| |
| |||||||
Mülltonne: Windows 10: Freunde erhalten "verseuchte" Emails, vermute TrojanerWindows 7 Beiträge, die gegen unsere Regeln verstoßen haben, solche, die die Welt nicht braucht oder sonstiger Müll landet hier in der Mülltonne... |
13.12.2020, 22:18
| #1 |
 |  Windows 10: Freunde erhalten "verseuchte" Emails, vermute Trojaner Hallo mein Freund, Du hast mir geholfen einen Trojaner loszuwerden. Herzlichen Dank. Der Rechner wird freiberuflich genutzt. Beispiel einer dieser E-Mails: Von: Heiko Roemhild [mailto:h_roemhild@karibcable.com] Gesendet: Sonntag, 13. Dezember 2020 17:52 An: Eva Betreff: FW: Eva https://bit.ly/346FJ3L Heiko From: Heiko Roemhild [mailto:h_roemhildc@yahoo.com] Sent: Sunday, December 13, 2020 05:52:09 PM To: evalea.glatt@bluewin.ch Subject: hxxp://www.bing.com/search?q=&form=CFSWVCFEHXFRSAE&cvid=YYXAQXZXUKNDSGN Ende der Beispiel E-Mail Ich würde nur gerne sicher gehen das es kein erneuter Befall ist. Ich nutze noch einen weiteren Rechner in meinem Netzwerk. Vielleicht komme es von dort? Herzliche Grüße Heiko Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 13-12-2020
durchgeführt von heiko (Administrator) auf HP-Z-BOOK (HP HP ZBook Studio G5) (13-12-2020 21:48:15)
Gestartet von C:\Users\heiko\OneDrive\Desktop
Geladene Profile: heiko & postgres
Platform: Windows 10 Pro Version 20H2 19042.685 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <4>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\UpdaterService.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfService.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Conexant Systems LLC.) [Datei ist nicht signiert] C:\Windows\CxSvc\CxUtilSvc.exe
(Datronicsoft, Inc. -> ) C:\Windows\System32\spacedeskService.exe
(Datronicsoft, Inc. -> ) C:\Windows\System32\spacedeskServiceTray.exe
(geek software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe <2>
(GN AUDIO A/S -> GN Audio A/S) C:\Program Files (x86)\Jabra\Direct4\jabra-direct.exe <4>
(GN AUDIO A/S -> GN Audio A/S) C:\Program Files (x86)\Jabra\Direct4\SoftphoneIntegrations.exe
(Google LLC -> Google LLC) C:\Users\heiko\AppData\Local\Google\Chrome\Application\chrome.exe <12>
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP Collaboration Keyboard\HPCollaborationKeyboard.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_f37ada3b81da51b7\x64\TouchpointAnalyticsClientService.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_f37ada3b81da51b7\x64\TouchpointGpuInfo.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_523e0ef1e49d1c25\x64\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_523e0ef1e49d1c25\x64\BridgeCommunication.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_523e0ef1e49d1c25\x64\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_523e0ef1e49d1c25\x64\SysInfoCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_7c4f80d815ff4ebd\HotKeyServiceUWP.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_7c4f80d815ff4ebd\HPHotkeyNotification.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_7c4f80d815ff4ebd\LanWlanWwanSwitchingServiceUWP.exe
(HP Inc. -> HP Inc.) C:\Windows\SysWOW64\HP_SureRun.exe
(HP Inc. -> HP Inc.) C:\Windows\SysWOW64\HP_SureRun_Notification.exe
(HP Inc. -> HP) C:\Program Files (x86)\HP\HP Collaboration Keyboard\CollaborationKeysController.exe
(HP Inc. -> HP) C:\Program Files (x86)\HP\HP Hotkey Support\HotkeyService.exe
(HP Inc. -> HP) C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe
(HP Inc. -> HP) C:\Program Files (x86)\HP\HP MAC Address Manager\hpMAMSrv.exe
(HP Inc. -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_9196e89091d8bdbb\esif_uf.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_968d2e53c8174e28\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_968d2e53c8174e28\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_968d2e53c8174e28\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_968d2e53c8174e28\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_724e05bd98458fe4\RstMwService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Logitech Inc -> Logitech) C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe
(Logitech Inc -> Logitech) C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe
(Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Users\heiko\AppData\Local\Microsoft\OneDrive\20.201.1005.0009\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\heiko\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2011.11613.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2010.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.20112.10111.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Node.js Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvwmi64.exe <2>
(PFU Limited -> PFU Limited) C:\Program Files (x86)\PFU\ScanSnap\Home\PfuSshImgMonitor.exe <3>
(PFU Limited -> PFU Limited) C:\Program Files (x86)\PFU\ScanSnap\Home\PfuSshImgProc.exe <7>
(PFU Limited -> PFU Limited) C:\Program Files (x86)\PFU\ScanSnap\Home\PfuSshMonWCFHost.exe
(PFU Limited -> PFU Limited) C:\Program Files (x86)\PFU\ScanSnap\Home\PfuSsMon.exe
(PFU Limited -> PFU Limited) C:\Program Files (x86)\PFU\ScanSnap\Home\SshRegister.exe
(PFU Limited -> PFU Limited) C:\Program Files (x86)\PFU\ScanSnap\Home\SshTaskTray.exe
(PFU Limited -> PFU Limited) C:\Program Files (x86)\PFU\ScanSnap\Update\SsUWatcher.exe
(PFU Limited) [Datei ist nicht signiert] C:\Program Files (x86)\PFU\ScanSnap\Home\SshCloudMonitor.exe
(PFU LIMITED) [Datei ist nicht signiert] C:\ProgramData\PFU\ScanSnap\Home\SSDriver\fi5110\SsWiaChecker.exe
(PostgreSQL Global Development Group) [Datei ist nicht signiert] C:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe
(PostgreSQL Global Development Group) [Datei ist nicht signiert] C:\Program Files\PostgreSQL\9.5\bin\postgres.exe <7>
(Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64U.exe
(Synaptics Incorporated -> ) C:\Program Files\CONEXANT\Flow\FlowTray.exe
(Synaptics Incorporated -> Conexant Systems LLC.) C:\Program Files\CONEXANT\SA3\HP-NB-AIO\SmartAudio3.exe
(Synaptics Incorporated -> Conexant Systems LLC.) C:\Windows\CxSvc\CxAudioSvc.exe
(Synaptics Incorporated -> Conexant Systems, Inc) C:\Program Files\CONEXANT\Flow\Flow.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(Synaptics Incorporated) [Datei ist nicht signiert] C:\Windows\System32\SynaMonApp.exe
