![]() |
|
Mülltonne: Windows 10: Freunde erhalten "verseuchte" Emails, vermute TrojanerWindows 7 Beiträge, die gegen unsere Regeln verstoßen haben, solche, die die Welt nicht braucht oder sonstiger Müll landet hier in der Mülltonne... |
![]() | #1 |
![]() | ![]() Windows 10: Freunde erhalten "verseuchte" Emails, vermute Trojaner Hallo mein Freund, Du hast mir geholfen einen Trojaner loszuwerden. Herzlichen Dank. Der Rechner wird freiberuflich genutzt. Beispiel einer dieser E-Mails: Von: Heiko Roemhild [mailto:h_roemhild@karibcable.com] Gesendet: Sonntag, 13. Dezember 2020 17:52 An: Eva Betreff: FW: Eva https://bit.ly/346FJ3L Heiko From: Heiko Roemhild [mailto:h_roemhildc@yahoo.com] Sent: Sunday, December 13, 2020 05:52:09 PM To: evalea.glatt@bluewin.ch Subject: hxxp://www.bing.com/search?q=&form=CFSWVCFEHXFRSAE&cvid=YYXAQXZXUKNDSGN Ende der Beispiel E-Mail Ich würde nur gerne sicher gehen das es kein erneuter Befall ist. Ich nutze noch einen weiteren Rechner in meinem Netzwerk. Vielleicht komme es von dort? Herzliche Grüße Heiko Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 13-12-2020 durchgeführt von heiko (Administrator) auf HP-Z-BOOK (HP HP ZBook Studio G5) (13-12-2020 21:48:15) Gestartet von C:\Users\heiko\OneDrive\Desktop Geladene Profile: heiko & postgres Platform: Windows 10 Pro Version 20H2 19042.685 (X64) Sprache: Deutsch (Deutschland) Standard-Browser: FF Start-Modus: Normal ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <4> (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2> (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe (Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\UpdaterService.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfService.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe (Conexant Systems LLC.) [Datei ist nicht signiert] C:\Windows\CxSvc\CxUtilSvc.exe (Datronicsoft, Inc. -> ) C:\Windows\System32\spacedeskService.exe (Datronicsoft, Inc. -> ) C:\Windows\System32\spacedeskServiceTray.exe (geek software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe <2> (GN AUDIO A/S -> GN Audio A/S) C:\Program Files (x86)\Jabra\Direct4\jabra-direct.exe <4> (GN AUDIO A/S -> GN Audio A/S) C:\Program Files (x86)\Jabra\Direct4\SoftphoneIntegrations.exe (Google LLC -> Google LLC) C:\Users\heiko\AppData\Local\Google\Chrome\Application\chrome.exe <12> (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP Collaboration Keyboard\HPCollaborationKeyboard.exe (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_f37ada3b81da51b7\x64\TouchpointAnalyticsClientService.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_f37ada3b81da51b7\x64\TouchpointGpuInfo.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_523e0ef1e49d1c25\x64\AppHelperCap.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_523e0ef1e49d1c25\x64\BridgeCommunication.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_523e0ef1e49d1c25\x64\NetworkCap.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_523e0ef1e49d1c25\x64\SysInfoCap.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_7c4f80d815ff4ebd\HotKeyServiceUWP.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_7c4f80d815ff4ebd\HPHotkeyNotification.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_7c4f80d815ff4ebd\LanWlanWwanSwitchingServiceUWP.exe (HP Inc. -> HP Inc.) C:\Windows\SysWOW64\HP_SureRun.exe (HP Inc. -> HP Inc.) C:\Windows\SysWOW64\HP_SureRun_Notification.exe (HP Inc. -> HP) C:\Program Files (x86)\HP\HP Collaboration Keyboard\CollaborationKeysController.exe (HP Inc. -> HP) C:\Program Files (x86)\HP\HP Hotkey Support\HotkeyService.exe (HP Inc. -> HP) C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe (HP Inc. -> HP) C:\Program Files (x86)\HP\HP MAC Address Manager\hpMAMSrv.exe (HP Inc. -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_9196e89091d8bdbb\esif_uf.exe (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_968d2e53c8174e28\igfxCUIService.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_968d2e53c8174e28\igfxEM.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_968d2e53c8174e28\IntelCpHDCPSvc.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_968d2e53c8174e28\IntelCpHeciSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_724e05bd98458fe4\RstMwService.exe (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (Logitech Inc -> Logitech) C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe (Logitech Inc -> Logitech) C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe (Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe (Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Users\heiko\AppData\Local\Microsoft\OneDrive\20.201.1005.0009\FileCoAuth.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\heiko\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2011.11613.0_x64__8wekyb3d8bbwe\Cortana.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2010.0.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.20112.10111.0_x64__8wekyb3d8bbwe\Music.UI.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe (Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe (Node.js Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvwmi64.exe <2> (PFU Limited -> PFU Limited) C:\Program Files (x86)\PFU\ScanSnap\Home\PfuSshImgMonitor.exe <3> (PFU Limited -> PFU Limited) C:\Program Files (x86)\PFU\ScanSnap\Home\PfuSshImgProc.exe <7> (PFU Limited -> PFU Limited) C:\Program Files (x86)\PFU\ScanSnap\Home\PfuSshMonWCFHost.exe (PFU Limited -> PFU Limited) C:\Program Files (x86)\PFU\ScanSnap\Home\PfuSsMon.exe (PFU Limited -> PFU Limited) C:\Program Files (x86)\PFU\ScanSnap\Home\SshRegister.exe (PFU Limited -> PFU Limited) C:\Program Files (x86)\PFU\ScanSnap\Home\SshTaskTray.exe (PFU Limited -> PFU Limited) C:\Program Files (x86)\PFU\ScanSnap\Update\SsUWatcher.exe (PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\SshCloudMonitor.exe (PFU LIMITED) [Datei ist nicht signiert] C:\ProgramData\PFU\ScanSnap\Home\SSDriver\fi5110\SsWiaChecker.exe (PostgreSQL Global Development Group) [Datei ist nicht signiert] C:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe (PostgreSQL Global Development Group) [Datei ist nicht signiert] C:\Program Files\PostgreSQL\9.5\bin\postgres.exe <7> (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64U.exe (Synaptics Incorporated -> ) C:\Program Files\CONEXANT\Flow\FlowTray.exe (Synaptics Incorporated -> Conexant Systems LLC.) C:\Program Files\CONEXANT\SA3\HP-NB-AIO\SmartAudio3.exe (Synaptics Incorporated -> Conexant Systems LLC.) C:\Windows\CxSvc\CxAudioSvc.exe (Synaptics Incorporated -> Conexant Systems, Inc) C:\Program Files\CONEXANT\Flow\Flow.