B728E216-134F-4D62-B5D4-A44ED6DC4EC0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{80E4337B-4555-44C3-B4C3-2AA671E2A20A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E5FB16D9-00BB-452C-A48E-3FF586352F82}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{0A212600-E0C3-49F1-836A-0968CEC685C7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{244B592A-D1CF-4E06-949E-B6849142FCC4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{794F5D4C-6F6B-4235-B06F-606000888ED5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.451.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{92ADB20F-3803-45B0-AFCB-8FC6A46AEB3F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{7334221C-39EC-42D6-9044-4CCC81F543AA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{063DD2C7-3803-471C-B64B-E262140A0A11}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C47BC493-BC55-4AE9-8E92-F7CA888F688C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{2997190C-70D4-4081-A1F7-870374B23FD1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{D35E5F26-8B4D-4E7B-9042-FF068828E392}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{557D208A-3A7B-4467-9AB8-E8CD058D5CB4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{9C187E98-BA6E-45AE-B679-40E03C48E6B8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{6BB99833-8F48-4433-9A50-AEC2D944F19C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{D4189CD5-E8F8-45E2-96E9-33FE7393A7C7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{8E3E1A78-6808-4441-B23B-2CFA7636B341}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{4B7ED5B4-DB83-4B01-BEA9-E78DFD8D7EB5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{09E8295D-C252-4219-9869-E210EA8B3AB0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{DFFB18C3-019D-42CD-9AB1-3A8EC7BCFE8E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (10/06/2019 05:30:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TPCHSrv.exe, Version: 1.0.0.31, Zeitstempel: 0x54729b5e
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.17134.799, Zeitstempel: 0x7f828745
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000f479b
ID des fehlerhaften Prozesses: 0x3184
Startzeit der fehlerhaften Anwendung: 0xTPCHSrv.exe0
Pfad der fehlerhaften Anwendung: TPCHSrv.exe1
Pfad des fehlerhaften Moduls: TPCHSrv.exe2
Berichtskennung: TPCHSrv.exe3
Vollständiger Name des fehlerhaften Pakets: TPCHSrv.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: TPCHSrv.exe5

Error: (10/06/2019 03:26:15 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FINN)
Description: httphttp-2147467263

Error: (10/06/2019 02:58:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LockApp.exe, Version 10.0.17134.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 700

Startzeit: 01d57c45772dcee1

Beendigungszeit: 4294967295

Anwendungspfad: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe

Berichts-ID: 4bd638dd-b3ef-47e0-ad1c-c2b1ce90a910

Vollständiger Name des fehlerhaften Pakets: Microsoft.LockApp_10.0.17134.1_neutral__cw5n1h2txyewy

Auf das fehlerhafte Paket bezogene Anwendungs-ID: WindowsDefaultLockScreen

Error: (10/05/2019 05:59:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Microsoft.Photos.exe, Version 2019.19071.17920.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2b3c

Startzeit: 01d576ba69b47f9d

Beendigungszeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

Berichts-ID: e47c673f-50be-4a8e-ad87-4ac23ea2f0e1

Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe

Auf das fehlerhafte Paket bezogene Anwendungs-ID: App

Error: (10/04/2019 05:19:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxext.exe, Version: 6.15.10.4425, Zeitstempel: 0x5702a8b4
Name des fehlerhaften Moduls: igfxext.exe, Version: 6.15.10.4425, Zeitstempel: 0x5702a8b4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000084b0
ID des fehlerhaften Prozesses: 0x11bc
Startzeit der fehlerhaften Anwendung: 0xigfxext.exe0
Pfad der fehlerhaften Anwendung: igfxext.exe1
Pfad des fehlerhaften Moduls: igfxext.exe2
Berichtskennung: igfxext.exe3
Vollständiger Name des fehlerhaften Pakets: igfxext.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxext.exe5

Error: (10/04/2019 04:38:32 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FINN)
Description: httphttp-2147467263

Error: (10/04/2019 04:23:19 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FINN)
Description: httphttp-2147467263

Error: (10/04/2019 04:23:17 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FINN)
Description: httphttp-2147467263

