Trojaner-Board - 2 merkwürdige "Programme" (Apps) eingefangen, die sich nicht mehr deinstallieren lassen

Trojaner-Board (https://www.trojaner-board.de/)

- Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)

- - 2 merkwürdige "Programme" (Apps) eingefangen, die sich nicht mehr deinstallieren lassen (https://www.trojaner-board.de/193691-2-merkwuerdige-programme-apps-eingefangen-mehr-deinstallieren-lassen.html)

2 merkwürdige "Programme" (Apps) eingefangen, die sich nicht mehr deinstallieren lassen

Hallo, ich habe mir heute 2 "Programme" (jedenfalls sind sie unter -> Einstellungen -> Apps drin) eingefangen, die sich nciht mehr deinstallieren lassen. Ich bekomme beim deinstallieren immer nur einen Error angezeigt, dass der Uninstaller nicht gefunden werden konnte.

Kann mir hier vielleicht jemand sagen wie ich die beiden wieder entfernen kann? Sie nennen sich "Foldershare" und "Wondersoft - Wonderful Weather - Enhance and safeguard your online experience!

Ich habe Windows 10 unter folgende Log-Dateien:

Code:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:13-04-2016

durchgeführt von s_rep (Administrator) auf DESKTOP-D6NM1SV (11-11-2018 20:52:16)

Gestartet von C:\Users\s_rep\Desktop

Geladene Profile: s_rep (Verfügbare Profile: s_rep)

Platform: Windows 10 Home Version 1803 (X64) Sprache: Deutsch (Deutschland)

Internet Explorer Version 11 (Standard-Browser: FF)

Start-Modus: Normal

Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Prozesse (Nicht auf der Ausnahmeliste) =================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
 

konnte nicht auf den Prozess zugreifen -> Registry

konnte nicht auf den Prozess zugreifen -> Memory Compression

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125121.inf_amd64_26ca8ba649abc040\igfxCUIService.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe

(Intel Corporation) C:\Windows\System32\ibtsiva.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe

(Microsoft Corporation) C:\Windows\System32\SecurityHealthService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125121.inf_amd64_26ca8ba649abc040\IntelCpHDCPSvc.exe

(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

() C:\Program Files (x86)\Silhouette America\Silhouette Link\Resources\Resources\SPEC_LK\SilhouetteLinkServer.32.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe

(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe

(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125121.inf_amd64_26ca8ba649abc040\IntelCpHeciSvc.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe

(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

() C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125121.inf_amd64_26ca8ba649abc040\igfxEM.exe

(HP Development Company, L.P.) C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe

(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe

() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe

() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Video.UI.exe

(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeApp.exe

(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe

(HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe

(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe

(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe

(Microsoft Corporation) C:\Windows\System32\OpenWith.exe

(HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe

(HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe

(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe

(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

(Avira) C:\Program Files (x86)\Avira\Safe Shopping\Avira Safe Shopping.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

(Microsoft Corporation) C:\Windows\System32\SgrmBroker.exe

(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
 
 

==================== Registry (Nicht auf der Ausnahmeliste) ===========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
 

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3665872 2017-10-18] (ELAN Microelectronics Corp.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9226752 2017-04-28] (Realtek Semiconductor)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [301880 2018-10-22] (Apple Inc.)

HKLM\...\Run: [] => [X]

HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [1062392 2017-03-15] (HP Inc.)

HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)

HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [432264 2017-12-06] (Geek Software GmbH)

HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-10-09] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [64096 2018-03-22] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\Run: [] => [X]

HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)

HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)

HKU\S-1-5-21-2101576799-1165526633-3082190696-1001\...\Run: [bUJwT-agtx.exe] => C:\Program Files\rempl\S08D54A252QD0TO61JR7D5R4UY607K\bUJwT-agtx.exe 

HKU\S-1-5-21-2101576799-1165526633-3082190696-1001\...\Run: [] => [X]

CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
 

==================== Internet (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
 

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

Tcpip\Parameters: [NameServer] 8.8.8.8

Tcpip\..\Interfaces\{0e66e665-d5bd-46c0-934a-b7e96667ad27}: [NameServer] 8.8.8.8

Tcpip\..\Interfaces\{0e66e665-d5bd-46c0-934a-b7e96667ad27}: [DhcpNameServer] 8.8.8.8

Tcpip\..\Interfaces\{71d969ab-8a66-4800-a5f7-2a6cbadd02d6}: [NameServer] 8.8.8.8

Tcpip\..\Interfaces\{71d969ab-8a66-4800-a5f7-2a6cbadd02d6}: [DhcpNameServer] 192.168.0.1

Tcpip\..\Interfaces\{b5addf36-5134-484e-be4f-d4fe6c88c996}: [NameServer] 8.8.8.8

Tcpip\..\Interfaces\{d313a7e1-5f52-47df-ae11-06e41f342765}: [NameServer] 8.8.8.8

Tcpip\..\Interfaces\{eeee3bbc-e978-4405-9111-49a351b896a7}: [NameServer] 8.8.8.8

Tcpip\..\Interfaces\{fc738cee-50af-4e2a-b13e-1ee31d0093ed}: [NameServer] 8.8.8.8

Tcpip\..\Interfaces\{fd71aa8d-00d3-11e8-b870-806e6f6e6963}: [NameServer] 8.8.8.8

Tcpip\..\Interfaces\{fffaf810-9921-4d4b-91fc-6f922045202a}: [NameServer] 8.8.8.8
 

Internet Explorer:

==================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM -> {3856EF5A-CFF4-4F06-801E-74B3AEE9CAE4} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM-x32 -> {3856EF5A-CFF4-4F06-801E-74B3AEE9CAE4} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

SearchScopes: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

SearchScopes: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

SearchScopes: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001 -> {3856EF5A-CFF4-4F06-801E-74B3AEE9CAE4} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2018-02-15] (Microsoft Corporation)

BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation)

BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-12-06] (HP Inc.)

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-09-12] (Microsoft Corporation)

BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation)

BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-12-06] (HP Inc.)

Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation)

StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 

FireFox:

========

FF ProfilePath: C:\Users\s_rep\AppData\Roaming\Mozilla\Firefox\Profiles\e8mqt8ns.default

FF NewTab: file:///C:/ProgramData/Polygens/ff.NT

FF Homepage: hxxps://www.google.com/

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-12] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)

FF user.js: detected! => C:\Users\s_rep\AppData\Roaming\Mozilla\Firefox\Profiles\e8mqt8ns.default\user.js [2018-11-11]

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2017-09-12] (Microsoft Corporation)

FF Extension: Kein Name - C:\Users\s_rep\AppData\Roaming\Mozilla\Firefox\Profiles\e8mqt8ns.default\Extensions\abs@avira.com.xpi [2018-10-26]

FF Extension: Kein Name - C:\Users\s_rep\AppData\Roaming\Mozilla\Firefox\Profiles\e8mqt8ns.default\Extensions\passwordmanager@avira.com.xpi [2018-06-13]

FF Extension: Kein Name - C:\Users\s_rep\AppData\Roaming\Mozilla\Firefox\Profiles\e8mqt8ns.default\Extensions\toolbar-ff@payback.de.xpi [2018-10-10]

FF Extension: Kein Name - C:\Users\s_rep\AppData\Roaming\Mozilla\Firefox\Profiles\e8mqt8ns.default\Extensions\toolbar@web.de.xpi [2018-05-25]

FF Extension: Kein Name - C:\Users\s_rep\AppData\Roaming\Mozilla\Firefox\Profiles\e8mqt8ns.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2018-04-13]

FF Extension: Kein Name - C:\Users\s_rep\AppData\Roaming\Mozilla\Firefox\Profiles\e8mqt8ns.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2018-09-25]

FF Extension: Kein Name - C:\Users\s_rep\AppData\Roaming\Mozilla\Firefox\Profiles\e8mqt8ns.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-10-31]

FF Extension: Kein Name - C:\Users\s_rep\AppData\Roaming\Mozilla\Firefox\Profiles\e8mqt8ns.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2018-03-17]

StartMenuInternet: FIREFOX.EXE - firefox.exe
 

Chrome: 

=======

CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

StartMenuInternet: Google Chrome - Chrome.exe
 

Opera: 

=======

OPR Extension: (Kein Name) - C:\Users\s_rep\AppData\Roaming\Opera Software\Opera Stable\Extensions\gkcgcddlhhlldmjffagogcoalhmfigoh [2018-11-11]
 

==================== Dienste (Nicht auf der Ausnahmeliste) ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [891472 2018-10-16] (Avira Operations GmbH & Co. KG)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [248312 2018-10-16] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [248312 2018-10-16] (Avira Operations GmbH & Co. KG)

S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1162120 2018-10-16] (Avira Operations GmbH & Co. KG)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc.)

R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [431688 2018-10-09] (Avira Operations GmbH & Co. KG)

R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2940584 2018-03-16] (Avira Operations GmbH & Co. KG)

R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [102816 2018-10-11] (Avira Operations GmbH & Co. KG)

S3 BcastDVRUserService; C:\Windows\System32\BcastDVRUserService.dll [1364992 2018-09-20] (Microsoft Corporation)

R3 BcastDVRUserService_5cf36; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation)

R3 BcastDVRUserService_5cf36; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation)

S3 BluetoothUserService; C:\Windows\System32\Microsoft.Bluetooth.UserService.dll [464384 2018-04-12] (Microsoft Corporation)

S3 BluetoothUserService_5cf36; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation)

S3 BluetoothUserService_5cf36; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation)

R3 BTAGService; C:\Windows\System32\BTAGService.dll [514048 2018-04-12] (Microsoft Corporation)

R3 BthAvctpSvc; C:\Windows\System32\BthAvctpSvc.dll [395264 2018-04-12] (Microsoft Corporation)

R3 camsvc; C:\Windows\system32\CapabilityAccessManager.dll [266752 2018-06-15] (Microsoft Corporation)

S2 CDPUserSvc; C:\Windows\System32\CDPUserSvc.dll [453120 2018-04-12] (Microsoft Corporation)

R2 CDPUserSvc_5cf36; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation)

R2 CDPUserSvc_5cf36; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation)

R3 cphs; C:\Windows\System32\DriverStore\FileRepository\ki125121.inf_amd64_26ca8ba649abc040\IntelCpHeciSvc.exe [397280 2017-11-03] (Intel Corporation)

R2 cplspcon; C:\Windows\System32\DriverStore\FileRepository\ki125121.inf_amd64_26ca8ba649abc040\IntelCpHDCPSvc.exe [613352 2017-11-03] (Intel Corporation)

S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-12-18] (Dropbox, Inc.)

S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-12-18] (Dropbox, Inc.)

S3 DevicePickerUserSvc; C:\Windows\System32\Windows.Devices.Picker.dll [400896 2018-04-12] (Microsoft Corporation)

S3 DevicePickerUserSvc; C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll [312832 2018-04-12] (Microsoft Corporation)

S3 DevicePickerUserSvc_5cf36; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation)

S3 DevicePickerUserSvc_5cf36; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation)

S3 DevicesFlowUserSvc; C:\Windows\System32\DevicesFlowBroker.dll [750080 2018-04-12] (Microsoft Corporation)

S3 DevicesFlowUserSvc_5cf36; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation)

S3 DevicesFlowUserSvc_5cf36; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation)

S3 diagsvc; C:\Windows\system32\DiagSvc.dll [219648 2018-04-12] (Microsoft Corporation)

R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2018-02-16] (Digital Wave Ltd.)

R2 DusmSvc; C:\Windows\System32\dusmsvc.dll [356352 2018-04-12] (Microsoft Corporation)

R2 esifsvc; C:\Windows\system32\Intel\DPTF\esif_uf.exe [2218552 2017-02-03] (Intel Corporation)

R2 ETDService; C:\Program Files\Elantech\ETDService.exe [153040 2017-10-18] (ELAN Microelectronics Corp.)

S3 FrameServer; C:\Windows\system32\FrameServer.dll [673792 2018-06-08] (Microsoft Corporation)

S3 GraphicsPerfSvc; C:\Windows\System32\GraphicsPerfSvc.dll [90624 2018-04-12] (Microsoft Corporation)

R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1309184 2016-10-07] (HP Inc.) [Datei ist nicht signiert]

R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-04-03] (HP Inc.)

S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)

R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)

R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [630776 2017-02-06] (HP Inc.)

S3 HvHost; C:\Windows\System32\hvhostsvc.dll [61736 2018-08-03] (Microsoft Corporation)

R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17976 2016-09-20] (Intel Corporation)

R2 igfxCUIService2.0.0.0; C:\Windows\System32\DriverStore\FileRepository\ki125121.inf_amd64_26ca8ba649abc040\igfxCUIService.exe [415208 2017-11-03] (Intel Corporation)

S3 InstallService; C:\Windows\system32\InstallService.dll [1487360 2018-06-15] (Microsoft Corporation)

S3 InstallService; C:\WINDOWS\SysWOW64\InstallService.dll [1110528 2018-06-15] (Microsoft Corporation)

S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [630048 2016-10-13] (Intel(R) Corporation)

S3 IpxlatCfgSvc; C:\Windows\System32\IpxlatCfg.dll [63488 2018-04-12] (Microsoft Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [196200 2016-12-19] (Intel Corporation)

S3 LxpSvc; C:\Windows\System32\LanguageOverlayServer.dll [199680 2018-04-12] (Microsoft Corporation)

R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)

S3 NaturalAuthentication; C:\Windows\System32\NaturalAuth.dll [824832 2018-04-12] (Microsoft Corporation)

R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [432264 2017-12-06] (Geek Software GmbH)

S3 PrintWorkflowUserSvc; C:\Windows\System32\PrintWorkflowService.dll [170496 2018-04-12] (Microsoft Corporation)

S3 PrintWorkflowUserSvc; C:\WINDOWS\SysWOW64\PrintWorkflowService.dll [138240 2018-04-12] (Microsoft Corporation)

S3 PrintWorkflowUserSvc_5cf36; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation)

S3 PrintWorkflowUserSvc_5cf36; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation)

S3 PushToInstall; C:\Windows\system32\PushToInstall.dll [262144 2018-07-14] (Microsoft Corporation)

S3 RmSvc; C:\Windows\System32\RMapi.dll [153600 2018-04-12] (Microsoft Corporation)

R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2017-04-28] (Realtek Semiconductor)

R2 SecurityHealthService; C:\Windows\system32\SecurityHealthService.exe [760888 2018-07-14] (Microsoft Corporation)

R3 SEMgrSvc; C:\Windows\system32\SEMgrSvc.dll [1248768 2018-04-12] (Microsoft Corporation)

R2 SgrmBroker; C:\Windows\system32\SgrmBroker.exe [163336 2018-04-12] (Microsoft Corporation)

S3 SharedRealitySvc; C:\Windows\System32\SharedRealitySvc.dll [713216 2018-08-28] (Microsoft Corporation)

S4 shpamsvc; C:\Windows\system32\Windows.SharedPC.AccountManager.dll [195584 2018-04-12] (Microsoft Corporation)

R2 SilhouetteLink; C:\Program Files (x86)\Silhouette America\Silhouette Link\Resources\Resources\SPEC_LK\SilhouetteLinkServer.32.exe [897200 2016-12-06] ()

S3 spectrum; C:\Windows\system32\spectrum.exe [976384 2018-06-08] (Microsoft Corporation)

S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()

R3 TimeBrokerSvc; C:\Windows\System32\TimeBrokerServer.dll [176128 2018-04-12] (Microsoft Corporation)

R3 TokenBroker; C:\Windows\System32\TokenBroker.dll [1395200 2018-08-03] (Microsoft Corporation)

R3 TokenBroker; C:\WINDOWS\SysWOW64\TokenBroker.dll [1000448 2018-08-03] (Microsoft Corporation)

S4 tzautoupdate; C:\WINDOWS\SysWOW64\tzautoupdate.dll [72192 2018-04-12] (Microsoft Corporation)

S3 VacSvc; C:\Windows\System32\vac.dll [411256 2018-04-12] (Microsoft Corporation)

S3 vmicrdv; C:\Windows\System32\icsvcext.dll [309760 2018-04-12] (Microsoft Corporation)

S3 vmicvss; C:\Windows\System32\icsvcext.dll [309760 2018-04-12] (Microsoft Corporation)

S3 WaaSMedicSvc; C:\Windows\System32\WaaSMedicSvc.dll [392704 2018-08-09] (Microsoft Corporation)

S3 WarpJITSvc; C:\Windows\System32\Windows.WARP.JITService.dll [31744 2018-04-12] (Microsoft Corporation)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)

S3 WFDSConMgrSvc; C:\Windows\System32\wfdsconmgrsvc.dll [681984 2018-07-14] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation)

S3 wisvc; C:\Windows\system32\flightsettings.dll [858112 2018-06-08] (Microsoft Corporation)

S3 wisvc; C:\WINDOWS\SysWOW64\flightsettings.dll [729088 2018-06-08] (Microsoft Corporation)

S3 wlpasvc; C:\Windows\System32\lpasvc.dll [1359360 2018-07-14] (Microsoft Corporation)

S3 WpcMonSvc; C:\Windows\System32\WpcDesktopMonSvc.dll [1456640 2018-06-02] (Microsoft Corporation)

S2 WpnUserService; C:\Windows\System32\WpnUserService.dll [96768 2018-04-12] (Microsoft Corporation)

R2 WpnUserService_5cf36; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation)

R2 WpnUserService_5cf36; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation)

S3 xbgm; C:\Windows\system32\xbgmsvc.exe [59512 2018-04-12] (Microsoft Corporation)

S3 XboxGipSvc; C:\Windows\System32\XboxGipSvc.dll [58880 2018-04-12] (Microsoft Corporation)

R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

S2 MTEzOG; rundll32.exe C:\WINDOWS\rusurngttj.rux RGSgaxSwymIJMiY [X]
 

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R3 Accelerometer; C:\Windows\System32\drivers\Accelerometer.sys [55696 2018-08-31] (HP)

S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [20480 2018-04-12] (Microsoft Corporation)

R1 afunix; C:\Windows\system32\drivers\afunix.sys [39424 2018-04-12] (Microsoft Corporation)

S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [18432 2018-04-12] (Microsoft Corporation)

R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [69656 2018-08-08] (Avira Operations GmbH & Co. KG)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [179376 2018-07-04] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [169864 2018-07-04] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [44488 2018-01-03] (Avira Operations GmbH & Co. KG)

R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [88488 2018-01-03] (Avira Operations GmbH & Co. KG)

R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [38048 2018-01-03] (Avira Operations GmbH & Co. KG)

S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533912 2018-04-12] (QLogic Corporation)

R1 bam; C:\Windows\System32\drivers\bam.sys [60320 2018-04-12] (Microsoft Corporation)

S3 bindflt; C:\Windows\system32\drivers\bindflt.sys [92056 2018-04-12] (Microsoft Corporation)

R3 BthLEEnum; C:\Windows\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [86528 2018-04-12] (Microsoft Corporation)

S0 bttflt; C:\Windows\System32\drivers\bttflt.sys [38304 2018-04-12] (Microsoft Corporation)

R3 CAD; C:\Windows\System32\drivers\CAD.sys [60320 2018-04-12] (Microsoft Corporation)

S0 cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [321432 2018-04-12] (Chelsio Communications)

S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [1836952 2018-04-12] (Chelsio Communications)

R2 CldFlt; C:\Windows\System32\drivers\cldflt.sys [414720 2018-07-14] (Microsoft Corporation)

R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [72584 2017-02-03] (Intel Corporation)

R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [67976 2017-02-03] (Intel Corporation)

R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [355208 2017-02-03] (Intel Corporation)

R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-10-18] (Malwarebytes)

R3 ETDSMBus; C:\Windows\System32\drivers\ETDSMBus.sys [32840 2017-04-14] (ELAN Microelectronic Corp.)

R3 HID_PCI; C:\Windows\System32\drivers\HID_PCI.sys [31328 2016-08-10] (Intel)

R0 hpdskflt; C:\Windows\System32\drivers\hpdskflt.sys [42384 2018-08-31] (HP)

S4 hvcrash; C:\Windows\System32\drivers\hvcrash.sys [33184 2018-04-12] (Microsoft Corporation)

S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [76088 2018-09-20] (Microsoft Corporation)

S3 HwNClx0101; C:\Windows\System32\Drivers\mshwnclx.sys [27136 2018-04-12] (Microsoft Corporation)

S3 iagpio; C:\Windows\System32\drivers\iagpio.sys [36864 2018-04-12] (Intel(R) Corporation)

R3 iaLPSS2i_GPIO2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [79360 2018-04-12] (Intel Corporation)

S3 iaLPSS2i_GPIO2_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [88576 2018-04-12] (Intel Corporation)

S3 iaLPSS2i_I2C_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [174592 2018-04-12] (Intel Corporation)

S0 iaStorAVC; C:\Windows\System32\drivers\iaStorAVC.sys [885144 2018-04-12] (Intel Corporation)

R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [136128 2017-12-06] (Intel Corporation)

R3 igfx; C:\Windows\System32\DriverStore\FileRepository\ki125121.inf_amd64_26ca8ba649abc040\igdkmd64.sys [12842984 2017-11-03] (Intel Corporation)

S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [38912 2018-04-12] (Microsoft Corporation)

R0 iorate; C:\Windows\System32\drivers\iorate.sys [58272 2018-04-12] (Microsoft Corporation)

S3 IPT; C:\Windows\System32\drivers\ipt.sys [32256 2018-04-12] (Microsoft Corporation)

R3 ISH; C:\Windows\System32\drivers\ISH.sys [143984 2016-09-19] (Intel)

R3 ISH_BusDriver; C:\Windows\System32\drivers\ISH_BusDriver.sys [80496 2016-08-18] (Intel)

S0 ItSas35i; C:\Windows\System32\drivers\ItSas35i.sys [145816 2018-04-12] (Avago Technologies)

S3 mausbhost; C:\Windows\System32\drivers\mausbhost.sys [505240 2018-04-12] (Microsoft Corporation)

S3 mausbip; C:\Windows\System32\drivers\mausbip.sys [56736 2018-04-12] (Microsoft Corporation)

R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198000 2018-11-11] (Malwarebytes)

R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [119136 2018-11-11] (Malwarebytes)

R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [63768 2018-11-11] (Malwarebytes)

R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [260480 2018-11-11] (Malwarebytes)

R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [111152 2018-11-11] (Malwarebytes)

S0 megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [75160 2018-04-12] (Avago Technologies)

S0 megasas35i; C:\Windows\System32\drivers\megasas35i.sys [82328 2018-04-12] (Avago Technologies)

R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [204920 2016-12-02] (Intel Corporation)

R3 Microsoft_Bluetooth_AvrcpTransport; C:\Windows\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation)

S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [175104 2018-04-12] (Microsoft Corporation)

R3 Netwtw04; C:\Windows\system32\DRIVERS\Netwtw04.sys [8623128 2018-04-04] (Intel Corporation)

S3 nvdimm; C:\Windows\System32\drivers\nvdimm.sys [104448 2018-04-12] (Microsoft Corporation)

S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58776 2018-04-12] (Avago Technologies)

S3 pmem; C:\Windows\System32\drivers\pmem.sys [105984 2018-04-12] (Microsoft Corporation)

S0 Ramdisk; C:\Windows\System32\DRIVERS\ramdisk.sys [39840 2018-04-12] (Microsoft Corporation)

S3 rhproxy; C:\Windows\System32\drivers\rhproxy.sys [104448 2018-04-12] (Microsoft Corporation)

R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [782304 2017-04-19] (Realsil Semiconductor Corporation)

S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [128920 2018-08-03] (Microsoft Corporation)

S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [33176 2018-04-12] (Microsoft Corporation)

R0 SgrmAgent; C:\Windows\System32\drivers\SgrmAgent.sys [63896 2018-04-12] (Microsoft Corporation)

S3 SpatialGraphFilter; C:\Windows\System32\drivers\SpatialGraphFilter.sys [57752 2018-04-12] (Microsoft Corporation)

S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [152576 2018-04-12] (Microsoft Corporation)

R3 VirtualButtons; C:\Windows\System32\drivers\VirtualButtons.sys [42000 2017-01-16] (Intel Corporation)

S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [10240 2018-08-03] (Microsoft Corporation)

R0 volume; C:\Windows\System32\drivers\volume.sys [16288 2018-04-12] (Microsoft Corporation)

R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [151960 2018-04-12] (Microsoft Corporation)

S3 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [82944 2018-04-12] (Microsoft Corporation)

S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)

S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)

S3 WdmCompanionFilter; C:\Windows\System32\drivers\WdmCompanionFilter.sys [21408 2018-04-12] (Microsoft Corporation)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)

S3 WinNat; C:\Windows\System32\drivers\winnat.sys [227840 2018-07-14] (Microsoft Corporation)

R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [35568 2018-08-31] (HP)

U3 aspnet_state; kein ImagePath

S1 ODk1NWNkZTRhY; \??\C:\WINDOWS\system32\drivers\ODk1NWNkZTRhY [X]
 

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

NETSVC: InstallService -> C:\Windows\system32\InstallService.dll (Microsoft Corporation)

NETSVC: LxpSvc -> C:\Windows\System32\LanguageOverlayServer.dll (Microsoft Corporation)

NETSVC: shpamsvc -> C:\Windows\system32\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)

NETSVC: PushToInstall -> C:\Windows\system32\PushToInstall.dll (Microsoft Corporation)

NETSVC: NaturalAuthentication -> C:\Windows\System32\NaturalAuth.dll (Microsoft Corporation)

NETSVC: XboxGipSvc -> C:\Windows\System32\XboxGipSvc.dll (Microsoft Corporation)

NETSVC: TokenBroker -> C:\Windows\System32\TokenBroker.dll (Microsoft Corporation)

NETSVC: wisvc -> C:\Windows\system32\flightsettings.dll (Microsoft Corporation)

NETSVC: WpnService -> C:\Windows\system32\WpnService.dll (Microsoft Corporation)

NETSVCx32: TokenBroker -> C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation)
 

==================== Ein Monat: Erstellte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2018-11-11 20:52 - 2018-11-11 20:53 - 00035759 _____ C:\Users\s_rep\Desktop\FRST.txt

2018-11-11 20:50 - 2018-11-11 20:50 - 01388448 _____ C:\Users\Public\ASR.dat

2018-11-11 20:46 - 2018-11-11 20:46 - 00063768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys

2018-11-11 20:45 - 2018-11-11 20:45 - 00260480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys

2018-11-11 20:45 - 2018-11-11 20:45 - 00119136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys

2018-11-11 20:45 - 2018-11-11 20:45 - 00111152 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys

2018-11-11 20:18 - 2018-11-11 20:18 - 00255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\2124B6DE.sys

2018-11-11 20:17 - 2018-11-11 20:42 - 00000000 ____D C:\Users\s_rep\Desktop\mbar

2018-11-11 20:17 - 2018-11-11 20:42 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2018-11-11 20:16 - 2018-11-11 20:16 - 14178840 _____ (Malwarebytes Corp.) C:\Users\s_rep\Desktop\mbar-1.10.3.1001.exe

2018-11-11 19:10 - 2018-11-11 20:52 - 00000000 ____D C:\FRST

2018-11-11 19:10 - 2018-11-11 19:10 - 02375168 _____ (Farbar) C:\Users\s_rep\Desktop\FRST64.exe

2018-11-11 19:08 - 2018-11-11 19:08 - 01725952 _____ (Farbar) C:\Users\s_rep\Downloads\FRST.exe

2018-11-11 18:17 - 2018-11-11 18:17 - 00000000 ___HD C:\$SysReset

2018-11-11 16:54 - 2018-11-11 16:55 - 00000000 ____D C:\AdwCleaner

2018-11-11 16:54 - 2018-11-11 16:54 - 07592144 _____ (Malwarebytes) C:\Users\s_rep\Desktop\adwcleaner_7.2.4.0.exe

2018-11-11 16:45 - 2018-11-11 16:46 - 04650564 _____ C:\Users\s_rep\Downloads\combocleaner.dmg

2018-11-11 16:13 - 2018-11-11 16:13 - 00000056 _____ C:\WINDOWS\wininit.ini

2018-11-11 16:06 - 2018-11-11 16:13 - 00000306 __RSH C:\ProgramData\ntuser.pol

2018-11-11 15:38 - 2018-11-11 15:38 - 00000000 ____D C:\Users\s_rep\AppData\Local\mbam