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe (Synaptics Incorporated) [Datei ist nicht signiert] C:\Windows\System32\SynaMonApp.exe (Synology Inc. -> ) C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe (Synology Inc. -> ) C:\Program Files (x86)\Synology\SynologyDrive\bin\vss-service-x64.exe (TechSmith Corporation -> TechSmith Corporation) C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe (TechSmith Corporation -> TechSmith Corporation) C:\Program Files\TechSmith\Snagit 2019\Snagit32.exe (TechSmith Corporation -> TechSmith Corporation) C:\Program Files\TechSmith\Snagit 2019\SnagitEditor.exe (TechSmith Corporation -> TechSmith Corporation) C:\Program Files\TechSmith\Snagit 2019\SnagPriv.exe ==================== Registry (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [AdobePSE17AutoAnalyzer] => C:\Program Files\Adobe\Elements 2019 Organizer\Elements Auto Creations 2019.exe [3058696 2018-08-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [TechSmithSnagit] => C:\Program Files\TechSmith\Snagit 2019\Snagit32.exe [8940000 2020-07-29] (TechSmith Corporation -> TechSmith Corporation) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320056 2019-12-13] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1667208 2020-10-21] (Logitech Inc -> Logitech, Inc.) HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [558144 2020-11-25] (geek software GmbH -> geek software GmbH) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3951024 2019-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech, Inc.) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2095672 2020-10-07] (Adobe Inc. -> Adobe Inc.) HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2020-10-12] (Adobe Inc. -> ) HKLM-x32\...\Run: [ScanSnap Home Pfussmon] => C:\Program Files (x86)\PFU\ScanSnap\Home\pfuSSMon.exe [3587568 2020-10-27] (PFU Limited -> PFU Limited) HKLM-x32\...\Run: [ScanSnap WIA Service Checker] => C:\ProgramData\PFU\ScanSnap\Home\SSDriver\fi5110\SsWiaChecker.exe [121856 2020-05-26] (PFU LIMITED) [Datei ist nicht signiert] HKLM-x32\...\Run: [SshCloudMonitor] => C:\Program Files (x86)\PFU\ScanSnap\Home\SshCloudMonitor.exe [77824 2020-09-23] (PFU Limited) [Datei ist nicht signiert] HKLM-x32\...\Run: [SshRegister] => C:\Program Files (x86)\PFU\ScanSnap\Home\SshRegister.exe [130544 2020-10-27] (PFU Limited -> PFU Limited) HKLM-x32\...\Run: [pfuSshMain] => C:\Program Files (x86)\PFU\ScanSnap\Home\pfuSshMain.exe [2323952 2020-10-27] (PFU Limited -> PFU Limited) HKLM-x32\...\Run: [ScanSnap OnlineUpdate Watcher] => C:\Program Files (x86)\PFU\ScanSnap\Update\SsUWatcher.exe [134656 2020-06-05] (PFU Limited -> PFU Limited) HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [798816 2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [460896 2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) HKLM-x32\...\Run: [Jabra Direct] => C:\Program Files (x86)\Jabra\Direct4\jabra-direct.exe [106801096 2020-11-13] (GN AUDIO A/S -> GN Audio A/S) HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe /background /setautostart HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe /background /setautostart HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-1298520027-1106975814-2819668856-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [677512 2020-11-10] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-1298520027-1106975814-2819668856-1001\...\Run: [] => [X] HKU\S-1-5-21-1298520027-1106975814-2819668856-1001\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-1298520027-1106975814-2819668856-1001\...\Run: [Google Update] => C:\Users\heiko\AppData\Local\Google\Update\1.3.36.52\GoogleUpdateCore.exe [219592 2020-12-04] (Google LLC -> Google LLC) HKU\S-1-5-21-1298520027-1106975814-2819668856-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5491248 2020-10-22] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-1298520027-1106975814-2819668856-1001\...\MountPoints2: {65006cc2-10be-11eb-8d62-548d5a775924} - "D:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1298520027-1106975814-2819668856-1002\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2020-10-22] (Adobe Inc. -> Adobe Systems, Inc.) HKLM\Software\...\Authentication\Credential Providers: [{77B7ED10-A641-4766-A428-8B9EE42E830A}] -> C:\windows\system32\DPCrProv2.dll HKLM\Software\...\Authentication\Credential Providers: [{E85E7D14-653B-4E51-9BC5-E5F9EC9BC51D}] -> C:\windows\system32\DPCrProv2.dll HKLM\Software\...\Authentication\Credential Providers: [{F0C31759-99A6-493E-AD7D-7F69126CDFBC}] -> C:\windows\system32\DPCrProv2.dll HKLM\Software\...\Authentication\Credential Providers: [{F731030D-3272-4D8B-A21A-3940EF268453}] -> C:\windows\system32\DPCrProv2.dll HKLM\Software\...\Authentication\Credential Provider Filters: [{DCFB2A33-814B-4236-BFBD-FFEA3F528385}] -> C:\windows\system32\DPCrProv2.dll Startup: C:\Users\heiko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2020-11-27] ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {1438D197-E554-4DD8-97C2-5C6E5373CB63} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {1C993506-819D-46FE-A4E2-7F2961311057} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-heikoroemhild@outlook.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {2133CB02-C670-4860-AB0F-2583BEAF8B35} - System32\Tasks\Agent Activation Runtime\S-1-5-21-1298520027-1106975814-2819668856-1001 => C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe [13312 2020-12-02] (Microsoft Windows -> ) Task: {218541E1-2C64-4935-A070-E3BA3ED38E93} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-11-27] (Microsoft Corporation -> Microsoft Corporation) Task: {21A08B60-6CE6-4F71-B10A-B6265383510C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1137496 2020-11-02] (HP Inc. -> HP Inc.) Task: {2BC0AE96-6317-488F-9C22-522F714425A9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [553304 2020-11-02] (HP Inc. -> HP Inc.) Task: {2DB14EF8-9F90-437A-9BCD-AB9794CD0282} - System32\Tasks\HP\HP Collaboration Keyboard\HP Collaboration Keyboard Controller => C:\Program Files (x86)\HP\HP Collaboration Keyboard\CollaborationKeysController.exe [722984 2019-09-17] (HP Inc. -> HP) Task: {2E736FE3-5997-47EF-B6CF-85CC8CDF2F82} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2177464 2019-11-15] (Microsoft Corporation -> Microsoft) Task: {33C766CE-8B2A-4184-8D75-A8CDBC8D5109} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2020-12-10] (Microsoft Corporation -> Microsoft Corporation) Task: {3FDBA556-7257-4A11-8FFE-5BA1BC23EC3E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {499AB6A1-97F7-471A-AA5F-11552BD8CEB5} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {4D30CDF8-942F-40F0-A868-393767437D26} - System32\Tasks\HP\HP Hotkey Support\Start QLBController Process => C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe [891432 2018-08-31] (HP Inc. -> HP) Task: {5E409A61-992C-4DC6-A52D-F746926C0245} - System32\Tasks\Opera