Error: (10/04/2019 01:58:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxext.exe, Version: 6.15.10.4425, Zeitstempel: 0x5702a8b4
Name des fehlerhaften Moduls: igfxext.exe, Version: 6.15.10.4425, Zeitstempel: 0x5702a8b4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000084b0
ID des fehlerhaften Prozesses: 0x14f0
Startzeit der fehlerhaften Anwendung: 0xigfxext.exe0
Pfad der fehlerhaften Anwendung: igfxext.exe1
Pfad des fehlerhaften Moduls: igfxext.exe2
Berichtskennung: igfxext.exe3
Vollständiger Name des fehlerhaften Pakets: igfxext.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxext.exe5

Error: (09/29/2019 01:21:31 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FINN)
Description: httphttp-2147467263


Systemfehler:
=============
Error: (10/06/2019 05:32:04 PM) (Source: DCOM) (EventID: 10010) (User: FINN)
Description: {45CC1698-D1CF-417B-BC32-80EB79E05EF1}

Error: (10/06/2019 05:30:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "TPCH Service" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.

Error: (10/06/2019 05:28:00 PM) (Source: DCOM) (EventID: 10016) (User: FINN)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}FinnStefanieS-1-5-21-581088433-320290056-2638895184-1001LocalHost (unter Verwendung von LRPC)SpotifyAB.SpotifyMusic_1.116.522.0_x86__zpdnekdrzrea0Nicht verfügbar

Error: (10/06/2019 05:27:54 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (10/06/2019 05:25:45 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/06/2019 05:25:45 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/06/2019 05:25:41 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/06/2019 03:23:02 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/06/2019 03:22:02 PM) (Source: DCOM) (EventID: 10016) (User: FINN)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}FinnStefanieS-1-5-21-581088433-320290056-2638895184-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/06/2019 03:02:05 PM) (Source: DCOM) (EventID: 10016) (User: FINN)
Description: AnwendungsspezifischLokalAktivierung{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}FinnStefanieS-1-5-21-581088433-320290056-2638895184-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewyS-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723


Microsoft Office:
=========================
Error: (10/06/2019 05:30:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TPCHSrv.exe1.0.0.3154729b5entdll.dll10.0.17134.7997f828745c000037400000000000f479b318401d57c5aed16c9b0C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exeC:\WINDOWS\SYSTEM32\ntdll.dllebf03159-b8ee-4f68-bc5f-1e746842011c

Error: (10/06/2019 03:26:15 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FINN)
Description: httphttp-2147467263

Error: (10/06/2019 02:58:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LockApp.exe10.0.17134.170001d57c45772dcee14294967295C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe4bd638dd-b3ef-47e0-ad1c-c2b1ce90a910Microsoft.LockApp_10.0.17134.1_neutral__cw5n1h2txyewyWindowsDefaultLockScreen

Error: (10/05/2019 05:59:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Microsoft.Photos.exe2019.19071.17920.02b3c01d576ba69b47f9d4294967295C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exee47c673f-50be-4a8e-ad87-4ac23ea2f0e1Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbweApp

Error: (10/04/2019 05:19:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxext.exe6.15.10.44255702a8b4igfxext.exe6.15.10.44255702a8b4c000000500000000000084b011bc01d57ac714a89fd7C:\WINDOWS\system32\igfxext.exeC:\WINDOWS\system32\igfxext.execf2d2aa1-ae21-4262-bcfc-9d8234355da0

Error: (10/04/2019 04:38:32 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FINN)
Description: httphttp-2147467263

Error: (10/04/2019 04:23:19 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FINN)
Description: httphttp-2147467263

Error: (10/04/2019 04:23:17 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FINN)
Description: httphttp-2147467263

Error: (10/04/2019 01:58:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxext.exe6.15.10.44255702a8b4igfxext.exe6.15.10.44255702a8b4c000000500000000000084b014f001d57aaafa4d0292C:\WINDOWS\system32\igfxext.exeC:\WINDOWS\system32\igfxext.exe54444b65-0ddd-4503-832d-ff1960ae65db

Error: (09/29/2019 01:21:31 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FINN)
Description: httphttp-2147467263


CodeIntegrity:
===================================
  Date: 2018-09-25 09:26:00.839
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-09-25 09:26:00.604
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-09-25 09:26:00.245
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Google\Drive\googledrivesync64.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