(Synology Inc. -> ) C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Synology Inc. -> ) C:\Program Files (x86)\Synology\SynologyDrive\bin\vss-service-x64.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files\TechSmith\Snagit 2019\Snagit32.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files\TechSmith\Snagit 2019\SnagitEditor.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files\TechSmith\Snagit 2019\SnagPriv.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobePSE17AutoAnalyzer] => C:\Program Files\Adobe\Elements 2019 Organizer\Elements Auto Creations 2019.exe [3058696 2018-08-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [TechSmithSnagit] => C:\Program Files\TechSmith\Snagit 2019\Snagit32.exe [8940000 2020-07-29] (TechSmith Corporation -> TechSmith Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320056 2019-12-13] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1667208 2020-10-21] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [558144 2020-11-25] (geek software GmbH -> geek software GmbH)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3951024 2019-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2095672 2020-10-07] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2020-10-12] (Adobe Inc. -> )
HKLM-x32\...\Run: [ScanSnap Home Pfussmon] => C:\Program Files (x86)\PFU\ScanSnap\Home\pfuSSMon.exe [3587568 2020-10-27] (PFU Limited -> PFU Limited)
HKLM-x32\...\Run: [ScanSnap WIA Service Checker] => C:\ProgramData\PFU\ScanSnap\Home\SSDriver\fi5110\SsWiaChecker.exe [121856 2020-05-26] (PFU LIMITED) [Datei ist nicht signiert]
HKLM-x32\...\Run: [SshCloudMonitor] => C:\Program Files (x86)\PFU\ScanSnap\Home\SshCloudMonitor.exe [77824 2020-09-23] (PFU Limited) [Datei ist nicht signiert]
HKLM-x32\...\Run: [SshRegister] => C:\Program Files (x86)\PFU\ScanSnap\Home\SshRegister.exe [130544 2020-10-27] (PFU Limited -> PFU Limited)
HKLM-x32\...\Run: [pfuSshMain] => C:\Program Files (x86)\PFU\ScanSnap\Home\pfuSshMain.exe [2323952 2020-10-27] (PFU Limited -> PFU Limited)
HKLM-x32\...\Run: [ScanSnap OnlineUpdate Watcher] => C:\Program Files (x86)\PFU\ScanSnap\Update\SsUWatcher.exe [134656 2020-06-05] (PFU Limited -> PFU Limited)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [798816 2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [460896 2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [Jabra Direct] => C:\Program Files (x86)\Jabra\Direct4\jabra-direct.exe [106801096 2020-11-13] (GN AUDIO A/S -> GN Audio A/S)
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe /background /setautostart
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe /background /setautostart
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1298520027-1106975814-2819668856-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [677512 2020-11-10] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1298520027-1106975814-2819668856-1001\...\Run: [] => [X]
HKU\S-1-5-21-1298520027-1106975814-2819668856-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1298520027-1106975814-2819668856-1001\...\Run: [Google Update] => C:\Users\heiko\AppData\Local\Google\Update\1.3.36.52\GoogleUpdateCore.exe [219592 2020-12-04] (Google LLC -> Google LLC)
HKU\S-1-5-21-1298520027-1106975814-2819668856-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5491248 2020-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1298520027-1106975814-2819668856-1001\...\MountPoints2: {65006cc2-10be-11eb-8d62-548d5a775924} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1298520027-1106975814-2819668856-1002\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2020-10-22] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{77B7ED10-A641-4766-A428-8B9EE42E830A}] -> C:\windows\system32\DPCrProv2.dll
HKLM\Software\...\Authentication\Credential Providers: [{E85E7D14-653B-4E51-9BC5-E5F9EC9BC51D}] -> C:\windows\system32\DPCrProv2.dll
HKLM\Software\...\Authentication\Credential Providers: [{F0C31759-99A6-493E-AD7D-7F69126CDFBC}] -> C:\windows\system32\DPCrProv2.dll
HKLM\Software\...\Authentication\Credential Providers: [{F731030D-3272-4D8B-A21A-3940EF268453}] -> C:\windows\system32\DPCrProv2.dll
HKLM\Software\...\Authentication\Credential Provider Filters: [{DCFB2A33-814B-4236-BFBD-FFEA3F528385}] -> C:\windows\system32\DPCrProv2.dll
Startup: C:\Users\heiko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2020-11-27]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {1438D197-E554-4DD8-97C2-5C6E5373CB63} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1C993506-819D-46FE-A4E2-7F2961311057} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-heikoroemhild@outlook.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {2133CB02-C670-4860-AB0F-2583BEAF8B35} - System32\Tasks\Agent Activation Runtime\S-1-5-21-1298520027-1106975814-2819668856-1001 => C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe [13312 2020-12-02] (Microsoft Windows -> )
Task: {218541E1-2C64-4935-A070-E3BA3ED38E93} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-11-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {21A08B60-6CE6-4F71-B10A-B6265383510C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1137496 2020-11-02] (HP Inc. -> HP Inc.)
Task: {2BC0AE96-6317-488F-9C22-522F714425A9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [553304 2020-11-02] (HP Inc. -> HP Inc.)
Task: {2DB14EF8-9F90-437A-9BCD-AB9794CD0282} - System32\Tasks\HP\HP Collaboration Keyboard\HP Collaboration Keyboard Controller => C:\Program Files (x86)\HP\HP Collaboration Keyboard\CollaborationKeysController.exe [722984 2019-09-17] (HP Inc. -> HP)
Task: {2E736FE3-5997-47EF-B6CF-85CC8CDF2F82} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2177464 2019-11-15] (Microsoft Corporation -> Microsoft)
Task: {33C766CE-8B2A-4184-8D75-A8CDBC8D5109} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2020-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {3FDBA556-7257-4A11-8FFE-5BA1BC23EC3E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {499AB6A1-97F7-471A-AA5F-11552BD8CEB5} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {4D30CDF8-942F-40F0-A868-393767437D26} - System32\Tasks\HP\HP Hotkey Support\Start QLBController Process => C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe [891432 2018-08-31] (HP Inc. -> HP)
Task: {5E409A61-992C-4DC6-A52D-F746926C0245} - System32\Tasks\Opera scheduled assistant Autoupdate 1601837781 => C:\Users\heiko\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\heiko\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {656E7EA3-8609-4D68-87EF-4DD7F7A317F9} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [670928 2020-11-12] (Mozilla Corporation -> Mozilla Foundation)
Task: {65AB2AE4-6253-4E75-817F-B340CFE6E8AF} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2646152 2019-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {7171E66F-9F35-4533-94F7-84301DED497A} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2043016 2019-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {79AB9F88-BD84-4321-8BA7-59A2156A805F} - System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [1537960 2020-11-12] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {885843C8-E781-4A72-B0B6-774D483A5D6B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [135000 2020-09-30] (HP Inc. -> HP Inc.)