2018-11-11 15:37 - 2018-11-11 20:18 - 00000000 ____D C:\ProgramData\Malwarebytes

2018-11-11 15:37 - 2018-11-11 15:37 - 00198000 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys

2018-11-11 15:37 - 2018-11-11 15:37 - 00001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk

2018-11-11 15:37 - 2018-11-11 15:37 - 00000000 ____D C:\Users\s_rep\AppData\Local\mbamtray

2018-11-11 15:37 - 2018-11-11 15:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes

2018-11-11 15:37 - 2018-11-11 15:37 - 00000000 ____D C:\Program Files\Malwarebytes

2018-11-11 15:37 - 2018-10-18 08:44 - 00152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys

2018-11-11 15:29 - 2018-11-11 15:29 - 79596656 _____ (Malwarebytes ) C:\Users\s_rep\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.482-1.0.7783.exe

2018-11-11 15:19 - 2018-11-11 16:05 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\excdir

2018-11-11 15:16 - 2018-11-11 15:44 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\10g0mgchl40

2018-11-11 15:15 - 2018-11-11 15:46 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\q3cvj2ojp2m

2018-11-11 15:08 - 2018-11-11 16:05 - 00000000 ____D C:\Program Files (x86)\IwTmDCzJJIE

2018-11-11 15:08 - 2018-11-11 15:15 - 00000034 _____ C:\Users\Public\Documents\{DE764086-1C0A-4DD3-90BA-0B93BDD794BE}

2018-11-11 15:08 - 2018-11-11 15:08 - 00004256 _____ C:\WINDOWS\System32\Tasks\Benutzerdienstfür(AppXSVC)

2018-11-11 15:08 - 2018-11-11 15:08 - 00003008 _____ C:\WINDOWS\System32\Tasks\niYEcWwYibJfLQX2

2018-11-11 15:08 - 2018-11-11 15:08 - 00000000 ____D C:\ProgramData\zTXZmVxyKBKDhdVB

2018-11-11 15:07 - 2018-11-11 15:47 - 00000000 ____D C:\Program Files (x86)\UmTwpSvRUOfSC

2018-11-11 15:07 - 2018-11-11 15:47 - 00000000 ____D C:\Program Files (x86)\pbjpUXEkQjxU2

2018-11-11 15:07 - 2018-11-11 15:47 - 00000000 ____D C:\Program Files (x86)\hGGLWjvHZZUn

2018-11-11 15:07 - 2018-11-11 15:47 - 00000000 ____D C:\Program Files (x86)\BHXQvOBMsgKdEntstUR

2018-11-11 15:07 - 2018-11-11 15:41 - 00000000 ____D C:\Program Files (x86)\eEvEEOxmU

2018-11-11 15:07 - 2018-11-11 15:13 - 00000582 _____ C:\WINDOWS\Tasks\EZnVzpmjsBPJAOW.job

2018-11-11 15:07 - 2018-11-11 15:08 - 00000000 ____D C:\Program Files (x86)\nodejs

2018-11-11 15:07 - 2018-11-11 15:07 - 00003212 _____ C:\WINDOWS\System32\Tasks\OqUgsIhoyVOixP

2018-11-11 15:07 - 2018-11-11 15:07 - 00003034 _____ C:\WINDOWS\System32\Tasks\qdxgajDnKqmDPrtzQ2

2018-11-11 15:07 - 2018-11-11 15:07 - 00003026 _____ C:\WINDOWS\System32\Tasks\yKlRUxrwnsuFpeUeBWz2

2018-11-11 15:07 - 2018-11-11 15:07 - 00003014 _____ C:\WINDOWS\System32\Tasks\EZnVzpmjsBPJAOW

2018-11-11 15:07 - 2018-11-11 15:07 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\npm

2018-11-11 15:06 - 2018-11-11 15:16 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\ydti5ummqoo

2018-11-11 15:06 - 2018-11-11 15:06 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\Python

2018-11-11 15:06 - 2018-11-11 15:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondersoft

2018-11-11 15:05 - 2018-11-11 16:10 - 00000000 ____D C:\Program Files (x86)\SHSK

2018-11-11 15:05 - 2018-11-11 16:05 - 00000000 ____D C:\Program Files (x86)\Multitimer

2018-11-11 15:05 - 2018-11-11 15:49 - 00000000 ____D C:\Users\s_rep\AppData\Local\William

2018-11-11 15:05 - 2018-11-11 15:47 - 00000000 ____D C:\Program Files\Okawville

2018-11-11 15:05 - 2018-11-11 15:16 - 00003480 _____ C:\WINDOWS\System32\Tasks\{e6b1bd71-40ef-4173-8106-93b5f9032a6e}

2018-11-11 15:05 - 2018-11-11 15:16 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\41fvqqftwqx

2018-11-11 15:05 - 2018-11-11 15:13 - 00001546 _____ C:\WINDOWS\Tasks\Okawville.job

2018-11-11 15:05 - 2018-11-11 15:05 - 00140800 _____ C:\Users\s_rep\AppData\Local\installer.dat

2018-11-11 15:05 - 2018-11-11 15:05 - 00013984 _____ C:\WINDOWS\System32\Tasks\Okawville

2018-11-11 15:05 - 2018-11-11 15:05 - 00000000 ____D C:\Program Files (x86)\Wondersoft

2018-11-11 15:01 - 2018-11-11 15:03 - 00000000 ____D C:\ProgramData\Ver

2018-11-11 15:01 - 2018-11-11 15:01 - 00000000 ____D C:\Users\s_rep\Documents\MediaTrans

2018-11-11 15:01 - 2018-11-11 15:01 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\DearMob

2018-11-11 15:00 - 2018-11-11 15:00 - 00000000 ____D C:\Users\s_rep\AppData\Local\AdvinstAnalytics

2018-11-11 14:57 - 2018-11-11 15:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digiarty

2018-11-11 14:57 - 2018-11-11 15:01 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\Digiarty

2018-11-11 14:57 - 2018-11-11 14:57 - 31498016 _____ C:\Users\s_rep\Downloads\winx-mediatrans-5-6.exe

2018-11-11 14:57 - 2018-11-11 14:57 - 00000000 ____D C:\Program Files (x86)\Digiarty

2018-11-11 14:56 - 2018-11-11 15:10 - 00000000 ____D C:\Users\s_rep\Documents\LeaderTask

2018-11-11 14:55 - 2018-11-11 14:55 - 00000000 ____D C:\Users\s_rep\Downloads\WinX MediaTrans 63 Crack License Code Free Torrent

2018-11-11 14:54 - 2018-11-11 14:54 - 00593889 _____ C:\Users\s_rep\Downloads\WinX MediaTrans 63 Crack License Code Free Torrent.zip

2018-11-11 14:51 - 2018-11-11 14:51 - 00593844 _____ C:\Users\s_rep\Downloads\winx mediatrans 63 crack full version 2018(1).zip

2018-11-11 14:51 - 2018-11-11 14:51 - 00000000 ____D C:\Users\s_rep\Downloads\winx mediatrans 63 crack full version 2018(1)

2018-11-11 14:50 - 2018-11-11 14:50 - 00000000 _____ C:\Users\s_rep\Downloads\winx mediatrans 63 crack full version 2018.zip

2018-11-11 10:34 - 2018-11-11 10:34 - 00098201 _____ C:\WINDOWS\uninstaller.dat

2018-11-10 18:58 - 2018-11-10 18:58 - 00000000 ___HD C:\OneDriveTemp

2018-11-10 07:40 - 2018-11-10 07:40 - 49460656 _____ C:\Users\s_rep\Downloads\x-iphone-ringtone-maker-de.exe

2018-11-10 07:18 - 2018-11-10 07:41 - 00000000 ____D C:\Users\s_rep\Documents\Xilisoft

2018-11-10 07:18 - 2018-11-10 07:41 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\Xilisoft

2018-11-10 07:13 - 2018-11-10 07:13 - 00000000 ____D C:\Users\s_rep\Downloads\Xilisoft_iPhone_Magic_5.7.25_Platinum

2018-11-10 07:05 - 2018-11-10 07:05 - 02906754 _____ C:\Users\s_rep\Downloads\Loreen - Euphoria.m4r

2018-11-10 06:59 - 2018-11-10 07:03 - 71977205 _____ C:\Users\s_rep\Downloads\Xilisoft_iPhone_Magic_5.7.25_Platinum.rar

2018-11-09 14:22 - 2018-11-09 14:22 - 04958970 _____ C:\Users\s_rep\Downloads\_Miezo_Printable_SchnippSchnappAK_Lichterkette.zip

2018-11-09 14:22 - 2018-11-09 14:22 - 04177262 _____ C:\Users\s_rep\Downloads\_Miezo_Printable_SchnippSchnappAK_Nikolaus.zip

2018-11-09 14:22 - 2018-11-09 14:22 - 03357516 _____ C:\Users\s_rep\Downloads\_Miezo_Printable_SchnippSchnappAK_Reh_mit_Schleife.zip

2018-11-09 14:22 - 2018-11-09 14:22 - 03207965 _____ C:\Users\s_rep\Downloads\_Miezo_Printable_SchnippSchnappAK_Engel.zip

2018-11-09 14:22 - 2018-11-09 14:22 - 02136903 _____ C:\Users\s_rep\Downloads\_Miezo_Printable_SchnippSchnappAK_Zuckerstange.zip

2018-11-09 14:16 - 2018-11-09 14:16 - 03698950 _____ C:\Users\s_rep\Downloads\_Miezo Digistamp Drachenmädchen mit Laterne.zip

2018-11-09 10:51 - 2018-11-09 10:51 - 01710944 _____ C:\Users\s_rep\Downloads\IKEA FAMILY KARTE.pdf

2018-11-08 05:48 - 2018-11-08 06:00 - 00000000 ____D C:\Users\s_rep\AppData\Local\iMobie_Inc

2018-11-08 05:48 - 2018-11-08 05:59 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\iMobie

2018-11-08 05:47 - 2018-11-11 15:13 - 00000000 ____D C:\Program Files (x86)\iMobie

2018-11-08 05:47 - 2018-11-08 05:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMobie

2018-11-08 05:46 - 2018-11-08 05:46 - 02576312 _____ (iMobie Inc.) C:\Users\s_rep\Downloads\anytrans-ios-setup.exe

2018-11-08 05:31 - 2018-11-08 05:31 - 00000000 ____D C:\Users\s_rep\AppData\Local\Apple Computer

2018-11-08 05:05 - 2018-11-10 07:54 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\Apple Computer

2018-11-08 05:05 - 2018-11-08 05:05 - 00001823 _____ C:\Users\Public\Desktop\iTunes.lnk

2018-11-08 05:05 - 2018-11-08 05:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2018-11-08 05:05 - 2018-11-08 05:05 - 00000000 ____D C:\Program Files\iPod

2018-11-08 05:03 - 2018-11-08 05:05 - 00000000 ____D C:\Program Files\iTunes

2018-11-08 05:03 - 2018-11-08 05:03 - 00000000 ____D C:\ProgramData\Apple Computer

2018-11-08 05:00 - 2018-11-08 05:00 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk

2018-11-08 05:00 - 2018-11-08 05:00 - 00000000 ____D C:\Users\s_rep\AppData\Local\Apple

2018-11-08 05:00 - 2018-11-08 05:00 - 00000000 ____D C:\Program Files (x86)\Apple Software Update

2018-11-08 04:59 - 2018-11-08 04:59 - 00000000 ____D C:\Program Files\Bonjour

2018-11-08 04:59 - 2018-11-08 04:59 - 00000000 ____D C:\Program Files (x86)\Bonjour

2018-11-08 04:58 - 2018-11-08 04:59 - 00000000 ____D C:\Program Files\Common Files\Apple

2018-11-08 04:54 - 2018-11-08 04:55 - 270003016 _____ (Apple Inc.) C:\Users\s_rep\Downloads\iTunes64Setup.exe

2018-11-07 14:44 - 2018-11-07 14:44 - 06986360 _____ (ESET spol. s r.o.) C:\Users\s_rep\Downloads\ESETOnlineScanner_DEU.exe

2018-11-07 14:44 - 2018-11-07 14:44 - 00000000 ____D C:\Users\s_rep\AppData\Local\ESET

2018-11-07 12:53 - 2018-11-07 12:53 - 00000000 ____D C:\Users\s_rep\AppData\Local\D3DSCache

2018-11-06 06:32 - 2018-11-06 06:32 - 01681611 _____ C:\Users\s_rep\Downloads\Mother's Day.zip

2018-11-06 06:25 - 2018-11-06 06:25 - 03172822 _____ C:\Users\s_rep\Downloads\KINDNESS_IS_THE_WAY_CUST_FILES.zip

2018-11-06 05:55 - 2018-11-06 05:55 - 00029450 _____ C:\Users\s_rep\Downloads\copicnummern.pdf

2018-11-04 11:21 - 2018-11-04 11:21 - 00310110 _____ C:\Users\s_rep\Downloads\Steffies Bastelkammer Box zum binden Herz und Stern.studio3

2018-11-01 06:00 - 2018-11-01 08:19 - 00010552 _____ C:\Users\s_rep\Documents\Erbe Ausgaben.xlsx

2018-11-01 05:22 - 2018-11-01 05:22 - 00656584 _____ C:\Users\s_rep\Downloads\Steffie´s Bastelkammer 24 Lichter im Advent Portrait.studio3

2018-11-01 05:22 - 2018-11-01 05:22 - 00600163 _____ C:\Users\s_rep\Downloads\Steffie´s Bastelkammer 24 Lichter im Advent Cameo.studio3

2018-10-26 05:08 - 2018-10-26 05:08 - 00072472 _____ C:\Users\s_rep\Downloads\Briefmarken.12Stk.26.10.2018_0606.pdf

2018-10-26 04:57 - 2018-10-26 04:57 - 03693207 _____ C:\Users\s_rep\Downloads\Rund ums Basteln.pdf

2018-10-26 04:57 - 2018-10-26 04:57 - 00616315 _____ C:\Users\s_rep\Downloads\Steffies Bastelkammer Sternlicht.studio3

2018-10-22 08:32 - 2018-10-22 08:32 - 00509216 _____ C:\Users\s_rep\Downloads\Steffies Bastelkammer Karte für 10x15 Fotos.studio3

2018-10-19 17:45 - 2018-11-07 14:29 - 00004190 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1539967477

2018-10-19 17:45 - 2018-11-07 14:29 - 00001179 _____ C:\Users\s_rep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk

2018-10-19 17:43 - 2018-10-19 17:43 - 01921552 _____ (Opera Software) C:\Users\s_rep\Downloads\OperaSetup(1).exe

2018-10-19 16:35 - 2018-10-19 16:35 - 00066006 _____ C:\Users\s_rep\Downloads\Steffies Bastelkammer Karte zum aufstellen.studio3

2018-10-19 13:31 - 2018-10-19 13:31 - 81772586 _____ C:\Users\s_rep\Downloads\Wimpelkalender Zahlen.studio3

2018-10-19 12:31 - 2018-10-19 12:31 - 00121336 _____ C:\Users\s_rep\Downloads\Miezo Wimpelkalender(2).studio3

2018-10-19 04:06 - 2018-10-19 04:06 - 00111560 _____ C:\Users\s_rep\Downloads\Miezo Wimpelkalender(1).studio3

2018-10-18 09:03 - 2018-10-18 09:03 - 00611671 _____ C:\Users\s_rep\Downloads\adventskalender'kranz' rohling.studio3

2018-10-18 08:49 - 2018-10-18 08:49 - 00065540 _____ C:\Users\s_rep\Downloads\MiniAdventskranz.studio3

2018-10-18 08:47 - 2018-10-18 08:47 - 00649488 _____ C:\Users\s_rep\Downloads\HäuserBoxenLeer.studio3

2018-10-18 08:47 - 2018-10-18 08:47 - 00262512 _____ C:\Users\s_rep\Downloads\Würfelbox zum heraus ziehen.studio3

2018-10-18 04:28 - 2018-10-18 04:28 - 00111560 _____ C:\Users\s_rep\Downloads\Miezo Wimpelkalender.studio3

2018-10-17 12:30 - 2018-10-17 12:30 - 00286994 _____ C:\Users\s_rep\Downloads\Steffies Bastelkammer Karte mit Durchblick DIY.studio3

2018-10-17 07:21 - 2018-10-17 07:22 - 62543360 _____ C:\Users\s_rep\Downloads\FontPack1900820071_XtdAlf_Lang_DC.msi

2018-10-17 07:21 - 2018-10-17 07:21 - 00809182 _____ C:\Users\s_rep\Downloads\img001.pdf

2018-10-16 08:35 - 2018-10-16 08:35 - 00250423 _____ C:\Users\s_rep\Downloads\Miezo Pocket-Zahnstocherkalender.studio3

2018-10-15 13:16 - 2018-10-15 13:16 - 00153207 _____ C:\Users\s_rep\Downloads\Wichtige Infos rund um unsere Arbeit.pdf
 

==================== Ein Monat: Geänderte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2018-11-11 20:52 - 2018-04-12 00:38 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2018-11-11 20:50 - 2018-04-12 00:38 - 00000000 ___HD C:\Program Files\WindowsApps

2018-11-11 20:50 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\AppReadiness

2018-11-11 20:50 - 2018-01-24 08:14 - 00000000 ____D C:\Users\s_rep\AppData\Local\Packages

2018-11-11 20:48 - 2017-12-17 17:42 - 00000000 ____D C:\Users\s_rep\AppData\LocalLow\Mozilla

2018-11-11 20:47 - 2018-03-28 16:14 - 00000000 ____D C:\Users\Public\Speedup Sessions

2018-11-11 20:45 - 2017-12-17 17:33 - 00000000 __SHD C:\Users\s_rep\IntelGraphicsProfiles

2018-11-11 20:44 - 2018-06-02 08:56 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2018-11-11 20:44 - 2018-04-11 22:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI

2018-11-11 18:30 - 2017-12-18 07:07 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\com.silhouettesoftware

2018-11-11 18:27 - 2018-05-04 06:01 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\com.silhouettesoftware.scratch.1

2018-11-11 18:27 - 2018-05-04 06:01 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\com.aspexsoftware.ss_bluetooth

2018-11-11 17:02 - 2018-01-16 10:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

2018-11-11 17:02 - 2018-01-16 10:07 - 00000000 ____D C:\ProgramData\Avira

2018-11-11 17:02 - 2018-01-16 10:07 - 00000000 ____D C:\Program Files (x86)\Avira

2018-11-11 16:53 - 2018-06-02 08:21 - 01817928 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2018-11-11 16:53 - 2018-04-12 17:13 - 00781586 _____ C:\WINDOWS\system32\perfh007.dat

2018-11-11 16:53 - 2018-04-12 17:13 - 00166424 _____ C:\WINDOWS\system32\perfc007.dat

2018-11-11 16:53 - 2018-04-12 00:36 - 00000000 ____D C:\WINDOWS\INF

2018-11-11 16:30 - 2018-06-25 05:41 - 00000000 ____D C:\Program Files\Opera

2018-11-11 16:21 - 2018-04-12 00:30 - 00000000 ____D C:\WINDOWS\CbsTemp

2018-11-11 15:16 - 2017-12-17 17:42 - 00000000 ____D C:\Program Files\Mozilla Firefox

2018-11-11 15:14 - 2018-06-02 08:22 - 00000000 ____D C:\Users\s_rep

2018-11-11 15:13 - 2018-06-02 08:13 - 00000000 ____D C:\WINDOWS\system32\SleepStudy

2018-11-11 15:06 - 2017-12-17 16:55 - 00000000 ____D C:\Program Files\Intel

2018-11-11 15:06 - 2017-10-12 00:37 - 00000000 ____D C:\ProgramData\Intel

2018-11-11 15:05 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy

2018-11-11 15:05 - 2018-01-12 13:01 - 00000000 ____D C:\Program Files\rempl

2018-11-11 15:05 - 2017-03-18 22:03 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy

2018-11-10 22:12 - 2017-12-17 17:40 - 00000000 ___RD C:\Users\s_rep\OneDrive

2018-11-10 17:00 - 2018-06-04 05:08 - 00559880 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

2018-11-09 12:43 - 2017-12-17 17:35 - 00000000 ____D C:\Users\s_rep\AppData\Local\Comms

2018-11-09 06:46 - 2017-12-18 06:46 - 00000000 ____D C:\Users\s_rep\Documents\01 Dieter

2018-11-08 12:25 - 2017-12-18 07:07 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\com.aspexsoftware.Silhouette_Studio

2018-11-08 08:47 - 2018-04-27 10:47 - 00000000 ____D C:\Users\s_rep\Downloads\Miezo

2018-11-08 04:59 - 2017-05-23 03:14 - 00000000 ____D C:\ProgramData\Apple

2018-11-07 12:56 - 2018-06-02 08:13 - 00621856 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2018-11-07 12:55 - 2017-12-17 17:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2018-11-02 05:08 - 2017-12-17 17:42 - 00001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk

2018-10-25 04:41 - 2017-12-18 15:30 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

2018-10-22 13:49 - 2017-05-23 03:11 - 00000000 ____D C:\ProgramData\Package Cache

2018-10-19 17:45 - 2018-06-25 05:41 - 00000000 ____D C:\Users\s_rep\AppData\Local\Opera Software

2018-10-19 17:43 - 2018-06-25 05:41 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\Opera Software

2018-10-17 08:26 - 2018-06-02 08:56 - 00003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2101576799-1165526633-3082190696-1001

2018-10-17 08:26 - 2018-06-02 08:22 - 00002390 _____ C:\Users\s_rep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2018-10-16 04:30 - 2017-12-18 07:09 - 00000000 ____D C:\Users\s_rep\Downloads\Plotterdateien - später einsortieren

2018-10-16 04:07 - 2018-07-18 10:57 - 00000000 ____D C:\ProgramData\Packages

2018-10-13 06:05 - 2017-12-17 16:55 - 00000000 ____D C:\Intel

2018-10-12 03:55 - 2017-12-30 16:04 - 00000000 ___RD C:\Users\s_rep\3D Objects

2018-10-12 03:55 - 2017-03-18 04:53 - 00000000 __RHD C:\Users\Public\AccountPictures
 

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
 

2017-12-18 07:07 - 2017-12-18 07:07 - 0000008 _____ () C:\Users\s_rep\AppData\Roaming\com.silhouettesoftware.id

2018-11-11 15:05 - 2018-11-11 15:05 - 0140800 _____ () C:\Users\s_rep\AppData\Local\installer.dat

2018-07-31 15:06 - 2018-07-31 15:06 - 0000218 _____ () C:\Users\s_rep\AppData\Local\recently-used.xbel

2017-12-18 06:13 - 2017-12-18 06:13 - 0000057 _____ () C:\ProgramData\Ament.ini
 

Dateien, die verschoben oder gelöscht werden sollten:

====================

C:\Users\Public\ASR.dat
 
 

Einige Dateien in TEMP:

====================

C:\Users\s_rep\AppData\Local\Temp\Uninstall.exe
 
 

==================== Bamital & volsnap =================
 

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
 

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert

C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert

C:\WINDOWS\explorer.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert

C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert

C:\WINDOWS\system32\services.exe => Datei ist digital signiert

C:\WINDOWS\system32\User32.dll => Datei ist digital signiert

C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert

C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert

C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert

C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert

C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert

C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
 
 

LastRegBack: 2018-06-02 08:13
 

==================== Ende von FRST.txt ============================

Code:

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:13-04-2016

durchgeführt von s_rep (2018-11-11 20:53:50)

Gestartet von C:\Users\s_rep\Desktop

Windows 10 Home Version 1803 (X64) (2018-06-02 07:57:52)

Start-Modus: Normal

==========================================================
 
 

==================== Konten: =============================
 

Administrator (S-1-5-21-2101576799-1165526633-3082190696-500 - Administrator - Disabled)

DefaultAccount (S-1-5-21-2101576799-1165526633-3082190696-503 - Limited - Disabled)

Gast (S-1-5-21-2101576799-1165526633-3082190696-501 - Limited - Disabled)

s_rep (S-1-5-21-2101576799-1165526633-3082190696-1001 - Administrator - Enabled) => C:\Users\s_rep

WDAGUtilityAccount (S-1-5-21-2101576799-1165526633-3082190696-504 - Limited - Disabled)
 

==================== Sicherheits-Center ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
 

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}

AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installierte Programme ======================
 

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
 

123 Photo Version 2.0 (HKLM-x32\...\{68F08E04-F190-49B4-B159-3FA7E72A4EC8}_is1) (Version: 2.0 - Harald Wittke)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 19.008.20080 - Adobe Systems Incorporated)

Any Video Converter 6.0.9 (HKLM-x32\...\Any Video Converter) (Version: 6.0.9 - Anvsoft)

Apple Application Support (32-Bit) (HKLM-x32\...\{49F7DD82-FC83-48BF-86C6-CFE6E1E233E1}) (Version: 7.1 - Apple Inc.)

Apple Application Support (64-Bit) (HKLM\...\{1FA68E27-2951-42E8-9F57-1A7F6581B4FD}) (Version: 7.1 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)

Avira (HKLM-x32\...\{2884d9b5-2fed-48df-b0e0-fe229e7eb781}) (Version: 1.2.121.24663 - Avira Operations GmbH & Co. KG)

Avira (x32 Version: 1.2.121.24663 - Avira Operations GmbH & Co. KG) Hidden

Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.42.11 - Avira Operations GmbH & Co. KG)

Avira Safe Shopping (HKLM-x32\...\{573F6664-99E1-40D8-921A-7C9345EC03B2}) (Version: 1.1.5.3330 - Avira Operations GmbH & Co. KG)

Avira Safe Shopping (x32 Version: 1.0.65.2672 - Avira Operations Gmbh & Co. KG) Hidden

Avira Software Updater (HKLM-x32\...\{D4F0629A-3F4A-4098-ADFE-6F3551762251}) (Version: 2.0.6.4401 - Avira Operations GmbH & Co. KG)

Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 4.8.0.7455 - Avira Operations GmbH & Co. KG)

Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)

Bullzip PDF Printer 11.5.0.2698 (HKLM\...\Bullzip PDF Printer_is1) (Version: 11.5.0.2698 - Bullzip)

calibre (HKLM-x32\...\{5BC66570-E69F-4C93-9DF2-E93739A91A63}) (Version: 3.25.0 - Kovid Goyal)

Dropbox 25 GB (HKLM-x32\...\{84D8451D-2ED6-3A59-ABA5-2A447F7C6310}) (Version: 4.1.2.0 - Dropbox, Inc.)

Dropbox Update Helper (x32 Version: 1.3.141.1 - Dropbox, Inc.) Hidden

ELAN Touchpad 18.2.15.7_X64_WHQL (HKLM\...\Elantech) (Version: 18.2.15.7 - ELAN Microelectronic Corp.)

Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)

Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC13084E6700}) (Version: 19.008.20071 - Adobe Systems Incorporated)

FlashPeak Slimjet (HKLM-x32\...\Slimjet) (Version: 19.0.4.0 - FlashPeak Inc.)

foldershare (HKLM\...\foldershare) (Version: 7.3 - foldershare)

FotoWorks XL 2018 (HKLM-x32\...\FotoWorks XL 2018_is1) (Version: Aktuelle Version - IN MEDIAKG TI)

Free MP4 Video Converter (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.111.215 - Digital Wave Ltd)

HP Audio Switch (HKLM-x32\...\{BC852AA8-58F6-4F07-ACB1-7377E52CA4F3}) (Version: 1.0.150.0 - HP Inc.)

HP CoolSense (HKLM-x32\...\{20CC03C7-7B48-4130-B7FA-39BC128E3A9E}) (Version: 2.21.5 - HP Inc.)

HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)

HP ePrint SW (HKLM-x32\...\{54da9769-2364-4bd3-8139-6400500778b3}) (Version: 5.3.22034 - HP Inc.)

HP JumpStart Apps (HKLM-x32\...\HP JumpStart Apps) (Version: 7.0.21 - HP Inc.)

HP JumpStart Bridge (HKLM-x32\...\{23D5C1E8-0442-4D70-9280-927EF36657CB}) (Version: 1.1.0.378 - HP Inc.)

HP JumpStart Launch (HKLM-x32\...\{81CA40FD-E11B-4DC1-AE33-A71EB044B8B7}) (Version: 1.1.275.0 - HP Inc.)

HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)

HP Photosmart 5520 series - Grundlegende Software für das Gerät (HKLM\...\{4F396B08-301D-4E53-A372-95A7E93ABD04}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

HP Photosmart 5520 series Hilfe (HKLM-x32\...\{640A03B3-4E6B-4440-A350-E6A8D6348F12}) (Version: 27.0.0 - Hewlett Packard)

HP Support Assistant (HKLM-x32\...\{4780AF24-213D-4187-86F2-0014A6D6077B}) (Version: 8.3.50.9 - HP Inc.)

HP Support Solutions Framework (HKLM-x32\...\{AAE126B3-95C5-49E1-A590-7B5F6EDC7D60}) (Version: 12.5.32.203 - HP Inc.)

HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.29 - HP Inc.)

HP System Event Utility (HKLM-x32\...\{1BB20774-0FA8-4CFF-AB69-7B7AAE2DCE6C}) (Version: 1.4.19 - HP Inc.)

HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)

Inkscape 0.92.3 (HKLM-x32\...\Inkscape) (Version: 0.92.3 - Inkscape Project)

Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11003.3588 - Intel Corporation)

Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1047 - Intel Corporation)

Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4627 - Intel Corporation)

Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)

Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1643.1 - Intel Corporation)

Intel(R) Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 1.1.1.22 - Intel Corporation)

Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{DDE28492-B260-4DF0-BA99-7F96FC2932C1}) (Version: 19.60.0 - Intel Corporation)

Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.40 - Intel(R) Corporation) Hidden

Intel® Integrated Sensor Solution (HKLM-x32\...\{b3782b53-1b6c-436a-b0f0-f65d83ae74d9}) (Version: 3.0.30.1119 - Intel Corporation)

Intel® PROSet/Wireless Software (HKLM-x32\...\{185db067-38cd-4521-a43e-c39b96ee1389}) (Version: 19.50.1 - Intel Corporation)

IrfanView 4.50 (64-bit) (HKLM\...\IrfanView64) (Version: 4.50 - Irfan Skiljan)

ISS_Drivers_x64 (Version: 3.0.30.1119 - Intel Corporation) Hidden

iTunes (HKLM\...\{91B57967-C0E0-435A-AE53-A2336ECD8560}) (Version: 12.9.1.4 - Apple Inc.)

LibreOffice 5.3.7.2 (HKLM\...\{117F3217-458C-4371-B222-00C69DE96CB2}) (Version: 5.3.7.2 - The Document Foundation)

Malwarebytes Version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)

Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-2101576799-1165526633-3082190696-1001\...\OneDriveSetup.exe) (Version: 18.172.0826.0010 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)

Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)

Mozilla Firefox 63.0.1 (x64 de) (HKLM\...\Mozilla Firefox 63.0.1 (x64 de)) (Version: 63.0.1 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.2 - Mozilla)

OpenOffice 4.1.4 (HKLM-x32\...\{5E9128B1-0AB8-40F5-9F71-69089C490855}) (Version: 4.14.9788 - Apache Software Foundation)

Opera Stable 56.0.3051.99 (HKU\S-1-5-21-2101576799-1165526633-3082190696-1001\...\Opera 56.0.3051.99) (Version: 56.0.3051.99 - Opera Software)

ORTMANN Cross Stitch Designer 4.0 (HKLM-x32\...\ORTMANN Media-Verlag Cross Stitch Designer 4.0) (Version: 4.0 - ORTMANN Media-Verlag)

Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

PDF24 Creator 8.3.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)

PhotoFiltre 7 (HKU\S-1-5-21-2101576799-1165526633-3082190696-1001\...\PhotoFiltre 7) (Version:  - )

Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.21299 - Realtek Semiconductor Corp.)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8135 - Realtek Semiconductor Corp.)

Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)

Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden

Silhouette Link (HKLM-x32\...\{C2136C80-F9D4-4096-86D4-C641BB36DFF3}) (Version: 1.0.096 - Silhouette America)

Silhouette Studio (HKLM-x32\...\{518EAEF4-3E9D-4E45-B4DB-041B7FCB86D0}) (Version: 4.1.442 - Silhouette America)

Studie zur Verbesserung von HP Photosmart 5520 series Produkten (HKLM\...\{B99F865A-3ECB-4E65-B6CF-9C60EE0273A3}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

Update for Skype for Business 2015 (KB4461446) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFBBF6D0-F140-40E9-B5AE-BDE708FC4817}) (Version:  - Microsoft)

Update for Skype for Business 2015 (KB4461446) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFBBF6D0-F140-40E9-B5AE-BDE708FC4817}) (Version:  - Microsoft)

Update for Skype for Business 2015 (KB4461446) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{BFBBF6D0-F140-40E9-B5AE-BDE708FC4817}) (Version:  - Microsoft)

Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{EC5A6438-850E-4AD1-9169-DD071C8EFFEF}) (Version: 2.10.0.0 - Microsoft Corporation)

VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)

Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)

Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-3) (Version: 1.0.42.0 - LunarG, Inc.)

Vulkan Run Time Libraries 1.0.42.0 (Version: 1.0.42.0 - LunarG, Inc.) Hidden

WinRAR 5.50 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

Wondersoft - Wonderful Weather - Enhance and safeguard your online experience (HKLM-x32\...\Wondersoft Wonderful Weather) (Version: "1.1.1" - "Wondersoft")
 

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

CustomCLSID: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001_Classes\CLSID\{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}\localserver32 -> C:\Users\s_rep\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\FileCoAuth.exe (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001_Classes\CLSID\{389510b7-9e58-40d7-98bf-60b911cb0ea9}\localserver32 -> C:\Users\s_rep\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\FileCoAuth.exe (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\s_rep\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\FileCoAuth.exe (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001_Classes\CLSID\{94269C4E-071A-4116-90E6-52E557067E4E}\localserver32 -> C:\Users\s_rep\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\FileCoAuth.exe (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> C:\Users\s_rep\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\FileCoAuth.exe (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001_Classes\CLSID\{A926714B-7BFC-4D08-A035-80021395FFA8}\localserver32 -> C:\Users\s_rep\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\FileCoAuth.exe (Microsoft Corporation)
 

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

Task: {042D8A51-5878-4000-9C10-C04AFF122A1F} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand

Task: {04B3E894-DE5B-4C4A-9AA7-CA8F7CE43583} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Cellular => C:\Windows\system32\ProvTool.exe [2018-04-12] (Microsoft Corporation)

Task: {0638E40C-2629-48D2-B3AA-EE49DDEAB986} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)

Task: {0967FAC8-6E28-4BBF-8387-9D6CEB7DE860} - System32\Tasks\Avira\Safe Shopping\Check => C:\Program Files (x86)\Avira\Safe Shopping\Updater\Updater.exe [2018-11-01] (Avira)

Task: {0A7AA876-862F-4F81-AA4B-B73950FA632C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates

Task: {0FD500DA-01C5-4676-9B10-1A481B381433} - System32\Tasks\S-1-5-21-2101576799-1165526633-3082190696-1001\DataSenseLiveTileTask => C:\Windows\System32\DataUsageLiveTileTask.exe [2018-04-12] (Microsoft Corporation)

Task: {1966DF7C-DE3A-4B71-A0AC-AD8B72668ECD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-07] (HP Inc.)

Task: {1BCC53CF-FE23-46A5-B81C-5FCE6B3BDF23} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\s_rep\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [2018-10-17] (Microsoft Corporation)

Task: {1BE936D4-EE40-4F04-84E0-18FFD27C0A6A} - System32\Tasks\Microsoft\Windows\Chkdsk\SyspartRepair => C:\Windows\system32\bcdboot.exe [2018-04-12] (Microsoft Corporation)

Task: {2231CAFE-FABE-41F5-A0B3-842D9319DBF9} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\Windows\system32\AppHostRegistrationVerifier.exe [2018-06-02] (Microsoft Corporation)

Task: {26979C78-BE35-4BE1-9663-F25C0DD509D3} - System32\Tasks\Opera scheduled Autoupdate 1539967477 => C:\Program Files\Opera\launcher.exe [2018-11-06] (Opera Software)

Task: {294EF281-56B6-4F71-8115-BAC2919EF034} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task

Task: {29F3A47A-C0DC-48D8-ACAF-89413EE0731D} - System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr => C:\Windows\System32\UNP\UpdateNotificationMgr.exe [2018-07-15] (Microsoft Corporation)

Task: {2BB692C1-F60F-479E-ADC2-1CAF9422A2AC} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask

Task: {2DBD790D-172A-4CFA-B3F7-824D7509680F} - System32\Tasks\Microsoft\Windows\PushToInstall\Registration => Sc.exe start pushtoinstall registration

Task: {301E6046-EE37-4B0D-ADEA-B79237AA4C23} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2018-10-16] (Avira Operations GmbH & Co. KG)

Task: {42B682B8-0FA8-4CD6-8609-C90EFF7505D4} - System32\Tasks\HPCustParticipation HP Photosmart 5520 series => C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)

Task: {430852CB-A87C-492E-A659-075C7BF1710C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates

Task: {4C7F4583-DD70-4B68-B5CF-3621E0C33708} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)

Task: {51D31EBF-545E-411D-A21A-CB34004CC384} - System32\Tasks\Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh

Task: {541BA5BF-1736-4A3E-B1E5-CE1C9EE13043} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates

Task: {54A21C2F-028A-40D4-B5D5-88E4A584FB1B} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-10-13] (Intel(R) Corporation)

Task: {56E6F3A6-3B2E-47FE-9C9E-E9669BA61EFC} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-12-18] (Dropbox, Inc.)

Task: {57688D33-0857-43F4-B3D2-26F0D0623E39} - System32\Tasks\Benutzerdienstfür(AppXSVC) => C:\Program Files (x86)\nodejs\node.exe [2017-05-02] (Node.js)

Task: {577C3956-E492-42A5-AEFB-FDC54A537C64} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange

Task: {57A7E0DF-F70E-43B1-AA2C-5BA67DBBE753} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask

Task: {5DB4FD20-4FF2-4C58-9801-ADD6F0149633} - System32\Tasks\Microsoft\Windows\EDP\EDP Inaccessible Credentials Task

Task: {60221910-B7B0-4AB9-AC2D-71058A6720EE} - System32\Tasks\Avira\Safe Shopping\Launch => C:\Program Files (x86)\Avira\Safe Shopping\Updater\Updater.exe [2018-11-01] (Avira)

Task: {62331915-A3E9-4B6E-9686-86034377E8CF} - System32\Tasks\Microsoft\Windows\USB\Usb-Notifications

Task: {65A34F07-723D-4150-B109-13BD1AE3DFAA} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry

Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()

Task: {66969E28-CE77-4B5F-B1FF-A3B610DFCFD3} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)

Task: {6AB34E6E-76B0-4D9C-B1AC-C0E5B26BC23E} - System32\Tasks\Avira\Safe Shopping\Update => C:\Program Files (x86)\Avira\Safe Shopping\Updater\Updater.exe [2018-11-01] (Avira)

Task: {6DE4F7DC-0B8D-404A-A6C9-83241658F8CA} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\Windows\system32\AppHostRegistrationVerifier.exe [2018-06-02] (Microsoft Corporation)

Task: {6F94A2F9-CA33-4FCC-AA69-57F57230173C} - System32\Tasks\EZnVzpmjsBPJAOW => Rundll32.exe "C:\Users\s_rep\AppData\Local\Temp\zJVJydIlxtaAifNHI\TtycKSJSKAhDHkWV\nSqksLm.dll",#1 /adp EIGH4BJGH4VJGH2XIGH7HKGH8XJGH4SJGH8RJGH8YJGH8DIGH0RIGH6LIGH2AIGH1OIGH0WIGH1 /site_id 756

Task: {7138D0D3-1873-4A77-86CF-4840F491C90F} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\Windows\System32\XblGameSaveTask.exe [2018-04-12] (Microsoft Corporation)

Task: {749E286C-C205-4C7C-B742-BE5023BF06DE} - System32\Tasks\Microsoft\Windows\PushToInstall\LoginCheck => Sc.exe start pushtoinstall login

Task: {756535E6-76E8-42DF-9307-D2A8D82EDB1C} - System32\Tasks\HPEA3JOBS => C:\Program

Task: {77DD4C0D-EEDB-4C1D-9A21-7B30E5F4C03A} - System32\Tasks\qdxgajDnKqmDPrtzQ2 => Rundll32.exe "C:\Program Files (x86)\BHXQvOBMsgKdEntstUR\LtVvruU.dll",#1

Task: {78BABCCD-20B8-49B7-B4F8-87490C41C875} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser

Task: {7EAE5A6B-00F4-4B9F-A255-E1C163B587A1} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession

Task: {7EED1416-89CD-4D52-8537-3E4860543030} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [2018-03-22] (Avira Operations GmbH & Co. KG)

Task: {7EFE6C85-50FC-4D58-A3DF-10FEFC8CCB2D} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-12-18] (Dropbox, Inc.)

Task: {83B7C57C-BF53-42F4-B3A0-B24ABFACE76A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)

Task: {85F40D06-8916-40B8-ABA7-734BA60F90F2} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2016-11-28] (DropboxOEM)

Task: {88026766-9562-4C3E-9C94-2E7DA5B61195} - System32\Tasks\yKlRUxrwnsuFpeUeBWz2 => Rundll32.exe "C:\Program Files (x86)\UmTwpSvRUOfSC\vKpdeLr.dll",#1

Task: {8CCDCCC3-88F0-4860-84BE-5AC16A1C6FA9} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => Rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance

Task: {8D71F5C0-53E1-4F02-9A5D-851779424A0D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)

Task: {8F255F88-A87A-495F-B828-A4AFEC70BDB0} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\Windows\system32\dxgiadaptercache.exe [2018-04-12] (Microsoft Corporation)

Task: {90331E02-BD0D-4D82-8804-1342EAAA2C9F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-12-06] (HP Inc.)

Task: {97E8D66D-0085-423C-BA11-DD777A1258AB} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\Windows\system32\MDMAgent.exe [2018-04-12] (Microsoft Corporation)

Task: {9CB242AA-EA28-4888-8DE0-98F1D6B05AC7} - System32\Tasks\DropboxUpdateTaskMachineCore1d377547997d14 => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-12-18] (Dropbox, Inc.)

Task: {A167F6E0-ED47-419C-807E-2A11ECBA98D4} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation

Task: {A305A840-EC8B-4C66-8EA8-5FF15F129CD2} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe [2018-04-12] (Microsoft Corporation)

Task: {A5FE6B52-974F-492F-81F3-472223AD09D5} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\Windows\system32\ClipRenew.exe [2018-04-12] (Microsoft Corporation)

Task: {AE1E6549-6E33-4D49-801B-F33E6D62356A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2016-12-06] (HP Inc.)

Task: {B0952E0A-C54F-4E8B-95E9-90E560086B37} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand

Task: {B14C88F4-4AAC-4F00-A94E-8EA180D7AEDC} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense

Task: {B2F4AC84-A8D0-4524-9363-BFF5A5911A00} - System32\Tasks\Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask

Task: {B3433942-FE11-4C11-839D-9C7589B6C5CB} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\Windows\system32\ClipRenew.exe [2018-04-12] (Microsoft Corporation)

Task: {B96C2DB0-6A19-4E2B-89F6-84FD75E497A4} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback

Task: {BDE8C0F4-1A50-4A42-ABFC-DFA37F8BF1C8} - System32\Tasks\OqUgsIhoyVOixP => Rundll32.exe "C:\Program Files (x86)\pbjpUXEkQjxU2\ydAhoPZsifauT.dll",#1

Task: {C161767E-4A22-4440-A1AF-1317A585F317} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [2018-03-28] (Avira Operations GmbH & Co. KG                              )

Task: {C2098BE2-A29A-4EB1-97F6-F0C57E086D4F} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\Windows\system32\speech_onecore\common\SpeechRuntime.exe [2018-06-02] (Microsoft Corporation)

Task: {C9ACB1EA-CBC3-4359-99B2-F80FA71A75DC} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-12-06] (HP Inc.)

Task: {CDA5D686-5D6C-4730-9907-B66710DC3670} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange

Task: {D010978C-B666-4072-B7F3-DD6340CDD629} - System32\Tasks\Microsoft\Windows\EDP\StorageCardEncryption Task

Task: {D07E8395-3840-41C1-8931-34D62726BED3} - System32\Tasks\niYEcWwYibJfLQX2 => Rundll32.exe "C:\Program Files (x86)\eEvEEOxmU\ggsKtT.dll",#1

Task: {D1CC320B-9A47-4DB4-AFE4-2BCE1A964E7A} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources

Task: {D795D83C-F41B-4403-B14E-A038C6FBD1B0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)

Task: {DBE92F66-907D-4220-8C26-5D55E5A5906F} - System32\Tasks\HP\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe [2017-01-12] (HP Development Company, L.P.)

Task: {DD710A69-86C6-4932-97B1-01FB13ACFEF1} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged

Task: {DDF46C27-D05A-4829-90A2-9E4A4DDD7FE9} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [2017-02-02] (HP Inc.)

Task: {E0862994-9083-482D-A921-27B4860FFA21} - System32\Tasks\Microsoft\Windows\Printing\EduPrintProv => C:\Windows\system32\eduprintprov.exe [2018-04-12] (Microsoft Corporation)

Task: {E3757DD2-B31D-4CB0-B696-8EC28DB525C3} - System32\Tasks\Okawville => C:\Program Files\Okawville\Okawville.exe

Task: {E9D4B94B-01E1-4850-91EF-9E40BB4E670E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-12-06] (HP Inc.)

Task: {EDF26610-088A-459C-8682-BED9EC60359F} - System32\Tasks\{e6b1bd71-40ef-4173-8106-93b5f9032a6e} => C:\Users\s_rep\AppData\Local\Temp\{2CF693F1-5E55-41CB-BE04-6E437DA0D4B9}.exe <==== ACHTUNG

Task: {EFA86FF7-22AE-4997-AFD9-E89E1BF9B7D6} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\Windows\system32\devicecensus.exe [2018-04-12] (Microsoft Corporation)

Task: {F002E6F5-6788-45A8-8F43-228E2955D617} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2101576799-1165526633-3082190696-1001 => C:\Users\s_rep\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [2018-10-17] (Microsoft Corporation)

Task: {F955A09C-E83A-4AD5-9ABC-7D5D7A055117} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task

Task: {FC779438-B7FD-4774-AA55-4DE2A4B098A4} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh

Task: {FECF5D21-00E3-4960-8359-57CBFC4E2D73} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)

Task: {FF7C8D28-6205-4327-B2BE-BD3E5E07D9BA} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [2017-02-01] ()
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
 

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore1d377547997d14.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

Task: C:\WINDOWS\Tasks\EZnVzpmjsBPJAOW.job => C:\Users\s_rep\AppData\Local\Temp\zJVJydIlxtaAifNHI\TtycKSJSKAhDHkWV\nSqksLm.dll <==== ACHTUNG

Task: C:\WINDOWS\Tasks\Okawville.job => C:\Program Files\Okawville\Okawville.exe
 

==================== Verknüpfungen =============================
 

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
 

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
 

2018-10-21 02:17 - 2018-10-21 02:17 - 00088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

2018-10-21 02:17 - 2018-10-21 02:17 - 01356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

2016-12-06 12:06 - 2016-12-06 12:06 - 00897200 _____ () C:\Program Files (x86)\Silhouette America\Silhouette Link\Resources\Resources\SPEC_LK\SilhouetteLinkServer.32.exe

2018-11-11 15:37 - 2018-10-18 08:44 - 02821952 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll

2018-11-11 15:37 - 2018-10-18 08:44 - 02695360 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll

2018-04-04 17:03 - 2018-04-04 17:03 - 00173760 _____ () C:\WINDOWS\system32\IntelWifiIhv04.dll

2017-02-01 10:50 - 2017-02-01 10:50 - 00459264 _____ () C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe

2018-04-12 00:34 - 2018-04-12 00:34 - 00491744 _____ () C:\Windows\System32\InputHost.dll

2018-04-12 00:34 - 2018-04-12 00:34 - 00472064 _____ () C:\Windows\ShellExperiences\TileControl.dll

2018-04-12 00:34 - 2018-04-12 00:34 - 02759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll

2018-04-12 00:34 - 2018-04-12 00:34 - 00491744 _____ () C:\WINDOWS\SYSTEM32\InputHost.dll

2018-10-10 07:50 - 2018-09-20 04:38 - 02185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll

2018-10-23 13:23 - 2018-10-23 13:23 - 00183808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe

2018-10-23 13:23 - 2018-10-23 13:23 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll

2018-10-28 16:06 - 2018-10-28 16:06 - 35118592 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Video.UI.exe

2018-10-28 16:06 - 2018-10-28 16:06 - 00290816 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\SharedUI.dll

2018-10-28 16:06 - 2018-10-28 16:06 - 05987328 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\EntCommon.dll

2017-12-17 18:16 - 2017-12-17 18:16 - 03553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll

2018-10-28 16:06 - 2018-10-28 16:06 - 09064448 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\EntPlat.dll

2018-04-12 00:34 - 2018-04-12 00:34 - 00491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll

2018-10-16 04:05 - 2018-10-16 04:06 - 00009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll

2018-10-23 13:23 - 2018-10-23 13:23 - 00060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\ChakraBridge.dll

2018-10-23 13:23 - 2018-10-23 13:23 - 10978304 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\LibWrapper.dll

2018-10-23 13:23 - 2018-10-23 13:23 - 02810368 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\skypert.dll

2018-10-22 13:59 - 2018-10-22 13:59 - 00088888 _____ () C:\Program Files\iTunes\zlib1.dll

2018-10-22 13:59 - 2018-10-22 13:59 - 01356088 _____ () C:\Program Files\iTunes\libxml2.dll

2018-11-11 15:05 - 2018-11-11 15:16 - 00228352 _____ () C:\Program Files\Mozilla Firefox\zlib1.dll

2018-07-11 11:12 - 2018-06-15 18:30 - 01308672 _____ () c:\windows\system32\FaceProcessor.dll

2018-07-11 11:11 - 2018-06-15 18:55 - 00542888 _____ () c:\windows\system32\FaceProcessorCore.dll

2018-04-12 00:34 - 2018-04-12 00:34 - 01348664 _____ () c:\windows\system32\FaceTrackerInternal.dll

2018-04-12 00:34 - 2018-04-12 00:34 - 00491744 _____ () C:\WINDOWS\system32\InputHost.dll

2018-06-13 16:56 - 2018-06-08 10:31 - 03912608 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll

2018-06-13 16:55 - 2018-06-08 10:31 - 02506680 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentManagementSDK.dll

2018-03-16 16:03 - 2018-01-18 11:10 - 00114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll

2018-03-16 16:03 - 2018-01-18 11:10 - 00048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll

2018-03-16 16:03 - 2018-01-18 11:10 - 00024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll

2018-03-16 16:03 - 2018-01-18 11:10 - 00108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll

2018-08-08 14:36 - 2018-08-08 14:35 - 00243352 _____ () C:\Program Files (x86)\Avira\Antivirus\ssl-44.dll

2018-08-08 14:36 - 2018-08-08 14:35 - 01204472 _____ () C:\Program Files (x86)\Avira\Antivirus\crypto-42.dll

2018-10-12 13:51 - 2018-10-12 13:51 - 00153088 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\5a6824ba71791f4e5c689ddf33969597\BRIDGECommon.ni.dll

2018-10-12 13:52 - 2018-10-12 13:52 - 00326144 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\47497f5230d6bfbbb6565f725a2086ae\CleanStartController.ni.dll

2018-10-12 13:51 - 2018-10-12 13:51 - 00116736 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\40891bc946359c696fadcef1382449be\BridgeExtension.ni.dll

2018-11-01 11:43 - 2018-11-01 11:43 - 00078992 _____ () C:\Program Files (x86)\Avira\Safe Shopping\ScreenClick.dll
 

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
 
 

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
 

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
 
 

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
 

IE trusted site: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001\...\localhost -> localhost

IE trusted site: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001\...\sharepoint.com -> hxxps://ecahk-files.sharepoint.com
 

==================== Hosts Inhalt: ==========================
 

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
 

2017-03-18 22:03 - 2018-11-11 15:16 - 00000980 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 

104.251.211.173 clients2.google.com

104.251.211.173 clients2.google.com

104.251.211.173 clients2.google.com

104.251.211.173 clients2.google.com
 

==================== Andere Bereiche ============================
 

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 

HKU\S-1-5-21-2101576799-1165526633-3082190696-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\s_rep\Documents\Wallpapers Bot\Wallpapers\zfAMY4rgtp5h33Qc.jpg

DNS Servers: 8.8.8.8

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall ist aktiviert.
 