Processor: Intel(R) Celeron(R) CPU N2830 @ 2.16GHz
Percentage of memory in use: 49%
Total physical RAM: 3982.88 MB
Available physical RAM: 1998.38 MB
Total Virtual: 4686.88 MB
Available Virtual: 2552.1 MB

==================== Drives ================================

Drive c: (TI31338300A) (Fixed) (Total:453.31 GB) (Free:311.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== Ende von log ============================

Djchaos · 12.10.2019, 15:10

Reichen die Logs oder fehlt noch etwas?

cosinus · 13.10.2019, 10:32

Irgendwie hab ich die Antwort nicht richtig gepostet, wohl nur Vorschau

adwCleaner

Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags.

Djchaos · 14.10.2019, 06:56

Bin nun bis Sonntag 20.10. nicht da. Würde gern solange pausieren.

Kümmer mich dann darum wenn ich wieder da bin.

Djchaos · 27.10.2019, 17:47

Sorry das es doch nun etrwas lnger gedauert hat. Aber hier was AdwCleaner gemacht hat.

AdwCleaner[C00].txt

Code:

ATTFilter

# -------------------------------
# Malwarebytes AdwCleaner 7.4.2.0
# -------------------------------
# Build:    10-21-2019
# Database: 2019-10-21.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    10-27-2019
# Duration: 00:01:37
# OS:       Windows 10 Home
# Cleaned:  63
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\BRS
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Firefox Packages
Deleted       HKLM\Software\Classes\AppID\{9CB2CD61-FFA0-406C-9D2D-8FDE6F4A4D8A}
Deleted       HKLM\Software\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Deleted       HKLM\Software\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Deleted       HKLM\Software\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Deleted       HKLM\Software\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\{9CB2CD61-FFA0-406C-9D2D-8FDE6F4A4D8A}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Deleted       HKLM\Software\Wow6432Node\\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