Task: {98C587A6-7078-411D-AAA8-77CB58E64CCA} - System32\Tasks\Microsoft\Windows\Conexant\SynaMonApp => C:\Windows\System32\SynaMonApp.exe [170496 2019-10-04] (Synaptics Incorporated) [Datei ist nicht signiert]
Task: {98E6ECCD-EC2B-4170-A032-75D70535E039} - System32\Tasks\Scheduled scanning task => C:\Program Files (x86)\UnityMedia\fsscan.exe
Task: {997D3C98-55DA-4FC7-B0EF-E44CC99C6863} - System32\Tasks\Opera scheduled Autoupdate 1601837778 => C:\Users\heiko\AppData\Local\Programs\Opera\launcher.exe
Task: {9C38A095-11F1-4C97-AE0C-3D3DFAC1C70A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2020-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {AA6C25CC-D8CB-42D8-9DB1-F49AB9510BE2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1137496 2020-11-02] (HP Inc. -> HP Inc.)
Task: {B6E1960E-1F6B-42AE-A7AE-89B15BD9D26A} - System32\Tasks\HP\HP Collaboration Keyboard\Start Collaboration Keyboard Process => C:\Program Files (x86)\HP\HP Collaboration Keyboard\HPCollaborationKeyboard.exe [609320 2020-02-14] (HP Inc. -> HP Inc.)
Task: {B7617DC3-4824-43CA-9DC2-C004F8CCEC36} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BFD98C6E-BC7A-4CAB-82E1-022D8C72221C} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {C0717D82-0596-4A06-AB0A-757037530131} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {C54AA8A3-B12B-4154-91F2-FA6D2D551229} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-11-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {CA8E4854-60A6-4818-A5B0-4667B3DAB164} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2043016 2019-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {CD6A00EC-75E4-4A39-9425-8315734AFF8D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {D500C4BD-E583-4609-B49F-EE0FD18E00F2} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2646152 2019-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {D6F6363F-EC1B-4773-80CE-1B7F2106E996} - System32\Tasks\Intel\Intel® Management and Security Status => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [232536 2020-09-02] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) -> "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60
Task: {D9D1B0D2-F917-4380-8F25-2C295B9556E0} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [32696 2019-11-15] (Microsoft Corporation -> Microsoft)
Task: {DCA073A0-01DF-491D-B856-687B88B0DB7F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E1E7CB22-531C-4D9A-8562-D1B98998329E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1298520027-1106975814-2819668856-1001UA => C:\Users\heiko\AppData\Local\Google\Update\GoogleUpdate.exe [155592 2020-11-17] (Google LLC -> Google LLC)
Task: {E3017FF9-835A-4BF6-97C3-9C39C11E2CC2} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => c:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [225984 2018-09-06] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {E57F260F-0F0F-4F38-8212-FEAFF9218FC2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {F5C4FEE2-131E-4A24-8C13-49C46A1C4224} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => c:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [225984 2018-09-06] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {F5FF630B-A270-45B8-BC18-F07A89F0E28E} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice
Task: {F70D3208-5CBB-49C6-ABAD-F9FEDC5F0099} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => c:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2308800 2018-09-06] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {FA3FA4F3-D4BF-4DB3-A11C-F986013DCF23} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1298520027-1106975814-2819668856-1001Core => C:\Users\heiko\AppData\Local\Google\Update\GoogleUpdate.exe [155592 2020-11-17] (Google LLC -> Google LLC)
Task: {FA77F1E5-D325-4547-97D8-63B5692CCDE7} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => c:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [225984 2018-09-06] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Scheduled scanning task.job => C:\Program Files (x86)\UnityMedia\fsscan.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5605a91e-6a95-4b04-9bd7-84fae3cc3261}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{ae6a8e03-4ad3-4441-b1cf-674c8dca651a}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{efb8ce32-5435-49e5-b0a7-8473a9eeb84d}: [DhcpNameServer] 192.168.178.1
Edge:
======
Edge Notifications: HKU\S-1-5-21-1298520027-1106975814-2819668856-1001 -> hxxps://www.gruenderszene.de
Edge DefaultProfile: Default
Edge Profile: C:\Users\heiko\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-13]
Edge Notifications: Default -> hxxps://www.gruenderszene.de
Edge Extension: (Grammarly for Microsoft Edge) - C:\Users\heiko\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cnlefmmeadmemmdciolhbnfeacpdfbkd [2020-11-29]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\heiko\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2020-11-29]
Edge Extension: (Grammarly for Chrome) - C:\Users\heiko\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2020-11-15]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: lxo2uxlb.default
FF ProfilePath: C:\Users\heiko\AppData\Roaming\Mozilla\Firefox\Profiles\lxo2uxlb.default [2020-11-18]
FF ProfilePath: C:\Users\heiko\AppData\Roaming\Mozilla\Firefox\Profiles\lttpr00m.default-release [2020-12-13]
FF Notifications: Mozilla\Firefox\Profiles\lttpr00m.default-release -> hxxps://calendar.google.com
FF Extension: (HTTPS Everywhere) - C:\Users\heiko\AppData\Roaming\Mozilla\Firefox\Profiles\lttpr00m.default-release\Extensions\https-everywhere@eff.org.xpi [2020-11-18]
FF Extension: (uBlock Origin) - C:\Users\heiko\AppData\Roaming\Mozilla\Firefox\Profiles\lttpr00m.default-release\Extensions\uBlock0@raymondhill.net.xpi [2020-11-19]
FF Extension: (Video DownloadHelper) - C:\Users\heiko\AppData\Roaming\Mozilla\Firefox\Profiles\lttpr00m.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-11-18]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-10-07] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-10-22] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-10-07] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\heiko\AppData\Local\Google\Chrome\User Data\Default [2020-12-13]
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxp://google.de/"
CHR DefaultSearchURL: Default -> hxxps://ssl.gstatic.com/apps-notify/drive_96_1x.png
CHR Extension: (Google Drive) - C:\Users\heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghbiahbpaijignceidepookljebhfak [2020-06-18]
CHR Extension: (Google Drive) - C:\Users\heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-21]
CHR Extension: (YouTube) - C:\Users\heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-18]
CHR Extension: (Google Play Music) - C:\Users\heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2020-04-18]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2020-11-27]
CHR Extension: (Dropbox) - C:\Users\heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2020-04-18]
CHR Extension: (Browsing Protection by F-Secure) - C:\Users\heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2020-11-17]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-18]
CHR Extension: (Google Mail) - C:\Users\heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\heiko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-09]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [jkfpchpiljkaemlpmpebnglgkomamfeo]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [852024 2020-10-07] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2988544 2020-06-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [384544 2020-10-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
R2 CWAUpdaterService; C:\Program Files (x86)\Citrix\ICA Client\Receiver\UpdaterService.exe [43616 2020-08-31] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
R2 CxAudioSvc; C:\WINDOWS\CxSvc\CxAudioSvc.exe [95704 2020-08-04] (Synaptics Incorporated -> Conexant Systems LLC.)