scheduled assistant Autoupdate 1601837781 => C:\Users\heiko\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\heiko\AppData\Local\Programs\Opera\assistant" $(Arg0) Task: {656E7EA3-8609-4D68-87EF-4DD7F7A317F9} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [670928 2020-11-12] (Mozilla Corporation -> Mozilla Foundation) Task: {65AB2AE4-6253-4E75-817F-B340CFE6E8AF} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2646152 2019-11-15] (Microsoft Corporation -> Microsoft Corporation) Task: {7171E66F-9F35-4533-94F7-84301DED497A} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2043016 2019-11-15] (Microsoft Corporation -> Microsoft Corporation) Task: {79AB9F88-BD84-4321-8BA7-59A2156A805F} - System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [1537960 2020-11-12] (NVIDIA Corporation -> NVIDIA Corporation) Task: {885843C8-E781-4A72-B0B6-774D483A5D6B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [135000 2020-09-30] (HP Inc. -> HP Inc.) Task: {98C587A6-7078-411D-AAA8-77CB58E64CCA} - System32\Tasks\Microsoft\Windows\Conexant\SynaMonApp => C:\Windows\System32\SynaMonApp.exe [170496 2019-10-04] (Synaptics Incorporated) [Datei ist nicht signiert] Task: {98E6ECCD-EC2B-4170-A032-75D70535E039} - System32\Tasks\Scheduled scanning task => C:\Program Files (x86)\UnityMedia\fsscan.exe Task: {997D3C98-55DA-4FC7-B0EF-E44CC99C6863} - System32\Tasks\Opera scheduled Autoupdate 1601837778 => C:\Users\heiko\AppData\Local\Programs\Opera\launcher.exe Task: {9C38A095-11F1-4C97-AE0C-3D3DFAC1C70A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2020-12-10] (Microsoft Corporation -> Microsoft Corporation) Task: {AA6C25CC-D8CB-42D8-9DB1-F49AB9510BE2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1137496 2020-11-02] (HP Inc. -> HP Inc.) Task: {B6E1960E-1F6B-42AE-A7AE-89B15BD9D26A} - System32\Tasks\HP\HP Collaboration Keyboard\Start Collaboration Keyboard Process => C:\Program Files (x86)\HP\HP Collaboration Keyboard\HPCollaborationKeyboard.exe [609320 2020-02-14] (HP Inc. -> HP Inc.) Task: {B7617DC3-4824-43CA-9DC2-C004F8CCEC36} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {BFD98C6E-BC7A-4CAB-82E1-022D8C72221C} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService Task: {C0717D82-0596-4A06-AB0A-757037530131} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.) Task: {C54AA8A3-B12B-4154-91F2-FA6D2D551229} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-11-27] (Microsoft Corporation -> Microsoft Corporation) Task: {CA8E4854-60A6-4818-A5B0-4667B3DAB164} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2043016 2019-11-15] (Microsoft Corporation -> Microsoft Corporation) Task: {CD6A00EC-75E4-4A39-9425-8315734AFF8D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-07] (Microsoft Corporation -> Microsoft Corporation) Task: {D500C4BD-E583-4609-B49F-EE0FD18E00F2} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2646152 2019-11-15] (Microsoft Corporation -> Microsoft Corporation) Task: {D6F6363F-EC1B-4773-80CE-1B7F2106E996} - System32\Tasks\Intel\Intel® Management and Security Status => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [232536 2020-09-02] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) -> "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60 Task: {D9D1B0D2-F917-4380-8F25-2C295B9556E0} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [32696 2019-11-15] (Microsoft Corporation -> Microsoft) Task: {DCA073A0-01DF-491D-B856-687B88B0DB7F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {E1E7CB22-531C-4D9A-8562-D1B98998329E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1298520027-1106975814-2819668856-1001UA => C:\Users\heiko\AppData\Local\Google\Update\GoogleUpdate.exe [155592 2020-11-17] (Google LLC -> Google LLC) Task: {E3017FF9-835A-4BF6-97C3-9C39C11E2CC2} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => c:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [225984 2018-09-06] (Intel(R) Client Connectivity Division SW -> Intel Corporation) Task: {E57F260F-0F0F-4F38-8212-FEAFF9218FC2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-07] (Microsoft Corporation -> Microsoft Corporation) Task: {F5C4FEE2-131E-4A24-8C13-49C46A1C4224} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => c:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [225984 2018-09-06] (Intel(R) Client Connectivity Division SW -> Intel Corporation) Task: {F5FF630B-A270-45B8-BC18-F07A89F0E28E} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice Task: {F70D3208-5CBB-49C6-ABAD-F9FEDC5F0099} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => c:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2308800 2018-09-06] (Intel(R) Client Connectivity Division SW -> Intel Corporation) Task: {FA3FA4F3-D4BF-4DB3-A11C-F986013DCF23} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1298520027-1106975814-2819668856-1001Core => C:\Users\heiko\AppData\Local\Google\Update\GoogleUpdate.exe [155592 2020-11-17] (Google LLC -> Google LLC) Task: {FA77F1E5-D325-4547-97D8-63B5692CCDE7} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => c:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [225984 2018-09-06] (Intel(R) Client Connectivity Division SW -> Intel Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\Scheduled scanning task.job => C:\Program Files (x86)\UnityMedia\fsscan.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{5605a91e-6a95-4b04-9bd7-84fae3cc3261}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{ae6a8e03-4ad3-4441-b1cf-674c8dca651a}: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{efb8ce32-5435-49e5-b0a7-8473a9eeb84d}: [DhcpNameServer] 192.168.178.1 Edge: ====== Edge Notifications: HKU\S-1-5-21-1298520027-1106975814-2819668856-1001 -> hxxps://www.gruenderszene.de Edge DefaultProfile: Default Edge Profile: C:\Users\heiko\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-13] Edge Notifications: Default -> hxxps://www.gruenderszene.de Edge Extension: (Grammarly for Microsoft Edge) - C:\Users\heiko\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cnlefmmeadmemmdciolhbnfeacpdfbkd [2020-11-29] Edge Extension: (Malwarebytes Browser Guard) - C:\Users\heiko\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2020-11-29] Edge Extension: (Grammarly for Chrome) - C:\Users\heiko\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2020-11-15] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF DefaultProfile: lxo2uxlb.default FF ProfilePath: C:\Users\heiko\AppData\Roaming\Mozilla\Firefox\Profiles\lxo2uxlb.default [2020-11-18] FF ProfilePath: C:\Users\heiko\AppData\Roaming\Mozilla\Firefox\Profiles\lttpr00m.default-release [2020-12-13] FF Notifications: Mozilla\Firefox\Profiles\lttpr00m.default-release -> hxxps://calendar.google.com FF Extension: (HTTPS Everywhere) - C:\Users\heiko\AppData\Roaming\Mozilla\Firefox\Profiles\lttpr00m.default-release\Extensions\https-everywhere@eff.org.xpi [2020-11-18] FF Extension: (uBlock Origin) - C:\Users\heiko\AppData\Roaming\Mozilla\Firefox\Profiles\lttpr00m.default-release\Extensions\uBlock0@raymondhill.net.xpi [2020-11-19] FF Extension: (Video DownloadHelper) - C:\Users\heiko\AppData\Roaming\Mozilla\Firefox\Profiles\lttpr00m.