Deleted       Preinstalled.HPSupportAssistant   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS
Deleted       Preinstalled.HPSupportAssistant   Folder   C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted       Preinstalled.HPSupportAssistant   Folder   C:\Users\Stefanie\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted       Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Classes\CLSID\{C0ABBA07-B636-47B8-B9E1-BB96D7CD4831}
Deleted       Preinstalled.LenovoPowerDVD   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Deleted       Preinstalled.LenovoPowerDVD   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Deleted       Preinstalled.TOSHIBADesktopAssist   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C4CDCEF0-0A7A-4425-887C-33E39533D758}
Deleted       Preinstalled.TOSHIBAPCHealthMonitor   Folder   C:\Program Files\TOSHIBA\TPHM
Deleted       Preinstalled.TOSHIBAPCHealthMonitor   Folder   C:\ProgramData\TOSHIBA\TPHM
Deleted       Preinstalled.TOSHIBAPCHealthMonitor   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|TosWaitSrv
Deleted       Preinstalled.TOSHIBAPCHealthMonitor   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Run|TosWaitSrv
Deleted       Preinstalled.TOSHIBAPCHealthMonitor   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B507386D-1F61-4E55-B05B-F56ACB0086B3}
Deleted       Preinstalled.TOSHIBAPasswordUtility   Folder   C:\Program Files\TOSHIBA\PASSWORDUTILITY
Deleted       Preinstalled.TOSHIBASystemSettings   Folder   C:\Program Files (x86)\TOSHIBA\SYSTEM SETTING
Deleted       Preinstalled.TOSHIBASystemSettings   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|TCrdMain
Deleted       Preinstalled.TOSHIBASystemSettings   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|TSSSrv
Deleted       Preinstalled.TOSHIBASystemSettings   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Run|TCrdMain
Deleted       Preinstalled.TOSHIBASystemSettings   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Run|TSSSrv
Deleted       Preinstalled.TOSHIBASystemSettings   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4D57ED72-6B01-40BD-9CA9-012B8FC09CEB}
Deleted       Preinstalled.TOSHIBATEMPRO   Folder   C:\Program Files (x86)\TOSHIBA TEMPRO
Deleted       Preinstalled.TOSHIBATEMPRO   Folder   C:\ProgramData\TOSHIBA TEMPRO
Deleted       Preinstalled.TOSHIBATEMPRO   Registry   HKLM\Software\Classes\CLSID\{F1999956-6CC2-4912-990F-F3E26C88D260}
Deleted       Preinstalled.TOSHIBATEMPRO   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{E4C7D9D7-19D4-4623-AF0C-EA313C466411}
Deleted       Preinstalled.TOSHIBAUtilities   Folder   C:\Program Files (x86)\TOSHIBA\UTILITIES
Deleted       Preinstalled.TOSHIBAUtilities   Folder   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\UTILITIES
Deleted       Preinstalled.TOSHIBAUtilities   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|KeNotify
Deleted       Preinstalled.TOSHIBAUtilities   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|KeNotify
Deleted       Preinstalled.TOSHIBAUtilities   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}
Deleted       Preinstalled.TOSHIBAUtilities   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{620BBA5E-F848-4D56-8BDA-584E44584C5E}
Deleted       Preinstalled.ToshibaWildTangentGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-toshiba-genres
Deleted       Preinstalled.WildTangentGamesBundle   File   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - toshiba.lnk
Deleted       Preinstalled.WildTangentGamesBundle   Folder   C:\Program Files (x86)\WILDGAMES
Deleted       Preinstalled.WildTangentGamesBundle   Folder   C:\Program Files (x86)\WILDGAMES\BEJEWELED 3
Deleted       Preinstalled.WildTangentGamesBundle   Folder   C:\Program Files (x86)\WILDGAMES\CUT THE ROPE
Deleted       Preinstalled.WildTangentGamesBundle   Folder   C:\Program Files (x86)\WILDGAMES\MAGIC ACADEMY
Deleted       Preinstalled.WildTangentGamesBundle   Folder   C:\Program Files (x86)\WILDGAMES\MAHJONGG ARTIFACTS
Deleted       Preinstalled.WildTangentGamesBundle   Folder   C:\Program Files (x86)\WILDGAMES\PEGGLE NIGHTS
Deleted       Preinstalled.WildTangentGamesBundle   Folder   C:\Program Files (x86)\WILDGAMES\PLANTS VS ZOMBIES - GAME OF THE YEAR
Deleted       Preinstalled.WildTangentGamesBundle   Folder   C:\Program Files (x86)\WILDGAMES\POLAR BOWLER
Deleted       Preinstalled.WildTangentGamesBundle   Folder   C:\Program Files (x86)\WILDGAMES\YOUDA JEWEL SHOP
Deleted       Preinstalled.WildTangentGamesBundle   Folder   C:\Program Files (x86)\WILDTANGENT GAMES
Deleted       Preinstalled.WildTangentGamesBundle   Folder   C:\Program Files (x86)\WILDTANGENT GAMES\APP
Deleted       Preinstalled.WildTangentGamesBundle   Folder   C:\Program Files (x86)\WILDTANGENT GAMES\TOUCHPOINTS\TOSHIBA
Deleted       Preinstalled.WildTangentGamesBundle   Registry   HKLM\Software\Wow6432Node\\Classes\CLSID\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted       Preinstalled.WildTangentGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted       Preinstalled.WildTangentGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall
Deleted       Preinstalled.WildTangentGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-toshiba-touch
Deleted       Preinstalled.WildTangentGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App
Deleted       Preinstalled.WildTangentGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-toshiba
Deleted       Preinstalled.WildTangentGamesBundle   Registry   HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted       Preinstalled.WildTangentGamesBundle   Registry   HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}


*************************

[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset Chromium Policies
[+] Reset IE Policies
[+] Reset Winsock

*************************

AdwCleaner_Debug.log - [142991 octets] - [27/10/2019 16:08:03]
AdwCleaner[S00].txt - [8827 octets] - [27/10/2019 16:16:18]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

AdwCleaner[S00].txt

Code:

ATTFilter

# -------------------------------
# Malwarebytes AdwCleaner 7.4.2.0
# -------------------------------
# Build:    10-21-2019
# Database: 2019-10-21.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    10-27-2019
# Duration: 00:01:22
# OS:       Windows 10 Home
# Scanned:  35182
# Detected: 63