R2 CxUtilSvc; C:\WINDOWS\CxSvc\CxUtilSvc.exe [166400 2019-10-04] (Conexant Systems LLC.) [Datei ist nicht signiert]
S2 epinjectsvc; C:\Program Files (x86)\Citrix\ICA Client\inject.exe [501456 2020-06-19] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
S3 FLCDLOCK; C:\windows\SysWOW64\flcdlock.exe [589208 2018-02-21] (Hewlett Packard Enterprise Company -> Hewlett-Packard Company)
R2 HotKeyServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_7c4f80d815ff4ebd\HotKeyServiceUWP.exe [1527208 2020-10-20] (HP Inc. -> HP Inc.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [886136 2020-06-24] (HP Inc. -> HP Inc.)
R2 HP Hotkey Service; C:\Program Files (x86)\HP\HP Hotkey Support\HotkeyService.exe [969256 2018-08-31] (HP Inc. -> HP)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_523e0ef1e49d1c25\x64\AppHelperCap.exe [689912 2020-11-05] (HP Inc. -> HP Inc.)
R2 HPMAMSrv; C:\Program Files (x86)\HP\HP MAC Address Manager\hpMAMSrv.exe [542248 2019-04-22] (HP Inc. -> HP)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_523e0ef1e49d1c25\x64\NetworkCap.exe [688888 2020-11-05] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [285192 2020-10-28] (HP Inc. -> HP Inc.)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149448 2020-06-09] (HP Inc. -> HP)
R2 HPSureRun; C:\WINDOWS\SysWOW64\HP_SureRun.exe [1566760 2020-12-13] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_523e0ef1e49d1c25\x64\SysInfoCap.exe [689400 2020-11-05] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_f37ada3b81da51b7\x64\TouchpointAnalyticsClientService.exe [476424 2020-11-04] (HP Inc. -> HP Inc.)
S4 LanWlanSwitchingService; C:\Program Files (x86)\HP\HP Hotkey Support\LanWlanSwitchingService.exe [618536 2018-08-31] (HP Inc. -> HP)
R2 LanWlanWwanSwitchingServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_7c4f80d815ff4ebd\LanWlanWwanSwitchingServiceUWP.exe [788904 2020-10-20] (HP Inc. -> HP Inc.)
R2 LogiFacecamService; C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe [499336 2020-10-26] (Logitech Inc -> Logitech)
R2 nebula; C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe [4490376 2020-09-18] (Logitech Inc -> Logitech)
R2 NVWMI; C:\WINDOWS\system32\nvwmi64.exe [4788120 2020-11-12] (NVIDIA Corporation -> NVIDIA Corporation)
R2 PDF24; C:\Program Files\PDF24\pdf24.exe [558144 2020-11-25] (geek software GmbH -> geek software GmbH)
R2 postgresql-x64-9.5; C:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe [94208 2016-08-09] (PostgreSQL Global Development Group) [Datei ist nicht signiert]
S3 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13666872 2020-11-17] (Adlice -> )
R2 SECOMNUService; C:\WINDOWS\System32\SECOMN64U.exe [161296 2020-11-17] (Sound Research Corporation -> Sound Research, Corp.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5197552 2020-12-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 spacedeskService; C:\WINDOWS\system32\spacedeskService.exe [1116592 2020-11-08] (Datronicsoft, Inc. -> )
R2 Synology Drive VSS Service x64; C:\Program Files (x86)\Synology\SynologyDrive\bin\vss-service-x64.exe [371672 2020-04-13] (Synology Inc. -> )
R2 TechSmith Uploader Service; C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3658832 2019-06-28] (TechSmith Corporation -> TechSmith Corporation)
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [253912 2019-10-30] (Synology Inc. -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
U2 DpHost; kein ImagePath
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 busenum; C:\WINDOWS\System32\drivers\busenum.sys [57824 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider)
S3 DAMDrv; C:\WINDOWS\system32\DRIVERS\DAMDrv64.sys [74768 2018-02-21] (Hewlett Packard Enterprise Company -> Hewlett-Packard Enterpise Company)
R2 entryprotectdrv; C:\Program Files (x86)\Citrix\ICA Client\entryprotect.sys [57032 2020-06-19] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
R1 epinject6; C:\Program Files (x86)\Citrix\ICA Client\epinject.sys [150520 2020-06-19] (Citrix Systems, Inc. -> )
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1f5602eb8a12ac4c\x64\hpcustomcapdriver.sys [25024 2019-05-03] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.)
S3 JabraDFU; C:\WINDOWS\System32\Drivers\JabraBcDfuX64.sys [54408 2018-03-20] (GN Netcom A/S -> QTI Ltd)
R0 PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation -> Corel Corporation)
R3 spacedeskKtmInputMouse; C:\WINDOWS\System32\drivers\spacedeskKtmInputMouse.sys [35240 2020-08-27] (Datronicsoft, Inc. -> )
S3 Switchers; C:\WINDOWS\System32\drivers\Switchers.sys [27368 2020-09-24] (WDKTestCert build,131613220053715806 -> Blackmagic Design)
R1 vbdenum; C:\WINDOWS\System32\drivers\vbdenum.sys [119432 2020-04-14] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
S3 WebPresenter; C:\WINDOWS\System32\drivers\WebPresenter.sys [25216 2017-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Blackmagic Design)
R3 WiMan; C:\WINDOWS\System32\DriverStore\FileRepository\wiman.inf_amd64_4b0336d95f188e47\WiMan\WiMan.sys [162136 2020-09-02] (Intel Wireless Driver -> )
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)
S3 WacHidRouterPro; \SystemRoot\System32\drivers\wachidrouter.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2020-12-13 21:47 - 2020-12-13 21:48 - 000000000 ____D C:\FRST
2020-12-13 21:01 - 2020-12-13 21:01 - 000000000 ____D C:\Benutzerdefinierte Produktionseinstellungen 9.0
2020-12-12 12:07 - 2020-12-12 12:07 - 002231049 _____ C:\Users\heiko\Downloads\de-itil4-guide.pdf
2020-12-12 11:52 - 2020-12-12 11:52 - 017319408 _____ (FreeFileSync.org ) C:\Users\heiko\Downloads\FreeFileSync_11.4_Windows_Setup.exe
2020-12-12 11:27 - 2020-12-12 11:27 - 000000000 ____H C:\Users\heiko\OneDrive\Documents\Default.rdp
2020-12-11 22:08 - 2020-12-11 22:08 - 010246734 _____ C:\Users\heiko\OneDrive\Documents\LifeBalance_Self_Coaching_made_easy_FORGRESS_en_V2.pptx
2020-12-11 13:28 - 2020-12-11 13:28 - 000000256 _____ C:\Users\heiko\AppData\Local\PUTTY.RND