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-11-18] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-26] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-10-07] (Adobe Inc. -> Adobe Systems) FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-26] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-26] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-10-22] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-10-07] (Adobe Inc. -> Adobe Systems) Chrome: ======= CHR Profile: C:\Users\heiko\AppData\Local\Google\Chrome\User Data\Default [2020-12-13] CHR HomePage: Default -> hxxp://www.google.de/ CHR StartupUrls: Default -> "hxxp://google.de/" CHR DefaultSearchURL: Default -> hxxps://ssl.gstatic.com/apps-notify/drive_96_1x.png CHR Extension: (Google Drive) - C:\Users\heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghbiahbpaijignceidepookljebhfak [2020-06-18] CHR Extension: (Google Drive) - C:\Users\heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-21] CHR Extension: (YouTube) - C:\Users\heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-18] CHR Extension: (Google Play Music) - C:\Users\heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2020-04-18] CHR Extension: (Malwarebytes Browser Guard) - C:\Users\heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2020-11-27] CHR Extension: (Dropbox) - C:\Users\heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2020-04-18] CHR Extension: (Browsing Protection by F-Secure) - C:\Users\heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2020-11-17] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-18] CHR Extension: (Google Mail) - C:\Users\heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22] CHR Extension: (Chrome Media Router) - C:\Users\heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-09] CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] CHR HKLM-x32\...\Chrome\Extension: [jkfpchpiljkaemlpmpebnglgkomamfeo] ==================== Dienste (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [852024 2020-10-07] (Adobe Inc. -> Adobe Inc.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2988544 2020-06-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [384544 2020-10-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-12-01] (Microsoft Corporation -> Microsoft Corporation) R2 CWAUpdaterService; C:\Program Files (x86)\Citrix\ICA Client\Receiver\UpdaterService.exe [43616 2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.) R2 CxAudioSvc; C:\WINDOWS\CxSvc\CxAudioSvc.exe [95704 2020-08-04] (Synaptics Incorporated -> Conexant Systems LLC.) R2 CxUtilSvc; C:\WINDOWS\CxSvc\CxUtilSvc.exe [166400 2019-10-04] (Conexant Systems LLC.) [Datei ist nicht signiert] S2 epinjectsvc; C:\Program Files (x86)\Citrix\ICA Client\inject.exe [501456 2020-06-19] (Citrix Systems, Inc. -> Citrix Systems, Inc.) S3 FLCDLOCK; C:\windows\SysWOW64\flcdlock.exe [589208 2018-02-21] (Hewlett Packard Enterprise Company -> Hewlett-Packard Company) R2 HotKeyServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_7c4f80d815ff4ebd\HotKeyServiceUWP.exe [1527208 2020-10-20] (HP Inc. -> HP Inc.) R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [886136 2020-06-24] (HP Inc. -> HP Inc.) R2 HP Hotkey Service; C:\Program Files (x86)\HP\HP Hotkey Support\HotkeyService.exe [969256 2018-08-31] (HP Inc. -> HP) R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_523e0ef1e49d1c25\x64\AppHelperCap.exe [689912 2020-11-05] (HP Inc. -> HP Inc.) R2 HPMAMSrv; C:\Program Files (x86)\HP\HP MAC Address Manager\hpMAMSrv.exe [542248 2019-04-22] (HP Inc. -> HP) R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_523e0ef1e49d1c25\x64\NetworkCap.exe [688888 2020-11-05] (HP Inc. -> HP Inc.) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [285192 2020-10-28] (HP Inc. -> HP Inc.) R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149448 2020-06-09] (HP Inc. -> HP) R2 HPSureRun; C:\WINDOWS\SysWOW64\HP_SureRun.exe [1566760 2020-12-13] (HP Inc. -> HP Inc.) R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_523e0ef1e49d1c25\x64\SysInfoCap.exe [689400 2020-11-05] (HP Inc. -> HP Inc.) R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_f37ada3b81da51b7\x64\TouchpointAnalyticsClientService.exe [476424 2020-11-04] (HP Inc. -> HP Inc.) S4 LanWlanSwitchingService; C:\Program Files (x86)\HP\HP Hotkey Support\LanWlanSwitchingService.exe [618536 2018-08-31] (HP Inc. -> HP) R2 LanWlanWwanSwitchingServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_7c4f80d815ff4ebd\LanWlanWwanSwitchingServiceUWP.exe [788904 2020-10-20] (HP Inc. -> HP Inc.) R2 LogiFacecamService; C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe [499336 2020-10-26] (Logitech Inc -> Logitech) R2 nebula; C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe [4490376 2020-09-18] (Logitech Inc -> Logitech) R2 NVWMI; C:\WINDOWS\system32\nvwmi64.exe [4788120 2020-11-12] (NVIDIA Corporation -> NVIDIA Corporation) R2 PDF24; C:\Program Files\PDF24\pdf24.exe [558144 2020-11-25] (geek software GmbH -> geek software GmbH) R2 postgresql-x64-9.5; C:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe [94208 2016-08-09] (PostgreSQL Global Development Group) [Datei ist nicht signiert] S3 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13666872 2020-11-17] (Adlice -> ) R2 SECOMNUService; C:\WINDOWS\System32\SECOMN64U.exe [161296 2020-11-17] (Sound Research Corporation -> Sound Research, Corp.) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5197552 2020-12-02] (Microsoft Windows Publisher -> Microsoft Corporation) R2 spacedeskService; C:\WINDOWS\system32\spacedeskService.exe [1116592 2020-11-08] (Datronicsoft, Inc. -> ) R2 Synology Drive VSS Service x64; C:\Program Files (x86)\Synology\SynologyDrive\bin\vss-service-x64.exe [371672 2020-04-13] (Synology Inc. -> ) R2 TechSmith Uploader Service; C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3658832 2019-06-28] (TechSmith Corporation -> TechSmith Corporation) R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [253912 2019-10-30] (Synology Inc. -> ) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) U2 DpHost; kein ImagePath ===================== Treiber (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) R3 busenum; C:\WINDOWS\System32\drivers\busenum.sys [57824 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider) S3 DAMDrv; C:\WINDOWS\system32\DRIVERS\DAMDrv64.sys [74768 2018-02-21] (Hewlett Packard Enterprise Company -> Hewlett-Packard Enterpise Company) R2 entryprotectdrv; C:\Program Files (x86)\Citrix\ICA Client\entryprotect.sys [57032 2020-06-19] (Citrix Systems, Inc. -> Citrix Systems, Inc.) R1 epinject6; C:\Program Files (x86)\Citrix\ICA Client\epinject.sys [150520 2020-06-19] (Citrix Systems, Inc. -> ) R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1f5602eb8a12ac4c\x64\hpcustomcapdriver.sys [25024 2019-05-03] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.) S3 JabraDFU; C:\WINDOWS\System32\Drivers\JabraBcDfuX64.sys [54408 2018-03-20] (GN Netcom A/S -> QTI Ltd) R0 PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation -> Corel Corporation) R3 spacedeskKtmInputMouse; C:\WINDOWS\System32\drivers\spacedeskKtmInputMouse.sys [35240 2020-08-27] (Datronicsoft, Inc. -> ) S3 Switchers; C:\WINDOWS\System32\drivers\Switchers.sys [27368 2020-09-24] (WDKTestCert build,131613220053715806 -> Blackmagic Design) R1 vbdenum; C:\WINDOWS\System32\drivers\vbdenum.sys [119432 2020-04-14] (Citrix Systems, Inc. -> Citrix Systems, Inc.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation) S3 WebPresenter; C:\WINDOWS\System32\drivers\WebPresenter.sys [25216 2017-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Blackmagic Design) R3 WiMan; C:\WINDOWS\System32\DriverStore\FileRepository\wiman.inf_amd64_4b0336d95f188e47\WiMan\WiMan.sys [162136 2020-09-02] (Intel Wireless Driver -> ) R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP) S3 WacHidRouterPro; \SystemRoot\System32\drivers\wachidrouter.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2020-12-13 21:47 - 2020-12-13 21:48 - 000000000 ____D C:\FRST 2020-12-13 21:01 - 2020-12-13 21:01 - 000000000 ____D C:\Benutzerdefinierte Produktionseinstellungen 9.0 2020-12-12 12:07 - 2020-12-12 12:07 - 002231049 _____ C:\Users\heiko\Downloads\de-itil4-guide.pdf 2020-12-12 11:52 - 2020-12-12 11:52 - 017319408 _____ (FreeFileSync.org ) C:\Users\heiko\Downloads\FreeFileSync_11.4_Windows_Setup.exe 2020-12-12 11:27 - 2020-12-12 11:27 - 000000000 ____H C:\Users\heiko\OneDrive\Documents\Default.rdp 2020-12-11 22:08 - 2020-12-11 22:08 - 010246734 _____ C:\Users\heiko\OneDrive\Documents\LifeBalance_Self_Coaching_made_easy_FORGRESS_en_V2.pptx 2020-12-11 13:28 - 2020-12-11 13:28 - 000000256 _____ C:\Users\heiko\AppData\Local\PUTTY.RND 2020-12-11 13:27 - 2020-12-11 13:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit) 2020-12-11 13:27 - 2020-12-11 13:27 - 000000000 ____D C:\Program Files\PuTTY 2020-12-11 10:53 - 2020-12-11 10:44 - 001199242 _____ C:\Users\heiko\OneDrive\Documents\LC Executive FiRE Index 2020-10 EN V0.7.pdf 2020-12-11 10:53 - 2020-12-11 10:44 - 001105314 _____ C:\Users\heiko\OneDrive\Documents\ExecutiveFiREIndex_peter-sample.pdf 2020-12-11 10:53 - 2020-12-11 10:44 - 001044921 _____ C:\Users\heiko\OneDrive\Documents\LC Can crisis resistance be improved 2020-11.pdf 2020-12-11 10:53 - 2020-12-11 10:44 - 000564568 _____ C:\Users\heiko\OneDrive\Documents\LC Lässt sich Krisenfestigkeit verbessern.pdf 2020-12-10 18:06 - 2020-12-10 18:06 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl 2020-12-10 18:06 - 2020-12-10 18:06 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl 2020-12-10 18:06 - 2020-12-10 18:06 - 000010912 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2020-12-08 20:13 - 2020-12-08 20:13 - 000001112 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Rush 1.5.lnk 2020-12-07 23:41 - 2020-12-07 23:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools 2020-12-06 21:02 - 2020-12-06 21:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirServer Universal (x64) 2020-12-06 21:02 - 2020-12-06 21:02 - 000000000 ____D C:\Program Files\App Dynamic 2020-12-02 20:06 - 2020-12-02 20:06 - 000000000 ____D C:\Users\heiko\OneDrive\Documents\TeamEnwicklung 2020-12-02 20:05 - 2020-12-02 20:06 - 000000000 ____D C:\Users\heiko\OneDrive\Documents\Curicullum 2020-12-02 20:05 - 2020-12-02 20:06 - 000000000 ____D C:\Users\heiko\OneDrive\Documents\Arbeitsblätter 2020-12-02 18:07 - 2020-12-02 18:07 - 000001460 _____ C:\Users\Public\Desktop\Logitech Kameraeinstellungen.lnk 2020-12-02 18:07 - 2020-12-02 18:07 - 000001460 _____ C:\ProgramData\Desktop\Logitech Kameraeinstellungen.lnk 2020-12-02 15:55 - 2020-12-10 00:52 - 000000000 ____D C:\Users\heiko\AppData\Roaming\FastGlacier 2020-12-02 15:55 - 2020-12-02 15:55 - 000000889 _____ C:\Users\Public\Desktop\FastGlacier.lnk 2020-12-02 15:55 - 2020-12-02 15:55 - 000000889 _____ C:\ProgramData\Desktop\FastGlacier.lnk 2020-12-02 15:55 - 2020-12-02 15:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastGlacier 2020-12-02 15:55 - 2020-12-02 15:55 - 000000000 ____D C:\Program Files\FastGlacier 2020-12-02 15:42 - 2020-12-02 15:42 - 000000000 ____D C:\Users\heiko\AppData\Roaming\JAM Software 2020-12-02 15:41 - 2020-12-02 15:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free 2020-12-02 15:41 - 2020-12-02 15:41 - 000000000 ____D C:\Program Files (x86)\JAM Software 2020-12-02 10:20 - 2020-12-02 10:20 - 000000000 ____D C:\Users\heiko\OneDrive\Documents\Backup 2020-12-02 10:17 - 2020-12-02 10:17 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2020-12-02 10:17 - 2020-12-02 10:17 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2020-12-02 10:17 - 2020-12-02 10:17 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2020-12-02 10:17 - 2020-12-02 10:17 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2020-12-02 10:17 - 2020-12-02 10:17 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2020-12-02 10:17 - 2020-12-02 10:17 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2020-12-02 10:17 - 2020-12-02 10:17 - 001328392 _____ C:\WINDOWS\system32\FaceTrackerInternal.dll 2020-12-02 10:17 - 2020-12-02 10:17 - 001263104 _____ C:\WINDOWS\system32\FaceProcessor.dll 2020-12-02 10:17 - 2020-12-02 10:17 - 000512856 _____ C:\WINDOWS\system32\FaceProcessorCore.dll 2020-12-02 10:17 - 2020-12-02 10:17 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll 2020-12-02 10:17 - 2020-12-02 10:17 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll 2020-12-02 10:17 - 2020-12-02 10:17 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll 2020-12-02 10:17 - 2020-12-02 10:17 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll 2020-12-02 10:17 - 2020-12-02 10:17 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2020-12-02 10:17 - 2020-12-02 10:17 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll 2020-12-02 10:17 - 2020-12-02 10:17 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll 2020-12-02 10:17 - 2020-12-02 10:17 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2020-12-02 10:17 - 2020-12-02 10:17 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2020-12-02 