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
 

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 
 

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139

FirewallRules: [WirelessDisplay-Infra-In-TCP] => (Allow) %systemroot%\system32\CastSrv.exe

FirewallRules: [{439043F2-9AB9-4A4B-BFBE-FA623699EF00}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{3B0106F5-5C9F-4A3E-8056-9C4EC2BEA19C}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{677E5800-E1DF-49A2-A852-19B997DFE957}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe

FirewallRules: [{EC4B0CD1-E3AD-4240-A3CD-D7BB88847A2F}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe

FirewallRules: [{BCBD647B-FFEC-47FD-829E-1B05F44A12E6}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe

FirewallRules: [{BD67F4B2-6704-4DDF-BE67-C56288677333}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe

FirewallRules: [UDP Query User{2F7241AE-72ED-401E-99C4-05313F54B160}C:\program files (x86)\avira\softwareupdater\avirasoftwareupdatertoastnotificationsbridge.exe] => (Allow) C:\program files (x86)\avira\softwareupdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [TCP Query User{8EA3B3FA-7B32-451F-93EA-DD2A8A2175E1}C:\program files (x86)\avira\softwareupdater\avirasoftwareupdatertoastnotificationsbridge.exe] => (Allow) C:\program files (x86)\avira\softwareupdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{B7052AEC-6E2C-46FD-8B02-6BE5265D139F}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe

FirewallRules: [{70658E0A-BCA3-4118-9B42-0EA07E1BFE05}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe

FirewallRules: [{A1549108-A290-49D9-B5EC-ED771DF44F8D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe

FirewallRules: [{1B586CB7-BE56-4AB0-9CAC-7453ABD88DD1}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe

FirewallRules: [{06C0F912-9378-457B-93BD-DCDEB82F5AD4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe

FirewallRules: [{37E293EB-09D3-496C-86DE-021CFBCA1C97}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe

FirewallRules: [UDP Query User{047AF169-911B-485B-A0CD-39BB4A3F55BA}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe

FirewallRules: [TCP Query User{A60134A4-2C23-4282-B121-32B94999C6CA}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe

FirewallRules: [{8EFA245C-82EE-4FFB-8BB1-B5655205979D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

FirewallRules: [{A0044B33-F734-40D5-AC66-272F00226DFC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

FirewallRules: [{0B34C0E6-0CAB-4577-B4D1-23395A092786}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe

FirewallRules: [{D8BEE5B1-E632-4A06-BAA1-68516E9C65A6}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe

FirewallRules: [{4B4AA8B4-8C91-412A-81C3-E75BA96964D3}] => (Allow) C:\Program Files (x86)\Silhouette America\Silhouette Link\SilhouetteLinkConsole.exe

FirewallRules: [{3C469094-E9B2-47AF-A2D0-986D54669D45}] => (Allow) C:\Program Files (x86)\Silhouette America\Silhouette Link\Resources\Resources\SPEC_LK\SilhouetteLinkServer.32.exe

FirewallRules: [{87901CA5-AF13-4AF9-9DD1-D6CC049A8E42}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\DeviceSetup.exe

FirewallRules: [{827BD9B1-D12F-457E-8888-146480263EBB}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicator.exe

FirewallRules: [{34F98F02-3FDD-40BC-BF5A-721CE70F9DAA}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicatorCom.exe

FirewallRules: [{A1A3588C-0FFD-4713-B54A-832B187AD868}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{4300C1D7-29E8-4BEE-90A7-E609500C27A5}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{B9BF142B-9EDF-444E-AFBF-9C8EF85643F4}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{4FC24485-7F00-4A5C-88E7-4271B08E8596}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{D46AD910-FE2E-410D-8DCA-BA1CCF494AFD}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{AE0C1F56-D9C7-4051-BA71-AABC0126D52E}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{AAE03384-BD64-4C1A-9734-1A70EA1B49DE}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{C451C23A-559C-4743-8967-31F5B8A67CBF}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{3AEE882F-C2FA-4FD6-BFB4-232094768E2C}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{6657C994-1DCD-45E1-8E14-09F1A7A31C66}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{B1377193-AB3F-4C3A-BF26-1A0A67E84C5B}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{0F003187-7357-4817-9935-F55FCDA464D3}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{AD43A1A4-DD8A-495C-9060-A523D70212B7}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{AFAFA1E7-3911-4321-8517-EF92A856EBCB}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{2843C2E1-BE26-4EBC-B115-0B27532A0B0D}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{397B3379-6311-4DBD-A104-BC9EA0DC6B73}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{D5BF0ED1-3D5F-48B8-B6AC-48C386802643}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{F9C36B6B-87F1-4F57-BD43-0E9F75E2AD6A}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{E3D05FEC-090D-4A42-B12D-018918311952}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{D50AF306-D37D-4E61-A86D-7E2DB0E5F525}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{534B5086-7971-45A2-99C9-B7CAB430C02A}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{9B239CB7-00CD-4482-93AE-8ABA968BDB30}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{0C3D50BB-4590-4D95-933B-6B7C9D48932B}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{B5CE0DAA-E3A8-4574-BD12-CB9D79726BDE}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{D59B3E36-74D5-479B-9BCA-C64488D02404}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{98C20A46-B12E-47DA-8F96-BDE4CB6EF401}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{3AE3B46B-2F14-4E4D-80C5-379B90EB37EB}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{4EAE7AD8-3012-4D13-AFF3-AF85C38396A1}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{1B03FE70-DEF9-4AA5-AD67-9AF531BE0615}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{62017417-BFF3-40EB-B41E-EC16F647C5B4}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{8B9E91E4-FF94-4CF6-BB09-8028EB3D27D2}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{731632A1-C8EC-457B-8AAA-93783BA8E4D6}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{26DE2B26-1A44-411C-9614-19CD7F1E39AD}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{1A91A1B1-6D6F-40A0-9ABF-C50D48615F72}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{DAFD3D59-0C52-415F-86C8-DF2195CBA66C}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{276EFC78-F505-480B-AEA5-D8FBFB188F01}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{B320A83B-E3CA-4F2A-BC06-BEC50306B525}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{B6331505-1E93-486E-9143-25FA28B77E58}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{053137EB-66B7-4AAB-BC5A-0B09671D49A0}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{F894D921-EEC6-494C-84FA-A193ADC15270}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{D7AB8D5A-8D8A-4644-BBEE-D9EC48B5B91D}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{F234CFB2-CDC8-458A-BB66-C64A91CD7F7E}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{5EC1243E-60C8-4F70-808C-4FCAA91C909B}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{81C9FC8E-184B-4EC4-A710-F94C2F157E5D}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{A762C034-D189-4204-B72B-9E0357F37F59}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{4D265CDE-1D8A-40A3-80C8-6994347DDBF0}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{F8F262E0-7066-4D48-94E3-7DDBB228C52C}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{67AE79B0-712A-4FFB-91A7-1F89EC9CD753}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{341D333F-020C-430E-BA97-0CE31D96D1E3}] => (Allow) C:\Program Files\Opera\56.0.3051.52\opera.exe

FirewallRules: [{E391F228-6C1E-42CF-95FD-612F45847892}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{7C91652E-96EF-4A9F-86BB-36D92B5F4AAA}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{80E515D2-1021-44B6-B5B0-847FB4A9BEB9}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{64BBF7EE-4EE1-4976-8CC4-F1031D3003EE}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{9E39608F-6D27-4CC3-9754-CDB8D7B632B2}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{5557133A-7AFB-43E4-A279-DEEA4914859B}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{63B779B2-2355-4DEC-A8C2-DC42BF5C194F}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{2A0B080D-7F28-4799-9270-7304A091293C}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{64EFF598-A5F3-40FF-B960-8F276AED3B32}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{757D69DB-4307-4C1C-945E-439D3315C488}] => (Allow) C:\Program Files\Opera\56.0.3051.99\opera.exe

FirewallRules: [{7AB434E3-99FB-4038-82AB-28BB57633C44}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

FirewallRules: [{A71721D4-8345-4A02-820D-3542C181B855}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{65791A5B-7F04-41AC-885A-271C9308D87B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{7E643056-9DF7-4D6B-B6E7-ECBF0FB4871F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{C21F8CA8-D18C-4A0F-BD1A-BB7BF49817A5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{5C3909DB-F402-4636-A255-61F506305906}] => (Allow) C:\Program Files\iTunes\iTunes.exe

FirewallRules: [{712047EF-FED1-48B5-8D7B-DD342C1F505C}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{A91B5495-CB42-42BE-9949-439B8B6296A8}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{41A32139-30C1-4DD2-91DB-2E4BE3169C20}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{E7DEB653-A09C-4EB3-AD29-E33842C255CF}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{F98E92B0-E83F-46C4-9F0F-A0D68D0C95C2}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{96BAA2AE-8038-427C-9C9D-19B7B89F3B71}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{1ECFA2FF-6F0E-48ED-AD78-5AF937E49C61}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{CDE1F15A-D759-451F-8570-468923CDD818}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{B40CD56A-8B54-4EFE-B268-98512353C973}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{28AEA346-D0F7-4349-9878-C018C83B4F60}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{F7A449E9-978F-4603-BD13-B9F5A2B9F790}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{FF8A0E47-C6BC-4395-BB3B-B41E6C7754D6}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{02E7D4B9-D057-4E80-BA0B-39790DBE2EA3}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{6C719FEB-EC56-4E56-8A30-D398434E15C9}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{CE9AB76D-BBA0-4CED-BC10-145A03CF6E15}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{49754684-832B-49B6-9933-1E7876EDC687}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{31C3491D-E0F6-493C-851B-B4913132913F}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{08C52614-B8B0-4636-8B01-8DFAFBDDFA6F}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{9A02A70D-9DF4-424C-AA9A-9BEBC9B3EF38}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{6DC7C76B-0F53-4ADF-9B4E-DD28D6CFD1EA}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{2EE397CF-4581-456E-92FF-DAFD02CE4924}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{CDD00E64-957D-4B4F-A129-6CD228C4D2F6}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{6711641B-82C4-4536-9244-31D15B5217AA}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{F00DAB18-FACC-4D13-8568-BC39636D787E}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{0B82EE2E-8E5F-4A3A-844D-B45246CCF874}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{64803051-1F76-4FC1-A21B-EC3DB39C067B}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{9C3FF083-F673-4FF3-B843-CF96D05016CF}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{47E1F7AA-0C4E-4455-96BA-5D4425416C19}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{4396F9D4-3B5D-4FE6-97C7-0348571CC097}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{645AED59-74C6-4F0B-A2FB-A9F207EB67B2}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{80D6592C-202E-4CF7-AE99-56C19375AE11}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{A3A17FF0-F740-4578-B957-DD24B29BD7DF}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{8983048C-F85C-46EC-94CE-CECFDFAEF478}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{A85121C2-DE0C-4D60-94BA-1B05A187682B}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{7B945347-9E8B-4BA4-BE35-22FC9180B082}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{EC82A8F5-76D4-412C-BEA4-42B082C343FE}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe
 

==================== Wiederherstellungspunkte =========================
 

17-10-2018 07:22:22 Installed Extended Asian Language font pack for Adobe Acrobat Reader DC.

26-10-2018 16:00:04 Geplanter Prüfpunkt

05-11-2018 07:39:58 Geplanter Prüfpunkt

08-11-2018 05:00:29 Installed iTunes

11-11-2018 15:27:03 

11-11-2018 15:27:17 
 

==================== Fehlerhafte Geräte im Gerätemanager =============
 
 

==================== Fehlereinträge in der Ereignisanzeige: =========================
 

Applikationsfehler:

==================

Error: (11/11/2018 08:46:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Local Hostname DESKTOP-D6NM1SV.local already in use; will try DESKTOP-D6NM1SV-2.local instead
 

Error: (11/11/2018 08:46:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: mDNSCoreReceiveResponse: ProbeCount 1; will deregister    4 DESKTOP-D6NM1SV.local. Addr 192.168.0.10
 

Error: (11/11/2018 08:46:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: mDNSCoreReceiveResponse: Received from 192.168.0.10:5353   16 DESKTOP-D6NM1SV.local. AAAA 2A02:8108:0280:1253:EF76:6081:35AB:62CA
 

Error: (11/11/2018 06:54:28 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-D6NM1SV)

Description: httphttp-2147467263
 

Error: (11/11/2018 06:51:29 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-D6NM1SV)

Description: httphttp-2147467263
 

Error: (11/11/2018 06:14:04 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-D6NM1SV)

Description: httphttp-2147467263
 

Error: (11/11/2018 05:17:50 PM) (Source: AviraOptimizerHost) (EventID: 0) (User: )

Description: Das Handle ist ungültig
 

Error: (11/11/2018 05:13:29 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-D6NM1SV)

Description: httphttp-2147467263
 

Error: (11/11/2018 04:20:46 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: mbamtray.exe, Version: 3.1.0.1644, Zeitstempel: 0x5bc8b2d1

Name des fehlerhaften Moduls: Qt5Core.dll, Version: 5.11.1.0, Zeitstempel: 0x5b9bc256

Ausnahmecode: 0xc0000005

Fehleroffset: 0x0019d749

ID des fehlerhaften Prozesses: 0x25d8

Startzeit der fehlerhaften Anwendung: 0xmbamtray.exe0

Pfad der fehlerhaften Anwendung: mbamtray.exe1

Pfad des fehlerhaften Moduls: mbamtray.exe2

Berichtskennung: mbamtray.exe3

Vollständiger Name des fehlerhaften Pakets: mbamtray.exe4

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: mbamtray.exe5
 

Error: (11/11/2018 04:15:35 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: TiWorker.exe, Version: 10.0.17134.136, Zeitstempel: 0xe5c2d1d0

Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.17134.319, Zeitstempel: 0x1e206b26

Ausnahmecode: 0x80000003

Fehleroffset: 0x00000000000ac5d2

ID des fehlerhaften Prozesses: 0x24e8

Startzeit der fehlerhaften Anwendung: 0xTiWorker.exe0

Pfad der fehlerhaften Anwendung: TiWorker.exe1

Pfad des fehlerhaften Moduls: TiWorker.exe2

Berichtskennung: TiWorker.exe3

Vollständiger Name des fehlerhaften Pakets: TiWorker.exe4

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: TiWorker.exe5
 
 

Systemfehler:

=============

Error: (11/11/2018 08:55:28 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-D6NM1SV)

Description: {9E175B6D-F52A-11D8-B9A5-505054503030}
 

Error: (11/11/2018 08:55:17 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)

Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
 

Error: (11/11/2018 08:53:28 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-D6NM1SV)

Description: {9E175B6D-F52A-11D8-B9A5-505054503030}
 

Error: (11/11/2018 08:51:28 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-D6NM1SV)

Description: {9E175B6D-F52A-11D8-B9A5-505054503030}
 

Error: (11/11/2018 08:49:28 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-D6NM1SV)

Description: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 

Error: (11/11/2018 08:48:52 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)

Description: AnwendungsspezifischLokalStartWindows.SecurityCenter.WscBrokerManagerNicht verfügbarNT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
 

Error: (11/11/2018 08:47:28 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)

Description: {9E175B6D-F52A-11D8-B9A5-505054503030}
 

Error: (11/11/2018 08:45:33 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)

Description: AnwendungsspezifischLokalAktivierung{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
 

Error: (11/11/2018 08:45:33 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)

Description: AnwendungsspezifischLokalAktivierung{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
 

Error: (11/11/2018 08:45:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "MTEzOG" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1053
 
 

CodeIntegrity:

===================================

  Date: 2018-11-11 20:52:05.346

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 

  Date: 2018-11-11 20:52:05.341

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 

  Date: 2018-11-11 20:52:04.059

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 

  Date: 2018-11-11 20:52:04.053

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 

  Date: 2018-11-11 20:52:03.028

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 

  Date: 2018-11-11 20:52:03.023

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 

  Date: 2018-11-11 20:47:20.463

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 

  Date: 2018-11-11 20:47:20.461

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 

  Date: 2018-11-11 20:47:18.898

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 

  Date: 2018-11-11 20:47:18.896

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 
 

==================== Speicherinformationen =========================== 
 

Prozessor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz

Prozentuale Nutzung des RAM: 44%

Installierter physikalischer RAM: 8064.66 MB

Verfügbarer physikalischer RAM: 4498.47 MB

Summe virtueller Speicher: 11136.66 MB

Verfügbarer virtueller Speicher: 7387.68 MB
 

==================== Laufwerke ================================
 

Drive c: (Windows) (Fixed) (Total:915.33 GB) (Free:683.97 GB) NTFS

Drive d: (RECOVERY) (Fixed) (Total:14.95 GB) (Free:1.78 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
 

==================== MBR & Partitionstabelle ==================
 

========================================================

Disk: 0 (Size: 931.5 GB) (Disk ID: A50E1C7D)
 

Partition: GPT.
 

==================== Ende von Addition.txt ============================

Malwarebytes:

Code:

Malwarebytes

www.malwarebytes.com
 

-Protokolldetails-

Scan-Datum: 11.11.18

Scan-Zeit: 18:55

Protokolldatei: 0ab741b0-e5db-11e8-b6a2-28c63f8bc823.json
 

-Softwaredaten-

Version: 3.6.1.2711

Komponentenversion: 1.0.482

Version des Aktualisierungspakets: 1.0.7797

Lizenz: Testversion
 

-Systemdaten-

Betriebssystem: Windows 10 (Build 17134.345)

CPU: x64

Dateisystem: NTFS

Benutzer: DESKTOP-D6NM1SV\s_rep
 

-Scan-Übersicht-

Scan-Typ: Benutzerdefinierter Scan

Scan gestartet von: Manuell

Ergebnis: Abgeschlossen

Gescannte Objekte: 435066

Erkannte Bedrohungen: 7

In die Quarantäne verschobene Bedrohungen: 7

Abgelaufene Zeit: 1 Std., 16 Min., 10 Sek.
 

-Scan-Optionen-

Speicher: Deaktiviert

Start: Aktiviert

Dateisystem: Aktiviert

Archive: Deaktiviert

Rootkits: Deaktiviert

Heuristik: Aktiviert

PUP: Erkennung

PUM: Erkennung
 

-Scan-Details-

Prozess: 0

(keine bösartigen Elemente erkannt)
 

Modul: 0

(keine bösartigen Elemente erkannt)
 

Registrierungsschlüssel: 0

(keine bösartigen Elemente erkannt)
 

Registrierungswert: 0

(keine bösartigen Elemente erkannt)
 

Registrierungsdaten: 0

(keine bösartigen Elemente erkannt)
 

Daten-Stream: 0

(keine bösartigen Elemente erkannt)
 

Ordner: 0

(keine bösartigen Elemente erkannt)
 

Datei: 7

Adware.Csdimonetize, C:\PROGRAM FILES\REMPL\S08D54A252QD0TO61JR7D5R4UY607K\UPDATEINSTALL.EXE, In Quarantäne, [5408], [596485],1.0.7797

Adware.Csdimonetize, C:\PROGRAM FILES\REMPL\S08D54A252QD0TO61JR7D5R4UY607K\-O2MZ4SVZO.EXE, In Quarantäne, [5408], [596409],1.0.7797

PUP.Optional.Reimage, C:\USERS\S_REP\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\E8MQT8NS.DEFAULT\CACHE2\ENTRIES\741B1365E3AE2C8AF4181B6C6EDC84D0028FDAFD, In Quarantäne, [1402], [331559],1.0.7797

PUP.Optional.SpyHunter, C:\USERS\S_REP\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\E8MQT8NS.DEFAULT\CACHE2\ENTRIES\9DB66D3DF678A025E7D30AEE8D48E2580643E3DF, In Quarantäne, [3918], [552698],1.0.7797

RiskWare.Patcher, C:\USERS\S_REP\DOWNLOADS\ALTE SICHERUNGEN\SICHERUNG SONJA 2\ALTE DOWNLOADS\OFFICE 2016\1\CYGISO\CYGISO\WIN10_ACTIVATOR.EXE, In Quarantäne, [7919], [19201],1.0.7797

Generic.Malware/Suspicious, C:\USERS\S_REP\DOWNLOADS\ALTE SICHERUNGEN\SICHERUNG SONJA 2\ALTE DOWNLOADS\OFFICE 2016\PRG ACTI PORT\KMSAUTO LITE PORTABLE V1.2.6\KMSAUTO.EXE, In Quarantäne, [0], [392686],1.0.7797

Generic.Malware/Suspicious, C:\USERS\S_REP\DOWNLOADS\ALTE SICHERUNGEN\SICHERUNG SONJA 2\PROGRAMME INSTALLIERT\OFFICE 2016\PRG ACTI PORT\KMSAUTO LITE PORTABLE V1.2.6\KMSAUTO.EXE, In Quarantäne, [0], [392686],1.0.7797
 

Physischer Sektor: 0

(keine bösartigen Elemente erkannt)
 

WMI: 0

(keine bösartigen Elemente erkannt)
 
 

(end)

AdwCleaner:

Code:

# -------------------------------

# Malwarebytes AdwCleaner 7.2.4.0

# -------------------------------

# Build:    09-25-2018

# Database: 2018-11-05.1 (Cloud)

# Support:  https://www.malwarebytes.com/support

#

# -------------------------------

# Mode: Scan

# -------------------------------

# Start:    11-11-2018

# Duration: 00:00:18

# OS:       Windows 10 Home

# Scanned:  32052

# Detected: 43
 
 

***** [ Services ] *****
 

PUP.Optional.Legacy             WCAssistantService
 

***** [ Folders ] *****
 

Adware.Agent                    C:\Windows\System32\config\systemprofile\AppData\Roaming\CRMSvc

PUP.Optional.Chip               C:\Windows\Installer\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}

PUP.Optional.DownloadSponsor    C:\Users\s_rep\AppData\Local\Temp\DMR

PUP.Optional.LookupPro          C:\Users\s_rep\AppData\Roaming\LookupPro

PUP.Optional.ProxyGate          C:\Program Files (x86)\ProxyGate

PUP.Optional.SmartBar           C:\Windows\Temp\Smartbar

PUP.Optional.WebCompanion       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
 

***** [ Files ] *****
 

No malicious files found.
 

***** [ DLL ] *****
 

No malicious DLLs found.
 

***** [ WMI ] *****
 

No malicious WMI found.
 

***** [ Shortcuts ] *****
 

No malicious shortcuts found.
 

***** [ Tasks ] *****
 

No malicious tasks found.
 

***** [ Registry ] *****
 

Adware.Agent                    HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D105DFE2-8DF6-4BA0-ABF1-392716658963}

Adware.Agent                    HKLM\System\CurrentControlSet\Services\EventLog\Application\CRMSvc

Adware.DNSUnlocker              HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564

Adware.OnlineIO                 HKLM\Software\Wow6432Node\Microleaves

PUP.Optional.Chip               HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E49AC3054380EEC4DA29AB71FAE408A9

PUP.Optional.Chip               HKLM\Software\Classes\Installer\Products\E49AC3054380EEC4DA29AB71FAE408A9

PUP.Optional.Chip               HKLM\Software\Classes\Installer\Features\E49AC3054380EEC4DA29AB71FAE408A9

PUP.Optional.Chip               HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\04A063A0BBEACF54EAEF493C49D9E3F6

PUP.Optional.Chip               HKLM\Software\Classes\Installer\UpgradeCodes\04A063A0BBEACF54EAEF493C49D9E3F6

PUP.Optional.InstallCore        HKCU\Software\csastats

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\WMPNetworkAcSvc

PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\Main|Default_Search_URL

PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\Main|Default_Page_URL

PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\Main|Start Page

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main|Search Page

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main|Default_Search_URL

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main|Default_Page_URL

PUP.Optional.Legacy             HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main|Start Page

PUP.Optional.Legacy             HKLM\Software\Microsoft\Internet Explorer\Main|Default_Page_URL

PUP.Optional.Legacy             HKLM\Software\Microsoft\Internet Explorer\Main|Start Page

PUP.Optional.Legacy             HKLM\Software\Microsoft\Internet Explorer\Main|Search Page

PUP.Optional.Legacy             HKLM\Software\Microsoft\Internet Explorer\Main|Default_Search_URL

PUP.Optional.Microleaves        HKU\S-1-5-18\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}

PUP.Optional.Microleaves        HKU\.DEFAULT\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}

PUP.Optional.Microleaves        HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\436F6625D7B77354DBCD89DDC6CFAB1A

PUP.Optional.Microleaves        HKLM\Software\Classes\Installer\Products\436F6625D7B77354DBCD89DDC6CFAB1A

PUP.Optional.Microleaves        HKLM\Software\Classes\Installer\Features\436F6625D7B77354DBCD89DDC6CFAB1A

PUP.Optional.Wajam              HKLM\Software\Wow6432Node\SrcAAAesom Browser Enhancer

PUP.Optional.Wajam              HKLM\Software\SrcAAAesom Browser Enhancer

PUP.Optional.Wajam              HKCU\Software\WajIEnhance

PUP.Optional.WebCompanion       HKLM\Software\Wow6432Node\Lavasoft\Web Companion

PUP.Optional.WebCompanion       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
 

***** [ Chromium (and derivatives) ] *****
 

No malicious Chromium entries found.
 

***** [ Chromium URLs ] *****
 

No malicious Chromium URLs found.
 

***** [ Firefox (and derivatives) ] *****
 

PUP.Optional.Legacy             Avira SafeSearch Plus
 

***** [ Firefox URLs ] *****
 

Adware.Linkury                  file:///C:/ProgramData/Polygens/ff.HP

PUP.Optional.Legacy             suggestqueries.google.com
 
 
 

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Code:

# -------------------------------

# Malwarebytes AdwCleaner 7.2.4.0

# -------------------------------

# Build:    09-25-2018

# Database: 2018-11-05.1 (Cloud)

# Support:  https://www.malwarebytes.com/support

#

# -------------------------------

# Mode: Clean

# -------------------------------

# Start:    11-11-2018

# Duration: 00:00:08

# OS:       Windows 10 Home

# Cleaned:  42

# Failed:   1
 
 

***** [ Services ] *****
 

Deleted       WCAssistantService
 

***** [ Folders ] *****
 

Deleted       C:\Windows\System32\config\systemprofile\AppData\Roaming\CRMSvc

Deleted       C:\Windows\Installer\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}

Deleted       C:\Users\s_rep\AppData\Local\Temp\DMR

Deleted       C:\Users\s_rep\AppData\Roaming\LookupPro

Deleted       C:\Program Files (x86)\ProxyGate

Deleted       C:\Windows\Temp\Smartbar

Deleted       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
 

***** [ Files ] *****
 

No malicious files cleaned.
 

***** [ DLL ] *****
 

No malicious DLLs cleaned.
 

***** [ WMI ] *****
 

No malicious WMI cleaned.
 

***** [ Shortcuts ] *****
 

No malicious shortcuts cleaned.
 

***** [ Tasks ] *****
 

No malicious tasks cleaned.
 

***** [ Registry ] *****
 

Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D105DFE2-8DF6-4BA0-ABF1-392716658963}

Deleted       HKLM\System\CurrentControlSet\Services\EventLog\Application\CRMSvc

Deleted       HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564

Deleted       HKLM\Software\Wow6432Node\Microleaves

Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E49AC3054380EEC4DA29AB71FAE408A9

Deleted       HKLM\Software\Classes\Installer\Products\E49AC3054380EEC4DA29AB71FAE408A9

Deleted       HKLM\Software\Classes\Installer\Features\E49AC3054380EEC4DA29AB71FAE408A9

Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\04A063A0BBEACF54EAEF493C49D9E3F6

Deleted       HKLM\Software\Classes\Installer\UpgradeCodes\04A063A0BBEACF54EAEF493C49D9E3F6

Deleted       HKCU\Software\csastats

Deleted       HKLM\Software\Wow6432Node\WMPNetworkAcSvc

Deleted       HKCU\Software\Microsoft\Internet Explorer\Main|Default_Search_URL

Deleted       HKCU\Software\Microsoft\Internet Explorer\Main|Default_Page_URL

Deleted       HKCU\Software\Microsoft\Internet Explorer\Main|Start Page

Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main|Search Page

Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main|Default_Search_URL

Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main|Default_Page_URL

Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main|Start Page

Deleted       HKLM\Software\Microsoft\Internet Explorer\Main|Default_Page_URL

Deleted       HKLM\Software\Microsoft\Internet Explorer\Main|Start Page

Deleted       HKLM\Software\Microsoft\Internet Explorer\Main|Search Page

Deleted       HKLM\Software\Microsoft\Internet Explorer\Main|Default_Search_URL

Deleted       HKU\S-1-5-18\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}

Deleted       HKU\.DEFAULT\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}

Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\436F6625D7B77354DBCD89DDC6CFAB1A

Deleted       HKLM\Software\Classes\Installer\Products\436F6625D7B77354DBCD89DDC6CFAB1A

Deleted       HKLM\Software\Classes\Installer\Features\436F6625D7B77354DBCD89DDC6CFAB1A

Deleted       HKLM\Software\Wow6432Node\SrcAAAesom Browser Enhancer

Deleted       HKLM\Software\SrcAAAesom Browser Enhancer

Deleted       HKCU\Software\WajIEnhance

Deleted       HKLM\Software\Wow6432Node\Lavasoft\Web Companion

Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
 

***** [ Chromium (and derivatives) ] *****
 

No malicious Chromium entries cleaned.
 

***** [ Chromium URLs ] *****
 

No malicious Chromium URLs cleaned.
 

***** [ Firefox (and derivatives) ] *****
 

Deleted       Avira SafeSearch Plus
 

***** [ Firefox URLs ] *****
 

Deleted       file:///C:/ProgramData/Polygens/ff.HP

Not Deleted   suggestqueries.google.com
 
 

*************************
 

[+] Delete Tracing Keys

[+] Reset Winsock
 

*************************
 

AdwCleaner[S00].txt - [5181 octets] - [11/11/2018 16:55:12]
 

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Code:

# -------------------------------

# Malwarebytes AdwCleaner 7.2.4.0

# -------------------------------

# Build:    09-25-2018

# Database: 2018-11-05.1 (Cloud)

# Support:  https://www.malwarebytes.com/support

#

# -------------------------------

# Mode: Scan

# -------------------------------

# Start:    11-11-2018

# Duration: 00:00:21

# OS:       Windows 10 Home

# Scanned:  32052

# Detected: 1
 
 

***** [ Services ] *****
 

No malicious services found.
 

***** [ Folders ] *****
 

No malicious folders found.
 

***** [ Files ] *****
 

No malicious files found.
 

***** [ DLL ] *****
 

No malicious DLLs found.
 

***** [ WMI ] *****
 

No malicious WMI found.
 

***** [ Shortcuts ] *****
 

No malicious shortcuts found.
 

***** [ Tasks ] *****
 

No malicious tasks found.
 

***** [ Registry ] *****
 

PUP.Optional.WebCompanion       HKLM\Software\Wow6432Node\Lavasoft\Web Companion
 

***** [ Chromium (and derivatives) ] *****
 

No malicious Chromium entries found.
 

***** [ Chromium URLs ] *****
 

No malicious Chromium URLs found.
 

***** [ Firefox (and derivatives) ] *****
 

No malicious Firefox entries found.
 

***** [ Firefox URLs ] *****
 

No malicious Firefox URLs found.
 
 

AdwCleaner[S00].txt - [5181 octets] - [11/11/2018 16:55:12]

AdwCleaner[C00].txt - [4583 octets] - [11/11/2018 16:55:46]
 

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

Code:

# -------------------------------

# Malwarebytes AdwCleaner 7.2.4.0

# -------------------------------

# Build:    09-25-2018

# Database: 2018-11-05.1 (Cloud)

# Support:  https://www.malwarebytes.com/support

#

# -------------------------------

# Mode: Clean

# -------------------------------

# Start:    11-11-2018

# Duration: 00:00:06

# OS:       Windows 10 Home

# Cleaned:  1

# Failed:   0
 
 

***** [ Services ] *****
 

No malicious services cleaned.
 

***** [ Folders ] *****
 

No malicious folders cleaned.
 

***** [ Files ] *****
 

No malicious files cleaned.
 

***** [ DLL ] *****
 

No malicious DLLs cleaned.
 

***** [ WMI ] *****
 

No malicious WMI cleaned.
 

***** [ Shortcuts ] *****
 

No malicious shortcuts cleaned.
 