2020-12-11 13:27 - 2020-12-11 13:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)
2020-12-11 13:27 - 2020-12-11 13:27 - 000000000 ____D C:\Program Files\PuTTY
2020-12-11 10:53 - 2020-12-11 10:44 - 001199242 _____ C:\Users\heiko\OneDrive\Documents\LC Executive FiRE Index 2020-10 EN V0.7.pdf
2020-12-11 10:53 - 2020-12-11 10:44 - 001105314 _____ C:\Users\heiko\OneDrive\Documents\ExecutiveFiREIndex_peter-sample.pdf
2020-12-11 10:53 - 2020-12-11 10:44 - 001044921 _____ C:\Users\heiko\OneDrive\Documents\LC Can crisis resistance be improved 2020-11.pdf
2020-12-11 10:53 - 2020-12-11 10:44 - 000564568 _____ C:\Users\heiko\OneDrive\Documents\LC Lässt sich Krisenfestigkeit verbessern.pdf
2020-12-10 18:06 - 2020-12-10 18:06 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-10 18:06 - 2020-12-10 18:06 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-10 18:06 - 2020-12-10 18:06 - 000010912 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-12-08 20:13 - 2020-12-08 20:13 - 000001112 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Rush 1.5.lnk
2020-12-07 23:41 - 2020-12-07 23:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2020-12-06 21:02 - 2020-12-06 21:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirServer Universal (x64)
2020-12-06 21:02 - 2020-12-06 21:02 - 000000000 ____D C:\Program Files\App Dynamic
2020-12-02 20:06 - 2020-12-02 20:06 - 000000000 ____D C:\Users\heiko\OneDrive\Documents\TeamEnwicklung
2020-12-02 20:05 - 2020-12-02 20:06 - 000000000 ____D C:\Users\heiko\OneDrive\Documents\Curicullum
2020-12-02 20:05 - 2020-12-02 20:06 - 000000000 ____D C:\Users\heiko\OneDrive\Documents\Arbeitsblätter
2020-12-02 18:07 - 2020-12-02 18:07 - 000001460 _____ C:\Users\Public\Desktop\Logitech Kameraeinstellungen.lnk
2020-12-02 18:07 - 2020-12-02 18:07 - 000001460 _____ C:\ProgramData\Desktop\Logitech Kameraeinstellungen.lnk
2020-12-02 15:55 - 2020-12-10 00:52 - 000000000 ____D C:\Users\heiko\AppData\Roaming\FastGlacier
2020-12-02 15:55 - 2020-12-02 15:55 - 000000889 _____ C:\Users\Public\Desktop\FastGlacier.lnk
2020-12-02 15:55 - 2020-12-02 15:55 - 000000889 _____ C:\ProgramData\Desktop\FastGlacier.lnk
2020-12-02 15:55 - 2020-12-02 15:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastGlacier
2020-12-02 15:55 - 2020-12-02 15:55 - 000000000 ____D C:\Program Files\FastGlacier
2020-12-02 15:42 - 2020-12-02 15:42 - 000000000 ____D C:\Users\heiko\AppData\Roaming\JAM Software
2020-12-02 15:41 - 2020-12-02 15:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free
2020-12-02 15:41 - 2020-12-02 15:41 - 000000000 ____D C:\Program Files (x86)\JAM Software
2020-12-02 10:20 - 2020-12-02 10:20 - 000000000 ____D C:\Users\heiko\OneDrive\Documents\Backup
2020-12-02 10:17 - 2020-12-02 10:17 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-12-02 10:17 - 2020-12-02 10:17 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-12-02 10:17 - 2020-12-02 10:17 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-12-02 10:17 - 2020-12-02 10:17 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-02 10:17 - 2020-12-02 10:17 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-02 10:17 - 2020-12-02 10:17 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-12-02 10:17 - 2020-12-02 10:17 - 001328392 _____ C:\WINDOWS\system32\FaceTrackerInternal.dll
2020-12-02 10:17 - 2020-12-02 10:17 - 001263104 _____ C:\WINDOWS\system32\FaceProcessor.dll
2020-12-02 10:17 - 2020-12-02 10:17 - 000512856 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2020-12-02 10:17 - 2020-12-02 10:17 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-02 10:17 - 2020-12-02 10:17 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2020-12-02 10:17 - 2020-12-02 10:17 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-02 10:17 - 2020-12-02 10:17 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2020-12-02 10:17 - 2020-12-02 10:17 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-12-02 10:17 - 2020-12-02 10:17 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2020-12-02 10:17 - 2020-12-02 10:17 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-12-02 10:17 - 2020-12-02 10:17 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-02 10:17 - 2020-12-02 10:17 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-12-02 10:17 - 2020-12-02 10:17 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-12-02 10:17 - 2020-12-02 10:17 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-12-02 10:17 - 2020-12-02 10:17 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2020-12-02 10:17 - 2020-12-02 10:17 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-02 09:41 - 2020-12-12 11:55 - 000000000 ____D C:\Users\heiko\AppData\Roaming\FreeFileSync
2020-12-02 09:41 - 2020-12-12 11:52 - 000001020 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeFileSync.lnk
2020-12-02 09:41 - 2020-12-12 11:52 - 000001010 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealTimeSync.lnk
2020-12-02 09:41 - 2020-12-12 11:52 - 000001008 _____ C:\Users\Public\Desktop\FreeFileSync.lnk
2020-12-02 09:41 - 2020-12-12 11:52 - 000001008 _____ C:\ProgramData\Desktop\FreeFileSync.lnk
2020-12-02 09:41 - 2020-12-12 11:52 - 000000998 _____ C:\Users\Public\Desktop\RealTimeSync.lnk
2020-12-02 09:41 - 2020-12-12 11:52 - 000000998 _____ C:\ProgramData\Desktop\RealTimeSync.lnk
2020-12-02 09:41 - 2020-12-12 11:52 - 000000000 ____D C:\Program Files\FreeFileSync
2020-11-30 18:29 - 2020-11-30 18:29 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24.lnk
2020-11-30 18:29 - 2020-11-30 18:29 - 000000000 ____D C:\Program Files\PDF24
2020-11-30 11:03 - 2020-11-30 11:03 - 000000000 ____D C:\Users\heiko\AppData\Local\Jabra
2020-11-29 15:21 - 2020-12-13 21:19 - 000000000 ____D C:\Users\heiko\AppData\Roaming\Jabra Direct
2020-11-29 15:21 - 2020-11-29 15:21 - 000000000 ____D C:\Users\heiko\AppData\Roaming\JabraSDK
2020-11-29 15:21 - 2020-11-29 15:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jabra
2020-11-29 15:20 - 2020-11-29 15:21 - 000000000 ____D C:\Program Files (x86)\Jabra