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.AppEnable.A        HKLM\Software\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
PUP.Optional.AppEnable.A        HKLM\Software\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
PUP.Optional.AppEnable.A        HKLM\Software\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
PUP.Optional.AppEnable.A        HKLM\Software\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
PUP.Optional.AppEnable.A        HKLM\Software\Wow6432Node\\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
PUP.Optional.AppEnable.A        HKLM\Software\Wow6432Node\\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
PUP.Optional.AppEnable.A        HKLM\Software\Wow6432Node\\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
PUP.Optional.AppEnable.A        HKLM\Software\Wow6432Node\\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
PUP.Optional.Legacy             HKCU\Software\BRS
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Firefox Packages
PUP.Optional.Legacy             HKLM\Software\Classes\AppID\{9CB2CD61-FFA0-406C-9D2D-8FDE6F4A4D8A}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\AppID\{9CB2CD61-FFA0-406C-9D2D-8FDE6F4A4D8A}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

Preinstalled.HPSupportAssistant   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS 
Preinstalled.HPSupportAssistant   Folder   C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK 
Preinstalled.HPSupportAssistant   Folder   C:\Users\Stefanie\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK 
Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Classes\CLSID\{C0ABBA07-B636-47B8-B9E1-BB96D7CD4831} 
Preinstalled.LenovoPowerDVD   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A} 
Preinstalled.LenovoPowerDVD   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{B46BEA36-0B71-4A4E-AE41-87241643FA0A} 
Preinstalled.TOSHIBADesktopAssist   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C4CDCEF0-0A7A-4425-887C-33E39533D758} 
Preinstalled.TOSHIBAPCHealthMonitor   Folder   C:\Program Files\TOSHIBA\TPHM 
Preinstalled.TOSHIBAPCHealthMonitor   Folder   C:\ProgramData\TOSHIBA\TPHM 
Preinstalled.TOSHIBAPCHealthMonitor   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|TosWaitSrv 
Preinstalled.TOSHIBAPCHealthMonitor   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Run|TosWaitSrv 
Preinstalled.TOSHIBAPCHealthMonitor   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B507386D-1F61-4E55-B05B-F56ACB0086B3} 
Preinstalled.TOSHIBAPasswordUtility   Folder   C:\Program Files\TOSHIBA\PASSWORDUTILITY 
Preinstalled.TOSHIBASystemSettings   Folder   C:\Program Files (x86)\TOSHIBA\SYSTEM SETTING 
Preinstalled.TOSHIBASystemSettings   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|TCrdMain 
Preinstalled.TOSHIBASystemSettings   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|TSSSrv 
Preinstalled.TOSHIBASystemSettings   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Run|TCrdMain 
Preinstalled.TOSHIBASystemSettings   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Run|TSSSrv 
Preinstalled.TOSHIBASystemSettings   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4D57ED72-6B01-40BD-9CA9-012B8FC09CEB} 
Preinstalled.TOSHIBATEMPRO   Folder   C:\Program Files (x86)\TOSHIBA TEMPRO 
Preinstalled.TOSHIBATEMPRO   Folder   C:\ProgramData\TOSHIBA TEMPRO 
Preinstalled.TOSHIBATEMPRO   Registry   HKLM\Software\Classes\CLSID\{F1999956-6CC2-4912-990F-F3E26C88D260} 
Preinstalled.TOSHIBATEMPRO   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{E4C7D9D7-19D4-4623-AF0C-EA313C466411} 
Preinstalled.TOSHIBAUtilities   Folder   C:\Program Files (x86)\TOSHIBA\UTILITIES 
Preinstalled.TOSHIBAUtilities   Folder   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\UTILITIES 
Preinstalled.TOSHIBAUtilities   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|KeNotify 
Preinstalled.TOSHIBAUtilities   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|KeNotify 
Preinstalled.TOSHIBAUtilities   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E} 
Preinstalled.TOSHIBAUtilities   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{620BBA5E-F848-4D56-8BDA-584E44584C5E} 
Preinstalled.ToshibaWildTangentGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-toshiba-genres 
Preinstalled.WildTangentGamesBundle   File   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - toshiba.lnk 
Preinstalled.WildTangentGamesBundle   Folder   C:\Program Files (x86)\WILDGAMES 
Preinstalled.WildTangentGamesBundle   Folder   C:\Program Files (x86)\WILDGAMES\BEJEWELED 3 
Preinstalled.WildTangentGamesBundle   Folder   C:\Program Files (x86)\WILDGAMES\CUT THE ROPE 
Preinstalled.WildTangentGamesBundle   Folder   C:\Program Files (x86)\WILDGAMES\MAGIC ACADEMY 
Preinstalled.WildTangentGamesBundle   Folder   C:\Program Files (x86)\WILDGAMES\MAHJONGG ARTIFACTS 
Preinstalled.WildTangentGamesBundle   Folder   C:\Program Files (x86)\WILDGAMES\PEGGLE NIGHTS 
Preinstalled.WildTangentGamesBundle   Folder   C:\Program Files (x86)\WILDGAMES\PLANTS VS ZOMBIES - GAME OF THE YEAR 
Preinstalled.WildTangentGamesBundle   Folder   C:\Program Files (x86)\WILDGAMES\POLAR BOWLER 
Preinstalled.WildTangentGamesBundle   Folder   C:\Program Files (x86)\WILDGAMES\YOUDA JEWEL SHOP 
Preinstalled.WildTangentGamesBundle   Folder   C:\Program Files (x86)\WILDTANGENT GAMES 
Preinstalled.WildTangentGamesBundle   Folder   C:\Program Files (x86)\WILDTANGENT GAMES\APP 
Preinstalled.WildTangentGamesBundle   Folder   C:\Program Files (x86)\WILDTANGENT GAMES\TOUCHPOINTS\TOSHIBA 
Preinstalled.WildTangentGamesBundle   Registry   HKLM\Software\Wow6432Node\\Classes\CLSID\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6} 
Preinstalled.WildTangentGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6} 
Preinstalled.WildTangentGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall 
Preinstalled.WildTangentGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-toshiba-touch 
Preinstalled.WildTangentGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App 
Preinstalled.WildTangentGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-toshiba 
Preinstalled.WildTangentGamesBundle   Registry   HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6} 
Preinstalled.WildTangentGamesBundle   Registry   HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6} 