***** [ Tasks ] *****
 

No malicious tasks cleaned.
 

***** [ Registry ] *****
 

Deleted       HKLM\Software\Wow6432Node\Lavasoft\Web Companion
 

***** [ Chromium (and derivatives) ] *****
 

No malicious Chromium entries cleaned.
 

***** [ Chromium URLs ] *****
 

No malicious Chromium URLs cleaned.
 

***** [ Firefox (and derivatives) ] *****
 

No malicious Firefox entries cleaned.
 

***** [ Firefox URLs ] *****
 

No malicious Firefox URLs cleaned.
 
 

*************************
 

[+] Delete Tracing Keys

[+] Reset Winsock
 

*************************
 

AdwCleaner[S00].txt - [5181 octets] - [11/11/2018 16:55:12]

AdwCleaner[C00].txt - [4583 octets] - [11/11/2018 16:55:46]

AdwCleaner[S01].txt - [1416 octets] - [11/11/2018 20:42:56]
 

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

:hallo:

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte vergewissere dich zuerst, dass du die folgenden Regeln und Hinweise für eine Bereinigung gelesen und verstanden hast:
Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?

Und Avira hat nicht gemeckert und alles durchgehen lassen? Das ist ja mal ein Armutszeugnins... :wtf: :headbang: :stirn:
Dein Rechner ist vollgepackt mit Adware... wie hast du dir denn den ganzen Mist auf den Rechner geholt? :D

Schritt 1

Kopiere den gesamten Inhalt der folgenden Code-Box:

Code:

Start:: HKLM\...\Run: [] => [X] HKLM-x32\...\Run: [] => [X] HKU\S-1-5-21-2101576799-1165526633-3082190696-1001\...\Run: [bUJwT-agtx.exe] => C:\Program Files\rempl\S08D54A252QD0TO61JR7D5R4UY607K\bUJwT-agtx.exe HKU\S-1-5-21-2101576799-1165526633-3082190696-1001\...\Run: [] => [X] CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG C:\Program Files\rempl Tcpip\Parameters: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{0e66e665-d5bd-46c0-934a-b7e96667ad27}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{0e66e665-d5bd-46c0-934a-b7e96667ad27}: [DhcpNameServer] 8.8.8.8 Tcpip\..\Interfaces\{71d969ab-8a66-4800-a5f7-2a6cbadd02d6}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{b5addf36-5134-484e-be4f-d4fe6c88c996}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{d313a7e1-5f52-47df-ae11-06e41f342765}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{eeee3bbc-e978-4405-9111-49a351b896a7}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{fc738cee-50af-4e2a-b13e-1ee31d0093ed}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{fd71aa8d-00d3-11e8-b870-806e6f6e6963}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{fffaf810-9921-4d4b-91fc-6f922045202a}: [NameServer] 8.8.8.8 FF NewTab: file:///C:/ProgramData/Polygens/ff.NT FF user.js: detected! => C:\Users\s_rep\AppData\Roaming\Mozilla\Firefox\Profiles\e8mqt8ns.default\user.js [2018-11-11] C:\Users\s_rep\AppData\Roaming\Mozilla\Firefox\Profiles\e8mqt8ns.default\prefs.js S2 MTEzOG; rundll32.exe C:\WINDOWS\rusurngttj.rux RGSgaxSwymIJMiY [X] C:\WINDOWS\rusurngttj.rux U3 aspnet_state; kein ImagePath S1 ODk1NWNkZTRhY; \??\C:\WINDOWS\system32\drivers\ODk1NWNkZTRhY [X] C:\WINDOWS\system32\drivers\ODk1NWNkZTRhY 2018-11-11 15:19 - 2018-11-11 16:05 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\excdir 2018-11-11 15:16 - 2018-11-11 15:44 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\10g0mgchl40 2018-11-11 15:15 - 2018-11-11 15:46 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\q3cvj2ojp2m 2018-11-11 15:08 - 2018-11-11 16:05 - 00000000 ____D C:\Program Files (x86)\IwTmDCzJJIE 2018-11-11 15:08 - 2018-11-11 15:15 - 00000034 _____ C:\Users\Public\Documents\{DE764086-1C0A-4DD3-90BA-0B93BDD794BE} 2018-11-11 15:08 - 2018-11-11 15:08 - 00004256 _____ C:\WINDOWS\System32\Tasks\Benutzerdienstfür(AppXSVC) 2018-11-11 15:08 - 2018-11-11 15:08 - 00003008 _____ C:\WINDOWS\System32\Tasks\niYEcWwYibJfLQX2 2018-11-11 15:08 - 2018-11-11 15:08 - 00000000 ____D C:\ProgramData\zTXZmVxyKBKDhdVB 2018-11-11 15:07 - 2018-11-11 15:47 - 00000000 ____D C:\Program Files (x86)\UmTwpSvRUOfSC 2018-11-11 15:07 - 2018-11-11 15:47 - 00000000 ____D C:\Program Files (x86)\pbjpUXEkQjxU2 2018-11-11 15:07 - 2018-11-11 15:47 - 00000000 ____D C:\Program Files (x86)\hGGLWjvHZZUn 2018-11-11 15:07 - 2018-11-11 15:47 - 00000000 ____D C:\Program Files (x86)\BHXQvOBMsgKdEntstUR 2018-11-11 15:07 - 2018-11-11 15:41 - 00000000 ____D C:\Program Files (x86)\eEvEEOxmU 2018-11-11 15:07 - 2018-11-11 15:13 - 00000582 _____ C:\WINDOWS\Tasks\EZnVzpmjsBPJAOW.job 2018-11-11 15:07 - 2018-11-11 15:08 - 00000000 ____D C:\Program Files (x86)\nodejs 2018-11-11 15:07 - 2018-11-11 15:07 - 00003212 _____ C:\WINDOWS\System32\Tasks\OqUgsIhoyVOixP 2018-11-11 15:07 - 2018-11-11 15:07 - 00003034 _____ C:\WINDOWS\System32\Tasks\qdxgajDnKqmDPrtzQ2 2018-11-11 15:07 - 2018-11-11 15:07 - 00003026 _____ C:\WINDOWS\System32\Tasks\yKlRUxrwnsuFpeUeBWz2 2018-11-11 15:07 - 2018-11-11 15:07 - 00003014 _____ C:\WINDOWS\System32\Tasks\EZnVzpmjsBPJAOW 2018-11-11 15:07 - 2018-11-11 15:07 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\npm 2018-11-11 15:06 - 2018-11-11 15:16 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\ydti5ummqoo 2018-11-11 15:06 - 2018-11-11 15:06 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\Python 2018-11-11 15:06 - 2018-11-11 15:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondersoft 2018-11-11 15:05 - 2018-11-11 16:10 - 00000000 ____D C:\Program Files (x86)\SHSK 2018-11-11 15:05 - 2018-11-11 16:05 - 00000000 ____D C:\Program Files (x86)\Multitimer 2018-11-11 15:05 - 2018-11-11 15:49 - 00000000 ____D C:\Users\s_rep\AppData\Local\William 2018-11-11 15:05 - 2018-11-11 15:47 - 00000000 ____D C:\Program Files\Okawville 2018-11-11 15:05 - 2018-11-11 15:16 - 00003480 _____ C:\WINDOWS\System32\Tasks\{e6b1bd71-40ef-4173-8106-93b5f9032a6e} 2018-11-11 15:05 - 2018-11-11 15:16 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\41fvqqftwqx 2018-11-11 15:05 - 2018-11-11 15:13 - 00001546 _____ C:\WINDOWS\Tasks\Okawville.job 2018-11-11 15:05 - 2018-11-11 15:05 - 00140800 _____ C:\Users\s_rep\AppData\Local\installer.dat 2018-11-11 15:05 - 2018-11-11 15:05 - 00013984 _____ C:\WINDOWS\System32\Tasks\Okawville 2018-11-11 15:05 - 2018-11-11 15:05 - 00000000 ____D C:\Program Files (x86)\Wondersoft VirusTotal: C:\Program Files (x86)\nodejs\nodejs.exe C:\Program Files (x86)\nodejs Task: {6F94A2F9-CA33-4FCC-AA69-57F57230173C} - System32\Tasks\EZnVzpmjsBPJAOW => Rundll32.exe "C:\Users\s_rep\AppData\Local\Temp\zJVJydIlxtaAifNHI\TtycKSJSKAhDHkWV\nSqksLm.dll",#1 /adp EIGH4BJGH4VJGH2XIGH7HKGH8XJGH4SJGH8RJGH8YJGH8DIGH0RIGH6LIGH2AIGH1OIGH0WIGH1 /site_id 756 Unlock: C:\Windows\System32\Tasks\HPEA3JOBS CMD: type "C:\Windows\System32\Tasks\HPEA3JOBS" Task: {756535E6-76E8-42DF-9307-D2A8D82EDB1C} - System32\Tasks\HPEA3JOBS => C:\Program Task: {77DD4C0D-EEDB-4C1D-9A21-7B30E5F4C03A} - System32\Tasks\qdxgajDnKqmDPrtzQ2 => Rundll32.exe "C:\Program Files (x86)\BHXQvOBMsgKdEntstUR\LtVvruU.dll",#1 C:\Program Files (x86)\BHXQvOBMsgKdEntstUR Task: {88026766-9562-4C3E-9C94-2E7DA5B61195} - System32\Tasks\yKlRUxrwnsuFpeUeBWz2 => Rundll32.exe "C:\Program Files (x86)\UmTwpSvRUOfSC\vKpdeLr.dll",#1 C:\Program Files (x86)\UmTwpSvRUOfSC Task: {BDE8C0F4-1A50-4A42-ABFC-DFA37F8BF1C8} - System32\Tasks\OqUgsIhoyVOixP => Rundll32.exe "C:\Program Files (x86)\pbjpUXEkQjxU2\ydAhoPZsifauT.dll",#1 C:\Program Files (x86)\pbjpUXEkQjxU2 Task: {D07E8395-3840-41C1-8931-34D62726BED3} - System32\Tasks\niYEcWwYibJfLQX2 => Rundll32.exe "C:\Program Files (x86)\eEvEEOxmU\ggsKtT.dll",#1 C:\Program Files (x86)\eEvEEOxmU VirusTotal: C:\Program Files\Okawville\Okawville.exe Task: {E3757DD2-B31D-4CB0-B696-8EC28DB525C3} - System32\Tasks\Okawville => C:\Program Files\Okawville\Okawville.exe C:\Program Files\Okawville Task: {EDF26610-088A-459C-8682-BED9EC60359F} - System32\Tasks\{e6b1bd71-40ef-4173-8106-93b5f9032a6e} => C:\Users\s_rep\AppData\Local\Temp\{2CF693F1-5E55-41CB-BE04-6E437DA0D4B9}.exe <==== ACHTUNG Task: C:\WINDOWS\Tasks\EZnVzpmjsBPJAOW.job => C:\Users\s_rep\AppData\Local\Temp\zJVJydIlxtaAifNHI\TtycKSJSKAhDHkWV\nSqksLm.dll <==== ACHTUNG Task: C:\WINDOWS\Tasks\Okawville.job => C:\Program Files\Okawville\Okawville.exe DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files (x86)|Chip Digital GmbH|chip1click|chip 1-click installer.exe DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files (x86)|Chip Digital GmbH|chip1click|CHIP Active Download.exe DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files (x86)|Chip Digital GmbH|chip1click|CHIP Starter.exe DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files (x86)|Chip Digital GmbH|chip1click|CHIP Updater.exe DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files (x86)|Chip Digital GmbH|chip1click|SplashForm.exe Folder: C:\ProgramData\Ver CMD: dir "%ProgramFiles%" CMD: dir "%ProgramFiles(x86)%" CMD: dir "%ProgramData%" CMD: dir "%Appdata%" CMD: dir "%LocalAppdata%" CMD: dir "%CommonProgramFiles(x86)%" CMD: dir "%CommonProgramW6432%" CMD: dir "%UserProfile%" CMD: dir "C:\" ExportKey: HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions CMD: ipconfig /flushdns CMD: netsh winsock reset Hosts: RemoveProxy: EmptyTemp: End::
Starte nun FRST und klicke direkt den Entfernen Button. Wichtig: Du brauchst den Inhalt der Code-Box nirgends einfügen, da sich FRST den Code aus der Zwischenablage holt!
Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich die FRST/FRST64.exe befindet.
Gegebenenfalls muss dein Rechner dafür neu gestartet werden.
Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.

Schritt 2

Starte FRST erneut. Kopiere den Inhalt der folgenden Code-Box oben in das Suchfeld:

Code:

SearchAll: LookupPro;ProxyGate;WebCompanion;Microleaves;WajIEnhance;SrcAAAesom Browser Enhancer;Polygen;Foldershare;Wondersoft
Klicke auf den Button Datei-Suche.
FRST beginnt mit dem Suchlauf. Dieser kann einige Zeit dauern, bitte gedulde dich!
Am Ende wird eine Textdatei Search.txt erstellt.
Poste mir deren Inhalt mit deiner nächsten Antwort.

Schritt 3

Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Beantwortung der gestellten Fragen,
die Logdatei des FRST-Fix (fixlog.txt),
die Logdatei des FRST-Suchlaufs (Search.txt),
die beiden neuen Logdateien von FRST (FRST.txt und Addition.txt).

Hi Matthias,
erstmal lieben Dank, dass du mir hilfst.

Heute früh hat Avira auch Alarm gemeldet... 6x wurde TR/injector.aouqc gefunden und in Quarantäne gesetzt

Zu deinen Fragen:
Avira hat gemeckert als ich wieder am Rechner war ja, da hab ich dann auch gleich Malwarebytes installiert und dieses AdwCleaner Programm, aber es war wohl zu spät.

Vollgepackt...? Ups, ich dachte diese komischen 2 Sachen sind neu und haben den Alarm ausgelöst :eek:
Wie ist ne gute Frage, ich weiß es nicht wirklich... mein Teenager-Sohn ist hin und wieder am Laptop und am Sonntag war er auch dran, was er aber genau gemacht hat, damit rückt er nicht raus :headbang:
Laptop Verbot ist jedenfalls bis auf Weiteres aktiv :daumenhoc

Ich scheitere jetzt allerdings schon an Schritt1... Habe den gesamten Teil der Box markiert und kopiert, dann FRST geöffnet und auf Entfernen geklickt... Allerdings zeigt mir das Programm dann folgendes an:

fixlist.txt wurde nicht gefunden.
Die fixlist.txt muss sich im gleichen Ordner/Verzeichnis wie das Programm befinden.

Und dann schließt sich das Programm selbstständig. Habe auch schon einen Neustart gemacht, aber auch dann passiert genau das Gleiche.

Schritt 2 ging sehr schnell, liegt vielleicht aber auch daran, dass Schritt 1 nicht funktioniert hat, habe es aber trotzdem mal gemacht:

Code:

Farbar Recovery Scan Tool (x64) Version:13-04-2016

durchgeführt von s_rep (2018-11-13 09:22:34)

Gestartet von C:\Users\s_rep\Desktop

Start-Modus: Normal
 

================== Datei-Suche: "SearchAll: LookupPro;ProxyGate;WebCompanion;Microleaves;WajIEnhance;SrcAAAesom Browser Enhancer;Polygen;Foldershare;Wondersoft

 " =============
 

====== Ende von Suche ======

Schritt 3:

Code:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:13-04-2016

durchgeführt von s_rep (Administrator) auf DESKTOP-D6NM1SV (13-11-2018 09:25:03)

Gestartet von C:\Users\s_rep\Desktop

Geladene Profile: s_rep (Verfügbare Profile: s_rep)

Platform: Windows 10 Home Version 1803 (X64) Sprache: Deutsch (Deutschland)

Internet Explorer Version 11 (Standard-Browser: FF)

Start-Modus: Normal

Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Prozesse (Nicht auf der Ausnahmeliste) =================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
 

konnte nicht auf den Prozess zugreifen -> Registry

konnte nicht auf den Prozess zugreifen -> Memory Compression

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125121.inf_amd64_26ca8ba649abc040\igfxCUIService.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125121.inf_amd64_26ca8ba649abc040\IntelCpHDCPSvc.exe

(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe

(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe

(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe

(Intel Corporation) C:\Windows\System32\ibtsiva.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe

(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe

(Microsoft Corporation) C:\Windows\System32\SecurityHealthService.exe

() C:\Program Files (x86)\Silhouette America\Silhouette Link\Resources\Resources\SPEC_LK\SilhouetteLinkServer.32.exe

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125121.inf_amd64_26ca8ba649abc040\IntelCpHeciSvc.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe

(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe

(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

() C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125121.inf_amd64_26ca8ba649abc040\igfxEM.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe

(HP Development Company, L.P.) C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe

(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeApp.exe

(HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe

(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe

(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe

(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Avira) C:\Program Files (x86)\Avira\Safe Shopping\Avira Safe Shopping.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\AviraSoftwareUpdaterToastNotificationsBridge.exe

(HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe

(HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe

(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe

(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

(Microsoft Corporation) C:\Windows\System32\SgrmBroker.exe

(HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe

(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe

(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe

(Microsoft Corporation) C:\Windows\System32\browser_broker.exe

(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11001.20083.0_x64__8wekyb3d8bbwe\HxOutlook.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11001.20083.0_x64__8wekyb3d8bbwe\HxTsr.exe

(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
 
 

==================== Registry (Nicht auf der Ausnahmeliste) ===========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
 

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3665872 2017-10-18] (ELAN Microelectronics Corp.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9226752 2017-04-28] (Realtek Semiconductor)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [301880 2018-10-22] (Apple Inc.)

HKLM\...\Run: [] => [X]

HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [1062392 2017-03-15] (HP Inc.)

HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)

HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [432264 2017-12-06] (Geek Software GmbH)

HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-10-09] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [64096 2018-03-22] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\Run: [] => [X]

HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)

HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)

HKU\S-1-5-21-2101576799-1165526633-3082190696-1001\...\Run: [bUJwT-agtx.exe] => C:\Program Files\rempl\S08D54A252QD0TO61JR7D5R4UY607K\bUJwT-agtx.exe 

HKU\S-1-5-21-2101576799-1165526633-3082190696-1001\...\Run: [] => [X]

CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
 

==================== Internet (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
 

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

Tcpip\Parameters: [NameServer] 8.8.8.8

Tcpip\..\Interfaces\{0e66e665-d5bd-46c0-934a-b7e96667ad27}: [NameServer] 8.8.8.8

Tcpip\..\Interfaces\{0e66e665-d5bd-46c0-934a-b7e96667ad27}: [DhcpNameServer] 8.8.8.8

Tcpip\..\Interfaces\{71d969ab-8a66-4800-a5f7-2a6cbadd02d6}: [NameServer] 8.8.8.8

Tcpip\..\Interfaces\{71d969ab-8a66-4800-a5f7-2a6cbadd02d6}: [DhcpNameServer] 192.168.0.1

Tcpip\..\Interfaces\{b5addf36-5134-484e-be4f-d4fe6c88c996}: [NameServer] 8.8.8.8

Tcpip\..\Interfaces\{d313a7e1-5f52-47df-ae11-06e41f342765}: [NameServer] 8.8.8.8

Tcpip\..\Interfaces\{eeee3bbc-e978-4405-9111-49a351b896a7}: [NameServer] 8.8.8.8

Tcpip\..\Interfaces\{fc738cee-50af-4e2a-b13e-1ee31d0093ed}: [NameServer] 8.8.8.8

Tcpip\..\Interfaces\{fd71aa8d-00d3-11e8-b870-806e6f6e6963}: [NameServer] 8.8.8.8

Tcpip\..\Interfaces\{fffaf810-9921-4d4b-91fc-6f922045202a}: [NameServer] 8.8.8.8
 

Internet Explorer:

==================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM -> {3856EF5A-CFF4-4F06-801E-74B3AEE9CAE4} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM-x32 -> {3856EF5A-CFF4-4F06-801E-74B3AEE9CAE4} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

SearchScopes: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

SearchScopes: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

SearchScopes: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001 -> {3856EF5A-CFF4-4F06-801E-74B3AEE9CAE4} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2018-02-15] (Microsoft Corporation)

BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation)

BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-12-06] (HP Inc.)

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-09-12] (Microsoft Corporation)

BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation)

BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-12-06] (HP Inc.)

Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation)

StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 

FireFox:

========

FF ProfilePath: C:\Users\s_rep\AppData\Roaming\Mozilla\Firefox\Profiles\e8mqt8ns.default

FF NewTab: file:///C:/ProgramData/Polygens/ff.NT

FF Homepage: hxxps://www.google.com/

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-12] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)

FF user.js: detected! => C:\Users\s_rep\AppData\Roaming\Mozilla\Firefox\Profiles\e8mqt8ns.default\user.js [2018-11-11]

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2017-09-12] (Microsoft Corporation)

FF Extension: Kein Name - C:\Users\s_rep\AppData\Roaming\Mozilla\Firefox\Profiles\e8mqt8ns.default\Extensions\abs@avira.com.xpi [2018-10-26]

FF Extension: Kein Name - C:\Users\s_rep\AppData\Roaming\Mozilla\Firefox\Profiles\e8mqt8ns.default\Extensions\passwordmanager@avira.com.xpi [2018-06-13]

FF Extension: Kein Name - C:\Users\s_rep\AppData\Roaming\Mozilla\Firefox\Profiles\e8mqt8ns.default\Extensions\toolbar-ff@payback.de.xpi [2018-10-10]

FF Extension: Kein Name - C:\Users\s_rep\AppData\Roaming\Mozilla\Firefox\Profiles\e8mqt8ns.default\Extensions\toolbar@web.de.xpi [2018-05-25]

FF Extension: Kein Name - C:\Users\s_rep\AppData\Roaming\Mozilla\Firefox\Profiles\e8mqt8ns.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2018-04-13]

FF Extension: Kein Name - C:\Users\s_rep\AppData\Roaming\Mozilla\Firefox\Profiles\e8mqt8ns.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2018-09-25]

FF Extension: Kein Name - C:\Users\s_rep\AppData\Roaming\Mozilla\Firefox\Profiles\e8mqt8ns.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-10-31]

FF Extension: Kein Name - C:\Users\s_rep\AppData\Roaming\Mozilla\Firefox\Profiles\e8mqt8ns.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2018-03-17]

StartMenuInternet: FIREFOX.EXE - firefox.exe
 

Chrome: 

=======

CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

StartMenuInternet: Google Chrome - Chrome.exe
 

Opera: 

=======

OPR Extension: (Kein Name) - C:\Users\s_rep\AppData\Roaming\Opera Software\Opera Stable\Extensions\gkcgcddlhhlldmjffagogcoalhmfigoh [2018-11-11]
 

==================== Dienste (Nicht auf der Ausnahmeliste) ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [891472 2018-10-16] (Avira Operations GmbH & Co. KG)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [248312 2018-10-16] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [248312 2018-10-16] (Avira Operations GmbH & Co. KG)

S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1162120 2018-10-16] (Avira Operations GmbH & Co. KG)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc.)

R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [431688 2018-10-09] (Avira Operations GmbH & Co. KG)

R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2940584 2018-03-16] (Avira Operations GmbH & Co. KG)

R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [102816 2018-10-11] (Avira Operations GmbH & Co. KG)

S3 BcastDVRUserService; C:\Windows\System32\BcastDVRUserService.dll [1364992 2018-09-20] (Microsoft Corporation)

S3 BcastDVRUserService_6e966; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation)

S3 BcastDVRUserService_6e966; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation)

S3 BluetoothUserService; C:\Windows\System32\Microsoft.Bluetooth.UserService.dll [464384 2018-04-12] (Microsoft Corporation)

S3 BluetoothUserService_6e966; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation)

S3 BluetoothUserService_6e966; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation)

R3 BTAGService; C:\Windows\System32\BTAGService.dll [514048 2018-04-12] (Microsoft Corporation)

R3 BthAvctpSvc; C:\Windows\System32\BthAvctpSvc.dll [395264 2018-04-12] (Microsoft Corporation)

R3 camsvc; C:\Windows\system32\CapabilityAccessManager.dll [266752 2018-06-15] (Microsoft Corporation)

S2 CDPUserSvc; C:\Windows\System32\CDPUserSvc.dll [453120 2018-04-12] (Microsoft Corporation)

R2 CDPUserSvc_6e966; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation)

R2 CDPUserSvc_6e966; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation)

R3 cphs; C:\Windows\System32\DriverStore\FileRepository\ki125121.inf_amd64_26ca8ba649abc040\IntelCpHeciSvc.exe [397280 2017-11-03] (Intel Corporation)

R2 cplspcon; C:\Windows\System32\DriverStore\FileRepository\ki125121.inf_amd64_26ca8ba649abc040\IntelCpHDCPSvc.exe [613352 2017-11-03] (Intel Corporation)

S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-12-18] (Dropbox, Inc.)

S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-12-18] (Dropbox, Inc.)

S3 DevicePickerUserSvc; C:\Windows\System32\Windows.Devices.Picker.dll [400896 2018-04-12] (Microsoft Corporation)

S3 DevicePickerUserSvc; C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll [312832 2018-04-12] (Microsoft Corporation)

S3 DevicePickerUserSvc_6e966; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation)

S3 DevicePickerUserSvc_6e966; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation)

S3 DevicesFlowUserSvc; C:\Windows\System32\DevicesFlowBroker.dll [750080 2018-04-12] (Microsoft Corporation)

S3 DevicesFlowUserSvc_6e966; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation)

S3 DevicesFlowUserSvc_6e966; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation)

S3 diagsvc; C:\Windows\system32\DiagSvc.dll [219648 2018-04-12] (Microsoft Corporation)

R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2018-02-16] (Digital Wave Ltd.)

R2 DusmSvc; C:\Windows\System32\dusmsvc.dll [356352 2018-04-12] (Microsoft Corporation)

R2 esifsvc; C:\Windows\system32\Intel\DPTF\esif_uf.exe [2218552 2017-02-03] (Intel Corporation)

R2 ETDService; C:\Program Files\Elantech\ETDService.exe [153040 2017-10-18] (ELAN Microelectronics Corp.)

S3 FrameServer; C:\Windows\system32\FrameServer.dll [673792 2018-06-08] (Microsoft Corporation)

S3 GraphicsPerfSvc; C:\Windows\System32\GraphicsPerfSvc.dll [90624 2018-04-12] (Microsoft Corporation)

R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1309184 2016-10-07] (HP Inc.) [Datei ist nicht signiert]

R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-04-03] (HP Inc.)

R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)

R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)

R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [630776 2017-02-06] (HP Inc.)