2020-11-29 14:16 - 2020-11-29 14:16 - 000000015 _____ C:\Users\heiko\AppData\Roaming\obs-virtualcam.txt
2020-11-29 14:12 - 2020-11-29 14:12 - 000001057 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2020-11-29 14:12 - 2020-11-29 14:12 - 000001057 _____ C:\ProgramData\Desktop\OBS Studio.lnk
2020-11-29 14:12 - 2020-11-29 14:12 - 000000000 ____D C:\ProgramData\obs-studio-hook
2020-11-29 14:12 - 2020-11-29 14:12 - 000000000 ____D C:\Program Files\obs-studio
2020-11-29 13:10 - 2020-11-29 13:10 - 000001973 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\spacedesk SERVER.lnk
2020-11-29 13:10 - 2020-11-29 13:10 - 000000000 ____D C:\Program Files\datronicsoft
2020-11-28 13:27 - 2020-11-28 13:27 - 000002629 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix Workspace.lnk
2020-11-27 22:17 - 2020-11-27 22:17 - 000000000 ____D C:\Users\heiko\OneDrive\Documents\OneNote-Notizbücher
2020-11-27 21:08 - 2020-11-27 21:08 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2020-11-27 21:03 - 2020-09-18 05:20 - 007326528 _____ (HP Inc.) C:\WINDOWS\system32\HPScanTEDrv_x64.dll
2020-11-27 21:03 - 2020-09-18 05:20 - 005129536 _____ (HP Inc.) C:\WINDOWS\SysWOW64\HPScanTEDrv.dll
2020-11-27 21:03 - 2020-09-18 05:20 - 001328960 _____ (HP Inc.) C:\WINDOWS\system32\HPScanTEDrv_x64_DiscoveryLibDyn.dll
2020-11-27 21:03 - 2020-09-18 05:20 - 000963392 _____ (HP Inc.) C:\WINDOWS\SysWOW64\DiscoveryLibDyn.dll
2020-11-27 21:03 - 2020-09-18 05:20 - 000665408 _____ (HP Inc., LP) C:\WINDOWS\system32\HPWia2Drv.dll
2020-11-27 21:03 - 2020-09-18 03:08 - 000003487 _____ C:\WINDOWS\SysWOW64\HPScanDrvConfig.xml
2020-11-27 21:03 - 2020-09-18 03:08 - 000003487 _____ C:\WINDOWS\system32\HPScanDrvConfig.xml
2020-11-23 18:22 - 2020-11-23 18:22 - 000000000 ____D C:\Users\heiko\OneDrive\Documents\ATEM Autosave
2020-11-20 20:42 - 2020-11-20 20:43 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-11-20 20:42 - 2020-11-20 20:43 - 000002181 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-11-20 20:05 - 2020-12-09 23:37 - 000003368 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1298520027-1106975814-2819668856-1001
2020-11-20 20:05 - 2020-12-09 23:37 - 000002428 _____ C:\Users\heiko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-11-20 18:37 - 2020-11-20 18:37 - 000000000 ____D C:\Users\heiko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2020-11-20 18:03 - 2020-11-20 18:03 - 000000000 ___HD C:\Users\heiko\Downloads\.SynologyWorkingDirectory
2020-11-19 21:26 - 2020-12-13 15:18 - 000000000 ___RD C:\Users\heiko\Creative Cloud Files
2020-11-18 17:27 - 2020-11-18 17:27 - 000000000 ____D C:\WINDOWS\Panther
2020-11-18 17:14 - 2020-11-18 17:14 - 000002094 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chocolatey GUI.lnk
2020-11-18 17:14 - 2020-11-18 17:14 - 000000000 ____D C:\Users\heiko\AppData\Roaming\NuGet
2020-11-18 17:14 - 2020-11-18 17:14 - 000000000 ____D C:\Users\heiko\AppData\Local\NuGet
2020-11-18 17:14 - 2020-11-18 17:14 - 000000000 ____D C:\Users\heiko\AppData\Local\Chocolatey GUI
2020-11-18 17:14 - 2020-11-18 17:14 - 000000000 ____D C:\ProgramData\shimgen
2020-11-18 17:14 - 2020-11-18 17:14 - 000000000 ____D C:\ProgramData\Chocolatey GUI
2020-11-18 17:14 - 2020-11-18 17:14 - 000000000 ____D C:\Program Files (x86)\Chocolatey GUI
2020-11-18 17:13 - 2020-12-02 15:51 - 000000000 ____D C:\ProgramData\chocolatey
2020-11-18 15:30 - 2020-11-18 15:30 - 000001010 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-11-18 15:30 - 2020-11-18 15:30 - 000000998 _____ C:\Users\Public\Desktop\Firefox.lnk
2020-11-18 15:30 - 2020-11-18 15:30 - 000000998 _____ C:\ProgramData\Desktop\Firefox.lnk
2020-11-18 15:30 - 2020-11-18 15:30 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-11-18 15:30 - 2020-11-18 15:30 - 000000000 ____D C:\Users\heiko\AppData\Local\Mozilla
2020-11-18 15:30 - 2020-11-18 15:30 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-11-18 13:30 - 2020-11-18 14:48 - 000000000 ____D C:\ProgramData\RogueKiller
2020-11-18 13:30 - 2020-11-18 13:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2020-11-18 13:30 - 2020-11-18 13:30 - 000000000 ____D C:\Program Files\RogueKiller
2020-11-18 13:21 - 2020-11-18 13:21 - 000000000 ____D C:\Users\heiko\AppData\Local\mbam
2020-11-18 13:20 - 2020-11-18 13:20 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-11-18 13:06 - 2020-12-09 23:38 - 000000000 ___HD C:\adobeTemp
2020-11-17 17:44 - 2016-09-20 13:51 - 000004664 _____ C:\WINDOWS\system32\Drivers\CxSfPt.dat
2020-11-17 17:40 - 2020-11-17 17:40 - 001379384 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64U.dll
2020-11-17 17:40 - 2020-11-17 17:40 - 001379016 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64U.dll
2020-11-17 17:40 - 2020-11-17 17:40 - 001278936 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64U.dll
2020-11-17 17:40 - 2020-11-17 17:40 - 001176760 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64U.dll
2020-11-17 17:40 - 2020-11-17 17:40 - 001011648 _____ (Sound Research, Corp.) C:\WINDOWS\system32\HPIMMA64U.dll
2020-11-17 17:40 - 2020-11-17 17:40 - 000161296 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64U.exe
2020-11-17 17:40 - 2020-11-17 17:40 - 000040314 _____ C:\WINDOWS\system32\SEAPODATU.zip
2020-11-17 17:40 - 2020-11-17 17:40 - 000019979 _____ C:\WINDOWS\system32\SEAPODATU.USB.VID_0B0E&PID_A346&MI_00.zip
2020-11-17 17:40 - 2020-11-17 17:40 - 000019966 _____ C:\WINDOWS\system32\SEAPODATU.USB.VID_0B0E&PID_A345&MI_00.zip
2020-11-17 17:40 - 2020-11-17 17:40 - 000019948 _____ C:\WINDOWS\system32\SEAPODATU.USB.VID_0B0E&PID_034C&MI_00.zip
2020-11-17 17:40 - 2020-11-17 17:40 - 000019942 _____ C:\WINDOWS\system32\SEAPODATU.USB.VID_0B0E&PID_0422&MI_00.zip
2020-11-17 17:38 - 2020-12-08 20:30 - 000002539 _____ C:\Users\heiko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-11-17 17:38 - 2020-12-04 13:44 - 000003894 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1298520027-1106975814-2819668856-1001UA
2020-11-17 17:38 - 2020-12-04 13:44 - 000003626 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1298520027-1106975814-2819668856-1001Core