AdwCleaner_Debug.log - [16664 octets] - [27/10/2019 16:08:03]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

cosinus · 27.10.2019, 19:56

adwcleaner bitte zwecks Kontrolle wiederholen

Djchaos · 28.10.2019, 06:47

Code:

ATTFilter

# -------------------------------
# Malwarebytes AdwCleaner 7.4.2.0
# -------------------------------
# Build:    10-21-2019
# Database: 2019-10-21.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    10-28-2019
# Duration: 00:00:06
# OS:       Windows 10 Home
# Cleaned:  0
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset Chromium Policies
[+] Reset IE Policies
[+] Reset Winsock

*************************

AdwCleaner_Debug.log - [158521 octets] - [27/10/2019 16:08:03]
AdwCleaner[S00].txt - [8827 octets] - [27/10/2019 16:16:18]
AdwCleaner[C00].txt - [9532 octets] - [27/10/2019 17:01:33]
AdwCleaner[S01].txt - [1512 octets] - [28/10/2019 06:34:06]
AdwCleaner[S02].txt - [1573 octets] - [28/10/2019 06:35:28]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########

06.10.2019, 14:48	#7
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Einige Funde mit Malwarebytes Ich brauche neue FRST-Logs . Haken setzen bei addition.txt dann auf Untersuchen klicken. __________________ Logfiles bitte immer in CODE-Tags posten

13.10.2019, 10:32	#11
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Einige Funde mit Malwarebytes Irgendwie hab ich die Antwort nicht richtig gepostet, wohl nur Vorschau adwCleaner Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags. __________________ Logfiles bitte immer in CODE-Tags posten

27.10.2019, 19:56	#14
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Einige Funde mit Malwarebytes adwcleaner bitte zwecks Kontrolle wiederholen __________________ Logfiles bitte immer in CODE-Tags posten

Einige Funde mit Malwarebytes

Plagegeister aller Art und deren Bekämpfung: Einige Funde mit Malwarebytes