S3 HvHost; C:\Windows\System32\hvhostsvc.dll [61736 2018-08-03] (Microsoft Corporation)

R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17976 2016-09-20] (Intel Corporation)

R2 igfxCUIService2.0.0.0; C:\Windows\System32\DriverStore\FileRepository\ki125121.inf_amd64_26ca8ba649abc040\igfxCUIService.exe [415208 2017-11-03] (Intel Corporation)

S3 InstallService; C:\Windows\system32\InstallService.dll [1487360 2018-06-15] (Microsoft Corporation)

S3 InstallService; C:\WINDOWS\SysWOW64\InstallService.dll [1110528 2018-06-15] (Microsoft Corporation)

S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [630048 2016-10-13] (Intel(R) Corporation)

S3 IpxlatCfgSvc; C:\Windows\System32\IpxlatCfg.dll [63488 2018-04-12] (Microsoft Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [196200 2016-12-19] (Intel Corporation)

S3 LxpSvc; C:\Windows\System32\LanguageOverlayServer.dll [199680 2018-04-12] (Microsoft Corporation)

R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)

S3 NaturalAuthentication; C:\Windows\System32\NaturalAuth.dll [824832 2018-04-12] (Microsoft Corporation)

R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [432264 2017-12-06] (Geek Software GmbH)

S3 PrintWorkflowUserSvc; C:\Windows\System32\PrintWorkflowService.dll [170496 2018-04-12] (Microsoft Corporation)

S3 PrintWorkflowUserSvc; C:\WINDOWS\SysWOW64\PrintWorkflowService.dll [138240 2018-04-12] (Microsoft Corporation)

S3 PrintWorkflowUserSvc_6e966; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation)

S3 PrintWorkflowUserSvc_6e966; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation)

S3 PushToInstall; C:\Windows\system32\PushToInstall.dll [262144 2018-07-14] (Microsoft Corporation)

S3 RmSvc; C:\Windows\System32\RMapi.dll [153600 2018-04-12] (Microsoft Corporation)

R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2017-04-28] (Realtek Semiconductor)

R2 SecurityHealthService; C:\Windows\system32\SecurityHealthService.exe [760888 2018-07-14] (Microsoft Corporation)

R3 SEMgrSvc; C:\Windows\system32\SEMgrSvc.dll [1248768 2018-04-12] (Microsoft Corporation)

R2 SgrmBroker; C:\Windows\system32\SgrmBroker.exe [163336 2018-04-12] (Microsoft Corporation)

S3 SharedRealitySvc; C:\Windows\System32\SharedRealitySvc.dll [713216 2018-08-28] (Microsoft Corporation)

S4 shpamsvc; C:\Windows\system32\Windows.SharedPC.AccountManager.dll [195584 2018-04-12] (Microsoft Corporation)

R2 SilhouetteLink; C:\Program Files (x86)\Silhouette America\Silhouette Link\Resources\Resources\SPEC_LK\SilhouetteLinkServer.32.exe [897200 2016-12-06] ()

S3 spectrum; C:\Windows\system32\spectrum.exe [976384 2018-06-08] (Microsoft Corporation)

S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()

R3 TimeBrokerSvc; C:\Windows\System32\TimeBrokerServer.dll [176128 2018-04-12] (Microsoft Corporation)

R3 TokenBroker; C:\Windows\System32\TokenBroker.dll [1395200 2018-08-03] (Microsoft Corporation)

R3 TokenBroker; C:\WINDOWS\SysWOW64\TokenBroker.dll [1000448 2018-08-03] (Microsoft Corporation)

S4 tzautoupdate; C:\WINDOWS\SysWOW64\tzautoupdate.dll [72192 2018-04-12] (Microsoft Corporation)

S3 VacSvc; C:\Windows\System32\vac.dll [411256 2018-04-12] (Microsoft Corporation)

S3 vmicrdv; C:\Windows\System32\icsvcext.dll [309760 2018-04-12] (Microsoft Corporation)

S3 vmicvss; C:\Windows\System32\icsvcext.dll [309760 2018-04-12] (Microsoft Corporation)

S3 WaaSMedicSvc; C:\Windows\System32\WaaSMedicSvc.dll [392704 2018-08-09] (Microsoft Corporation)

S3 WarpJITSvc; C:\Windows\System32\Windows.WARP.JITService.dll [31744 2018-04-12] (Microsoft Corporation)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)

S3 WFDSConMgrSvc; C:\Windows\System32\wfdsconmgrsvc.dll [681984 2018-07-14] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation)

S3 wisvc; C:\Windows\system32\flightsettings.dll [858112 2018-06-08] (Microsoft Corporation)

S3 wisvc; C:\WINDOWS\SysWOW64\flightsettings.dll [729088 2018-06-08] (Microsoft Corporation)

S3 wlpasvc; C:\Windows\System32\lpasvc.dll [1359360 2018-07-14] (Microsoft Corporation)

S3 WpcMonSvc; C:\Windows\System32\WpcDesktopMonSvc.dll [1456640 2018-06-02] (Microsoft Corporation)

S2 WpnUserService; C:\Windows\System32\WpnUserService.dll [96768 2018-04-12] (Microsoft Corporation)

R2 WpnUserService_6e966; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation)

R2 WpnUserService_6e966; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation)

S3 xbgm; C:\Windows\system32\xbgmsvc.exe [59512 2018-04-12] (Microsoft Corporation)

S3 XboxGipSvc; C:\Windows\System32\XboxGipSvc.dll [58880 2018-04-12] (Microsoft Corporation)

R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

S2 MTEzOG; rundll32.exe C:\WINDOWS\rusurngttj.rux RGSgaxSwymIJMiY [X]
 

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R3 Accelerometer; C:\Windows\System32\drivers\Accelerometer.sys [55696 2018-08-31] (HP)

S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [20480 2018-04-12] (Microsoft Corporation)

R1 afunix; C:\Windows\system32\drivers\afunix.sys [39424 2018-04-12] (Microsoft Corporation)

S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [18432 2018-04-12] (Microsoft Corporation)

R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [69656 2018-08-08] (Avira Operations GmbH & Co. KG)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [179376 2018-07-04] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [169864 2018-07-04] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [44488 2018-01-03] (Avira Operations GmbH & Co. KG)

R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [88488 2018-01-03] (Avira Operations GmbH & Co. KG)

R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [38048 2018-01-03] (Avira Operations GmbH & Co. KG)

S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533912 2018-04-12] (QLogic Corporation)

R1 bam; C:\Windows\System32\drivers\bam.sys [60320 2018-04-12] (Microsoft Corporation)

S3 bindflt; C:\Windows\system32\drivers\bindflt.sys [92056 2018-04-12] (Microsoft Corporation)

R3 BthLEEnum; C:\Windows\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [86528 2018-04-12] (Microsoft Corporation)

S0 bttflt; C:\Windows\System32\drivers\bttflt.sys [38304 2018-04-12] (Microsoft Corporation)

R3 CAD; C:\Windows\System32\drivers\CAD.sys [60320 2018-04-12] (Microsoft Corporation)

S0 cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [321432 2018-04-12] (Chelsio Communications)

S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [1836952 2018-04-12] (Chelsio Communications)

R2 CldFlt; C:\Windows\System32\drivers\cldflt.sys [414720 2018-07-14] (Microsoft Corporation)

R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [72584 2017-02-03] (Intel Corporation)

R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [67976 2017-02-03] (Intel Corporation)

R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [355208 2017-02-03] (Intel Corporation)

R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-10-18] (Malwarebytes)

R3 ETDSMBus; C:\Windows\System32\drivers\ETDSMBus.sys [32840 2017-04-14] (ELAN Microelectronic Corp.)

R3 HID_PCI; C:\Windows\System32\drivers\HID_PCI.sys [31328 2016-08-10] (Intel)

R0 hpdskflt; C:\Windows\System32\drivers\hpdskflt.sys [42384 2018-08-31] (HP)

S4 hvcrash; C:\Windows\System32\drivers\hvcrash.sys [33184 2018-04-12] (Microsoft Corporation)

S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [76088 2018-09-20] (Microsoft Corporation)

S3 HwNClx0101; C:\Windows\System32\Drivers\mshwnclx.sys [27136 2018-04-12] (Microsoft Corporation)

S3 iagpio; C:\Windows\System32\drivers\iagpio.sys [36864 2018-04-12] (Intel(R) Corporation)

R3 iaLPSS2i_GPIO2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [79360 2018-04-12] (Intel Corporation)

S3 iaLPSS2i_GPIO2_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [88576 2018-04-12] (Intel Corporation)

S3 iaLPSS2i_I2C_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [174592 2018-04-12] (Intel Corporation)

S0 iaStorAVC; C:\Windows\System32\drivers\iaStorAVC.sys [885144 2018-04-12] (Intel Corporation)

R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [136128 2017-12-06] (Intel Corporation)

R3 igfx; C:\Windows\System32\DriverStore\FileRepository\ki125121.inf_amd64_26ca8ba649abc040\igdkmd64.sys [12842984 2017-11-03] (Intel Corporation)

S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [38912 2018-04-12] (Microsoft Corporation)

R0 iorate; C:\Windows\System32\drivers\iorate.sys [58272 2018-04-12] (Microsoft Corporation)

S3 IPT; C:\Windows\System32\drivers\ipt.sys [32256 2018-04-12] (Microsoft Corporation)

R3 ISH; C:\Windows\System32\drivers\ISH.sys [143984 2016-09-19] (Intel)

R3 ISH_BusDriver; C:\Windows\System32\drivers\ISH_BusDriver.sys [80496 2016-08-18] (Intel)

S0 ItSas35i; C:\Windows\System32\drivers\ItSas35i.sys [145816 2018-04-12] (Avago Technologies)

S3 mausbhost; C:\Windows\System32\drivers\mausbhost.sys [505240 2018-04-12] (Microsoft Corporation)

S3 mausbip; C:\Windows\System32\drivers\mausbip.sys [56736 2018-04-12] (Microsoft Corporation)

R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198000 2018-11-11] (Malwarebytes)

R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [119136 2018-11-13] (Malwarebytes)

R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [63768 2018-11-13] (Malwarebytes)

R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [260480 2018-11-13] (Malwarebytes)

R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [111152 2018-11-13] (Malwarebytes)

S0 megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [75160 2018-04-12] (Avago Technologies)

S0 megasas35i; C:\Windows\System32\drivers\megasas35i.sys [82328 2018-04-12] (Avago Technologies)

R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [204920 2016-12-02] (Intel Corporation)

R3 Microsoft_Bluetooth_AvrcpTransport; C:\Windows\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation)

S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [175104 2018-04-12] (Microsoft Corporation)

R3 Netwtw04; C:\Windows\system32\DRIVERS\Netwtw04.sys [8623128 2018-04-04] (Intel Corporation)

S3 nvdimm; C:\Windows\System32\drivers\nvdimm.sys [104448 2018-04-12] (Microsoft Corporation)

S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58776 2018-04-12] (Avago Technologies)

S3 pmem; C:\Windows\System32\drivers\pmem.sys [105984 2018-04-12] (Microsoft Corporation)

S0 Ramdisk; C:\Windows\System32\DRIVERS\ramdisk.sys [39840 2018-04-12] (Microsoft Corporation)

S3 rhproxy; C:\Windows\System32\drivers\rhproxy.sys [104448 2018-04-12] (Microsoft Corporation)

R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [782304 2017-04-19] (Realsil Semiconductor Corporation)

S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [128920 2018-08-03] (Microsoft Corporation)

S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [33176 2018-04-12] (Microsoft Corporation)

R0 SgrmAgent; C:\Windows\System32\drivers\SgrmAgent.sys [63896 2018-04-12] (Microsoft Corporation)

S3 SpatialGraphFilter; C:\Windows\System32\drivers\SpatialGraphFilter.sys [57752 2018-04-12] (Microsoft Corporation)

S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [152576 2018-04-12] (Microsoft Corporation)

R3 VirtualButtons; C:\Windows\System32\drivers\VirtualButtons.sys [42000 2017-01-16] (Intel Corporation)

S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [10240 2018-08-03] (Microsoft Corporation)

R0 volume; C:\Windows\System32\drivers\volume.sys [16288 2018-04-12] (Microsoft Corporation)

R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [151960 2018-04-12] (Microsoft Corporation)

S3 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [82944 2018-04-12] (Microsoft Corporation)

S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)

S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)

S3 WdmCompanionFilter; C:\Windows\System32\drivers\WdmCompanionFilter.sys [21408 2018-04-12] (Microsoft Corporation)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)

S3 WinNat; C:\Windows\System32\drivers\winnat.sys [227840 2018-07-14] (Microsoft Corporation)

R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [35568 2018-08-31] (HP)

U3 aspnet_state; kein ImagePath

S1 ODk1NWNkZTRhY; \??\C:\WINDOWS\system32\drivers\ODk1NWNkZTRhY [X]
 

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

NETSVC: InstallService -> C:\Windows\system32\InstallService.dll (Microsoft Corporation)

NETSVC: LxpSvc -> C:\Windows\System32\LanguageOverlayServer.dll (Microsoft Corporation)

NETSVC: shpamsvc -> C:\Windows\system32\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)

NETSVC: PushToInstall -> C:\Windows\system32\PushToInstall.dll (Microsoft Corporation)

NETSVC: NaturalAuthentication -> C:\Windows\System32\NaturalAuth.dll (Microsoft Corporation)

NETSVC: XboxGipSvc -> C:\Windows\System32\XboxGipSvc.dll (Microsoft Corporation)

NETSVC: TokenBroker -> C:\Windows\System32\TokenBroker.dll (Microsoft Corporation)

NETSVC: wisvc -> C:\Windows\system32\flightsettings.dll (Microsoft Corporation)

NETSVC: WpnService -> C:\Windows\system32\WpnService.dll (Microsoft Corporation)

NETSVCx32: TokenBroker -> C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation)
 

==================== Ein Monat: Erstellte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2018-11-13 09:22 - 2018-11-13 09:22 - 00000372 _____ C:\Users\s_rep\Desktop\Search.txt

2018-11-13 08:32 - 2018-11-13 08:32 - 00260480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys

2018-11-13 08:32 - 2018-11-13 08:32 - 00119136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys

2018-11-13 08:32 - 2018-11-13 08:32 - 00111152 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys

2018-11-13 08:32 - 2018-11-13 08:32 - 00063768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys

2018-11-11 21:02 - 2018-11-11 21:02 - 00002679 _____ C:\Users\s_rep\Desktop\Malwarebytes.txt

2018-11-11 20:53 - 2018-11-11 20:55 - 00070328 _____ C:\Users\s_rep\Desktop\Addition.txt

2018-11-11 20:52 - 2018-11-13 09:25 - 00036507 _____ C:\Users\s_rep\Desktop\FRST.txt

2018-11-11 20:18 - 2018-11-11 20:18 - 00255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\2124B6DE.sys

2018-11-11 20:17 - 2018-11-11 20:42 - 00000000 ____D C:\Users\s_rep\Desktop\mbar

2018-11-11 20:17 - 2018-11-11 20:42 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2018-11-11 20:16 - 2018-11-11 20:16 - 14178840 _____ (Malwarebytes Corp.) C:\Users\s_rep\Desktop\mbar-1.10.3.1001.exe

2018-11-11 19:10 - 2018-11-13 09:25 - 00000000 ____D C:\FRST

2018-11-11 19:10 - 2018-11-11 19:10 - 02375168 _____ (Farbar) C:\Users\s_rep\Desktop\FRST64.exe

2018-11-11 19:08 - 2018-11-11 19:08 - 01725952 _____ (Farbar) C:\Users\s_rep\Downloads\FRST.exe

2018-11-11 18:17 - 2018-11-11 18:17 - 00000000 ___HD C:\$SysReset

2018-11-11 16:54 - 2018-11-11 16:55 - 00000000 ____D C:\AdwCleaner

2018-11-11 16:54 - 2018-11-11 16:54 - 07592144 _____ (Malwarebytes) C:\Users\s_rep\Desktop\adwcleaner_7.2.4.0.exe

2018-11-11 16:45 - 2018-11-11 16:46 - 04650564 _____ C:\Users\s_rep\Downloads\combocleaner.dmg

2018-11-11 16:13 - 2018-11-11 16:13 - 00000056 _____ C:\WINDOWS\wininit.ini

2018-11-11 16:06 - 2018-11-11 16:13 - 00000306 __RSH C:\ProgramData\ntuser.pol

2018-11-11 15:38 - 2018-11-11 15:38 - 00000000 ____D C:\Users\s_rep\AppData\Local\mbam

2018-11-11 15:37 - 2018-11-11 20:18 - 00000000 ____D C:\ProgramData\Malwarebytes

2018-11-11 15:37 - 2018-11-11 15:37 - 00198000 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys

2018-11-11 15:37 - 2018-11-11 15:37 - 00001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk

2018-11-11 15:37 - 2018-11-11 15:37 - 00000000 ____D C:\Users\s_rep\AppData\Local\mbamtray

2018-11-11 15:37 - 2018-11-11 15:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes

2018-11-11 15:37 - 2018-11-11 15:37 - 00000000 ____D C:\Program Files\Malwarebytes

2018-11-11 15:37 - 2018-10-18 08:44 - 00152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys

2018-11-11 15:29 - 2018-11-11 15:29 - 79596656 _____ (Malwarebytes ) C:\Users\s_rep\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.482-1.0.7783.exe

2018-11-11 15:19 - 2018-11-11 16:05 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\excdir

2018-11-11 15:16 - 2018-11-11 15:44 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\10g0mgchl40

2018-11-11 15:15 - 2018-11-11 15:46 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\q3cvj2ojp2m

2018-11-11 15:08 - 2018-11-11 16:05 - 00000000 ____D C:\Program Files (x86)\IwTmDCzJJIE

2018-11-11 15:08 - 2018-11-11 15:15 - 00000034 _____ C:\Users\Public\Documents\{DE764086-1C0A-4DD3-90BA-0B93BDD794BE}

2018-11-11 15:08 - 2018-11-11 15:08 - 00004256 _____ C:\WINDOWS\System32\Tasks\Benutzerdienstfür(AppXSVC)

2018-11-11 15:08 - 2018-11-11 15:08 - 00003008 _____ C:\WINDOWS\System32\Tasks\niYEcWwYibJfLQX2

2018-11-11 15:08 - 2018-11-11 15:08 - 00000000 ____D C:\ProgramData\zTXZmVxyKBKDhdVB

2018-11-11 15:07 - 2018-11-11 15:47 - 00000000 ____D C:\Program Files (x86)\UmTwpSvRUOfSC

2018-11-11 15:07 - 2018-11-11 15:47 - 00000000 ____D C:\Program Files (x86)\pbjpUXEkQjxU2

2018-11-11 15:07 - 2018-11-11 15:47 - 00000000 ____D C:\Program Files (x86)\hGGLWjvHZZUn

2018-11-11 15:07 - 2018-11-11 15:47 - 00000000 ____D C:\Program Files (x86)\BHXQvOBMsgKdEntstUR

2018-11-11 15:07 - 2018-11-11 15:41 - 00000000 ____D C:\Program Files (x86)\eEvEEOxmU

2018-11-11 15:07 - 2018-11-11 15:13 - 00000582 _____ C:\WINDOWS\Tasks\EZnVzpmjsBPJAOW.job

2018-11-11 15:07 - 2018-11-11 15:08 - 00000000 ____D C:\Program Files (x86)\nodejs

2018-11-11 15:07 - 2018-11-11 15:07 - 00003212 _____ C:\WINDOWS\System32\Tasks\OqUgsIhoyVOixP

2018-11-11 15:07 - 2018-11-11 15:07 - 00003034 _____ C:\WINDOWS\System32\Tasks\qdxgajDnKqmDPrtzQ2

2018-11-11 15:07 - 2018-11-11 15:07 - 00003026 _____ C:\WINDOWS\System32\Tasks\yKlRUxrwnsuFpeUeBWz2

2018-11-11 15:07 - 2018-11-11 15:07 - 00003014 _____ C:\WINDOWS\System32\Tasks\EZnVzpmjsBPJAOW

2018-11-11 15:07 - 2018-11-11 15:07 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\npm

2018-11-11 15:06 - 2018-11-11 15:16 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\ydti5ummqoo

2018-11-11 15:06 - 2018-11-11 15:06 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\Python

2018-11-11 15:06 - 2018-11-11 15:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondersoft

2018-11-11 15:05 - 2018-11-11 16:10 - 00000000 ____D C:\Program Files (x86)\SHSK

2018-11-11 15:05 - 2018-11-11 16:05 - 00000000 ____D C:\Program Files (x86)\Multitimer

2018-11-11 15:05 - 2018-11-11 15:49 - 00000000 ____D C:\Users\s_rep\AppData\Local\William

2018-11-11 15:05 - 2018-11-11 15:47 - 00000000 ____D C:\Program Files\Okawville

2018-11-11 15:05 - 2018-11-11 15:16 - 00003480 _____ C:\WINDOWS\System32\Tasks\{e6b1bd71-40ef-4173-8106-93b5f9032a6e}

2018-11-11 15:05 - 2018-11-11 15:16 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\41fvqqftwqx

2018-11-11 15:05 - 2018-11-11 15:13 - 00001546 _____ C:\WINDOWS\Tasks\Okawville.job

2018-11-11 15:05 - 2018-11-11 15:05 - 00140800 _____ C:\Users\s_rep\AppData\Local\installer.dat

2018-11-11 15:05 - 2018-11-11 15:05 - 00013984 _____ C:\WINDOWS\System32\Tasks\Okawville

2018-11-11 15:05 - 2018-11-11 15:05 - 00000000 ____D C:\Program Files (x86)\Wondersoft

2018-11-11 15:01 - 2018-11-11 15:03 - 00000000 ____D C:\ProgramData\Ver

2018-11-11 15:01 - 2018-11-11 15:01 - 00000000 ____D C:\Users\s_rep\Documents\MediaTrans

2018-11-11 15:01 - 2018-11-11 15:01 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\DearMob

2018-11-11 15:00 - 2018-11-11 15:00 - 00000000 ____D C:\Users\s_rep\AppData\Local\AdvinstAnalytics

2018-11-11 14:57 - 2018-11-11 15:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digiarty

2018-11-11 14:57 - 2018-11-11 15:01 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\Digiarty

2018-11-11 14:57 - 2018-11-11 14:57 - 31498016 _____ C:\Users\s_rep\Downloads\winx-mediatrans-5-6.exe

2018-11-11 14:57 - 2018-11-11 14:57 - 00000000 ____D C:\Program Files (x86)\Digiarty

2018-11-11 14:56 - 2018-11-11 15:10 - 00000000 ____D C:\Users\s_rep\Documents\LeaderTask

2018-11-11 14:55 - 2018-11-11 14:55 - 00000000 ____D C:\Users\s_rep\Downloads\WinX MediaTrans 63 Crack License Code Free Torrent

2018-11-11 14:54 - 2018-11-11 14:54 - 00593889 _____ C:\Users\s_rep\Downloads\WinX MediaTrans 63 Crack License Code Free Torrent.zip

2018-11-11 14:51 - 2018-11-11 14:51 - 00593844 _____ C:\Users\s_rep\Downloads\winx mediatrans 63 crack full version 2018(1).zip

2018-11-11 14:51 - 2018-11-11 14:51 - 00000000 ____D C:\Users\s_rep\Downloads\winx mediatrans 63 crack full version 2018(1)

2018-11-11 14:50 - 2018-11-11 14:50 - 00000000 _____ C:\Users\s_rep\Downloads\winx mediatrans 63 crack full version 2018.zip

2018-11-11 10:34 - 2018-11-11 10:34 - 00098201 _____ C:\WINDOWS\uninstaller.dat

2018-11-10 18:58 - 2018-11-10 18:58 - 00000000 ___HD C:\OneDriveTemp

2018-11-10 07:40 - 2018-11-10 07:40 - 49460656 _____ C:\Users\s_rep\Downloads\x-iphone-ringtone-maker-de.exe

2018-11-10 07:18 - 2018-11-10 07:41 - 00000000 ____D C:\Users\s_rep\Documents\Xilisoft

2018-11-10 07:18 - 2018-11-10 07:41 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\Xilisoft

2018-11-10 07:13 - 2018-11-10 07:13 - 00000000 ____D C:\Users\s_rep\Downloads\Xilisoft_iPhone_Magic_5.7.25_Platinum

2018-11-10 07:05 - 2018-11-10 07:05 - 02906754 _____ C:\Users\s_rep\Downloads\Loreen - Euphoria.m4r

2018-11-10 06:59 - 2018-11-10 07:03 - 71977205 _____ C:\Users\s_rep\Downloads\Xilisoft_iPhone_Magic_5.7.25_Platinum.rar

2018-11-09 14:22 - 2018-11-09 14:22 - 04958970 _____ C:\Users\s_rep\Downloads\_Miezo_Printable_SchnippSchnappAK_Lichterkette.zip

2018-11-09 14:22 - 2018-11-09 14:22 - 04177262 _____ C:\Users\s_rep\Downloads\_Miezo_Printable_SchnippSchnappAK_Nikolaus.zip

2018-11-09 14:22 - 2018-11-09 14:22 - 03357516 _____ C:\Users\s_rep\Downloads\_Miezo_Printable_SchnippSchnappAK_Reh_mit_Schleife.zip

2018-11-09 14:22 - 2018-11-09 14:22 - 03207965 _____ C:\Users\s_rep\Downloads\_Miezo_Printable_SchnippSchnappAK_Engel.zip

2018-11-09 14:22 - 2018-11-09 14:22 - 02136903 _____ C:\Users\s_rep\Downloads\_Miezo_Printable_SchnippSchnappAK_Zuckerstange.zip

2018-11-09 14:16 - 2018-11-09 14:16 - 03698950 _____ C:\Users\s_rep\Downloads\_Miezo Digistamp Drachenmädchen mit Laterne.zip

2018-11-09 10:51 - 2018-11-09 10:51 - 01710944 _____ C:\Users\s_rep\Downloads\IKEA FAMILY KARTE.pdf

2018-11-08 05:48 - 2018-11-08 06:00 - 00000000 ____D C:\Users\s_rep\AppData\Local\iMobie_Inc

2018-11-08 05:48 - 2018-11-08 05:59 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\iMobie

2018-11-08 05:47 - 2018-11-11 15:13 - 00000000 ____D C:\Program Files (x86)\iMobie

2018-11-08 05:47 - 2018-11-08 05:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMobie

2018-11-08 05:46 - 2018-11-08 05:46 - 02576312 _____ (iMobie Inc.) C:\Users\s_rep\Downloads\anytrans-ios-setup.exe

2018-11-08 05:31 - 2018-11-08 05:31 - 00000000 ____D C:\Users\s_rep\AppData\Local\Apple Computer

2018-11-08 05:05 - 2018-11-10 07:54 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\Apple Computer

2018-11-08 05:05 - 2018-11-08 05:05 - 00001823 _____ C:\Users\Public\Desktop\iTunes.lnk

2018-11-08 05:05 - 2018-11-08 05:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2018-11-08 05:05 - 2018-11-08 05:05 - 00000000 ____D C:\Program Files\iPod

2018-11-08 05:03 - 2018-11-08 05:05 - 00000000 ____D C:\Program Files\iTunes

2018-11-08 05:03 - 2018-11-08 05:03 - 00000000 ____D C:\ProgramData\Apple Computer

2018-11-08 05:00 - 2018-11-08 05:00 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk

2018-11-08 05:00 - 2018-11-08 05:00 - 00000000 ____D C:\Users\s_rep\AppData\Local\Apple

2018-11-08 05:00 - 2018-11-08 05:00 - 00000000 ____D C:\Program Files (x86)\Apple Software Update

2018-11-08 04:59 - 2018-11-08 04:59 - 00000000 ____D C:\Program Files\Bonjour

2018-11-08 04:59 - 2018-11-08 04:59 - 00000000 ____D C:\Program Files (x86)\Bonjour

2018-11-08 04:58 - 2018-11-08 04:59 - 00000000 ____D C:\Program Files\Common Files\Apple

2018-11-08 04:54 - 2018-11-08 04:55 - 270003016 _____ (Apple Inc.) C:\Users\s_rep\Downloads\iTunes64Setup.exe

2018-11-07 14:44 - 2018-11-07 14:44 - 06986360 _____ (ESET spol. s r.o.) C:\Users\s_rep\Downloads\ESETOnlineScanner_DEU.exe

2018-11-07 14:44 - 2018-11-07 14:44 - 00000000 ____D C:\Users\s_rep\AppData\Local\ESET

2018-11-07 12:53 - 2018-11-07 12:53 - 00000000 ____D C:\Users\s_rep\AppData\Local\D3DSCache

2018-11-06 06:32 - 2018-11-06 06:32 - 01681611 _____ C:\Users\s_rep\Downloads\Mother's Day.zip

2018-11-06 06:25 - 2018-11-06 06:25 - 03172822 _____ C:\Users\s_rep\Downloads\KINDNESS_IS_THE_WAY_CUST_FILES.zip

2018-11-06 05:55 - 2018-11-06 05:55 - 00029450 _____ C:\Users\s_rep\Downloads\copicnummern.pdf

2018-11-04 11:21 - 2018-11-04 11:21 - 00310110 _____ C:\Users\s_rep\Downloads\Steffies Bastelkammer Box zum binden Herz und Stern.studio3

2018-11-01 06:00 - 2018-11-01 08:19 - 00010552 _____ C:\Users\s_rep\Documents\Erbe Ausgaben.xlsx

2018-11-01 05:22 - 2018-11-01 05:22 - 00656584 _____ C:\Users\s_rep\Downloads\Steffie´s Bastelkammer 24 Lichter im Advent Portrait.studio3

2018-11-01 05:22 - 2018-11-01 05:22 - 00600163 _____ C:\Users\s_rep\Downloads\Steffie´s Bastelkammer 24 Lichter im Advent Cameo.studio3

2018-10-26 05:08 - 2018-10-26 05:08 - 00072472 _____ C:\Users\s_rep\Downloads\Briefmarken.12Stk.26.10.2018_0606.pdf

2018-10-26 04:57 - 2018-10-26 04:57 - 03693207 _____ C:\Users\s_rep\Downloads\Rund ums Basteln.pdf