10:17 - 2020-12-02 10:17 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2020-12-02 10:17 - 2020-12-02 10:17 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe 2020-12-02 10:17 - 2020-12-02 10:17 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe 2020-12-02 10:17 - 2020-12-02 10:17 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt 2020-12-02 09:41 - 2020-12-12 11:55 - 000000000 ____D C:\Users\heiko\AppData\Roaming\FreeFileSync 2020-12-02 09:41 - 2020-12-12 11:52 - 000001020 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeFileSync.lnk 2020-12-02 09:41 - 2020-12-12 11:52 - 000001010 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealTimeSync.lnk 2020-12-02 09:41 - 2020-12-12 11:52 - 000001008 _____ C:\Users\Public\Desktop\FreeFileSync.lnk 2020-12-02 09:41 - 2020-12-12 11:52 - 000001008 _____ C:\ProgramData\Desktop\FreeFileSync.lnk 2020-12-02 09:41 - 2020-12-12 11:52 - 000000998 _____ C:\Users\Public\Desktop\RealTimeSync.lnk 2020-12-02 09:41 - 2020-12-12 11:52 - 000000998 _____ C:\ProgramData\Desktop\RealTimeSync.lnk 2020-12-02 09:41 - 2020-12-12 11:52 - 000000000 ____D C:\Program Files\FreeFileSync 2020-11-30 18:29 - 2020-11-30 18:29 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24.lnk 2020-11-30 18:29 - 2020-11-30 18:29 - 000000000 ____D C:\Program Files\PDF24 2020-11-30 11:03 - 2020-11-30 11:03 - 000000000 ____D C:\Users\heiko\AppData\Local\Jabra 2020-11-29 15:21 - 2020-12-13 21:19 - 000000000 ____D C:\Users\heiko\AppData\Roaming\Jabra Direct 2020-11-29 15:21 - 2020-11-29 15:21 - 000000000 ____D C:\Users\heiko\AppData\Roaming\JabraSDK 2020-11-29 15:21 - 2020-11-29 15:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jabra 2020-11-29 15:20 - 2020-11-29 15:21 - 000000000 ____D C:\Program Files (x86)\Jabra 2020-11-29 14:16 - 2020-11-29 14:16 - 000000015 _____ C:\Users\heiko\AppData\Roaming\obs-virtualcam.txt 2020-11-29 14:12 - 2020-11-29 14:12 - 000001057 _____ C:\Users\Public\Desktop\OBS Studio.lnk 2020-11-29 14:12 - 2020-11-29 14:12 - 000001057 _____ C:\ProgramData\Desktop\OBS Studio.lnk 2020-11-29 14:12 - 2020-11-29 14:12 - 000000000 ____D C:\ProgramData\obs-studio-hook 2020-11-29 14:12 - 2020-11-29 14:12 - 000000000 ____D C:\Program Files\obs-studio 2020-11-29 13:10 - 2020-11-29 13:10 - 000001973 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\spacedesk SERVER.lnk 2020-11-29 13:10 - 2020-11-29 13:10 - 000000000 ____D C:\Program Files\datronicsoft 2020-11-28 13:27 - 2020-11-28 13:27 - 000002629 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix Workspace.lnk 2020-11-27 22:17 - 2020-11-27 22:17 - 000000000 ____D C:\Users\heiko\OneDrive\Documents\OneNote-Notizbücher 2020-11-27 21:08 - 2020-11-27 21:08 - 000000000 ____D C:\Program Files\HPPrintScanDoctor 2020-11-27 21:03 - 2020-09-18 05:20 - 007326528 _____ (HP Inc.) C:\WINDOWS\system32\HPScanTEDrv_x64.dll 2020-11-27 21:03 - 2020-09-18 05:20 - 005129536 _____ (HP Inc.) C:\WINDOWS\SysWOW64\HPScanTEDrv.dll 2020-11-27 21:03 - 2020-09-18 05:20 - 001328960 _____ (HP Inc.) C:\WINDOWS\system32\HPScanTEDrv_x64_DiscoveryLibDyn.dll 2020-11-27 21:03 - 2020-09-18 05:20 - 000963392 _____ (HP Inc.) C:\WINDOWS\SysWOW64\DiscoveryLibDyn.dll 2020-11-27 21:03 - 2020-09-18 05:20 - 000665408 _____ (HP Inc., LP) C:\WINDOWS\system32\HPWia2Drv.dll 2020-11-27 21:03 - 2020-09-18 03:08 - 000003487 _____ C:\WINDOWS\SysWOW64\HPScanDrvConfig.xml 2020-11-27 21:03 - 2020-09-18 03:08 - 000003487 _____ C:\WINDOWS\system32\HPScanDrvConfig.xml 2020-11-23 18:22 - 2020-11-23 18:22 - 000000000 ____D C:\Users\heiko\OneDrive\Documents\ATEM Autosave 2020-11-20 20:42 - 2020-11-20 20:43 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2020-11-20 20:42 - 2020-11-20 20:43 - 000002181 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2020-11-20 20:05 - 2020-12-09 23:37 - 000003368 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1298520027-1106975814-2819668856-1001 2020-11-20 20:05 - 2020-12-09 23:37 - 000002428 _____ C:\Users\heiko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2020-11-20 18:37 - 2020-11-20 18:37 - 000000000 ____D C:\Users\heiko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom 2020-11-20 18:03 - 2020-11-20 18:03 - 000000000 ___HD C:\Users\heiko\Downloads\.SynologyWorkingDirectory 2020-11-19 21:26 - 2020-12-13 15:18 - 000000000 ___RD C:\Users\heiko\Creative Cloud Files 2020-11-18 17:27 - 2020-11-18 17:27 - 000000000 ____D C:\WINDOWS\Panther 2020-11-18 17:14 - 2020-11-18 17:14 - 000002094 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chocolatey GUI.lnk 2020-11-18 17:14 - 2020-11-18 17:14 - 000000000 ____D C:\Users\heiko\AppData\Roaming\NuGet 2020-11-18 17:14 - 2020-11-18 17:14 - 000000000 ____D C:\Users\heiko\AppData\Local\NuGet 2020-11-18 17:14 - 2020-11-18 17:14 - 000000000 ____D C:\Users\heiko\AppData\Local\Chocolatey GUI 2020-11-18 17:14 - 2020-11-18 17:14 - 000000000 ____D C:\ProgramData\shimgen 2020-11-18 17:14 - 2020-11-18 17:14 - 000000000 ____D C:\ProgramData\Chocolatey GUI 2020-11-18 17:14 - 2020-11-18 17:14 - 000000000 ____D C:\Program Files (x86)\Chocolatey GUI 2020-11-18 17:13 - 2020-12-02 15:51 - 000000000 ____D C:\ProgramData\chocolatey 2020-11-18 15:30 - 2020-11-18 15:30 - 000001010 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2020-11-18 15:30 - 2020-11-18 15:30 - 000000998 _____ C:\Users\Public\Desktop\Firefox.lnk 2020-11-18 15:30 - 2020-11-18 15:30 - 000000998 _____ C:\ProgramData\Desktop\Firefox.lnk 2020-11-18 15:30 - 2020-11-18 15:30 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2020-11-18 15:30 - 2020-11-18 15:30 - 000000000 ____D C:\Users\heiko\AppData\Local\Mozilla 2020-11-18 15:30 - 2020-11-18 15:30 - 000000000 ____D C:\Program Files\Mozilla Firefox 2020-11-18 13:30 - 2020-11-18 14:48 - 000000000 ____D C:\ProgramData\RogueKiller 2020-11-18 13:30 - 2020-11-18 13:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller 2020-11-18 13:30 - 2020-11-18 13:30 - 000000000 ____D C:\Program Files\RogueKiller 2020-11-18 13:21 - 2020-11-18 13:21 - 000000000 ____D C:\Users\heiko\AppData\Local\mbam 2020-11-18 13:20 - 2020-11-18 13:20 - 000000000 ____D C:\ProgramData\Malwarebytes 2020-11-18 13:06 - 2020-12-09 23:38 - 000000000 ___HD C:\adobeTemp 2020-11-17 17:44 - 2016-09-20 13:51 - 000004664 _____ C:\WINDOWS\system32\Drivers\CxSfPt.dat 2020-11-17 17:40 - 2020-11-17 17:40 - 001379384 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64U.dll 2020-11-17 17:40 - 2020-11-17 17:40 - 001379016 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64U.dll 2020-11-17 17:40 - 2020-11-17 17:40 - 001278936 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64U.dll 2020-11-17 17:40 - 2020-11-17 17:40 - 001176760 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64U.dll 2020-11-17 17:40 - 