2020-11-16 21:16 - 2020-11-16 21:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira
2020-11-15 15:49 - 2020-11-15 15:49 - 000002217 _____ C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2021.lnk
2020-11-15 15:49 - 2020-11-15 15:49 - 000002217 _____ C:\ProgramData\Desktop\WISO Steuer-Sparbuch 2021.lnk
2020-11-15 15:49 - 2020-11-15 15:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO Steuer-Sparbuch 2021
2020-11-14 17:10 - 2020-12-13 13:37 - 111149056 _____ C:\WINDOWS\system32\config\SOFTWARE
2020-11-14 17:08 - 2020-11-14 17:10 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2020-11-13 21:58 - 2020-11-13 21:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSnap
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2020-12-13 21:49 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-13 20:58 - 2020-09-23 11:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-13 19:53 - 2020-09-23 11:33 - 000004160 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{497F0BED-F87E-4894-9209-D068D1619D14}
2020-12-13 17:25 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-13 16:20 - 2020-04-18 15:37 - 000000000 ____D C:\Users\heiko\AppData\LocalLow\Mozilla
2020-12-13 15:48 - 2020-04-18 15:36 - 000000000 ____D C:\ProgramData\Mozilla
2020-12-13 15:37 - 2020-09-23 13:20 - 001724648 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-13 15:37 - 2019-12-07 15:51 - 000746440 _____ C:\WINDOWS\system32\perfh007.dat
2020-12-13 15:37 - 2019-12-07 15:51 - 000150810 _____ C:\WINDOWS\system32\perfc007.dat
2020-12-13 15:37 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2020-12-13 15:18 - 2020-04-18 15:23 - 000000000 ___RD C:\Users\heiko\OneDrive
2020-12-13 15:18 - 2020-04-18 15:21 - 000000000 __SHD C:\Users\heiko\IntelGraphicsProfiles
2020-12-13 15:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2020-12-13 13:59 - 2020-03-22 21:27 - 000000000 ____D C:\ProgramData\NVIDIA
2020-12-13 13:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-12-13 13:38 - 2020-04-18 15:23 - 000000000 ____D C:\Users\heiko\AppData\Local\CrashDumps
2020-12-13 13:37 - 2020-09-23 11:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-13 13:37 - 2020-09-23 11:29 - 000008192 ___SH C:\DumpStack.log.tmp
2020-12-13 13:37 - 2020-04-18 21:12 - 001593000 _____ C:\WINDOWS\system32\wpbbin.exe
2020-12-13 13:37 - 2020-04-18 21:12 - 001566760 _____ (HP Inc.) C:\WINDOWS\SysWOW64\HP_SureRun.exe
2020-12-13 13:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2020-12-13 13:37 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-12-13 13:36 - 2020-09-23 10:49 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2020-12-13 13:36 - 2020-09-23 10:49 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2020-12-13 13:36 - 2019-12-07 10:10 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2020-12-12 14:26 - 2020-11-01 22:37 - 000000000 ____D C:\Users\heiko\OneDrive\Documents\Scanner
2020-12-12 10:40 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-12 10:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-11 22:10 - 2020-04-18 15:21 - 000000000 ____D C:\Users\heiko\AppData\Local\Packages
2020-12-10 20:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-10 20:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-10 18:00 - 2020-03-22 21:42 - 000000000 ____D C:\Program Files\Microsoft Office
2020-12-09 15:29 - 2020-04-20 09:50 - 000000000 ____D C:\Users\heiko\AppData\Roaming\WhatsApp
2020-12-09 15:29 - 2020-04-20 09:50 - 000000000 ____D C:\Users\heiko\AppData\Local\WhatsApp
2020-12-09 15:29 - 2020-04-18 15:30 - 000000000 ____D C:\Users\heiko\AppData\Local\SquirrelTemp
2020-12-08 20:32 - 2020-04-20 13:25 - 000000000 ____D C:\ProgramData\Adobe
2020-12-08 20:13 - 2020-04-20 13:24 - 000000000 ____D C:\Program Files\Common Files\Adobe
2020-12-08 20:13 - 2020-04-20 13:24 - 000000000 ____D C:\Program Files\Adobe
2020-12-07 23:41 - 2020-07-15 19:43 - 000002461 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2020-12-07 23:41 - 2020-07-15 19:43 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2020-12-07 23:41 - 2020-07-15 19:43 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2020-12-07 23:41 - 2020-07-15 19:43 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2020-12-07 23:41 - 2020-07-15 19:43 - 000002418 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2020-12-07 23:41 - 2020-07-15 19:43 - 000002412 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2020-12-07 23:41 - 2020-07-15 19:43 - 000002406 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2020-12-07 23:41 - 2020-07-15 19:43 - 000002398 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2020-12-07 12:43 - 2020-05-27 20:16 - 000000000 ____D C:\Users\heiko\AppData\Roaming\obs-studio
2020-12-07 12:36 - 2020-04-18 15:21 - 000000000 ____D C:\Users\heiko\AppData\Roaming\hpqLog
2020-12-06 19:27 - 2020-09-23 11:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2020-12-06 19:27 - 2020-04-18 21:13 - 000000000 ____D C:\Users\heiko\AppData\Local\HP_Inc
2020-12-06 18:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-12-06 08:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-12-05 08:11 - 2020-07-15 08:54 - 000000000 ____D C:\Users\heiko\AppData\Local\Citrix
2020-12-04 08:24 - 2019-04-19 19:26 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-12-02 12:05 - 2020-09-23 11:29 - 000559520 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-02 12:04 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-12-02 12:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-02 12:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-02 12:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-02 12:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-12-02 12:04 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-02 12:04 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-01 12:12 - 2020-04-22 18:07 - 000000000 ____D C:\Users\heiko\OneDrive\Documents\Zoom
2020-11-30 19:47 - 2020-04-20 16:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2020-11-30 19:47 - 2020-03-22 21:31 - 000000000 ____D C:\ProgramData\Package Cache
2020-11-30 10:56 - 2020-09-23 10:53 - 000000000 ____D C:\Users\heiko
2020-11-30 10:55 - 2020-04-19 15:32 - 000000000 ____D C:\Users\heiko\AppData\Local\SynologyDrive
2020-11-29 14:12 - 2020-05-27 20:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2020-11-29 13:03 - 2020-04-18 15:22 - 000000000 ____D C:\Users\heiko\AppData\Local\PlaceholderTileLogoFolder
2020-11-27 22:31 - 2020-04-18 15:23 - 000000120 ____R C:\Users\heiko\OneDrive\Documents\Personal (Web).url
2020-11-27 22:18 - 2019-04-19 19:34 - 000000000 ____D C:\ProgramData\HP
2020-11-27 21:25 - 2020-09-23 11:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2020-11-23 18:27 - 2020-04-19 01:51 - 000000000 ____D C:\ProgramData\Blackmagic Design
2020-11-22 17:40 - 2020-04-18 15:23 - 000000000 ____D C:\Users\heiko\OneDrive\Documents\Office Lens
2020-11-20 20:46 - 2019-04-19 19:32 - 000000000 ____D C:\ProgramData\Packages
2020-11-20 20:40 - 2020-04-20 13:24 - 000000000 ____D C:\Program Files (x86)\Adobe
2020-11-20 20:24 - 2020-05-19 11:20 - 000000000 ____D C:\Users\heiko\OneDrive\Documents\FrameFactory
2020-11-20 19:59 - 2020-07-04 10:04 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2020-11-20 19:57 - 2020-07-15 08:52 - 000000000 ____D C:\ProgramData\Citrix
2020-11-20 18:37 - 2020-04-22 18:06 - 000000000 ____D C:\Users\heiko\AppData\Roaming\Zoom
2020-11-20 18:37 - 2020-04-20 19:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2020-11-20 18:37 - 2020-04-20 19:46 - 000000000 ____D C:\Program Files\Logitech
2020-11-18 20:04 - 2020-04-20 13:27 - 000000000 ____D C:\Users\heiko\AppData\Local\D3DSCache
2020-11-18 20:04 - 2020-04-18 15:21 - 000000000 ____D C:\Users\heiko\AppData\Roaming\Adobe
2020-11-18 19:43 - 2020-07-04 15:16 - 000091793 _____ C:\ProgramData\StreamingMediaTechnologyLog.txt
2020-11-18 18:20 - 2020-04-20 13:21 - 000000000 ____D C:\Users\heiko\AppData\Local\Adobe
2020-11-18 17:46 - 2020-07-04 10:04 - 000000000 ___RD C:\Users\postgres\OneDrive
2020-11-18 17:24 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-11-18 17:16 - 2020-06-08 17:46 - 000000000 ____D C:\Users\heiko\AppData\LocalLow\Temp
2020-11-18 15:30 - 2020-04-18 15:37 - 000000000 ____D C:\Users\heiko\AppData\Roaming\Mozilla
2020-11-18 15:30 - 2020-04-18 15:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-11-18 15:17 - 2020-10-30 16:08 - 000000000 ____D C:\Users\heiko\AppData\Local\Deployment
2020-11-18 13:06 - 2019-09-09 12:32 - 000000000 ____D C:\Program Files (x86)\HP
2020-11-17 17:45 - 2020-03-22 21:35 - 001705080 _____ (TODO: <Company name>) C:\WINDOWS\SysWOW64\RebootPrompt.exe
2020-11-17 17:45 - 2020-03-22 21:35 - 000000000 ____D C:\WINDOWS\CxSvc
2020-11-17 17:45 - 2019-09-09 12:32 - 000000000 ____D C:\Program Files\CONEXANT
2020-11-17 17:40 - 2020-11-12 21:02 - 000000000 ____D C:\hpswsetup
2020-11-17 17:38 - 2020-04-18 15:26 - 000000000 ____D C:\Users\heiko\AppData\Local\Google
2020-11-17 17:15 - 2020-04-18 15:27 - 000000000 ____D C:\Program Files (x86)\Google
2020-11-17 10:49 - 2020-09-23 11:33 - 000003688 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-11-17 10:49 - 2020-09-23 11:33 - 000003464 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-11-17 10:49 - 2020-03-22 21:47 - 000001152 __RSH C:\ProgramData\ntuser.pol
2020-11-17 10:46 - 2020-11-04 21:03 - 000000000 ____D C:\Program Files (x86)\UnityMedia
2020-11-17 10:44 - 2020-06-08 13:55 - 000000000 ____D C:\ProgramData\F-Secure
2020-11-17 10:44 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-11-17 04:06 - 2020-11-12 21:02 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2020-11-17 04:06 - 2020-04-18 15:33 - 000000000 ____D C:\Users\heiko\AppData\Roaming\Hewlett-Packard
2020-11-17 04:06 - 2019-09-09 12:33 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2020-11-17 04:06 - 2019-06-28 02:49 - 000000000 _RSHD C:\hp
2020-11-16 21:27 - 2020-05-14 08:05 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-11-16 21:26 - 2020-04-20 19:35 - 000000000 ____D C:\Program Files (x86)\Mp3tag
2020-11-16 21:22 - 2020-05-17 09:37 - 000000000 ____D C:\Users\heiko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DeepL GmbH
2020-11-16 21:22 - 2020-05-17 09:37 - 000000000 ____D C:\Users\heiko\AppData\Local\DeepL_GmbH
2020-11-16 21:22 - 2020-05-17 09:37 - 000000000 ____D C:\Users\heiko\AppData\Local\DeepL
2020-11-16 21:22 - 2020-04-20 19:40 - 000000000 ____D C:\Program Files (x86)\Audacity
2020-11-16 21:21 - 2020-06-06 19:35 - 000000000 ____D C:\Users\heiko\AppData\Roaming\Amazon Cloud Drive
2020-11-16 21:18 - 2020-10-04 19:54 - 000000000 ____D C:\ProgramData\Avira
2020-11-16 21:18 - 2020-10-04 19:54 - 000000000 ____D C:\Program Files (x86)\Avira
2020-11-16 21:15 - 2020-04-20 19:42 - 000000000 ____D C:\Program Files\VideoLAN
2020-11-15 15:49 - 2020-11-05 06:57 - 000000000 ____D C:\Temp
2020-11-15 15:49 - 2020-04-20 19:29 - 000000000 ____D C:\Users\heiko\AppData\Local\Buhl
2020-11-15 15:49 - 2020-04-20 19:29 - 000000000 ____D C:\Program Files (x86)\WISO
2020-11-15 15:49 - 2019-09-09 12:32 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-11-15 15:47 - 2020-04-20 19:13 - 000000000 ____D C:\ProgramData\Buhl Data Service GmbH
2020-11-14 16:50 - 2020-11-06 09:02 - 000002481 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2020-11-29 14:16 - 2020-11-29 14:16 - 000000015 _____ () C:\Users\heiko\AppData\Roaming\obs-virtualcam.txt
2020-04-20 13:26 - 2020-04-20 13:26 - 000000410 _____ () C:\Users\heiko\AppData\Local\oobelibMkey.log
2020-12-11 13:28 - 2020-12-11 13:28 - 000000256 _____ () C:\Users\heiko\AppData\Local\PUTTY.RND
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
| Themen zu Windows 10: Freunde erhalten "verseuchte" Emails, vermute Trojaner |
| befall, dezember, e-mails, emails, erhalte, erhalten, freund, freunde, geholfen, herzlichen, meinem, nutze, rechner, sonntag, troja, trojane, trojaner, vermute, verseuchte, weiteren, windows, windows 10, würde, yahoo.com |
Baum-Darstellung