2018-10-26 04:57 - 2018-10-26 04:57 - 00616315 _____ C:\Users\s_rep\Downloads\Steffies Bastelkammer Sternlicht.studio3

2018-10-22 08:32 - 2018-10-22 08:32 - 00509216 _____ C:\Users\s_rep\Downloads\Steffies Bastelkammer Karte für 10x15 Fotos.studio3

2018-10-19 17:45 - 2018-11-07 14:29 - 00004190 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1539967477

2018-10-19 17:45 - 2018-11-07 14:29 - 00001179 _____ C:\Users\s_rep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk

2018-10-19 17:43 - 2018-10-19 17:43 - 01921552 _____ (Opera Software) C:\Users\s_rep\Downloads\OperaSetup(1).exe

2018-10-19 16:35 - 2018-10-19 16:35 - 00066006 _____ C:\Users\s_rep\Downloads\Steffies Bastelkammer Karte zum aufstellen.studio3

2018-10-19 13:31 - 2018-10-19 13:31 - 81772586 _____ C:\Users\s_rep\Downloads\Wimpelkalender Zahlen.studio3

2018-10-19 12:31 - 2018-10-19 12:31 - 00121336 _____ C:\Users\s_rep\Downloads\Miezo Wimpelkalender(2).studio3

2018-10-19 04:06 - 2018-10-19 04:06 - 00111560 _____ C:\Users\s_rep\Downloads\Miezo Wimpelkalender(1).studio3

2018-10-18 09:03 - 2018-10-18 09:03 - 00611671 _____ C:\Users\s_rep\Downloads\adventskalender'kranz' rohling.studio3

2018-10-18 08:49 - 2018-10-18 08:49 - 00065540 _____ C:\Users\s_rep\Downloads\MiniAdventskranz.studio3

2018-10-18 08:47 - 2018-10-18 08:47 - 00649488 _____ C:\Users\s_rep\Downloads\HäuserBoxenLeer.studio3

2018-10-18 08:47 - 2018-10-18 08:47 - 00262512 _____ C:\Users\s_rep\Downloads\Würfelbox zum heraus ziehen.studio3

2018-10-18 04:28 - 2018-10-18 04:28 - 00111560 _____ C:\Users\s_rep\Downloads\Miezo Wimpelkalender.studio3

2018-10-17 12:30 - 2018-10-17 12:30 - 00286994 _____ C:\Users\s_rep\Downloads\Steffies Bastelkammer Karte mit Durchblick DIY.studio3

2018-10-17 07:21 - 2018-10-17 07:22 - 62543360 _____ C:\Users\s_rep\Downloads\FontPack1900820071_XtdAlf_Lang_DC.msi

2018-10-17 07:21 - 2018-10-17 07:21 - 00809182 _____ C:\Users\s_rep\Downloads\img001.pdf

2018-10-16 08:35 - 2018-10-16 08:35 - 00250423 _____ C:\Users\s_rep\Downloads\Miezo Pocket-Zahnstocherkalender.studio3

2018-10-15 13:16 - 2018-10-15 13:16 - 00153207 _____ C:\Users\s_rep\Downloads\Wichtige Infos rund um unsere Arbeit.pdf
 

==================== Ein Monat: Geänderte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2018-11-13 09:22 - 2018-04-12 00:38 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2018-11-13 09:02 - 2017-12-17 17:42 - 00000000 ____D C:\Users\s_rep\AppData\LocalLow\Mozilla

2018-11-13 08:34 - 2018-03-28 16:14 - 00000000 ____D C:\Users\Public\Speedup Sessions

2018-11-13 08:33 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\AppReadiness

2018-11-13 08:33 - 2017-12-17 17:33 - 00000000 __SHD C:\Users\s_rep\IntelGraphicsProfiles

2018-11-13 08:32 - 2018-06-02 08:56 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2018-11-13 08:31 - 2018-04-11 22:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI

2018-11-13 08:06 - 2017-12-18 06:46 - 00000000 ____D C:\Users\s_rep\Documents\01 Dieter

2018-11-13 08:03 - 2018-04-12 00:38 - 00000000 ___HD C:\Program Files\WindowsApps

2018-11-13 07:55 - 2018-06-02 08:13 - 00000000 ____D C:\WINDOWS\system32\SleepStudy

2018-11-12 06:50 - 2017-12-18 07:07 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\com.silhouettesoftware

2018-11-12 06:50 - 2017-12-18 07:07 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\com.aspexsoftware.Silhouette_Studio

2018-11-12 06:46 - 2018-04-12 00:36 - 00000000 ____D C:\WINDOWS\INF

2018-11-12 06:00 - 2018-05-04 06:01 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\com.silhouettesoftware.scratch.1

2018-11-12 06:00 - 2018-05-04 06:01 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\com.aspexsoftware.ss_bluetooth

2018-11-11 20:50 - 2018-01-24 08:14 - 00000000 ____D C:\Users\s_rep\AppData\Local\Packages

2018-11-11 17:02 - 2018-01-16 10:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

2018-11-11 17:02 - 2018-01-16 10:07 - 00000000 ____D C:\ProgramData\Avira

2018-11-11 17:02 - 2018-01-16 10:07 - 00000000 ____D C:\Program Files (x86)\Avira

2018-11-11 16:53 - 2018-06-02 08:21 - 01817928 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2018-11-11 16:53 - 2018-04-12 17:13 - 00781586 _____ C:\WINDOWS\system32\perfh007.dat

2018-11-11 16:53 - 2018-04-12 17:13 - 00166424 _____ C:\WINDOWS\system32\perfc007.dat

2018-11-11 16:30 - 2018-06-25 05:41 - 00000000 ____D C:\Program Files\Opera

2018-11-11 16:21 - 2018-04-12 00:30 - 00000000 ____D C:\WINDOWS\CbsTemp

2018-11-11 15:16 - 2017-12-17 17:42 - 00000000 ____D C:\Program Files\Mozilla Firefox

2018-11-11 15:14 - 2018-06-02 08:22 - 00000000 ____D C:\Users\s_rep

2018-11-11 15:06 - 2017-12-17 16:55 - 00000000 ____D C:\Program Files\Intel

2018-11-11 15:06 - 2017-10-12 00:37 - 00000000 ____D C:\ProgramData\Intel

2018-11-11 15:05 - 2018-04-12 00:38 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy

2018-11-11 15:05 - 2018-01-12 13:01 - 00000000 ____D C:\Program Files\rempl

2018-11-11 15:05 - 2017-03-18 22:03 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy

2018-11-10 22:12 - 2017-12-17 17:40 - 00000000 ___RD C:\Users\s_rep\OneDrive

2018-11-10 17:00 - 2018-06-04 05:08 - 00559880 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

2018-11-09 12:43 - 2017-12-17 17:35 - 00000000 ____D C:\Users\s_rep\AppData\Local\Comms

2018-11-08 08:47 - 2018-04-27 10:47 - 00000000 ____D C:\Users\s_rep\Downloads\Miezo

2018-11-08 04:59 - 2017-05-23 03:14 - 00000000 ____D C:\ProgramData\Apple

2018-11-07 12:56 - 2018-06-02 08:13 - 00621856 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2018-11-07 12:55 - 2017-12-17 17:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2018-11-02 05:08 - 2017-12-17 17:42 - 00001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk

2018-10-25 04:41 - 2017-12-18 15:30 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

2018-10-22 13:49 - 2017-05-23 03:11 - 00000000 ____D C:\ProgramData\Package Cache

2018-10-19 17:45 - 2018-06-25 05:41 - 00000000 ____D C:\Users\s_rep\AppData\Local\Opera Software

2018-10-19 17:43 - 2018-06-25 05:41 - 00000000 ____D C:\Users\s_rep\AppData\Roaming\Opera Software

2018-10-17 08:26 - 2018-06-02 08:56 - 00003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2101576799-1165526633-3082190696-1001

2018-10-17 08:26 - 2018-06-02 08:22 - 00002390 _____ C:\Users\s_rep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2018-10-16 04:30 - 2017-12-18 07:09 - 00000000 ____D C:\Users\s_rep\Downloads\Plotterdateien - später einsortieren

2018-10-16 04:07 - 2018-07-18 10:57 - 00000000 ____D C:\ProgramData\Packages
 

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
 

2017-12-18 07:07 - 2017-12-18 07:07 - 0000008 _____ () C:\Users\s_rep\AppData\Roaming\com.silhouettesoftware.id

2018-11-11 15:05 - 2018-11-11 15:05 - 0140800 _____ () C:\Users\s_rep\AppData\Local\installer.dat

2018-07-31 15:06 - 2018-07-31 15:06 - 0000218 _____ () C:\Users\s_rep\AppData\Local\recently-used.xbel

2017-12-18 06:13 - 2017-12-18 06:13 - 0000057 _____ () C:\ProgramData\Ament.ini
 

Einige Dateien in TEMP:

====================

C:\Users\s_rep\AppData\Local\Temp\Uninstall.exe
 
 

==================== Bamital & volsnap =================
 

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
 

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert

C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert

C:\WINDOWS\explorer.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert

C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert

C:\WINDOWS\system32\services.exe => Datei ist digital signiert

C:\WINDOWS\system32\User32.dll => Datei ist digital signiert

C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert

C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert

C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert

C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert

C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert

C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
 
 

LastRegBack: 2018-06-02 08:13
 

==================== Ende von FRST.txt ============================

Code:

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:13-04-2016

durchgeführt von s_rep (2018-11-13 09:26:39)

Gestartet von C:\Users\s_rep\Desktop

Windows 10 Home Version 1803 (X64) (2018-06-02 07:57:52)

Start-Modus: Normal

==========================================================
 
 

==================== Konten: =============================
 

Administrator (S-1-5-21-2101576799-1165526633-3082190696-500 - Administrator - Disabled)

DefaultAccount (S-1-5-21-2101576799-1165526633-3082190696-503 - Limited - Disabled)

Gast (S-1-5-21-2101576799-1165526633-3082190696-501 - Limited - Disabled)

s_rep (S-1-5-21-2101576799-1165526633-3082190696-1001 - Administrator - Enabled) => C:\Users\s_rep

WDAGUtilityAccount (S-1-5-21-2101576799-1165526633-3082190696-504 - Limited - Disabled)
 

==================== Sicherheits-Center ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
 

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}

AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installierte Programme ======================
 

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
 

123 Photo Version 2.0 (HKLM-x32\...\{68F08E04-F190-49B4-B159-3FA7E72A4EC8}_is1) (Version: 2.0 - Harald Wittke)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 19.008.20080 - Adobe Systems Incorporated)

Any Video Converter 6.0.9 (HKLM-x32\...\Any Video Converter) (Version: 6.0.9 - Anvsoft)

Apple Application Support (32-Bit) (HKLM-x32\...\{49F7DD82-FC83-48BF-86C6-CFE6E1E233E1}) (Version: 7.1 - Apple Inc.)

Apple Application Support (64-Bit) (HKLM\...\{1FA68E27-2951-42E8-9F57-1A7F6581B4FD}) (Version: 7.1 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)

Avira (HKLM-x32\...\{2884d9b5-2fed-48df-b0e0-fe229e7eb781}) (Version: 1.2.121.24663 - Avira Operations GmbH & Co. KG)

Avira (x32 Version: 1.2.121.24663 - Avira Operations GmbH & Co. KG) Hidden

Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.42.11 - Avira Operations GmbH & Co. KG)

Avira Safe Shopping (HKLM-x32\...\{573F6664-99E1-40D8-921A-7C9345EC03B2}) (Version: 1.1.5.3330 - Avira Operations GmbH & Co. KG)

Avira Safe Shopping (x32 Version: 1.0.65.2672 - Avira Operations Gmbh & Co. KG) Hidden

Avira Software Updater (HKLM-x32\...\{D4F0629A-3F4A-4098-ADFE-6F3551762251}) (Version: 2.0.6.4401 - Avira Operations GmbH & Co. KG)

Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 4.8.0.7455 - Avira Operations GmbH & Co. KG)

Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)

Bullzip PDF Printer 11.5.0.2698 (HKLM\...\Bullzip PDF Printer_is1) (Version: 11.5.0.2698 - Bullzip)

calibre (HKLM-x32\...\{5BC66570-E69F-4C93-9DF2-E93739A91A63}) (Version: 3.25.0 - Kovid Goyal)

Dropbox 25 GB (HKLM-x32\...\{84D8451D-2ED6-3A59-ABA5-2A447F7C6310}) (Version: 4.1.2.0 - Dropbox, Inc.)

Dropbox Update Helper (x32 Version: 1.3.141.1 - Dropbox, Inc.) Hidden

ELAN Touchpad 18.2.15.7_X64_WHQL (HKLM\...\Elantech) (Version: 18.2.15.7 - ELAN Microelectronic Corp.)

Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)

Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC13084E6700}) (Version: 19.008.20071 - Adobe Systems Incorporated)

FlashPeak Slimjet (HKLM-x32\...\Slimjet) (Version: 19.0.4.0 - FlashPeak Inc.)

foldershare (HKLM\...\foldershare) (Version: 7.3 - foldershare)

FotoWorks XL 2018 (HKLM-x32\...\FotoWorks XL 2018_is1) (Version: Aktuelle Version - IN MEDIAKG TI)

Free MP4 Video Converter (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.111.215 - Digital Wave Ltd)

HP Audio Switch (HKLM-x32\...\{BC852AA8-58F6-4F07-ACB1-7377E52CA4F3}) (Version: 1.0.150.0 - HP Inc.)

HP CoolSense (HKLM-x32\...\{20CC03C7-7B48-4130-B7FA-39BC128E3A9E}) (Version: 2.21.5 - HP Inc.)

HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)

HP ePrint SW (HKLM-x32\...\{54da9769-2364-4bd3-8139-6400500778b3}) (Version: 5.3.22034 - HP Inc.)

HP JumpStart Apps (HKLM-x32\...\HP JumpStart Apps) (Version: 7.0.21 - HP Inc.)

HP JumpStart Bridge (HKLM-x32\...\{23D5C1E8-0442-4D70-9280-927EF36657CB}) (Version: 1.1.0.378 - HP Inc.)

HP JumpStart Launch (HKLM-x32\...\{81CA40FD-E11B-4DC1-AE33-A71EB044B8B7}) (Version: 1.1.275.0 - HP Inc.)

HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)

HP Photosmart 5520 series - Grundlegende Software für das Gerät (HKLM\...\{4F396B08-301D-4E53-A372-95A7E93ABD04}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

HP Photosmart 5520 series Hilfe (HKLM-x32\...\{640A03B3-4E6B-4440-A350-E6A8D6348F12}) (Version: 27.0.0 - Hewlett Packard)

HP Support Assistant (HKLM-x32\...\{4780AF24-213D-4187-86F2-0014A6D6077B}) (Version: 8.3.50.9 - HP Inc.)

HP Support Solutions Framework (HKLM-x32\...\{AAE126B3-95C5-49E1-A590-7B5F6EDC7D60}) (Version: 12.5.32.203 - HP Inc.)

HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.29 - HP Inc.)

HP System Event Utility (HKLM-x32\...\{1BB20774-0FA8-4CFF-AB69-7B7AAE2DCE6C}) (Version: 1.4.19 - HP Inc.)

HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)

Inkscape 0.92.3 (HKLM-x32\...\Inkscape) (Version: 0.92.3 - Inkscape Project)

Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11003.3588 - Intel Corporation)

Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1047 - Intel Corporation)

Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4627 - Intel Corporation)

Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)

Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1643.1 - Intel Corporation)

Intel(R) Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 1.1.1.22 - Intel Corporation)

Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{DDE28492-B260-4DF0-BA99-7F96FC2932C1}) (Version: 19.60.0 - Intel Corporation)

Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.40 - Intel(R) Corporation) Hidden

Intel® Integrated Sensor Solution (HKLM-x32\...\{b3782b53-1b6c-436a-b0f0-f65d83ae74d9}) (Version: 3.0.30.1119 - Intel Corporation)

Intel® PROSet/Wireless Software (HKLM-x32\...\{185db067-38cd-4521-a43e-c39b96ee1389}) (Version: 19.50.1 - Intel Corporation)

IrfanView 4.50 (64-bit) (HKLM\...\IrfanView64) (Version: 4.50 - Irfan Skiljan)

ISS_Drivers_x64 (Version: 3.0.30.1119 - Intel Corporation) Hidden

iTunes (HKLM\...\{91B57967-C0E0-435A-AE53-A2336ECD8560}) (Version: 12.9.1.4 - Apple Inc.)

LibreOffice 5.3.7.2 (HKLM\...\{117F3217-458C-4371-B222-00C69DE96CB2}) (Version: 5.3.7.2 - The Document Foundation)

Malwarebytes Version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)

Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-2101576799-1165526633-3082190696-1001\...\OneDriveSetup.exe) (Version: 18.172.0826.0010 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)

Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)

Mozilla Firefox 63.0.1 (x64 de) (HKLM\...\Mozilla Firefox 63.0.1 (x64 de)) (Version: 63.0.1 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.2 - Mozilla)

OpenOffice 4.1.4 (HKLM-x32\...\{5E9128B1-0AB8-40F5-9F71-69089C490855}) (Version: 4.14.9788 - Apache Software Foundation)

Opera Stable 56.0.3051.99 (HKU\S-1-5-21-2101576799-1165526633-3082190696-1001\...\Opera 56.0.3051.99) (Version: 56.0.3051.99 - Opera Software)

ORTMANN Cross Stitch Designer 4.0 (HKLM-x32\...\ORTMANN Media-Verlag Cross Stitch Designer 4.0) (Version: 4.0 - ORTMANN Media-Verlag)

Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

PDF24 Creator 8.3.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)

PhotoFiltre 7 (HKU\S-1-5-21-2101576799-1165526633-3082190696-1001\...\PhotoFiltre 7) (Version:  - )

Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.21299 - Realtek Semiconductor Corp.)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8135 - Realtek Semiconductor Corp.)

Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)

Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden

Silhouette Link (HKLM-x32\...\{C2136C80-F9D4-4096-86D4-C641BB36DFF3}) (Version: 1.0.096 - Silhouette America)

Silhouette Studio (HKLM-x32\...\{518EAEF4-3E9D-4E45-B4DB-041B7FCB86D0}) (Version: 4.1.442 - Silhouette America)

Studie zur Verbesserung von HP Photosmart 5520 series Produkten (HKLM\...\{B99F865A-3ECB-4E65-B6CF-9C60EE0273A3}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

Update for Skype for Business 2015 (KB4461446) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFBBF6D0-F140-40E9-B5AE-BDE708FC4817}) (Version:  - Microsoft)

Update for Skype for Business 2015 (KB4461446) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFBBF6D0-F140-40E9-B5AE-BDE708FC4817}) (Version:  - Microsoft)

Update for Skype for Business 2015 (KB4461446) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{BFBBF6D0-F140-40E9-B5AE-BDE708FC4817}) (Version:  - Microsoft)

Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{EC5A6438-850E-4AD1-9169-DD071C8EFFEF}) (Version: 2.10.0.0 - Microsoft Corporation)

VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)

Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)

Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-3) (Version: 1.0.42.0 - LunarG, Inc.)

Vulkan Run Time Libraries 1.0.42.0 (Version: 1.0.42.0 - LunarG, Inc.) Hidden

WinRAR 5.50 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

Wondersoft - Wonderful Weather - Enhance and safeguard your online experience (HKLM-x32\...\Wondersoft Wonderful Weather) (Version: "1.1.1" - "Wondersoft")
 

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

CustomCLSID: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001_Classes\CLSID\{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}\localserver32 -> C:\Users\s_rep\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\FileCoAuth.exe (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001_Classes\CLSID\{389510b7-9e58-40d7-98bf-60b911cb0ea9}\localserver32 -> C:\Users\s_rep\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\FileCoAuth.exe (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\s_rep\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\FileCoAuth.exe (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001_Classes\CLSID\{94269C4E-071A-4116-90E6-52E557067E4E}\localserver32 -> C:\Users\s_rep\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\FileCoAuth.exe (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> C:\Users\s_rep\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\FileCoAuth.exe (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001_Classes\CLSID\{A926714B-7BFC-4D08-A035-80021395FFA8}\localserver32 -> C:\Users\s_rep\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\FileCoAuth.exe (Microsoft Corporation)
 

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

Task: {042D8A51-5878-4000-9C10-C04AFF122A1F} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand

Task: {04B3E894-DE5B-4C4A-9AA7-CA8F7CE43583} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Cellular => C:\Windows\system32\ProvTool.exe [2018-04-12] (Microsoft Corporation)

Task: {0638E40C-2629-48D2-B3AA-EE49DDEAB986} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)

Task: {0967FAC8-6E28-4BBF-8387-9D6CEB7DE860} - System32\Tasks\Avira\Safe Shopping\Check => C:\Program Files (x86)\Avira\Safe Shopping\Updater\Updater.exe [2018-11-01] (Avira)

Task: {0A7AA876-862F-4F81-AA4B-B73950FA632C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates

Task: {0FD500DA-01C5-4676-9B10-1A481B381433} - System32\Tasks\S-1-5-21-2101576799-1165526633-3082190696-1001\DataSenseLiveTileTask => C:\Windows\System32\DataUsageLiveTileTask.exe [2018-04-12] (Microsoft Corporation)

Task: {1966DF7C-DE3A-4B71-A0AC-AD8B72668ECD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-07] (HP Inc.)

Task: {1BCC53CF-FE23-46A5-B81C-5FCE6B3BDF23} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\s_rep\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [2018-10-17] (Microsoft Corporation)

Task: {1BE936D4-EE40-4F04-84E0-18FFD27C0A6A} - System32\Tasks\Microsoft\Windows\Chkdsk\SyspartRepair => C:\Windows\system32\bcdboot.exe [2018-04-12] (Microsoft Corporation)

Task: {2231CAFE-FABE-41F5-A0B3-842D9319DBF9} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\Windows\system32\AppHostRegistrationVerifier.exe [2018-06-02] (Microsoft Corporation)

Task: {26979C78-BE35-4BE1-9663-F25C0DD509D3} - System32\Tasks\Opera scheduled Autoupdate 1539967477 => C:\Program Files\Opera\launcher.exe [2018-11-06] (Opera Software)

Task: {294EF281-56B6-4F71-8115-BAC2919EF034} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task

Task: {29F3A47A-C0DC-48D8-ACAF-89413EE0731D} - System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr => C:\Windows\System32\UNP\UpdateNotificationMgr.exe [2018-07-15] (Microsoft Corporation)

Task: {2BB692C1-F60F-479E-ADC2-1CAF9422A2AC} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask

Task: {2DBD790D-172A-4CFA-B3F7-824D7509680F} - System32\Tasks\Microsoft\Windows\PushToInstall\Registration => Sc.exe start pushtoinstall registration

Task: {301E6046-EE37-4B0D-ADEA-B79237AA4C23} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2018-10-16] (Avira Operations GmbH & Co. KG)

Task: {42B682B8-0FA8-4CD6-8609-C90EFF7505D4} - System32\Tasks\HPCustParticipation HP Photosmart 5520 series => C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)

Task: {430852CB-A87C-492E-A659-075C7BF1710C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates

Task: {4C7F4583-DD70-4B68-B5CF-3621E0C33708} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)

Task: {51D31EBF-545E-411D-A21A-CB34004CC384} - System32\Tasks\Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh

Task: {541BA5BF-1736-4A3E-B1E5-CE1C9EE13043} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates

Task: {54A21C2F-028A-40D4-B5D5-88E4A584FB1B} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-10-13] (Intel(R) Corporation)

Task: {56E6F3A6-3B2E-47FE-9C9E-E9669BA61EFC} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-12-18] (Dropbox, Inc.)

Task: {57688D33-0857-43F4-B3D2-26F0D0623E39} - System32\Tasks\Benutzerdienstfür(AppXSVC) => C:\Program Files (x86)\nodejs\node.exe [2017-05-02] (Node.js)

Task: {577C3956-E492-42A5-AEFB-FDC54A537C64} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange

Task: {57A7E0DF-F70E-43B1-AA2C-5BA67DBBE753} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask

Task: {5DB4FD20-4FF2-4C58-9801-ADD6F0149633} - System32\Tasks\Microsoft\Windows\EDP\EDP Inaccessible Credentials Task

Task: {60221910-B7B0-4AB9-AC2D-71058A6720EE} - System32\Tasks\Avira\Safe Shopping\Launch => C:\Program Files (x86)\Avira\Safe Shopping\Updater\Updater.exe [2018-11-01] (Avira)

Task: {62331915-A3E9-4B6E-9686-86034377E8CF} - System32\Tasks\Microsoft\Windows\USB\Usb-Notifications

Task: {65A34F07-723D-4150-B109-13BD1AE3DFAA} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry

Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()

Task: {66969E28-CE77-4B5F-B1FF-A3B610DFCFD3} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)

Task: {6AB34E6E-76B0-4D9C-B1AC-C0E5B26BC23E} - System32\Tasks\Avira\Safe Shopping\Update => C:\Program Files (x86)\Avira\Safe Shopping\Updater\Updater.exe [2018-11-01] (Avira)

Task: {6DE4F7DC-0B8D-404A-A6C9-83241658F8CA} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\Windows\system32\AppHostRegistrationVerifier.exe [2018-06-02] (Microsoft Corporation)

Task: {6F94A2F9-CA33-4FCC-AA69-57F57230173C} - System32\Tasks\EZnVzpmjsBPJAOW => Rundll32.exe "C:\Users\s_rep\AppData\Local\Temp\zJVJydIlxtaAifNHI\TtycKSJSKAhDHkWV\nSqksLm.dll",#1 /adp EIGH4BJGH4VJGH2XIGH7HKGH8XJGH4SJGH8RJGH8YJGH8DIGH0RIGH6LIGH2AIGH1OIGH0WIGH1 /site_id 756

Task: {7138D0D3-1873-4A77-86CF-4840F491C90F} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\Windows\System32\XblGameSaveTask.exe [2018-04-12] (Microsoft Corporation)

Task: {72EC99D5-FDCE-482B-A8C4-79610E17629B} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-12-06] (HP Inc.)

Task: {749E286C-C205-4C7C-B742-BE5023BF06DE} - System32\Tasks\Microsoft\Windows\PushToInstall\LoginCheck => Sc.exe start pushtoinstall login

Task: {756535E6-76E8-42DF-9307-D2A8D82EDB1C} - System32\Tasks\HPEA3JOBS => C:\Program

Task: {77DD4C0D-EEDB-4C1D-9A21-7B30E5F4C03A} - System32\Tasks\qdxgajDnKqmDPrtzQ2 => Rundll32.exe "C:\Program Files (x86)\BHXQvOBMsgKdEntstUR\LtVvruU.dll",#1

Task: {78BABCCD-20B8-49B7-B4F8-87490C41C875} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser

Task: {7EAE5A6B-00F4-4B9F-A255-E1C163B587A1} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession

Task: {7EED1416-89CD-4D52-8537-3E4860543030} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [2018-03-22] (Avira Operations GmbH & Co. KG)

Task: {7EFE6C85-50FC-4D58-A3DF-10FEFC8CCB2D} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-12-18] (Dropbox, Inc.)

Task: {83B7C57C-BF53-42F4-B3A0-B24ABFACE76A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)

Task: {85F40D06-8916-40B8-ABA7-734BA60F90F2} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2016-11-28] (DropboxOEM)

Task: {88026766-9562-4C3E-9C94-2E7DA5B61195} - System32\Tasks\yKlRUxrwnsuFpeUeBWz2 => Rundll32.exe "C:\Program Files (x86)\UmTwpSvRUOfSC\vKpdeLr.dll",#1

Task: {8CCDCCC3-88F0-4860-84BE-5AC16A1C6FA9} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => Rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance

Task: {8D71F5C0-53E1-4F02-9A5D-851779424A0D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)

Task: {8F255F88-A87A-495F-B828-A4AFEC70BDB0} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\Windows\system32\dxgiadaptercache.exe [2018-04-12] (Microsoft Corporation)

Task: {90331E02-BD0D-4D82-8804-1342EAAA2C9F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-12-06] (HP Inc.)

Task: {97E8D66D-0085-423C-BA11-DD777A1258AB} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\Windows\system32\MDMAgent.exe [2018-04-12] (Microsoft Corporation)

Task: {9CB242AA-EA28-4888-8DE0-98F1D6B05AC7} - System32\Tasks\DropboxUpdateTaskMachineCore1d377547997d14 => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-12-18] (Dropbox, Inc.)