2020-11-17 17:40 - 001011648 _____ (Sound Research, Corp.) C:\WINDOWS\system32\HPIMMA64U.dll 2020-11-17 17:40 - 2020-11-17 17:40 - 000161296 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64U.exe 2020-11-17 17:40 - 2020-11-17 17:40 - 000040314 _____ C:\WINDOWS\system32\SEAPODATU.zip 2020-11-17 17:40 - 2020-11-17 17:40 - 000019979 _____ C:\WINDOWS\system32\SEAPODATU.USB.VID_0B0E&PID_A346&MI_00.zip 2020-11-17 17:40 - 2020-11-17 17:40 - 000019966 _____ C:\WINDOWS\system32\SEAPODATU.USB.VID_0B0E&PID_A345&MI_00.zip 2020-11-17 17:40 - 2020-11-17 17:40 - 000019948 _____ C:\WINDOWS\system32\SEAPODATU.USB.VID_0B0E&PID_034C&MI_00.zip 2020-11-17 17:40 - 2020-11-17 17:40 - 000019942 _____ C:\WINDOWS\system32\SEAPODATU.USB.VID_0B0E&PID_0422&MI_00.zip 2020-11-17 17:38 - 2020-12-08 20:30 - 000002539 _____ C:\Users\heiko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-11-17 17:38 - 2020-12-04 13:44 - 000003894 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1298520027-1106975814-2819668856-1001UA 2020-11-17 17:38 - 2020-12-04 13:44 - 000003626 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1298520027-1106975814-2819668856-1001Core 2020-11-16 21:16 - 2020-11-16 21:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira 2020-11-15 15:49 - 2020-11-15 15:49 - 000002217 _____ C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2021.lnk 2020-11-15 15:49 - 2020-11-15 15:49 - 000002217 _____ C:\ProgramData\Desktop\WISO Steuer-Sparbuch 2021.lnk 2020-11-15 15:49 - 2020-11-15 15:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO Steuer-Sparbuch 2021 2020-11-14 17:10 - 2020-12-13 13:37 - 111149056 _____ C:\WINDOWS\system32\config\SOFTWARE 2020-11-14 17:08 - 2020-11-14 17:10 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware 2020-11-13 21:58 - 2020-11-13 21:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSnap ==================== Ein Monat (geänderte) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2020-12-13 21:49 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-12-13 20:58 - 2020-09-23 11:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2020-12-13 19:53 - 2020-09-23 11:33 - 000004160 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{497F0BED-F87E-4894-9209-D068D1619D14} 2020-12-13 17:25 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2020-12-13 16:20 - 2020-04-18 15:37 - 000000000 ____D C:\Users\heiko\AppData\LocalLow\Mozilla 2020-12-13 15:48 - 2020-04-18 15:36 - 000000000 ____D C:\ProgramData\Mozilla 2020-12-13 15:37 - 2020-09-23 13:20 - 001724648 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2020-12-13 15:37 - 2019-12-07 15:51 - 000746440 _____ C:\WINDOWS\system32\perfh007.dat 2020-12-13 15:37 - 2019-12-07 15:51 - 000150810 _____ C:\WINDOWS\system32\perfc007.dat 2020-12-13 15:37 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2020-12-13 15:18 - 2020-04-18 15:23 - 000000000 ___RD C:\Users\heiko\OneDrive 2020-12-13 15:18 - 2020-04-18 15:21 - 000000000 __SHD C:\Users\heiko\IntelGraphicsProfiles 2020-12-13 15:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2020-12-13 13:59 - 2020-03-22 21:27 - 000000000 ____D C:\ProgramData\NVIDIA 2020-12-13 13:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2020-12-13 13:38 - 2020-04-18 15:23 - 000000000 ____D C:\Users\heiko\AppData\Local\CrashDumps 2020-12-13 13:37 - 2020-09-23 11:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2020-12-13 13:37 - 2020-09-23 11:29 - 000008192 ___SH C:\DumpStack.log.tmp 2020-12-13 13:37 - 2020-04-18 21:12 - 001593000 _____ C:\WINDOWS\system32\wpbbin.exe 2020-12-13 13:37 - 2020-04-18 21:12 - 001566760 _____ (HP Inc.) C:\WINDOWS\SysWOW64\HP_SureRun.exe 2020-12-13 13:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState 2020-12-13 13:37 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2020-12-13 13:36 - 2020-09-23 10:49 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2020-12-13 13:36 - 2020-09-23 10:49 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2020-12-13 13:36 - 2019-12-07 10:10 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll 2020-12-12 14:26 - 2020-11-01 22:37 - 000000000 ____D C:\Users\heiko\OneDrive\Documents\Scanner 2020-12-12 10:40 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2020-12-12 10:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2020-12-11 22:10 - 2020-04-18 15:21 - 000000000 ____D C:\Users\heiko\AppData\Local\Packages 2020-12-10 20:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2020-12-10 20:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2020-12-10 18:00 - 2020-03-22 21:42 - 000000000 ____D C:\Program Files\Microsoft Office 2020-12-09 15:29 - 2020-04-20 09:50 - 000000000 ____D C:\Users\heiko\AppData\Roaming\WhatsApp 2020-12-09 15:29 - 2020-04-20 09:50 - 000000000 ____D C:\Users\heiko\AppData\Local\WhatsApp 2020-12-09 15:29 - 2020-04-18 15:30 - 000000000 ____D C:\Users\heiko\AppData\Local\SquirrelTemp 2020-12-08 20:32 - 2020-04-20 13:25 - 000000000 ____D C:\ProgramData\Adobe 2020-12-08 20:13 - 2020-04-20 13:24 - 000000000 ____D C:\Program Files\Common Files\Adobe 2020-12-08 20:13 - 2020-04-20 13:24 - 000000000 ____D C:\Program Files\Adobe 2020-12-07 23:41 - 2020-07-15 19:43 - 000002461 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk 2020-12-07 23:41 - 2020-07-15 19:43 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk 2020-12-07 23:41 - 2020-07-15 19:43 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk 2020-12-07 23:41 - 2020-07-15 19:43 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk 2020-12-07 23:41 - 2020-07-15 19:43 - 000002418 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk 2020-12-07 23:41 - 2020-07-15 19:43 - 000002412 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk 2020-12-07 23:41 - 2020-07-15 19:43 - 000002406 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk 2020-12-07 23:41 - 2020-07-15 19:43 - 000002398 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk 2020-12-07 12:43 - 2020-05-27 20:16 - 000000000 ____D C:\Users\heiko\AppData\Roaming\obs-studio 2020-12-07 12:36 - 2020-04-18 15:21 - 000000000 ____D C:\Users\heiko\AppData\Roaming\hpqLog 2020-12-06 19:27 - 2020-09-23 11:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard 2020-12-06 19:27 - 2020-04-18 21:13 - 000000000 ____D C:\Users\heiko\AppData\Local\HP_Inc 2020-12-06 18:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2020-12-06 08:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2020-12-05 08:11 - 2020-07-15 08:54 - 000000000 ____D C:\Users\heiko\AppData\Local\Citrix 2020-12-04 08:24 - 2019-04-19 19:26 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2020-12-02 12:05 - 2020-09-23 11:29 - 000559520 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2020-12-02 12:04 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2020-12-02 12:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2020-12-02 12:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2020-12-02 12:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2020-12-02 12:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2020-12-02 12:04 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender 2020-12-02 12:04 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2020-12-01 12:12 - 2020-04-22 18:07 - 000000000 ____D C:\Users\heiko\OneDrive\Documents\Zoom 2020-11-30 19:47 - 2020-04-20 16:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith 2020-11-30 19:47 - 2020-03-22 21:31 - 000000000 ____D C:\ProgramData\Package Cache 2020-11-30 10:56 - 2020-09-23 10:53 - 000000000 ____D C:\Users\heiko 2020-11-30 10:55 - 2020-04-19 15:32 - 000000000 ____D C:\Users\heiko\AppData\Local\SynologyDrive 2020-11-29 14:12 - 2020-05-27 20:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio 2020-11-29 13:03 - 2020-04-18 15:22 - 000000000 ____D C:\Users\heiko\AppData\Local\PlaceholderTileLogoFolder 2020-11-27 22:31 - 2020-04-18 15:23 - 000000120 ____R C:\Users\heiko\OneDrive\Documents\Personal (Web).url 2020-11-27 22:18 - 2019-04-19 19:34 - 000000000 ____D C:\ProgramData\HP 2020-11-27 21:25 - 2020-09-23 11:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP 2020-11-23 18:27 - 2020-04-19 01:51 - 000000000 ____D C:\ProgramData\Blackmagic Design 2020-11-22 17:40 - 2020-04-18 15:23 - 000000000 ____D C:\Users\heiko\OneDrive\Documents\Office Lens 2020-11-20 20:46 - 2019-04-19 19:32 - 000000000 ____D C:\ProgramData\Packages 2020-11-20 20:40 - 2020-04-20 13:24 - 000000000 ____D C:\Program Files (x86)\Adobe 2020-11-20 20:24 - 2020-05-19 11:20 - 000000000 ____D C:\Users\heiko\OneDrive\Documents\FrameFactory 2020-11-20 19:59 - 2020-07-04 10:04 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive 2020-11-20 19:57 - 2020-07-15 08:52 - 000000000 ____D C:\ProgramData\Citrix 2020-11-20 18:37 - 2020-04-22 18:06 - 000000000 ____D C:\Users\heiko\AppData\Roaming\Zoom 2020-11-20 18:37 - 2020-04-20 19:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech 2020-11-20 18:37 - 2020-04-20 19:46 - 000000000 ____D C:\Program Files\Logitech 2020-11-18 20:04 - 2020-04-20 13:27 - 000000000 ____D C:\Users\heiko\AppData\Local\D3DSCache 2020-11-18 20:04 - 2020-04-18 15:21 - 000000000 ____D C:\Users\heiko\AppData\Roaming\Adobe 2020-11-18 19:43 - 2020-07-04 15:16 - 000091793 _____ C:\ProgramData\StreamingMediaTechnologyLog.txt 2020-11-18 18:20 - 2020-04-20 13:21 - 000000000 ____D C:\Users\heiko\AppData\Local\Adobe 2020-11-18 17:46 - 2020-07-04 10:04 - 000000000 ___RD C:\Users\postgres\OneDrive 2020-11-18 17:24 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2020-11-18 17:16 - 2020-06-08 17:46 - 000000000 ____D C:\Users\heiko\AppData\LocalLow\Temp 2020-11-18 15:30 - 2020-04-18 15:37 - 000000000 ____D C:\Users\heiko\AppData\Roaming\Mozilla 2020-11-18 15:30 - 2020-04-18 15:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2020-11-18 15:17 - 2020-10-30 16:08 - 000000000 ____D C:\Users\heiko\AppData\Local\Deployment 2020-11-18 13:06 - 2019-09-09 12:32 - 000000000 ____D C:\Program Files (x86)\HP 2020-11-17 17:45 - 2020-03-22 21:35 - 001705080 _____ (TODO: <Company name>) C:\WINDOWS\SysWOW64\RebootPrompt.exe 2020-11-17 17:45 - 2020-03-22 21:35 - 000000000 ____D C:\WINDOWS\CxSvc 2020-11-17 17:45 - 2019-09-09 12:32 - 000000000 ____D C:\Program Files\CONEXANT 2020-11-17 17:40 - 2020-11-12 21:02 - 000000000 ____D C:\hpswsetup 2020-11-17 17:38 - 2020-04-18 15:26 - 000000000 ____D C:\Users\heiko\AppData\Local\Google 2020-11-17 17:15 - 2020-04-18 15:27 - 000000000 ____D C:\Program Files (x86)\Google 2020-11-17 10:49 - 2020-09-23 11:33 - 000003688 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2020-11-17 10:49 - 2020-09-23 11:33 - 000003464 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2020-11-17 10:49 - 2020-03-22 21:47 - 000001152 __RSH C:\ProgramData\ntuser.pol 2020-11-17 10:46 - 2020-11-04 21:03 - 000000000 ____D C:\Program Files (x86)\UnityMedia 2020-11-17 10:44 - 2020-06-08 13:55 - 000000000 ____D C:\ProgramData\F-Secure 2020-11-17 10:44 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2020-11-17 04:06 - 2020-11-12 21:02 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard 2020-11-17 04:06 - 2020-04-18 15:33 - 000000000 ____D C:\Users\heiko\AppData\Roaming\Hewlett-Packard 2020-11-17 04:06 - 2019-09-09 12:33 - 000000000 ____D C:\ProgramData\Hewlett-Packard 2020-11-17 04:06 - 2019-06-28 02:49 - 000000000 _RSHD C:\hp 2020-11-16 21:27 - 2020-05-14 08:05 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2020-11-16 21:26 - 2020-04-20 19:35 - 000000000 ____D C:\Program Files (x86)\Mp3tag 2020-11-16 21:22 - 2020-05-17 09:37 - 000000000 ____D C:\Users\heiko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DeepL GmbH 2020-11-16 21:22 - 2020-05-17 09:37 - 000000000 ____D C:\Users\heiko\AppData\Local\DeepL_GmbH 2020-11-16 21:22 - 2020-05-17 09:37 - 000000000 ____D C:\Users\heiko\AppData\Local\DeepL 2020-11-16 21:22 - 2020-04-20 19:40 - 000000000 ____D C:\Program Files (x86)\Audacity 2020-11-16 21:21 - 2020-06-06 19:35 - 000000000 ____D C:\Users\heiko\AppData\Roaming\Amazon Cloud Drive 2020-11-16 21:18 - 2020-10-04 19:54 - 000000000 ____D C:\ProgramData\Avira 2020-11-16 21:18 - 2020-10-04 19:54 - 000000000 ____D C:\Program Files (x86)\Avira 2020-11-16 21:15 - 2020-04-20 19:42 - 000000000 ____D C:\Program Files\VideoLAN 2020-11-15 15:49 - 2020-11-05 06:57 - 000000000 ____D C:\Temp 2020-11-15 15:49 - 2020-04-20 19:29 - 000000000 ____D C:\Users\heiko\AppData\Local\Buhl 2020-11-15 15:49 - 2020-04-20 19:29 - 000000000 ____D C:\Program Files (x86)\WISO 2020-11-15 15:49 - 2019-09-09 12:32 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2020-11-15 15:47 - 2020-04-20 19:13 - 000000000 ____D C:\ProgramData\Buhl Data Service GmbH 2020-11-14 16:50 - 2020-11-06 09:02 - 000002481 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======== 2020-11-29 14:16 - 2020-11-29 14:16 - 000000015 _____ () C:\Users\heiko\AppData\Roaming\obs-virtualcam.txt 2020-04-20 13:26 - 2020-04-20 13:26 - 000000410 _____ () C:\Users\heiko\AppData\Local\oobelibMkey.log 2020-12-11 13:28 - 2020-12-11 13:28 - 000000256 _____ () C:\Users\heiko\AppData\Local\PUTTY.RND ==================== SigCheck ============================ (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) ==================== Ende von FRST.txt ======================== |
Themen zu Windows 10: Freunde erhalten "verseuchte" Emails, vermute Trojaner |
befall, dezember, e-mails, emails, erhalte, erhalten, freund, freunde, geholfen, herzlichen, meinem, nutze, rechner, sonntag, troja, trojane, trojaner, vermute, verseuchte, weiteren, windows, windows 10, würde, yahoo.com |