Task: {A167F6E0-ED47-419C-807E-2A11ECBA98D4} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation

Task: {A305A840-EC8B-4C66-8EA8-5FF15F129CD2} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe [2018-04-12] (Microsoft Corporation)

Task: {A5FE6B52-974F-492F-81F3-472223AD09D5} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\Windows\system32\ClipRenew.exe [2018-04-12] (Microsoft Corporation)

Task: {AE1E6549-6E33-4D49-801B-F33E6D62356A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2016-12-06] (HP Inc.)

Task: {B0952E0A-C54F-4E8B-95E9-90E560086B37} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand

Task: {B14C88F4-4AAC-4F00-A94E-8EA180D7AEDC} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense

Task: {B2F4AC84-A8D0-4524-9363-BFF5A5911A00} - System32\Tasks\Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask

Task: {B3433942-FE11-4C11-839D-9C7589B6C5CB} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\Windows\system32\ClipRenew.exe [2018-04-12] (Microsoft Corporation)

Task: {B96C2DB0-6A19-4E2B-89F6-84FD75E497A4} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback

Task: {BDE8C0F4-1A50-4A42-ABFC-DFA37F8BF1C8} - System32\Tasks\OqUgsIhoyVOixP => Rundll32.exe "C:\Program Files (x86)\pbjpUXEkQjxU2\ydAhoPZsifauT.dll",#1

Task: {C161767E-4A22-4440-A1AF-1317A585F317} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [2018-03-28] (Avira Operations GmbH & Co. KG                              )

Task: {C2098BE2-A29A-4EB1-97F6-F0C57E086D4F} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\Windows\system32\speech_onecore\common\SpeechRuntime.exe [2018-06-02] (Microsoft Corporation)

Task: {CDA5D686-5D6C-4730-9907-B66710DC3670} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange

Task: {D010978C-B666-4072-B7F3-DD6340CDD629} - System32\Tasks\Microsoft\Windows\EDP\StorageCardEncryption Task

Task: {D07E8395-3840-41C1-8931-34D62726BED3} - System32\Tasks\niYEcWwYibJfLQX2 => Rundll32.exe "C:\Program Files (x86)\eEvEEOxmU\ggsKtT.dll",#1

Task: {D1CC320B-9A47-4DB4-AFE4-2BCE1A964E7A} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources

Task: {D795D83C-F41B-4403-B14E-A038C6FBD1B0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)

Task: {DBE92F66-907D-4220-8C26-5D55E5A5906F} - System32\Tasks\HP\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe [2017-01-12] (HP Development Company, L.P.)

Task: {DD710A69-86C6-4932-97B1-01FB13ACFEF1} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged

Task: {DDF46C27-D05A-4829-90A2-9E4A4DDD7FE9} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [2017-02-02] (HP Inc.)

Task: {E0862994-9083-482D-A921-27B4860FFA21} - System32\Tasks\Microsoft\Windows\Printing\EduPrintProv => C:\Windows\system32\eduprintprov.exe [2018-04-12] (Microsoft Corporation)

Task: {E3757DD2-B31D-4CB0-B696-8EC28DB525C3} - System32\Tasks\Okawville => C:\Program Files\Okawville\Okawville.exe

Task: {E9D4B94B-01E1-4850-91EF-9E40BB4E670E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-12-06] (HP Inc.)

Task: {EDF26610-088A-459C-8682-BED9EC60359F} - System32\Tasks\{e6b1bd71-40ef-4173-8106-93b5f9032a6e} => C:\Users\s_rep\AppData\Local\Temp\{2CF693F1-5E55-41CB-BE04-6E437DA0D4B9}.exe <==== ACHTUNG

Task: {EFA86FF7-22AE-4997-AFD9-E89E1BF9B7D6} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\Windows\system32\devicecensus.exe [2018-04-12] (Microsoft Corporation)

Task: {F002E6F5-6788-45A8-8F43-228E2955D617} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2101576799-1165526633-3082190696-1001 => C:\Users\s_rep\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [2018-10-17] (Microsoft Corporation)

Task: {F955A09C-E83A-4AD5-9ABC-7D5D7A055117} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task

Task: {FC779438-B7FD-4774-AA55-4DE2A4B098A4} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh

Task: {FECF5D21-00E3-4960-8359-57CBFC4E2D73} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)

Task: {FF7C8D28-6205-4327-B2BE-BD3E5E07D9BA} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [2017-02-01] ()
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
 

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore1d377547997d14.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

Task: C:\WINDOWS\Tasks\EZnVzpmjsBPJAOW.job => C:\Users\s_rep\AppData\Local\Temp\zJVJydIlxtaAifNHI\TtycKSJSKAhDHkWV\nSqksLm.dll <==== ACHTUNG

Task: C:\WINDOWS\Tasks\Okawville.job => C:\Program Files\Okawville\Okawville.exe
 

==================== Verknüpfungen =============================
 

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
 

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
 

2018-10-21 02:17 - 2018-10-21 02:17 - 00088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

2018-10-21 02:17 - 2018-10-21 02:17 - 01356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

2016-12-06 12:06 - 2016-12-06 12:06 - 00897200 _____ () C:\Program Files (x86)\Silhouette America\Silhouette Link\Resources\Resources\SPEC_LK\SilhouetteLinkServer.32.exe

2018-04-04 17:03 - 2018-04-04 17:03 - 00173760 _____ () C:\WINDOWS\system32\IntelWifiIhv04.dll

2018-11-11 15:37 - 2018-10-18 08:44 - 02821952 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll

2018-11-11 15:37 - 2018-10-18 08:44 - 02695360 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll

2017-02-01 10:50 - 2017-02-01 10:50 - 00459264 _____ () C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe

2018-04-12 00:34 - 2018-04-12 00:34 - 00491744 _____ () C:\Windows\System32\InputHost.dll

2018-04-12 00:34 - 2018-04-12 00:34 - 00472064 _____ () C:\Windows\ShellExperiences\TileControl.dll

2018-04-12 00:34 - 2018-04-12 00:34 - 02759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll

2018-04-12 00:34 - 2018-04-12 00:34 - 00491744 _____ () C:\WINDOWS\SYSTEM32\InputHost.dll

2018-10-10 07:50 - 2018-09-20 04:38 - 02185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll

2018-04-12 00:34 - 2018-04-12 00:34 - 00491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll

2018-10-16 04:05 - 2018-10-16 04:06 - 00009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll

2018-11-13 08:01 - 2018-11-13 08:01 - 00060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\ChakraBridge.dll

2018-11-13 08:01 - 2018-11-13 08:02 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll

2018-11-13 08:01 - 2018-11-13 08:01 - 10873344 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\LibWrapper.dll

2018-11-13 08:01 - 2018-11-13 08:02 - 02834432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\skypert.dll

2018-11-13 08:01 - 2018-11-13 08:02 - 00685568 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll

2018-11-13 08:01 - 2018-11-13 08:02 - 00183808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe

2018-10-22 13:59 - 2018-10-22 13:59 - 00088888 _____ () C:\Program Files\iTunes\zlib1.dll

2018-10-22 13:59 - 2018-10-22 13:59 - 01356088 _____ () C:\Program Files\iTunes\libxml2.dll

2018-11-07 05:13 - 2018-11-07 05:13 - 01434384 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11001.20083.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll

2018-11-11 15:05 - 2018-11-11 15:16 - 00228352 _____ () C:\Program Files\Mozilla Firefox\zlib1.dll

2018-08-08 14:36 - 2018-08-08 14:35 - 00243352 _____ () C:\Program Files (x86)\Avira\Antivirus\ssl-44.dll

2018-08-08 14:36 - 2018-08-08 14:35 - 01204472 _____ () C:\Program Files (x86)\Avira\Antivirus\crypto-42.dll

2018-03-16 16:03 - 2018-01-18 11:10 - 00114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll

2018-03-16 16:03 - 2018-01-18 11:10 - 00108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll

2018-03-16 16:03 - 2018-01-18 11:10 - 00024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll

2018-03-16 16:03 - 2018-01-18 11:10 - 00048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll

2018-11-01 11:43 - 2018-11-01 11:43 - 00078992 _____ () C:\Program Files (x86)\Avira\Safe Shopping\ScreenClick.dll

2018-10-12 13:51 - 2018-10-12 13:51 - 00153088 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\5a6824ba71791f4e5c689ddf33969597\BRIDGECommon.ni.dll

2018-10-12 13:52 - 2018-10-12 13:52 - 00326144 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\47497f5230d6bfbbb6565f725a2086ae\CleanStartController.ni.dll

2018-10-12 13:51 - 2018-10-12 13:51 - 00116736 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\40891bc946359c696fadcef1382449be\BridgeExtension.ni.dll
 

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
 
 

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
 

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
 
 

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
 

IE trusted site: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001\...\localhost -> localhost

IE trusted site: HKU\S-1-5-21-2101576799-1165526633-3082190696-1001\...\sharepoint.com -> hxxps://ecahk-files.sharepoint.com
 

==================== Hosts Inhalt: ==========================
 

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
 

2017-03-18 22:03 - 2018-11-11 15:16 - 00000980 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 

104.251.211.173 clients2.google.com

104.251.211.173 clients2.google.com

104.251.211.173 clients2.google.com

104.251.211.173 clients2.google.com
 

==================== Andere Bereiche ============================
 

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 

HKU\S-1-5-21-2101576799-1165526633-3082190696-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\s_rep\Documents\Wallpapers Bot\Wallpapers\zfAMY4rgtp5h33Qc.jpg

DNS Servers: 8.8.8.8

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall ist aktiviert.
 

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
 

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 
 

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139

FirewallRules: [WirelessDisplay-Infra-In-TCP] => (Allow) %systemroot%\system32\CastSrv.exe

FirewallRules: [{439043F2-9AB9-4A4B-BFBE-FA623699EF00}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{3B0106F5-5C9F-4A3E-8056-9C4EC2BEA19C}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{677E5800-E1DF-49A2-A852-19B997DFE957}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe

FirewallRules: [{EC4B0CD1-E3AD-4240-A3CD-D7BB88847A2F}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe

FirewallRules: [{BCBD647B-FFEC-47FD-829E-1B05F44A12E6}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe

FirewallRules: [{BD67F4B2-6704-4DDF-BE67-C56288677333}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe

FirewallRules: [UDP Query User{2F7241AE-72ED-401E-99C4-05313F54B160}C:\program files (x86)\avira\softwareupdater\avirasoftwareupdatertoastnotificationsbridge.exe] => (Allow) C:\program files (x86)\avira\softwareupdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [TCP Query User{8EA3B3FA-7B32-451F-93EA-DD2A8A2175E1}C:\program files (x86)\avira\softwareupdater\avirasoftwareupdatertoastnotificationsbridge.exe] => (Allow) C:\program files (x86)\avira\softwareupdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{B7052AEC-6E2C-46FD-8B02-6BE5265D139F}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe

FirewallRules: [{70658E0A-BCA3-4118-9B42-0EA07E1BFE05}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe

FirewallRules: [{A1549108-A290-49D9-B5EC-ED771DF44F8D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe

FirewallRules: [{1B586CB7-BE56-4AB0-9CAC-7453ABD88DD1}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe

FirewallRules: [{06C0F912-9378-457B-93BD-DCDEB82F5AD4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe

FirewallRules: [{37E293EB-09D3-496C-86DE-021CFBCA1C97}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe

FirewallRules: [UDP Query User{047AF169-911B-485B-A0CD-39BB4A3F55BA}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe

FirewallRules: [TCP Query User{A60134A4-2C23-4282-B121-32B94999C6CA}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe

FirewallRules: [{8EFA245C-82EE-4FFB-8BB1-B5655205979D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

FirewallRules: [{A0044B33-F734-40D5-AC66-272F00226DFC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

FirewallRules: [{0B34C0E6-0CAB-4577-B4D1-23395A092786}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe

FirewallRules: [{D8BEE5B1-E632-4A06-BAA1-68516E9C65A6}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe

FirewallRules: [{4B4AA8B4-8C91-412A-81C3-E75BA96964D3}] => (Allow) C:\Program Files (x86)\Silhouette America\Silhouette Link\SilhouetteLinkConsole.exe

FirewallRules: [{3C469094-E9B2-47AF-A2D0-986D54669D45}] => (Allow) C:\Program Files (x86)\Silhouette America\Silhouette Link\Resources\Resources\SPEC_LK\SilhouetteLinkServer.32.exe

FirewallRules: [{87901CA5-AF13-4AF9-9DD1-D6CC049A8E42}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\DeviceSetup.exe

FirewallRules: [{827BD9B1-D12F-457E-8888-146480263EBB}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicator.exe

FirewallRules: [{34F98F02-3FDD-40BC-BF5A-721CE70F9DAA}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicatorCom.exe

FirewallRules: [{A1A3588C-0FFD-4713-B54A-832B187AD868}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{4300C1D7-29E8-4BEE-90A7-E609500C27A5}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{B9BF142B-9EDF-444E-AFBF-9C8EF85643F4}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{4FC24485-7F00-4A5C-88E7-4271B08E8596}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{D46AD910-FE2E-410D-8DCA-BA1CCF494AFD}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{AE0C1F56-D9C7-4051-BA71-AABC0126D52E}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{AAE03384-BD64-4C1A-9734-1A70EA1B49DE}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{C451C23A-559C-4743-8967-31F5B8A67CBF}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{3AEE882F-C2FA-4FD6-BFB4-232094768E2C}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{6657C994-1DCD-45E1-8E14-09F1A7A31C66}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{B1377193-AB3F-4C3A-BF26-1A0A67E84C5B}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{0F003187-7357-4817-9935-F55FCDA464D3}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{AD43A1A4-DD8A-495C-9060-A523D70212B7}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{AFAFA1E7-3911-4321-8517-EF92A856EBCB}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{2843C2E1-BE26-4EBC-B115-0B27532A0B0D}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{397B3379-6311-4DBD-A104-BC9EA0DC6B73}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{D5BF0ED1-3D5F-48B8-B6AC-48C386802643}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{F9C36B6B-87F1-4F57-BD43-0E9F75E2AD6A}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{E3D05FEC-090D-4A42-B12D-018918311952}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{D50AF306-D37D-4E61-A86D-7E2DB0E5F525}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{534B5086-7971-45A2-99C9-B7CAB430C02A}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{9B239CB7-00CD-4482-93AE-8ABA968BDB30}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{0C3D50BB-4590-4D95-933B-6B7C9D48932B}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{B5CE0DAA-E3A8-4574-BD12-CB9D79726BDE}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{D59B3E36-74D5-479B-9BCA-C64488D02404}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{98C20A46-B12E-47DA-8F96-BDE4CB6EF401}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{3AE3B46B-2F14-4E4D-80C5-379B90EB37EB}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{4EAE7AD8-3012-4D13-AFF3-AF85C38396A1}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{1B03FE70-DEF9-4AA5-AD67-9AF531BE0615}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{62017417-BFF3-40EB-B41E-EC16F647C5B4}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{8B9E91E4-FF94-4CF6-BB09-8028EB3D27D2}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{731632A1-C8EC-457B-8AAA-93783BA8E4D6}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{26DE2B26-1A44-411C-9614-19CD7F1E39AD}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{1A91A1B1-6D6F-40A0-9ABF-C50D48615F72}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{DAFD3D59-0C52-415F-86C8-DF2195CBA66C}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{276EFC78-F505-480B-AEA5-D8FBFB188F01}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{B320A83B-E3CA-4F2A-BC06-BEC50306B525}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{B6331505-1E93-486E-9143-25FA28B77E58}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{053137EB-66B7-4AAB-BC5A-0B09671D49A0}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{F894D921-EEC6-494C-84FA-A193ADC15270}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{D7AB8D5A-8D8A-4644-BBEE-D9EC48B5B91D}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{F234CFB2-CDC8-458A-BB66-C64A91CD7F7E}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{5EC1243E-60C8-4F70-808C-4FCAA91C909B}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{81C9FC8E-184B-4EC4-A710-F94C2F157E5D}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{A762C034-D189-4204-B72B-9E0357F37F59}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{4D265CDE-1D8A-40A3-80C8-6994347DDBF0}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{F8F262E0-7066-4D48-94E3-7DDBB228C52C}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{67AE79B0-712A-4FFB-91A7-1F89EC9CD753}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{341D333F-020C-430E-BA97-0CE31D96D1E3}] => (Allow) C:\Program Files\Opera\56.0.3051.52\opera.exe

FirewallRules: [{E391F228-6C1E-42CF-95FD-612F45847892}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{7C91652E-96EF-4A9F-86BB-36D92B5F4AAA}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{80E515D2-1021-44B6-B5B0-847FB4A9BEB9}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{64BBF7EE-4EE1-4976-8CC4-F1031D3003EE}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{9E39608F-6D27-4CC3-9754-CDB8D7B632B2}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{5557133A-7AFB-43E4-A279-DEEA4914859B}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{63B779B2-2355-4DEC-A8C2-DC42BF5C194F}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{2A0B080D-7F28-4799-9270-7304A091293C}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{64EFF598-A5F3-40FF-B960-8F276AED3B32}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{757D69DB-4307-4C1C-945E-439D3315C488}] => (Allow) C:\Program Files\Opera\56.0.3051.99\opera.exe

FirewallRules: [{7AB434E3-99FB-4038-82AB-28BB57633C44}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

FirewallRules: [{A71721D4-8345-4A02-820D-3542C181B855}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{65791A5B-7F04-41AC-885A-271C9308D87B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{7E643056-9DF7-4D6B-B6E7-ECBF0FB4871F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{C21F8CA8-D18C-4A0F-BD1A-BB7BF49817A5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{5C3909DB-F402-4636-A255-61F506305906}] => (Allow) C:\Program Files\iTunes\iTunes.exe

FirewallRules: [{712047EF-FED1-48B5-8D7B-DD342C1F505C}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{A91B5495-CB42-42BE-9949-439B8B6296A8}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{41A32139-30C1-4DD2-91DB-2E4BE3169C20}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{E7DEB653-A09C-4EB3-AD29-E33842C255CF}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{F98E92B0-E83F-46C4-9F0F-A0D68D0C95C2}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{96BAA2AE-8038-427C-9C9D-19B7B89F3B71}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{1ECFA2FF-6F0E-48ED-AD78-5AF937E49C61}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{CDE1F15A-D759-451F-8570-468923CDD818}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{B40CD56A-8B54-4EFE-B268-98512353C973}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{28AEA346-D0F7-4349-9878-C018C83B4F60}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{F7A449E9-978F-4603-BD13-B9F5A2B9F790}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{FF8A0E47-C6BC-4395-BB3B-B41E6C7754D6}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{02E7D4B9-D057-4E80-BA0B-39790DBE2EA3}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{6C719FEB-EC56-4E56-8A30-D398434E15C9}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{CE9AB76D-BBA0-4CED-BC10-145A03CF6E15}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{49754684-832B-49B6-9933-1E7876EDC687}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{31C3491D-E0F6-493C-851B-B4913132913F}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{08C52614-B8B0-4636-8B01-8DFAFBDDFA6F}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{9A02A70D-9DF4-424C-AA9A-9BEBC9B3EF38}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{6DC7C76B-0F53-4ADF-9B4E-DD28D6CFD1EA}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{2EE397CF-4581-456E-92FF-DAFD02CE4924}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{CDD00E64-957D-4B4F-A129-6CD228C4D2F6}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{6711641B-82C4-4536-9244-31D15B5217AA}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{F00DAB18-FACC-4D13-8568-BC39636D787E}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{0B82EE2E-8E5F-4A3A-844D-B45246CCF874}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{64803051-1F76-4FC1-A21B-EC3DB39C067B}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{9C3FF083-F673-4FF3-B843-CF96D05016CF}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{47E1F7AA-0C4E-4455-96BA-5D4425416C19}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{4396F9D4-3B5D-4FE6-97C7-0348571CC097}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{645AED59-74C6-4F0B-A2FB-A9F207EB67B2}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{80D6592C-202E-4CF7-AE99-56C19375AE11}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{A3A17FF0-F740-4578-B957-DD24B29BD7DF}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{8983048C-F85C-46EC-94CE-CECFDFAEF478}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{A85121C2-DE0C-4D60-94BA-1B05A187682B}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{7B945347-9E8B-4BA4-BE35-22FC9180B082}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{EC82A8F5-76D4-412C-BEA4-42B082C343FE}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{F0207F3A-E0FB-487B-B658-938DAEE6BB77}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{0FC34F8A-26C8-4F2F-BBBD-1B7DF7DBEB16}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe

FirewallRules: [{B79DEB5C-3E04-40D2-B007-B8CBEE80A30A}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe
 

==================== Wiederherstellungspunkte =========================
 

26-10-2018 16:00:04 Geplanter Prüfpunkt

05-11-2018 07:39:58 Geplanter Prüfpunkt

08-11-2018 05:00:29 Installed iTunes

11-11-2018 15:27:03 

11-11-2018 15:27:17 
 

==================== Fehlerhafte Geräte im Gerätemanager =============
 
 

==================== Fehlereinträge in der Ereignisanzeige: =========================
 

Applikationsfehler:

==================

Error: (11/13/2018 08:35:51 AM) (Source: Perflib) (EventID: 1008) (User: )

Description: aspnet_stateC:\Windows\System32\aspnet_counters.dll8
 

Error: (11/13/2018 08:35:51 AM) (Source: Perflib) (EventID: 1008) (User: )

Description: ASP.NET_4.0.30319C:\Windows\System32\aspnet_counters.dll8
 

Error: (11/13/2018 08:35:51 AM) (Source: Perflib) (EventID: 1008) (User: )

Description: ASP.NETC:\Windows\System32\aspnet_counters.dll8
 

Error: (11/12/2018 11:15:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Local Hostname DESKTOP-D6NM1SV.local already in use; will try DESKTOP-D6NM1SV-2.local instead
 

Error: (11/12/2018 11:15:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister    4 DESKTOP-D6NM1SV.local. Addr 192.168.0.10
 

Error: (11/12/2018 11:15:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: mDNSCoreReceiveResponse: Received from 192.168.0.10:5353   16 DESKTOP-D6NM1SV.local. AAAA 2A02:8108:0280:1253:EF76:6081:35AB:62CA
 

Error: (11/12/2018 11:15:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: mDNSCoreReceiveResponse: Resetting to Probing:   16 DESKTOP-D6NM1SV.local. AAAA FE80:0000:0000:0000:E161:A67E:0CD9:83D2
 

Error: (11/12/2018 11:15:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: mDNSCoreReceiveResponse: Received from 192.168.0.10:5353   16 DESKTOP-D6NM1SV.local. AAAA 2A02:8108:0280:1253:EF76:6081:35AB:62CA
 

Error: (11/12/2018 11:15:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: mDNSCoreReceiveResponse: Resetting to Probing:   16 DESKTOP-D6NM1SV.local. AAAA 2A02:8108:0280:1253:A1C4:4F33:4A1F:4480
 

Error: (11/12/2018 11:15:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: mDNSCoreReceiveResponse: Received from 192.168.0.10:5353   16 DESKTOP-D6NM1SV.local. AAAA 2A02:8108:0280:1253:EF76:6081:35AB:62CA
 
 

Systemfehler:

=============

Error: (11/13/2018 09:28:46 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-D6NM1SV)

Description: {E48EDA45-43C6-48E0-9323-A7B2067D9CD5}
 

Error: (11/13/2018 09:26:46 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-D6NM1SV)

Description: {E48EDA45-43C6-48E0-9323-A7B2067D9CD5}
 

Error: (11/13/2018 09:24:46 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-D6NM1SV)

Description: {9E175B6D-F52A-11D8-B9A5-505054503030}
 

Error: (11/13/2018 09:22:46 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-D6NM1SV)

Description: {9E175B6D-F52A-11D8-B9A5-505054503030}
 

Error: (11/13/2018 09:20:46 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-D6NM1SV)

Description: {9E175B6D-F52A-11D8-B9A5-505054503030}
 

Error: (11/13/2018 09:18:46 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-D6NM1SV)

Description: {E48EDA45-43C6-48E0-9323-A7B2067D9CD5}
 

Error: (11/13/2018 09:16:46 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-D6NM1SV)

Description: {9E175B6D-F52A-11D8-B9A5-505054503030}
 

Error: (11/13/2018 09:14:46 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-D6NM1SV)

Description: {E48EDA45-43C6-48E0-9323-A7B2067D9CD5}
 

Error: (11/13/2018 09:12:46 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-D6NM1SV)

Description: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 

Error: (11/13/2018 09:10:46 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-D6NM1SV)

Description: {E48EDA45-43C6-48E0-9323-A7B2067D9CD5}
 
 

CodeIntegrity:

===================================

  Date: 2018-11-13 09:02:07.609

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 

  Date: 2018-11-13 09:02:07.607

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 

  Date: 2018-11-13 08:51:56.033

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
 

  Date: 2018-11-13 08:51:56.033

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
 

  Date: 2018-11-13 08:36:37.524

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 

  Date: 2018-11-13 08:36:37.518

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 

  Date: 2018-11-13 08:36:35.288

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 

  Date: 2018-11-13 08:36:35.282

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 

  Date: 2018-11-13 08:36:15.534

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 

  Date: 2018-11-13 08:36:15.532

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 
 

==================== Speicherinformationen =========================== 
 

Prozessor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz

Prozentuale Nutzung des RAM: 50%

Installierter physikalischer RAM: 8064.66 MB

Verfügbarer physikalischer RAM: 4026.69 MB

Summe virtueller Speicher: 11136.66 MB

Verfügbarer virtueller Speicher: 6890.61 MB
 

==================== Laufwerke ================================
 

Drive c: (Windows) (Fixed) (Total:915.33 GB) (Free:681.16 GB) NTFS

Drive d: (RECOVERY) (Fixed) (Total:14.95 GB) (Free:1.78 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
 

==================== MBR & Partitionstabelle ==================
 

========================================================

Disk: 0 (Size: 931.5 GB) (Disk ID: A50E1C7D)
 

Partition: GPT.
 

==================== Ende von Addition.txt ============================

Servus,

wenn ein Schritt (so wie bei dir jetzt Schritt 1) nicht funktioniert, brauchst du die anderen Folgeschritte nicht ausführen, da sie aufeinander aufbauen... wobei ich aus der Logdatei von Schritt 2 sehe, dass du auch diesen Schritt falsch ausgeführt hast.

Zitat:

Zitat von MariaAmadeus (Beitrag 1706659)

Ich scheitere jetzt allerdings schon an Schritt1... Habe den gesamten Teil der Box markiert und kopiert, dann FRST geöffnet und auf Entfernen geklickt... Allerdings zeigt mir das Programm dann folgendes an:

fixlist.txt wurde nicht gefunden.
Die fixlist.txt muss sich im gleichen Ordner/Verzeichnis wie das Programm befinden.

Dann hast du nicht den gesamten Inhalt der Code-Box kopiert...
Auch die Zeilen "start::" und "end::" müssen kopiert werden.

Ich habe es selber gerade ausprobiert... es funktioniert einwandfrei.

Bitte genau lesen und wiederholen.... du schaffst das bestimmt. :)

Kleiner Nachtrag:

Zitat:

RiskWare.Patcher, C:\USERS\S_REP\DOWNLOADS\ALTE SICHERUNGEN\SICHERUNG SONJA 2\ALTE DOWNLOADS\OFFICE 2016\1\CYGISO\CYGISO\WIN10_ACTIVATOR.EXE, In Quarantäne, [7919], [19201],1.0.7797
Generic.Malware/Suspicious, C:\USERS\S_REP\DOWNLOADS\ALTE SICHERUNGEN\SICHERUNG SONJA 2\ALTE DOWNLOADS\OFFICE 2016\PRG ACTI PORT\KMSAUTO LITE PORTABLE V1.2.6\KMSAUTO.EXE, In Quarantäne, [0], [392686],1.0.7797
Generic.Malware/Suspicious, C:\USERS\S_REP\DOWNLOADS\ALTE SICHERUNGEN\SICHERUNG SONJA 2\PROGRAMME INSTALLIERT\OFFICE 2016\PRG ACTI PORT\KMSAUTO LITE PORTABLE V1.2.6\KMSAUTO.EXE, In Quarantäne, [0], [392686],1.0.7797

Das sieht mir stark nach illegaler Software aus.

Lesestoff:
Illegale Software: Cracks, Keygens und Co

Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Es geht weiter wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.

Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten.
PM inklusive Link zum Thema an mich falls du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen!